Hello community, here is the log from the commit of package trytond for openSUSE:Factory checked in at 2017-07-05 23:56:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trytond (Old) and /work/SRC/openSUSE:Factory/.trytond.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trytond" Wed Jul 5 23:56:19 2017 rev:9 rq:507741 version:4.2.5 Changes: -------- --- /work/SRC/openSUSE:Factory/trytond/trytond.changes 2017-06-12 15:34:30.826741694 +0200 +++ /work/SRC/openSUSE:Factory/.trytond.new/trytond.changes 2017-07-05 23:56:20.969887979 +0200 @@ -2 +2 @@ -Tue Jun 6 21:12:54 UTC 2017 - [email protected] +Mon Jul 3 09:12:15 UTC 2017 - [email protected] @@ -4 +4 @@ -- Version 3.8.12 +- Version 4.2.5 @@ -7 +7 @@ -Mon Apr 3 20:06:18 UTC 2017 - [email protected] +Tue Jun 20 16:26:42 UTC 2017 - [email protected] @@ -9 +9,2 @@ -- Version 3.8.11 +- Patch for user login user_login.patch from GNU Health 3.20 applied + trytond_server.diff removed as not needed anymore @@ -12 +13 @@ -Tue Mar 14 21:28:23 UTC 2017 - [email protected] +Tue Jun 6 07:50:44 UTC 2017 - [email protected] @@ -14 +15 @@ -- Version 3.8.10 +- Version 4.2.4 @@ -17 +18 @@ -Fri Feb 17 13:15:22 UTC 2017 - [email protected] +Mon Apr 3 19:36:48 UTC 2017 - [email protected] @@ -19 +20 @@ -- proposal path for sao changed +- Version 4.2.3 @@ -22 +23 @@ -Sun Dec 18 01:01:12 UTC 2016 - [email protected] +Fri Mar 10 10:24:56 UTC 2017 - [email protected] @@ -24,3 +25 @@ -- version 3.8.9 - * Sanitize path in file_open (CVE-2016-1242) bsc#1016886 - * Prevent read of user password hash (CVE-2016-1241) bsc#1016885 +- Version 4.2.2 @@ -29 +28 @@ -Tue Oct 18 19:06:22 UTC 2016 - [email protected] +Fri Jan 6 15:27:55 UTC 2017 - [email protected] @@ -31 +30 @@ -- update of README +- Version 4.2.1 @@ -34 +33 @@ -Wed Sep 28 18:53:35 UTC 2016 - [email protected] +Mon Nov 28 18:22:41 UTC 2016 - [email protected] @@ -36 +35 @@ -- update of trytond.conf and README.SUSE +- Tryton Release 4.2 @@ -39,11 +38 @@ -Wed Aug 31 06:15:53 UTC 2016 - [email protected] - -- Version 3.8.8 - -------------------------------------------------------------------- -Wed Aug 24 15:01:13 UTC 2016 - [email protected] - -- License added to package documentation - -------------------------------------------------------------------- -Wed Aug 24 11:27:00 UTC 2016 - [email protected] +Wed Aug 24 13:52:32 UTC 2016 - [email protected] @@ -56 +45 @@ -Tue Jul 5 09:43:38 UTC 2016 - [email protected] +Tue Jul 5 09:46:31 UTC 2016 - [email protected] @@ -58 +47 @@ -- version 3.8.6 +- version 4.0.2 @@ -61 +50 @@ -Thu Jun 30 13:34:19 UTC 2016 - [email protected] +Tue May 02 10:24:48 UTC 2016 - [email protected] @@ -63 +52 @@ -- changed requirement to python-python-sql +- Tryton Release 4.0 Old: ---- trytond-3.8.12.tar.gz trytond_server.diff New: ---- trytond-4.2.5.tar.gz user_login.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trytond.spec ++++++ --- /var/tmp/diff_new_pack.fQuqdh/_old 2017-07-05 23:56:21.781773613 +0200 +++ /var/tmp/diff_new_pack.fQuqdh/_new 2017-07-05 23:56:21.785773049 +0200 @@ -2,7 +2,7 @@ # spec file for package trytond # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2016 Dr. Axel Braun +# Copyright (c) 2015, 2016 Dr. Axel Braun # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,54 +17,60 @@ # -%define majorver 3.8 +%define majorver 4.2 %define base_name tryton Name: trytond -Version: %{majorver}.12 +Version: %{majorver}.5 Release: 0 -Summary: An Enterprise Resource Planning system + +Summary: An Enterprise Resource Planning (ERP) system License: GPL-3.0+ Group: Productivity/Office/Management Url: http://www.tryton.org/ Source0: http://downloads.tryton.org/%{majorver}/%{name}-%{version}.tar.gz +#Patch0: trytond340.patch Source1: tryton-server.README.SUSE Source2: trytond.conf.example Source3: %{name}.conf Source4: %{name}_log.conf -#Source11: %{name}.sysconfig +# GNU Health patch for user login +Patch0: user_login.patch Source20: %{name}.service -Patch0: %{name}_server.diff # List of additional build dependencies BuildRequires: fdupes -BuildRequires: python-devel -BuildRequires: python-lxml -BuildRequires: python-psycopg2 -BuildRequires: python-pydot -BuildRequires: python-python-sql -BuildRequires: python-setuptools -BuildRequires: python-simplejson +BuildRequires: python3-Werkzeug +BuildRequires: python3-bcrypt +BuildRequires: python3-lxml +BuildRequires: python3-psycopg2 +BuildRequires: python3-pydot3 +BuildRequires: python3-python-sql +BuildRequires: python3-setuptools +BuildRequires: python3-simplejson +BuildRequires: python3-wrapt BuildRequires: systemd-rpm-macros -Requires: libreoffice-pyuno Requires: postgresql-server -Requires: python-Genshi -Requires: python-Levenshtein -Requires: python-PyWebDAV -Requires: python-Sphinx -Requires: python-cdecimal -Requires: python-lxml -Requires: python-mock -Requires: python-polib -Requires: python-psycopg2 -Requires: python-py-bcrypt -#Requires: python-pytz -#Requires: python-pyOpenSSL -#Requires: python-egenix-mx-base -Requires: python-python-dateutil -Requires: python-python-sql -Requires: python-relatorio +Requires: python3-Genshi +Requires: python3-lxml +Requires: python3-psycopg2 +#Requires: python3-pytz +#Requires: python3-pyOpenSSL +#Requires: python3-egenix-mx-base +Requires: libreoffice-pyuno +Requires: python3-Levenshtein +Requires: python3-dateutil +Requires: python3-polib +Requires: python3-python-sql +Requires: python3-relatorio Requires: unoconv -Requires(pre): %{_sbindir}/groupadd -Requires(pre): %{_sbindir}/useradd +#Requires: python3-PyWebDAV +Requires: python3-Sphinx +Requires: python3-Werkzeug +Requires: python3-bcrypt +Requires: python3-mock +Requires: python3-simpleeval +Requires: python3-wrapt +Requires(pre): /usr/sbin/groupadd +Requires(pre): /usr/sbin/useradd BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch %{?systemd_requires} @@ -78,23 +84,24 @@ %prep %setup -q -cp %{SOURCE1} . -cp %{SOURCE2} . +cp %{S:1} . +cp %{S:2} . +%patch0 -p0 %build -python setup.py build +python3 setup.py build %install -python setup.py install --prefix=%{_prefix} --root=%{buildroot} --record-rpm=filelist +python3 setup.py install --prefix=%_prefix --root=%buildroot --record-rpm=filelist # only for systemd -mkdir -p %{buildroot}%{_sysconfdir}/%{base_name} -install -p -m 640 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{base_name}/%{name}.conf -install -p -m 640 %{SOURCE4} %{buildroot}%{_sysconfdir}/%{base_name}/%{name}_log.conf +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/%{base_name} +install -p -m 640 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/%{base_name}/%{name}.conf +install -p -m 640 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/%{base_name}/%{name}_log.conf -mkdir -p %{buildroot}%{_unitdir} -install -p -m 644 %{SOURCE20} %{buildroot}%{_unitdir}/%{name}.service +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +install -p -m 644 %{SOURCE20} $RPM_BUILD_ROOT%{_unitdir}/%{name}.service -mkdir -p %{buildroot}%{_localstatedir}/{lib,log}/%{base_name} +mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/{lib,log}/%{base_name} %fdupes -s %{buildroot} %pre @@ -114,11 +121,14 @@ %service_del_postun trytond.service %files +#%files -f filelist %defattr(-,root,root) %doc README tryton-server.README.SUSE trytond.conf.example LICENSE doc/* -%{python_sitelib}/* +%{python3_sitelib}/* %dir %{_sysconfdir}/%{base_name} %{_bindir}/%{name} +%{_bindir}/%{name}-admin +%{_bindir}/%{name}-cron %{_unitdir}/%{name}.service %attr(640,root,tryton) %config(noreplace)%{_sysconfdir}/%{base_name}/%{name}.conf %attr(640,root,tryton) %config(noreplace)%{_sysconfdir}/%{base_name}/%{name}_log.conf ++++++ tryton-server.README.SUSE ++++++ --- /var/tmp/diff_new_pack.fQuqdh/_old 2017-07-05 23:56:21.841765161 +0200 +++ /var/tmp/diff_new_pack.fQuqdh/_new 2017-07-05 23:56:21.841765161 +0200 @@ -14,12 +14,15 @@ <you are logged in as user 'root'> #su postgres #nano /var/lib/pgsql/data/pg_hba.conf + Change the line local all all md5 to local all all trust Save your input. +Save your input. + 3) Create a role for 'tryton' in the database (sill as user postgres) #psql -c "CREATE USER tryton WITH CREATEDB;" @@ -33,7 +36,6 @@ 6) start trytond: #systemctl start trytond -Now the Tryton Server is running. You need a client to connect to it 7) Install the tryton client: #zypper in tryton @@ -41,10 +43,12 @@ 8) Open the tryton client: #tryton go to 'manage profiles' -> add -> name it 'localhost' -> Host: localhost --> you should now see a button to create a database +-> you should now see a selection of available databases -DONE. +Note: Fron Tryton Release 4.2 onwards it is not possible anymore to create databases +from the Frontend. You need to do this manually (see below) +DONE. Setup (a bit more in detail) ============================ @@ -70,17 +74,23 @@ Note: If PostgreSQL runs on another machine than the Tryton server, make sure you have setup database password authentication. Please refer to the - PostgreSQL manual how to do this. If they run on the same machine, connection - via local sockets is preferred and you are done with the default configuration - of the PostgreSQL package. + PostgreSQL manual how to do this. - If postgres runs locally, you may need to change the configuration file - /var/lib/pgsql/data/pg_hba.conf the line - local all all md5 - to - local all all trust + To allow Tryton Server to connect to postgres, md5 authentication should be used. + In the configuration file /var/lib/pgsql/data/pg_hba.conf change the lines + + # IPv4 local connections: + host all all 127.0.0.1/32 ident + # IPv6 local connections: + host all all ::1/128 ident + + to: + # IPv4 local connections: + host all all 127.0.0.1/32 md5 + # IPv6 local connections: + host all all ::1/128 md5 - Restart the database-server for the changes to take effect. + Restart the server for the changes to take effect. * Creating the database user: @@ -93,7 +103,7 @@ psql -c "CREATE USER tryton WITH CREATEDB;" Case 2) - In case 2 the user needs additionally an encrypted password:: + In case 2 the user needs additionally an encrypted password to log into the DB: su postgres psql -c "ALTER ROLE tryton ENCRYPTED PASSWORD 'tryton_password' ;" @@ -130,7 +140,7 @@ * If the Tryton server is listening on external interfaces, it is highly recommended to enable SSL for the connection. - Note: See https://github.com/mbehrle/tryton/blob/wiki/InstallationonopenSUSE.md#Setting_up_SSL_communication_with_the_Tryton_server + Note: See https://code.google.com/p/tryton/wiki/InstallationonopenSUSE#Setting_up_SSL_communication_with_the_Tryton_server for a description to set up certificates * Restarting trytond: @@ -149,7 +159,7 @@ Creating the database for Tryton -------------------------------- -For case 1, manual creation of the database, the following steps are to be performed: +For case 1, manual creation of the database, the folowing steps are to be performed: * Creating the database: @@ -160,8 +170,11 @@ (here as default: mydb). * Initializing the database: + + Log in as user tryton: - # /usr/bin/trytond -c /etc/tryton/trytond.conf --all -d mydb + # sudo su tryton -s /bin/bash + # /usr/bin/trytond-admin -c /etc/tryton/trytond.conf --all -d mydb Note: Use the database name you chose in the previous step (here as default: mydb). You will be asked for the admin password for this database. @@ -171,7 +184,7 @@ For case 2, you need to create an encrypted password and enter it in the configuration file as super_pwd -See: http://doc.tryton.org/3.8/trytond/doc/topics/configuration.html +See: http://doc.tryton.org/4.2/trytond/doc/topics/configuration.html Installation of the Webfrontend for tryton (sao) from package @@ -183,8 +196,8 @@ You need to edit /etc/tryton/trytond.conf. Installation of tryton-sao follows the standards for nodejs-installations, so the path is within the node-modules: -In the section [jsonrpc], set the data path: - data = /usr/lib/node-modules/tryton-sao +In the section [web], set the path: + root = /usr/lib/node-modules/tryton-sao Now restart trytond. @@ -207,8 +220,8 @@ node_modules/grunt-cli/bin/grunt Last but not least, edit /etc/tryton/trytond.conf -In the section [jsonrpc], set the data path: - data = /srv/tryton-sao/package +In the section [web], set the path: + root = /usr/lib/node-modules/tryton-sao Now restart trytond. @@ -220,7 +233,7 @@ version string) you have to update your database(s). After the categorically recommended backup do: - # /usr/bin/trytond -c /etc/tryton/trytond.conf --all -d mydb + # /usr/bin/trytond-admin -c /etc/tryton/trytond.conf --all -d mydb Remember to replace tryton with the name of your database. @@ -262,4 +275,4 @@ * Only the same major version of Tryton client and Tryton server can connect. - -- Axel Braun <[email protected]> Wed Sep 28 18:35:02 UTC 2016 + -- Axel Braun <[email protected]> TUE Jun 20 15:40:04 UTC 2017 ++++++ trytond-3.8.12.tar.gz -> trytond-4.2.5.tar.gz ++++++ ++++ 187675 lines of diff (skipped) ++++++ trytond.conf ++++++ --- /var/tmp/diff_new_pack.fQuqdh/_old 2017-07-05 23:56:22.225711077 +0200 +++ /var/tmp/diff_new_pack.fQuqdh/_new 2017-07-05 23:56:22.225711077 +0200 @@ -16,17 +16,12 @@ # (e.g. PostgreSQL database running on the same machine (localhost)) #uri = postgresql://tryton:tryton@/ # -# Postgres running on the same machine: - -uri = postgresql:/// - -# -# # PostgreSQL via TCP/IP # (e.g. connecting to a PostgreSQL database running on a remote machine or # by means of md5 authentication. Needs PostgreSQL to be configured to accept # those connections (pg_hba.conf).) -#uri = postgresql://tryton:tryton@localhost:5432/ + +uri = postgresql://tryton:tryton@localhost:5432/ # The path to the directory where the Tryton Server stores files. # The server must have write permissions to this directory. @@ -72,12 +67,7 @@ #hostname = # The root path to retrieve data for GET requests -# used for SAO as well! -# -#data = /srv/tryton-sao/package -# -# SAO listens on http://localhost:8000 - +#data = jsondata [xmlrpc] # Settings for the XML-RPC network interface @@ -137,3 +127,7 @@ #uri = ldap://host:port/dn?attributes?scope?filter?extensions # A basic default URL could look like #uri = ldap://localhost:389/ + +[web] +# Path for the web-frontend +#root = /usr/lib/node-modules/tryton-sao ++++++ trytond.conf.example ++++++ --- /var/tmp/diff_new_pack.fQuqdh/_old 2017-07-05 23:56:22.253707133 +0200 +++ /var/tmp/diff_new_pack.fQuqdh/_new 2017-07-05 23:56:22.253707133 +0200 @@ -16,16 +16,12 @@ # (e.g. PostgreSQL database running on the same machine (localhost)) #uri = postgresql://tryton:tryton@/ # -#Default setting for a local postgres database - -uri = postgresql:/// - -# # PostgreSQL via TCP/IP # (e.g. connecting to a PostgreSQL database running on a remote machine or # by means of md5 authentication. Needs PostgreSQL to be configured to accept # those connections (pg_hba.conf).) -#uri = postgresql://tryton:tryton@localhost:5432/ + +uri = postgresql://tryton:tryton@localhost:5432/ # The path to the directory where the Tryton Server stores files. # The server must have write permissions to this directory. @@ -133,3 +129,7 @@ #uri = ldap://host:port/dn?attributes?scope?filter?extensions # A basic default URL could look like #uri = ldap://localhost:389/ + +[web] +# Path for the web-frontend +#root = /usr/lib/node-modules/tryton-sao ++++++ user_login.patch ++++++ diff -ruN a/user.py b/user.py --- trytond/res/user.py 2017-06-07 11:24:56.101578719 +0100 +++ trytond/res/user.py 2017-06-07 11:24:15.136154818 +0100 @@ -495,7 +495,6 @@ Return user id if password matches ''' LoginAttempt = Pool().get('res.user.login.attempt') - time.sleep(2 ** LoginAttempt.count(login) - 1) for method in config.get( 'session', 'authentications', default='password').split(','): try: @@ -505,9 +504,11 @@ continue user_id = func(login, parameters) if user_id: - LoginAttempt.remove(login) return user_id - LoginAttempt.add(login) + else: + logger.info('Invalid login from : %s', login) + time.sleep(3) + @classmethod def _login_password(cls, login, parameters):
