Hello community, here is the log from the commit of package yast2-auth-client for openSUSE:Factory checked in at 2016-09-12 13:28:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-auth-client (Old) and /work/SRC/openSUSE:Factory/.yast2-auth-client.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-auth-client" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-auth-client/yast2-auth-client.changes 2016-08-16 13:03:40.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-auth-client.new/yast2-auth-client.changes 2016-09-12 13:28:13.000000000 +0200 @@ -1,0 +2,9 @@ +Tue Sep 6 12:32:42 UTC 2016 - [email protected] + +- Fix an issue with UI layout after leaving a domain (bsc#997380). +- Make DNS update optional for AD enrollment (bsc#991564). +- Fix inaccurate description of ad_server parameter (bsc#996873). +- Do not allow using hard bind policy in LDAP config (bsc#996538). + Bump version to 3.3.11. + +------------------------------------------------------------------- Old: ---- yast2-auth-client-3.3.10.tar.bz2 New: ---- yast2-auth-client-3.3.11.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-auth-client.spec ++++++ --- /var/tmp/diff_new_pack.8bmkKT/_old 2016-09-12 13:28:14.000000000 +0200 +++ /var/tmp/diff_new_pack.8bmkKT/_new 2016-09-12 13:28:14.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.3.10 +Version: 3.3.11 Release: 0 Url: https://github.com/yast/yast-auth-client Summary: YaST2 - Centralised System Authentication Configuration ++++++ yast2-auth-client-3.3.10.tar.bz2 -> yast2-auth-client-3.3.11.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/CONTRIBUTING.md new/yast2-auth-client-3.3.11/CONTRIBUTING.md --- old/yast2-auth-client-3.3.10/CONTRIBUTING.md 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/CONTRIBUTING.md 2016-09-12 09:28:40.000000000 +0200 @@ -3,7 +3,7 @@ YaST is an open source project and as such it welcomes all kinds of contributions. If you decide to contribute, please follow these guidelines to -ensure the process is effective and pleasant both for you and YaST maintainers. +ensure the process is effective and pleasant both for you and the YaST maintainers. There are two main forms of contribution: reporting bugs and performing code changes. @@ -17,13 +17,11 @@ registration](https://secure-www.novell.com/selfreg/jsp/createSimpleAccount.jsp) if you don't have an account yet.) -If you find a problem, please report it either using -[Bugzilla](https://bugzilla.suse.com/) or GitHub issues. We can't guarantee -that every bug will be fixed, but we'll try. - When creating a bug report, please follow our [bug reporting guidelines](http://en.opensuse.org/openSUSE:Report_a_YaST_bug). +We can't guarantee that every bug will be fixed, but we'll try. + Code Changes ------------ @@ -44,15 +42,22 @@ to the [Ruby style guide](https://github.com/SUSE/style-guides/blob/master/Ruby.md). - 4. Make sure your change didn't break anything by building the RPM package + 4. Update the package version (in `packages/*.spec`, usually by + `rake version:bump`) and add a new entry to the `package/*.changes` file + (by `osc vc package`). + For bigger changes or changes which need longer discussion it is advised to + add this as a separate last commit so it can be easily updated when another + change is merged in the meantime. + + 5. Make sure your change didn't break anything by building the RPM package (`rake osc:build`). The build process includes running the full testsuite. - 5. Publish the branch and create a pull request. + 6. Publish the branch and create a pull request. - 6. YaST developers will review your change and possibly point out issues. + 7. YaST developers will review your change and possibly point out issues. Adapt the code under their guidance until they are all resolved. - 7. Finally, the pull request will get merged or rejected. + 8. Finally, the pull request will get merged or rejected. See also [GitHub's guide on contributing](https://help.github.com/articles/fork-a-repo). @@ -60,9 +65,6 @@ If you want to do multiple unrelated changes, use separate branches and pull requests. -Do not change the `VERSION` and `*.changes` files as this could lead to -conflicts. - ### Commits Each commit in the pull request should do only one thing, which is clearly diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/package/yast2-auth-client.changes new/yast2-auth-client-3.3.11/package/yast2-auth-client.changes --- old/yast2-auth-client-3.3.10/package/yast2-auth-client.changes 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/package/yast2-auth-client.changes 2016-09-12 09:28:40.000000000 +0200 @@ -1,4 +1,13 @@ ------------------------------------------------------------------- +Tue Sep 6 12:32:42 UTC 2016 - [email protected] + +- Fix an issue with UI layout after leaving a domain (bsc#997380). +- Make DNS update optional for AD enrollment (bsc#991564). +- Fix inaccurate description of ad_server parameter (bsc#996873). +- Do not allow using hard bind policy in LDAP config (bsc#996538). + Bump version to 3.3.11. + +------------------------------------------------------------------- Mon Aug 15 13:05:03 UTC 2016 - [email protected] - Continue with bsc#991855 by removing unnecessary default values. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/package/yast2-auth-client.spec new/yast2-auth-client-3.3.11/package/yast2-auth-client.spec --- old/yast2-auth-client-3.3.10/package/yast2-auth-client.spec 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/package/yast2-auth-client.spec 2016-09-12 09:28:40.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-client -Version: 3.3.10 +Version: 3.3.11 Release: 0 Group: System/YaST License: GPL-2.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/src/lib/auth/authconf.rb new/yast2-auth-client-3.3.11/src/lib/auth/authconf.rb --- old/yast2-auth-client-3.3.10/src/lib/auth/authconf.rb 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/src/lib/auth/authconf.rb 2016-09-12 09:28:40.000000000 +0200 @@ -36,7 +36,7 @@ attr_accessor(:krb_conf, :krb_pam, :ldap_conf, :ldap_pam, :ldap_nss, :sssd_conf, :sssd_pam, :sssd_nss, :sssd_enabled) attr_accessor(:autofs_enabled, :nscd_enabled, :mkhomedir_pam) - attr_accessor(:ad_domain, :ad_user, :ad_ou, :ad_pass, :ad_overwrite_smb_conf, :autoyast_editor_mode, :autoyast_modified) + attr_accessor(:ad_domain, :ad_user, :ad_ou, :ad_pass, :ad_overwrite_smb_conf, :ad_update_dns, :autoyast_editor_mode, :autoyast_modified) # Clear all configuration objects. def clear @@ -67,6 +67,7 @@ @ad_user = '' @ad_ou = '' @ad_pass = '' + @ad_update_dns = true @ad_overwrite_smb_conf = false end @@ -915,17 +916,10 @@ return [ad_has_computer, kerberos_has_key] end - # Memorise AD enrollment parameters. - def ad_set_enrollment_params(domain_name, username, slash_delimited_orgunit, password) - @ad_domain = domain_name - @ad_user = username - @ad_ou = slash_delimited_orgunit - @ad_pass = password - end - # Return AD enrollment configuration. def ad_export - return {'domain' => @ad_domain, 'user' => @ad_user, 'ou' => @ad_ou, 'pass' => @ad_pass, 'overwrite_smb_conf' => @ad_overwrite_smb_conf} + return {'domain' => @ad_domain, 'user' => @ad_user, 'ou' => @ad_ou, 'pass' => @ad_pass, + 'overwrite_smb_conf' => @ad_overwrite_smb_conf, 'update_dns' => @ad_update_dns} end # Set configuration for AD enrollment from exported objects. @@ -935,6 +929,7 @@ @ad_ou = exported_conf['ou'] @ad_pass= exported_conf['pass'] @ad_overwrite_smb_conf = exported_conf['overwrite_smb_conf'] + @ad_update_dns = exported_conf['update_dns'] end # Run "net ads join". Return tuple of boolean success status and command output. @@ -961,8 +956,11 @@ output = '' exitstatus = 0 ou_param = @ad_ou.to_s == '' ? '' : "createcomputer=#{@ad_ou}" - - Open3.popen2("net -s #{smb_conf.path} ads join #{ou_param} -U #{@ad_user}"){ |stdin, stdout, control| + netcmd = "net -s #{smb_conf.path} ads join #{ou_param} -U #{@ad_user}" + if !@ad_update_dns + netcmd += ' --no-dns-updates' + end + Open3.popen2(netcmd){ |stdin, stdout, control| stdin.print(@ad_pass + "\n") stdin.close output = stdout.read @@ -1005,6 +1003,7 @@ # Read all authentication configuration items: kerberos, LDAP, pam and auxiliary daemons, and SSSD. def read_all + clear krb_read ldap_read aux_read diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/src/lib/authui/ldapkrb/ldap_extended_opts_dialog.rb new/yast2-auth-client-3.3.11/src/lib/authui/ldapkrb/ldap_extended_opts_dialog.rb --- old/yast2-auth-client-3.3.10/src/lib/authui/ldapkrb/ldap_extended_opts_dialog.rb 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/src/lib/authui/ldapkrb/ldap_extended_opts_dialog.rb 2016-09-12 09:28:40.000000000 +0200 @@ -37,11 +37,6 @@ def create_dialog super - if AuthConfInst.ldap_conf['bind_policy'] == 'soft' - UI.ChangeWidget(Id(:ldap_bind_policy), :CurrentButton, :ldap_bind_policy_soft) - else - UI.ChangeWidget(Id(:ldap_bind_policy), :CurrentButton, :ldap_bind_policy_hard) - end end def dialog_options @@ -49,11 +44,8 @@ end def dialog_content + # The user cannot possibly understand the implication of 0 in search timeout if the user uses YaST MinWidth(80, VBox( - Frame(_('In Case Of Connection Outage:'), RadioButtonGroup(Id(:ldap_bind_policy), VBox( - Left(RadioButton(Id(:ldap_bind_policy_hard), _('Retry The Operation Endlessly'))), - Left(RadioButton(Id(:ldap_bind_policy_soft), _('Do Not Retry And Fail The Operation'))), - ))), IntField(Id(:ldap_bind_timelimit), Opt(:hstretch), _('Timeout for Bind Operations in Seconds'), 1, 600, (AuthConfInst.ldap_conf['bind_timelimit'].to_s == '' ? '30' : AuthConfInst.ldap_conf['bind_timelimit']).to_i), IntField(Id(:ldap_timelimit), Opt(:hstretch), _('Timeout for Search Operations in Seconds'), 1, 600, @@ -64,12 +56,8 @@ end def finish_handler - case UI.QueryWidget(Id(:ldap_bind_policy), :CurrentButton) - when :ldap_bind_policy_hard - AuthConfInst.ldap_conf['bind_policy'] = 'hard' - when :ldap_bind_policy_soft - AuthConfInst.ldap_conf['bind_policy'] = 'soft' - end + # The user cannot possibly understand the implication of 'hard' policy if the user uses YaST + AuthConfInst.ldap_conf['bind_policy'] = 'soft' AuthConfInst.ldap_conf['bind_timelimit'] = UI.QueryWidget(Id(:ldap_bind_timelimit), :Value) AuthConfInst.ldap_conf['timelimit'] = UI.QueryWidget(Id(:ldap_timelimit), :Value) finish_dialog(:finish) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/src/lib/authui/sssd/main_dialog.rb new/yast2-auth-client-3.3.11/src/lib/authui/sssd/main_dialog.rb --- old/yast2-auth-client-3.3.10/src/lib/authui/sssd/main_dialog.rb 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/src/lib/authui/sssd/main_dialog.rb 2016-09-12 09:28:40.000000000 +0200 @@ -224,6 +224,7 @@ AuthConfInst.sssd_conf['sssd']['domains'].delete_if{|a| a == sect_name.sub(/^domain\//, '')} # Re-render to display default section SSSD + UIData.instance.switch_section('sssd') render_section_tree render_section_conf diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/src/lib/authui/sssd/manage_ad_dialog.rb new/yast2-auth-client-3.3.11/src/lib/authui/sssd/manage_ad_dialog.rb --- old/yast2-auth-client-3.3.10/src/lib/authui/sssd/manage_ad_dialog.rb 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/src/lib/authui/sssd/manage_ad_dialog.rb 2016-09-12 09:28:40.000000000 +0200 @@ -68,6 +68,7 @@ Left(Label(_('Enter AD user credentials (e.g. Administrator) to enroll or re-enroll this computer:'))), InputField(Id(:username), Opt(:hstretch), _('Username'), AuthConfInst.ad_user), Password(Id(:password), Opt(:hstretch), _('Password'), AuthConfInst.ad_pass), + CheckBox(Id(:update_dns), Opt(:hstretch), _('Update AD\'s DNS records as well'), AuthConfInst.ad_update_dns), InputField(Id(:orgunit), Opt(:hstretch), _('Optional Organisation Unit such as "Headquarter/HR/BuildingA"'), AuthConfInst.ad_ou), Left(CheckBox(Id(:overwrite_smb_conf), _('Overwrite Samba configuration to work with this AD'), AuthConfInst.ad_overwrite_smb_conf)), ) @@ -139,6 +140,7 @@ AuthConfInst.ad_user = username AuthConfInst.ad_ou = orgunit AuthConfInst.ad_pass = password + AuthConfInst.ad_update_dns = UI.QueryWidget(Id(:update_dns), :Value) AuthConfInst.ad_overwrite_smb_conf = overwrite_smb_conf if AuthConfInst.autoyast_editor_mode Popup.Message(_('AD enrollment details have been saved for AutoYast. Please keep in mind that AD user password is saved in plain text.')) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-client-3.3.10/src/lib/authui/sssd/params.rb new/yast2-auth-client-3.3.11/src/lib/authui/sssd/params.rb --- old/yast2-auth-client-3.3.10/src/lib/authui/sssd/params.rb 2016-08-15 15:06:49.000000000 +0200 +++ new/yast2-auth-client-3.3.11/src/lib/authui/sssd/params.rb 2016-09-12 09:28:40.000000000 +0200 @@ -1231,11 +1231,11 @@ "ad_server" => { "type" => "string", "important" => true, - "desc" => _("IP addresses or host names of AD servers (comma separated)") + "desc" => _("Host names of AD servers (comma separated).") }, "ad_backup_server" => { "type" => "string", - "desc" => _("The comma-separated list of IP addresses or hostnames of the AD servers to which SSSD should connect in order of preference.") + "desc" => _("Host names of backup AD servers (comma separated).") }, "ad_hostname" => { "type" => "string",
