date:20160915

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (-Changes requested)

2016-09-15 Thread celestian

celestian's pull request #26: "KRB5: Fixing FQ name of user in krb5_setup()" 
label *Changes requested* has been removed

See the full pull-request at https://github.com/SSSD/sssd/pull/26
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org

[SSSD] Re: [PATCH] SPEC: Rename python packages using macro %python_provide

2016-09-15 Thread Lukas Slebodnik

On (15/09/16 14:08), Lukas Slebodnik wrote:
>On (05/07/16 13:39), Lukas Slebodnik wrote:
>>ehlo,
>>
>>SSSD python packages were renamed in fedora few months ago.
>> python-* -> python2-*
>>But we didn't rename packages in upstream spec file and therefore
>>upgrade from fedora 24 -> sssd master is not possible.
>>
>>Attached patch shoudl fix the issue.
>>
>>BTW here are provides and obsoletes for current master
>>  sh$ rpm -qp --provides python-libipa_hbac-1.13.92-0.fc24.x86_64.rpm
>>  libipa_hbac-python = 1.13.92-0.fc24
>>  python-libipa_hbac = 1.13.92-0.fc24
>>  python-libipa_hbac(x86-64) = 1.13.92-0.fc24
>>
>>  sh$ rpm -qp --obsoletes python-libipa_hbac-1.13.92-0.fc24.x86_64.rpm
>>  libipa_hbac-python < 1.12.90
>>
>>and after renaming
>>  sh$ rpm -qp --provides python2-libipa_hbac-1.13.92-0.el6.x86_64.rpm
>>  libipa_hbac-python = 1.13.92-0.el6
>>  python-libipa_hbac = 1.13.92-0.el6
>>  python2-libipa_hbac = 1.13.92-0.el6
>>  python2-libipa_hbac(x86-64) = 1.13.92-0.el6
>>
>>  sh$ rpm -qp --obsoletes python2-libipa_hbac-1.13.92-0.el6.x86_64.rpm
>>  libipa_hbac-python < 1.12.90
>>  python-libipa_hbac < 1.13.92-0.el6
>>
>
>Attached is an updated patch.
>
>http://sssd-ci.duckdns.org/logs-test/job/4/51/summary.html
>
I sent wrong patch in previous mail.

LS
From 60f504d1123a3458a85797b7063cfee8202e5cf4 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik 
Date: Wed, 14 Sep 2016 14:31:29 +0200
Subject: [PATCH] SPEC: Rename python packages using macro %python_provide

Fedora and epel contains macro %python_provide
for simpler renaming of python packages. It will generate correct
provides and obsoletes.
---
 contrib/sssd.spec.in | 90 
 1 file changed, 70 insertions(+), 20 deletions(-)

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 
1f79ca7cd0a56dc1ab9c951abe11dc216ef3ad03..a0937d54903002521f07fb012742eb11f2584c54
 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -11,6 +11,46 @@
 %{!?python2_sitearch: %global python2_sitearch %(%{__python2} -c "from 
distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
 %endif
 
+%{!?python_provide: %global need_python_provide 1}
+%if 0%{?need_python_provide}
+%define python_provide() %{lua:
+function string.starts(String, Start)
+return string.sub(String, 1, string.len(Start)) == Start
+end
+package = rpm.expand("%{?1:%{1}}");
+vr = rpm.expand("%{?epoch:%{epoch}:}%{version}-%{release}")
+if (string.starts(package, "python2-")) then
+if (rpm.expand("%{?buildarch}") ~= "noarch") then
+str = "Provides: python-" ..
+  string.sub(package, 9, string.len(package)) ..
+  "%{?_isa} = " .. vr;
+print(rpm.expand(str));
+end
+print("\\nProvides: python-");
+print(string.sub(package, 9, string.len(package)));
+print(" = ");
+print(vr);
+--Obsoleting the previous default python package
+if (rpm.expand("%{?buildarch}") ~= "noarch") then
+str = "\\nObsoletes: python-" ..
+  string.sub(package, 9, string.len(package)) ..
+  "%{?_isa} < " .. vr;
+print(rpm.expand(str));
+end
+print("\\nObsoletes: python-");
+print(string.sub(package, 9, string.len(package)));
+print(" < ");
+print(vr);
+elseif (string.starts(package, "python3-")) then
+--No unversioned provides as python3 is not default
+else
+print("%python_provide: ERROR: ");
+print(package);
+print(" not recognized.");
+end
+}
+%endif
+
 # Fedora and RHEL 6+
 # we don't want to provide private python extension libs
 %define __provides_exclude_from %{python2_sitearch}/.*\.so$
@@ -95,7 +135,7 @@ Requires: sssd-proxy = %{version}-%{release}
 %if (0%{?with_python3} == 1)
 Requires: python3-sssdconfig = %{version}-%{release}
 %else
-Requires: python-sssdconfig = %{version}-%{release}
+Requires: python2-sssdconfig = %{version}-%{release}
 %endif
 
 %global servicename sssd
@@ -253,8 +293,8 @@ Requires: sssd-common = %{version}-%{release}
 Requires: python3-sss = %{version}-%{release}
 Requires: python3-sssdconfig = %{version}-%{release}
 %else
-Requires: python-sss = %{version}-%{release}
-Requires: python-sssdconfig = %{version}-%{release}
+Requires: python2-sss = %{version}-%{release}
+Requires: python2-sssdconfig = %{version}-%{release}
 %endif
 
 %description tools
@@ -267,13 +307,14 @@ Also provides several other administrative tools:
 * sss_obfuscate for generating an obfuscated LDAP password
 * sssctl -- an sssd status and control utility
 
-%package -n python-sssdconfig

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (synchronize)

2016-09-15 Thread celestian

celestian's pull request #26: "KRB5: Fixing FQ name of user in krb5_setup()" 
was synchronize

See the full pull-request at https://github.com/SSSD/sssd/pull/26
... or pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/26/head:pr26
git checkout pr26
From 2e6684fb70896ab05ce34ff20463a38db9c2ce1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C4=8Cech?= 
Date: Thu, 15 Sep 2016 09:54:18 -0400
Subject: [PATCH 1/2] MAKEFILE: Fixing CFLAGS at ad_common_tests

---
 Makefile.am | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Makefile.am b/Makefile.am
index f89af5a..d1d31de 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2468,6 +2468,7 @@ ad_common_tests_SOURCES = \
 src/providers/ldap/sdap_async_initgroups_ad.c \
 $(NULL)
 ad_common_tests_CFLAGS = \
+$(AM_CFLAGS) \
 $(NDR_NBT_CFLAGS) \
 $(NDR_KRB5PAC_CFLAGS) \
 $(NULL)

From 37f2cf253759f83c7bd42d577a2fd1a9c76100d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C4=8Cech?= 
Date: Wed, 14 Sep 2016 09:00:06 -0400
Subject: [PATCH 2/2] KRB5: Fixing FQ name of user in krb5_setup()

This patch fixes creation of FQ username if krb5_map_user option
ise used.

Resolves:
https://fedorahosted.org/sssd/ticket/3188
---
 src/providers/krb5/krb5_init_shared.c |  1 +
 src/providers/krb5/krb5_utils.c   | 17 -
 src/providers/krb5/krb5_utils.h   |  4 +++-
 src/tests/krb5_utils-tests.c  | 33 -
 4 files changed, 40 insertions(+), 15 deletions(-)

diff --git a/src/providers/krb5/krb5_init_shared.c b/src/providers/krb5/krb5_init_shared.c
index 767291c..c8fd859 100644
--- a/src/providers/krb5/krb5_init_shared.c
+++ b/src/providers/krb5/krb5_init_shared.c
@@ -94,6 +94,7 @@ errno_t krb5_child_init(struct krb5_ctx *krb5_auth_ctx,
 ret = parse_krb5_map_user(krb5_auth_ctx,
   dp_opt_get_cstring(krb5_auth_ctx->opts,
  KRB5_MAP_USER),
+  bectx->domain->name,
   _auth_ctx->name_to_primary);
 if (ret != EOK) {
 DEBUG(SSSDBG_OP_FAILURE, "parse_krb5_map_user failed: %s:[%d]\n",
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
index 0ac60da..1fc4f2b 100644
--- a/src/providers/krb5/krb5_utils.c
+++ b/src/providers/krb5/krb5_utils.c
@@ -521,7 +521,9 @@ fill_name_to_primary_map(TALLOC_CTX *mem_ctx, char **map,
 }
 
 errno_t
-parse_krb5_map_user(TALLOC_CTX *mem_ctx, const char *krb5_map_user,
+parse_krb5_map_user(TALLOC_CTX *mem_ctx,
+const char *krb5_map_user,
+const char *dom_name,
 struct map_id_name_to_krb_primary **_name_to_primary)
 {
 int size;
@@ -529,6 +531,7 @@ parse_krb5_map_user(TALLOC_CTX *mem_ctx, const char *krb5_map_user,
 errno_t ret;
 TALLOC_CTX *tmp_ctx;
 struct map_id_name_to_krb_primary *name_to_primary;
+char *fq_name;
 
 tmp_ctx = talloc_new(NULL);
 if (tmp_ctx == NULL) {
@@ -570,6 +573,18 @@ parse_krb5_map_user(TALLOC_CTX *mem_ctx, const char *krb5_map_user,
 }
 }
 
+/* conversion names to fully-qualified names */
+for (int i = 0; i < size; i++) {
+fq_name = sss_create_internal_fqname(tmp_ctx,
+ name_to_primary[i].id_name,
+ dom_name);
+name_to_primary[i].id_name = talloc_strdup(name_to_primary, fq_name);
+
+fq_name = sss_create_internal_fqname(tmp_ctx,
+ name_to_primary[i].krb_primary,
+ dom_name);
+name_to_primary[i].krb_primary = talloc_strdup(name_to_primary, fq_name);
+}
 ret = EOK;
 
 done:
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h
index 75b93c3..3051a99 100644
--- a/src/providers/krb5/krb5_utils.h
+++ b/src/providers/krb5/krb5_utils.h
@@ -51,7 +51,9 @@ errno_t get_domain_or_subdomain(struct be_ctx *be_ctx,
 struct sss_domain_info **dom);
 
 errno_t
-parse_krb5_map_user(TALLOC_CTX *mem_ctx, const char *krb5_map_user,
+parse_krb5_map_user(TALLOC_CTX *mem_ctx,
+const char *krb5_map_user,
+const char *dom_name,
 struct map_id_name_to_krb_primary **_name_to_primary);
 
 #endif /* __KRB5_UTILS_H__ */
diff --git a/src/tests/krb5_utils-tests.c b/src/tests/krb5_utils-tests.c
index 515a194..6d03a30 100644
--- a/src/tests/krb5_utils-tests.c
+++ b/src/tests/krb5_utils-tests.c
@@ -614,25 +614,25 @@ START_TEST(test_parse_krb5_map_user)
 /* empty input */
 {
 check_leaks_push(mem_ctx);
-ret = parse_krb5_map_user(mem_ctx, NULL, _to_primary);
+ret = parse_krb5_map_user(mem_ctx, NULL, DOMAIN_NAME, _to_primary);
 fail_unless(ret == EOK);

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (comment)

2016-09-15 Thread celestian

celestian commented on a pull request

"""
http://sssd-ci.duckdns.org/logs/job/53/43/summary.html
So, it is problem with cflags in test. I will send patch soon.

"""

See the full comment at 
https://github.com/SSSD/sssd/pull/26#issuecomment-24735
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org

[SSSD] Re: [PATCH] SPEC: Rename python packages using macro %python_provide

2016-09-15 Thread Lukas Slebodnik

On (05/07/16 13:39), Lukas Slebodnik wrote:
>ehlo,
>
>SSSD python packages were renamed in fedora few months ago.
> python-* -> python2-*
>But we didn't rename packages in upstream spec file and therefore
>upgrade from fedora 24 -> sssd master is not possible.
>
>Attached patch shoudl fix the issue.
>
>BTW here are provides and obsoletes for current master
>  sh$ rpm -qp --provides python-libipa_hbac-1.13.92-0.fc24.x86_64.rpm
>  libipa_hbac-python = 1.13.92-0.fc24
>  python-libipa_hbac = 1.13.92-0.fc24
>  python-libipa_hbac(x86-64) = 1.13.92-0.fc24
>
>  sh$ rpm -qp --obsoletes python-libipa_hbac-1.13.92-0.fc24.x86_64.rpm
>  libipa_hbac-python < 1.12.90
>
>and after renaming
>  sh$ rpm -qp --provides python2-libipa_hbac-1.13.92-0.el6.x86_64.rpm
>  libipa_hbac-python = 1.13.92-0.el6
>  python-libipa_hbac = 1.13.92-0.el6
>  python2-libipa_hbac = 1.13.92-0.el6
>  python2-libipa_hbac(x86-64) = 1.13.92-0.el6
>
>  sh$ rpm -qp --obsoletes python2-libipa_hbac-1.13.92-0.el6.x86_64.rpm
>  libipa_hbac-python < 1.12.90
>  python-libipa_hbac < 1.13.92-0.el6
>

Attached is an updated patch.

http://sssd-ci.duckdns.org/logs-test/job/4/51/summary.html

LS
From e6dc3ae717f88c6887bde75d4f1ed0097d78 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik 
Date: Wed, 14 Sep 2016 14:31:29 +0200
Subject: [PATCH] SPEC: Rename python packages using macro %python_provide

Fedora and epel contains macro %python_provide
for simpler renaming of python packages. It will generate correct
provides and obsoletes.
---
 contrib/sssd.spec.in | 86 
 1 file changed, 66 insertions(+), 20 deletions(-)

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 
1f79ca7cd0a56dc1ab9c951abe11dc216ef3ad03..523416d20dd087fc30eb4d5d8b79bb1e6195c57c
 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -11,6 +11,42 @@
 %{!?python2_sitearch: %global python2_sitearch %(%{__python2} -c "from 
distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
 %endif
 
+%{!?python_provide: %global need_python_provide 1}
+%if 0%{?need_python_provide}
+%define python_provide() %{lua:\
+function string.starts(String,Start)\
+return string.sub(String,1,string.len(Start))==Start\
+end\
+package = rpm.expand("%{?1:%{1}}");\
+vr = rpm.expand("%{?epoch:%{epoch}:}%{version}-%{release}")
+if (string.starts(package, "python2-")) then\
+if (rpm.expand("%{?buildarch}") ~= "noarch") then\
+str = "Provides: python-" .. 
string.sub(package,9,string.len(package)) .. "%{?_isa} = " .. vr;\
+print(rpm.expand(str));\
+end\
+print("\\nProvides: python-");\
+print(string.sub(package,9,string.len(package)));\
+print(" = ");\
+print(vr);\
+--Obsoleting the previous default python package\
+if (rpm.expand("%{?buildarch}") ~= "noarch") then\
+str = "\\nObsoletes: python-" .. 
string.sub(package,9,string.len(package)) .. "%{?_isa} < " .. vr;\
+print(rpm.expand(str));\
+end\
+print("\\nObsoletes: python-");\
+print(string.sub(package,9,string.len(package)));\
+print(" < ");\
+print(vr);\
+elseif (string.starts(package, "python3-")) then\
+--No unversioned provides as python3 is not default\
+else\
+print("%python_provide: ERROR: ");\
+print(package);\
+print(" not recognized.");\
+end\
+}
+%endif
+
 # Fedora and RHEL 6+
 # we don't want to provide private python extension libs
 %define __provides_exclude_from %{python2_sitearch}/.*\.so$
@@ -95,7 +131,7 @@ Requires: sssd-proxy = %{version}-%{release}
 %if (0%{?with_python3} == 1)
 Requires: python3-sssdconfig = %{version}-%{release}
 %else
-Requires: python-sssdconfig = %{version}-%{release}
+Requires: python2-sssdconfig = %{version}-%{release}
 %endif
 
 %global servicename sssd
@@ -253,8 +289,8 @@ Requires: sssd-common = %{version}-%{release}
 Requires: python3-sss = %{version}-%{release}
 Requires: python3-sssdconfig = %{version}-%{release}
 %else
-Requires: python-sss = %{version}-%{release}
-Requires: python-sssdconfig = %{version}-%{release}
+Requires: python2-sss = %{version}-%{release}
+Requires: python2-sssdconfig = %{version}-%{release}
 %endif
 
 %description tools
@@ -267,13 +303,14 @@ Also provides several other administrative tools:
 * sss_obfuscate for generating an obfuscated LDAP password
 * sssctl -- an sssd status and control utility
 
-%package -n python-sssdconfig
+%package -n python2-sssdconfig
 Summary: SSSD and IPA configuration file manipulation classes and functions
 Group: Applications/System
 License: GPLv3+
 BuildArch: noarch
+%{python_provide python2-sssdconfig}

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (comment)

2016-09-15 Thread celestian

celestian commented on a pull request

"""
I pushed patch to our CI, we will see result soon.
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/26#issuecomment-247304195
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (synchronize)

2016-09-15 Thread celestian

celestian's pull request #26: "KRB5: Fixing FQ name of user in krb5_setup()" 
was synchronize

See the full pull-request at https://github.com/SSSD/sssd/pull/26
... or pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/26/head:pr26
git checkout pr26
From df941b967a035b0e9a653f11388f477d726446dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C4=8Cech?= 
Date: Wed, 14 Sep 2016 09:00:06 -0400
Subject: [PATCH] KRB5: Fixing FQ name of user in krb5_setup()

This patch fixes creation of FQ username if krb5_map_user option
ise used.

Resolves:
https://fedorahosted.org/sssd/ticket/3188
---
 src/providers/krb5/krb5_auth.c | 18 +++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
index f0f2280..38dacd1 100644
--- a/src/providers/krb5/krb5_auth.c
+++ b/src/providers/krb5/krb5_auth.c
@@ -182,6 +182,7 @@ errno_t krb5_setup(TALLOC_CTX *mem_ctx,
 {
 struct krb5child_req *kr;
 const char *mapped_name;
+char *short_user_name;
 TALLOC_CTX *tmp_ctx;
 errno_t ret;
 
@@ -202,11 +203,22 @@ errno_t krb5_setup(TALLOC_CTX *mem_ctx,
 kr->pd = pd;
 kr->krb5_ctx = krb5_ctx;
 
-ret = get_krb_primary(krb5_ctx->name_to_primary,
-  pd->user, dom->case_sensitive, _name);
+/* The internal username is qualified, but we are only interested in
+ * the name part in get_krb_primary()
+ */
+ret = sss_parse_internal_fqname(tmp_ctx, pd->user, _user_name, NULL);
+if (ret != EOK) {
+DEBUG(SSSDBG_OP_FAILURE,
+  "Could not parse [%s] into name and "
+  "domain components, login might fail\n", pd->user);
+short_user_name = talloc_strdup(tmp_ctx, pd->user);
+}
+
+ret = get_krb_primary(krb5_ctx->name_to_primary, short_user_name,
+  dom->case_sensitive, _name);
 if (ret == EOK) {
 DEBUG(SSSDBG_TRACE_FUNC, "Setting mapped name to: %s\n", mapped_name);
-kr->user = mapped_name;
+kr->user = sss_create_internal_fqname(kr, mapped_name, dom->name);
 kr->kuserok_user = mapped_name;
 } else if (ret == ENOENT) {
 DEBUG(SSSDBG_TRACE_ALL, "No mapping for: %s\n", pd->user);
___
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (-Changes requested)

[SSSD] Re: [PATCH] SPEC: Rename python packages using macro %python_provide

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (synchronize)

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (comment)

[SSSD] Re: [PATCH] SPEC: Rename python packages using macro %python_provide

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (comment)

[SSSD] [sssd PR#26] KRB5: Fixing FQ name of user in krb5_setup() (synchronize)

7 matches

Site Navigation

Mail list logo

Footer information