Your message dated Fri, 31 Oct 2014 22:03:32 +0100
with message-id <[email protected]>
and subject line Re: Bug#767470: unblock: freeipa/4.0.4-2
has caused the Debian Bug report #767470,
regarding unblock: freeipa/4.0.4-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
767470: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=767470
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package freeipa
So I forgot to check that the packages install on a fresh sid install,
added three missing python module deps.
Current default apache2 install enables mod_authz_user and mod_deflat,
but old installations might not have them, so enable them on postinst
but don't disable on prerm.
Also bump the libapache2-mod-nss dependency to match the version which
doesn't enable the module by default.
diff --git a/debian/changelog b/debian/changelog
index ac68a28..dabda80 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+freeipa (4.0.4-2) unstable; urgency=medium
+
+ * control: Add python-qrcode, python-selinux, python-yubico
+ to freeipa-server dependencies. (Closes: #767427)
+ * freeipa-server.postinst: Enable mod_authz_user and mod_deflate too,
+ but since they should be part of the default apache2 install, don't
+ disable them on uninstall like the other modules. (Closes: #767425)
+ * control: Bump server dependency on -mod-nss to 1.0.10-2 which
+ doesn't enable the module by default.
+
+ -- Timo Aaltonen <[email protected]> Fri, 31 Oct 2014 11:36:51 +0200
+
freeipa (4.0.4-1) unstable; urgency=medium
* Initial release (Closes: #734703)
diff --git a/debian/control b/debian/control
index 30b57d1..4b5aa92 100644
--- a/debian/control
+++ b/debian/control
@@ -78,7 +78,7 @@ Depends:
krb5-pkinit,
ldap-utils,
libapache2-mod-auth-kerb (>= 5.4-2.2~),
- libapache2-mod-nss,
+ libapache2-mod-nss (>= 1.0.10-2~),
libapache2-mod-wsgi,
libjs-dojo-core,
libjs-jquery,
@@ -91,6 +91,9 @@ Depends:
python-krbv,
python-ldap,
python-pyasn1,
+ python-qrcode (>= 5.0.0),
+ python-selinux,
+ python-yubico,
slapi-nis (>= 0.54),
${misc:Depends},
${python:Depends},
diff --git a/debian/freeipa-server.postinst b/debian/freeipa-server.postinst
index a7b485f..7c4aab4 100644
--- a/debian/freeipa-server.postinst
+++ b/debian/freeipa-server.postinst
@@ -7,6 +7,12 @@ if [ "$1" = configure ]; then
if [ ! -e /etc/apache2/mods-enabled/auth_kerb.load ]; then
apache2_invoke enmod auth_kerb || exit $?
fi
+ if [ ! -e /etc/apache2/mods-enabled/authz_user.load ]; then
+ apache2_invoke enmod authz_user || exit $?
+ fi
+ if [ ! -e /etc/apache2/mods-enabled/deflate.load ]; then
+ apache2_invoke enmod deflate || exit $?
+ fi
if [ ! -e /etc/apache2/mods-enabled/expires.load ]; then
apache2_invoke enmod expires || exit $?
fi
unblock freeipa/4.0.4-2
--- End Message ---
--- Begin Message ---
Control: tags -1 wontfix
On 2014-10-31 11:11, Timo Aaltonen wrote:
> Package: release.debian.org
> Severity: normal
> User: [email protected]
> Usertags: unblock
>
> Please unblock package freeipa
>
> So I forgot to check that the packages install on a fresh sid install,
> added three missing python module deps.
>
> [...]
Hi Timo,
Your request do not exactly inspire confidence. My key concerns:
* We are dealing with an apparently completely new package, which
/barely/ was accepted in sid in time for Jessie[1].
* Your message suggest the package lacked basic QA'ing like checking
it installs and works in a chroot prior to your upload.
It pains me to do this, but I am declining the unblock. Despite the
fact that you did the right thing by fixing the bug immediately rather
than trying to "sneak it into to testing" (and then fixing it
afterwards), I feel freeipa leaves too much to be wanted in the
beginning of a freeze.
~Niels
[1] I know that processing time of the NEW queue is beyond your control.
But it is not an argument for a freeze exception.
--- End Message ---
