On 07/18/2013 09:57 AM, Alexander Bokovoy wrote:
On Mon, 15 Jul 2013, Ana Krivokapic wrote:
Hello,
This patch addresses ticket https://fedorahosted.org/freeipa/ticket/3652.
Could you please rebase it on top of git master?
Sure, patches are attached. Spec changes have been split to a separate patch.
--
Regards,
Ana Krivokapic
Associate Software Engineer
FreeIPA team
Red Hat Inc.
From b9887a421a990c644f5b9e44906e379bf2371669 Mon Sep 17 00:00:00 2001
From: Ana Krivokapic akriv...@redhat.com
Date: Mon, 15 Jul 2013 11:09:14 +0200
Subject: [PATCH] Add 'ipa_server_mode' option to SSSD configuration
https://fedorahosted.org/freeipa/ticket/3652
---
install/tools/ipa-upgradeconfig | 13 -
ipa-client/ipa-install/ipa-client-install | 2 ++
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
index 4fbcdb6bf5092c12301f6ec76c5a329f14594fd6..de17c5b23d79f31e8571a3400d44397630cadada 100644
--- a/install/tools/ipa-upgradeconfig
+++ b/install/tools/ipa-upgradeconfig
@@ -32,6 +32,7 @@ import fileinput
import ConfigParser
from ipalib import api
+import SSSDConfig
import ipalib.util
import ipalib.errors
from ipapython import ipautil, sysrestore, version, services
@@ -39,7 +40,6 @@ from ipapython.config import IPAOptionParser
from ipapython.ipa_log_manager import *
from ipapython import certmonger
from ipapython import dogtag
-from ipapython.dn import DN
from ipaserver.install import installutils
from ipaserver.install import dsinstance
from ipaserver.install import httpinstance
@@ -842,6 +842,15 @@ def fix_schema_file_syntax(ds):
sysupgrade.set_upgrade_state('ds', 'fix_schema_syntax', True)
+def set_sssd_domain_option(option, value):
+sssdconfig = SSSDConfig.SSSDConfig()
+sssdconfig.import_config()
+domain = sssdconfig.get_domain(str(api.env.domain))
+domain.set_option(option, value)
+sssdconfig.save_domain(domain)
+sssdconfig.write(/etc/sssd/sssd.conf)
+
+
def main():
Get some basics about the system. If getting those basics fail then
@@ -975,5 +984,7 @@ def main():
except ipautil.CalledProcessError, e:
root_logger.error(Failed to restart %s: %s, ca.service_name, e)
+set_sssd_domain_option('ipa_server_mode', 'True')
+
if __name__ == '__main__':
installutils.run_script(main, operation_name='ipa-upgradeconfig')
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 867307aa570b4e8e90a1a8182f1481f0d11a9840..ce7fadee7d15867ecf5b480cea559e8a62f6449a 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1104,8 +1104,10 @@ def configure_sssd_conf(fstore, cli_realm, cli_domain, cli_server, options, clie
else:
domain.set_option('ipa_server', '_srv_, %s' % ', '.join(cli_server))
else:
+domain.set_option('ipa_server_mode', 'True')
# the master should only use itself for Kerberos
domain.set_option('ipa_server', cli_server[0])
+
domain.set_option('ipa_domain', cli_domain)
domain.set_option('ipa_hostname', client_hostname)
if cli_domain.lower() != cli_realm.lower():
--
1.8.1.4
From 82e2918cf7ef56b7add60219e35ead2db5feb8cf Mon Sep 17 00:00:00 2001
From: Ana Krivokapic akriv...@redhat.com
Date: Thu, 18 Jul 2013 12:21:59 +0200
Subject: [PATCH] Bump version of sssd in spec file
https://fedorahosted.org/freeipa/ticket/3652
---
freeipa.spec.in | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 93c69e59181b59774709b81028526afbab5d0666..b729d52e356e952bb4efad69d8ba1fe7eea3458f 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -228,7 +228,7 @@ Requires: pam_krb5
Requires: wget
Requires: libcurl = 7.21.7-2
Requires: xmlrpc-c = 1.27.4
-Requires: sssd = 1.8.0
+Requires: sssd = 1.10.90
Requires: certmonger = 0.65
Requires: nss-tools
Requires: bind-utils
@@ -825,6 +825,9 @@ fi
%endif # ! %{ONLY_CLIENT}
%changelog
+* Thu Jul 18 2013 Ana Krivokapic akriv...@redhat.com - 3.2.99-8
+- Bump minimum version of sssd to 1.10.90 for the 'ipa_server_mode' option.
+
* Wed Jul 17 2013 Martin Kosek mko...@redhat.com - 3.2.99-7
- Require selinux-policy 3.12.1-65 containing missing policy after removal of
freeipa-server-selinux subpackage
--
1.8.1.4
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel