Hello community, here is the log from the commit of package yast2-auth-client for openSUSE:Factory checked in at 2016-07-14 09:50:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-auth-client (Old) and /work/SRC/openSUSE:Factory/.yast2-auth-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-auth-client" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-auth-client/yast2-auth-client.changes 2016-04-30 23:31:01.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-auth-client.new/yast2-auth-client.changes 2016-07-14 09:50:32.000000000 +0200 @@ -1,0 +2,10 @@ +Wed Jul 13 12:14:39 UTC 2016 - [email protected] + +- Fix bsc#986281: + * Support importing configuration from legacy XML. + * Always install sssd-tools. + * Allow customising homedir override in domains. + * Fix exceptions caused by missing dependencies at runtime. + Bump version to 3.3.8. + +------------------------------------------------------------------- Old: ---- yast2-auth-client-3.3.7.tar.bz2 New: ---- yast2-auth-client-3.3.8.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-auth-client.spec ++++++ --- /var/tmp/diff_new_pack.PKRNrw/_old 2016-07-14 09:50:33.000000000 +0200 +++ /var/tmp/diff_new_pack.PKRNrw/_new 2016-07-14 09:50:33.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.3.7 +Version: 3.3.8 Release: 0 Url: https://github.com/yast/yast-auth-client Summary: YaST2 - Centralised System Authentication Configuration @@ -28,6 +28,7 @@ Source0: %{name}-%{version}.tar.bz2 BuildArch: noarch +Requires: net-tools Requires: yast2 Requires: yast2 >= 2.21.22 Requires: yast2-pam >= 2.20.0 ++++++ yast2-auth-client-3.3.7.tar.bz2 -> yast2-auth-client-3.3.8.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.7/package/yast2-auth-client.changes new/yast2-auth-client-3.3.8/package/yast2-auth-client.changes --- old/yast2-auth-client-3.3.7/package/yast2-auth-client.changes 2016-04-26 15:37:57.000000000 +0200 +++ new/yast2-auth-client-3.3.8/package/yast2-auth-client.changes 2016-07-13 15:56:55.000000000 +0200 @@ -1,4 +1,14 @@ ------------------------------------------------------------------- +Wed Jul 13 12:14:39 UTC 2016 - [email protected] + +- Fix bsc#986281: + * Support importing configuration from legacy XML. + * Always install sssd-tools. + * Allow customising homedir override in domains. + * Fix exceptions caused by missing dependencies at runtime. + Bump version to 3.3.8. + +------------------------------------------------------------------- Tue Mar 22 09:55:56 UTC 2016 - [email protected] - Introduce many new features: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.7/package/yast2-auth-client.spec new/yast2-auth-client-3.3.8/package/yast2-auth-client.spec --- old/yast2-auth-client-3.3.7/package/yast2-auth-client.spec 2016-04-26 15:37:57.000000000 +0200 +++ new/yast2-auth-client-3.3.8/package/yast2-auth-client.spec 2016-07-13 15:56:55.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.3.7 +Version: 3.3.8 Release: 0 Group: System/YaST License: GPL-2.0 @@ -32,6 +32,7 @@ Requires: yast2 >= 2.21.22 Requires: yast2-pam >= 2.20.0 Requires: yast2-ruby-bindings >= 1.0.0 +Requires: net-tools BuildRequires: yast2 BuildRequires: yast2-devtools >= 3.0.6 BuildRequires: rubygem(yast-rake) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.7/src/lib/auth/authconf.rb new/yast2-auth-client-3.3.8/src/lib/auth/authconf.rb --- old/yast2-auth-client-3.3.7/src/lib/auth/authconf.rb 2016-04-26 15:37:57.000000000 +0200 +++ new/yast2-auth-client-3.3.8/src/lib/auth/authconf.rb 2016-07-13 15:56:55.000000000 +0200 @@ -372,7 +372,7 @@ # Calculate package requirements pkgs = [] if @sssd_enabled || @sssd_pam || @sssd_nss.any? - pkgs += ['sssd'] + pkgs += ['sssd', 'sssd-tools'] # Only install the required provider packages. By convention, they are named 'sssd-*'. domain_providers = ['ad', 'ldap', 'ipa', 'proxy', 'krb5'] @sssd_conf.each { |_sect_name, conf| @@ -393,11 +393,13 @@ end end # Write SSSD config file and correct its permission and ownerships - sssd_conf = File.new('/etc/sssd/sssd.conf', 'w') - sssd_conf.chmod(0600) - sssd_conf.chown(0, 0) - sssd_conf.write(sssd_make_conf) - sssd_conf.close + if File.exists?('/etc/sssd') + sssd_conf = File.new('/etc/sssd/sssd.conf', 'w') + sssd_conf.chmod(0600) + sssd_conf.chown(0, 0) + sssd_conf.write(sssd_make_conf) + sssd_conf.close + end # Save PAM/NSS/daemon status if @sssd_pam Yast::Pam.Add('sss') @@ -865,12 +867,17 @@ return out end - # Call package installer to install Samba if it has not yet been installed. + # Call package installer to install Samba and Kerberos if it has not yet been installed. def ad_install_samba - if Yast::Package.Installed('samba') || Yast::Package.DoInstall(['samba']) + pkgs = ['samba-client', 'krb5-client'] + pkgs.delete_if { |name| Yast::Package.Installed(name) } + if pkgs.length == 0 + return true + end + if Yast::Package.DoInstall(['samba-client', 'krb5-client']) return true end - Yast::Report.Error(_('Failed to install Samba, required by Active Directory operations.')) + Yast::Report.Error(_('Failed to install Samba & Kerberos required by Active Directory operations.')) return false end @@ -901,11 +908,9 @@ end smb_conf = ad_create_tmp_smb_conf(ad_domain_name, ad_get_workgroup_name(ad_domain_name)) _, status = Open3.capture2("net -s #{smb_conf.path} ads testjoin") - ad_has_computer = status.exitstatus == 0 klist, _ = Open3.capture2("klist -k") kerberos_has_key = klist.split("\n").any?{ |line| /#{Socket.gethostname}.*#{ad_domain_name.downcase}/.match(line.downcase) } - smb_conf.unlink return [ad_has_computer, kerberos_has_key] end @@ -939,6 +944,9 @@ if @autoyast_editor_mode || @ad_domain.to_s == '' || @ad_user.to_s == '' || @ad_pass.to_s == '' return [true, _('Nothing is done because AD is not configured')] end + if !ad_install_samba + return [false, _('Failed to install Samba')] + end # Configure Kerberos kdc_host_name = ad_find_kdc(@ad_domain) if kdc_host_name == '' @@ -949,9 +957,6 @@ krb_apply # Create a temporary smb.conf to join this computer - if !ad_install_samba - return [false, _('Failed to install Samba')] - end smb_conf = ad_create_tmp_smb_conf(@ad_domain, ad_get_workgroup_name(@ad_domain)) output = '' exitstatus = 0 @@ -1010,7 +1015,7 @@ def calc_pkg_deps pkgs = [] if @sssd_enabled || @sssd_pam || @sssd_nss.any? - pkgs += ['sssd'] + pkgs += ['sssd', 'sssd-tools'] # Only install the required provider packages. By convention, they are named 'sssd-*'. domain_providers = ['ad', 'ldap', 'ipa', 'proxy', 'krb5'] @sssd_conf.each { |_sect_name, conf| @@ -1042,6 +1047,9 @@ if @nscd_enabled pkgs += ['nscd'] end + if @ad_domain.to_s != '' + pkgs += ['samba-client', 'krb5-client'] + end return pkgs end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.7/src/lib/authui/autoclient.rb new/yast2-auth-client-3.3.8/src/lib/authui/autoclient.rb --- old/yast2-auth-client-3.3.7/src/lib/authui/autoclient.rb 2016-04-26 15:37:57.000000000 +0200 +++ new/yast2-auth-client-3.3.8/src/lib/authui/autoclient.rb 2016-07-13 15:56:55.000000000 +0200 @@ -40,13 +40,36 @@ # Import configuration parameters saved by Export operation. def import(exported) - record = JSON.parse(exported['conf_json']) - AuthConfInst.sssd_import(record['sssd']) - AuthConfInst.ldap_import(record['ldap']) - AuthConfInst.krb_import(record['krb']) - AuthConfInst.aux_import(record['aux']) - AuthConfInst.ad_import(record['ad']) - AuthConfInst.autoyast_modified = true + if exported.has_key?('sssd') + # Import legacy XML configuration from SLE 12 SP0 or SP1 + enabled = exported.fetch('sssd', nil) + daemon = exported.fetch('sssd_conf', {}).fetch('sssd', nil) + domain = exported.fetch('sssd_conf', {}).fetch('auth_domains', {}).fetch('domain', {}) + domain_name = domain.fetch('domain_name', nil) + if enabled != 'yes' || daemon.nil? || domain_name.nil? + log.info('legacy configuration is empty or disabled') + return true + end + AuthConfInst.clear + AuthConfInst.sssd_lint_conf # make a basic config structure + AuthConfInst.sssd_enabled = true + AuthConfInst.sssd_pam = true + AuthConfInst.sssd_nss = ['passwd', 'group'] + AuthConfInst.sssd_conf['sssd'] = daemon + domain.delete('domain_name') + AuthConfInst.sssd_conf['domain/' + domain_name] = domain + AuthConfInst.sssd_lint_conf # break "domains" and "services" into arrays + else + # Import JSON configuration from SLE 12 SP2 + record = JSON.parse(exported['conf_json']) + AuthConfInst.sssd_import(record['sssd']) + AuthConfInst.ldap_import(record['ldap']) + AuthConfInst.krb_import(record['krb']) + AuthConfInst.aux_import(record['aux']) + AuthConfInst.ad_import(record['ad']) + AuthConfInst.autoyast_modified = true + end + return true end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.7/src/lib/authui/sssd/params.rb new/yast2-auth-client-3.3.8/src/lib/authui/sssd/params.rb --- old/yast2-auth-client-3.3.7/src/lib/authui/sssd/params.rb 2016-04-26 15:37:57.000000000 +0200 +++ new/yast2-auth-client-3.3.8/src/lib/authui/sssd/params.rb 2016-07-13 15:56:55.000000000 +0200 @@ -505,6 +505,10 @@ "type" => "int", "desc" => _("Override the primary GID value with the one specified.") }, + "override_homedir" => { + "type" => "string", + "desc" => _("Override the user's home directory. You can either provide an absolute value or a template.") + }, "case_sensitive" => { "type" => "boolean", "def" => true,
