authselect-1.2.3-4: remove nis support
Resolves: rhbz#1968396
This commit is contained in:
parent
1b967da309
commit
05256ece4c
525
9005-rhel9-remove-nis-support.patch
Normal file
525
9005-rhel9-remove-nis-support.patch
Normal file
@ -0,0 +1,525 @@
|
||||
From c25c89f98a131a4a3a44a7b8c16c448137a54419 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Wed, 9 Jun 2021 12:35:37 +0200
|
||||
Subject: [PATCH] rhel9: remove nis support
|
||||
|
||||
NIS is no longer supported in RHEL9.
|
||||
---
|
||||
profiles/Makefile.am | 13 ----
|
||||
profiles/nis/README | 111 ----------------------------
|
||||
profiles/nis/REQUIREMENTS | 13 ----
|
||||
profiles/nis/dconf-db | 3 -
|
||||
profiles/nis/dconf-locks | 2 -
|
||||
profiles/nis/fingerprint-auth | 19 -----
|
||||
profiles/nis/nsswitch.conf | 14 ----
|
||||
profiles/nis/password-auth | 23 ------
|
||||
profiles/nis/postlogin | 4 -
|
||||
profiles/nis/system-auth | 24 ------
|
||||
rpm/authselect.spec.in | 10 ---
|
||||
src/compat/authcompat.py.in.in | 95 ------------------------
|
||||
src/compat/authcompat_Options.py | 8 +-
|
||||
src/man/authselect-migration.7.adoc | 2 +-
|
||||
14 files changed, 6 insertions(+), 335 deletions(-)
|
||||
delete mode 100644 profiles/nis/README
|
||||
delete mode 100644 profiles/nis/REQUIREMENTS
|
||||
delete mode 100644 profiles/nis/dconf-db
|
||||
delete mode 100644 profiles/nis/dconf-locks
|
||||
delete mode 100644 profiles/nis/fingerprint-auth
|
||||
delete mode 100644 profiles/nis/nsswitch.conf
|
||||
delete mode 100644 profiles/nis/password-auth
|
||||
delete mode 100644 profiles/nis/postlogin
|
||||
delete mode 100644 profiles/nis/system-auth
|
||||
|
||||
diff --git a/profiles/Makefile.am b/profiles/Makefile.am
|
||||
index 5dfab8047fc956babe47180601a0336c0a55d15f..c7d1b7c50748790c954e233926f233d82c8028c0 100644
|
||||
--- a/profiles/Makefile.am
|
||||
+++ b/profiles/Makefile.am
|
||||
@@ -11,19 +11,6 @@ dist_profile_minimal_DATA = \
|
||||
$(top_srcdir)/profiles/minimal/system-auth \
|
||||
$(NULL)
|
||||
|
||||
-profile_nisdir = $(authselect_profile_dir)/nis
|
||||
-dist_profile_nis_DATA = \
|
||||
- $(top_srcdir)/profiles/nis/nsswitch.conf \
|
||||
- $(top_srcdir)/profiles/nis/password-auth \
|
||||
- $(top_srcdir)/profiles/nis/postlogin \
|
||||
- $(top_srcdir)/profiles/nis/README \
|
||||
- $(top_srcdir)/profiles/nis/REQUIREMENTS \
|
||||
- $(top_srcdir)/profiles/nis/system-auth \
|
||||
- $(top_srcdir)/profiles/nis/fingerprint-auth \
|
||||
- $(top_srcdir)/profiles/nis/dconf-db \
|
||||
- $(top_srcdir)/profiles/nis/dconf-locks \
|
||||
- $(NULL)
|
||||
-
|
||||
profile_sssddir = $(authselect_profile_dir)/sssd
|
||||
dist_profile_sssd_DATA = \
|
||||
$(top_srcdir)/profiles/sssd/nsswitch.conf \
|
||||
diff --git a/profiles/nis/README b/profiles/nis/README
|
||||
deleted file mode 100644
|
||||
index cac3428bf844b0a9d251015988583f4c1b15c3c9..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/README
|
||||
+++ /dev/null
|
||||
@@ -1,111 +0,0 @@
|
||||
-Enable NIS for system authentication
|
||||
-====================================
|
||||
-
|
||||
-Selecting this profile will enable Network Information Services as the source
|
||||
-of identity and authentication providers.
|
||||
-
|
||||
-NIS CONFIGURATION
|
||||
------------------
|
||||
-
|
||||
-Authselect does not touch NIS configuration. Please, read NIS' documentation
|
||||
-to see how to configure it manually.
|
||||
-
|
||||
-AVAILABLE OPTIONAL FEATURES
|
||||
----------------------------
|
||||
-
|
||||
-with-faillock::
|
||||
- Enable account locking in case of too many consecutive
|
||||
- authentication failures.
|
||||
-
|
||||
-with-mkhomedir::
|
||||
- Enable automatic creation of home directories for users on their
|
||||
- first login.
|
||||
-
|
||||
-with-fingerprint::
|
||||
- Enable authentication with fingerprint reader through *pam_fprintd*.
|
||||
-
|
||||
-with-pam-u2f::
|
||||
- Enable authentication via u2f dongle through *pam_u2f*.
|
||||
-
|
||||
-with-pam-u2f-2fa::
|
||||
- Enable 2nd factor authentication via u2f dongle through *pam_u2f*.
|
||||
-
|
||||
-without-pam-u2f-nouserok::
|
||||
- Module argument nouserok is omitted if also with-pam-u2f-2fa is used.
|
||||
- *WARNING*: Omitting nouserok argument means that users without pam-u2f
|
||||
- authentication configured will not be able to log in *INCLUDING* root.
|
||||
- Make sure you are able to log in before losing root privileges.
|
||||
-
|
||||
-with-silent-lastlog::
|
||||
- Do not produce pam_lastlog message during login.
|
||||
-
|
||||
-with-pamaccess::
|
||||
- Check access.conf during account authorization.
|
||||
-
|
||||
-with-nispwquality::
|
||||
- If this option is set pam_pwquality module will check password quality
|
||||
- for NIS users as well as local users during password change. Without this
|
||||
- option only local users passwords are checked.
|
||||
-
|
||||
-without-nullok::
|
||||
- Do not add nullok parameter to pam_unix.
|
||||
-
|
||||
-DISABLE SPECIFIC NSSWITCH DATABASES
|
||||
------------------------------------
|
||||
-
|
||||
-Normally, nsswitch databases set by the profile overwrites values set in
|
||||
-user-nsswitch.conf. The following options can force authselect to
|
||||
-ignore value set by the profile and use the one set in user-nsswitch.conf
|
||||
-instead.
|
||||
-
|
||||
-with-custom-aliases::
|
||||
-Ignore "aliases" map set by the profile.
|
||||
-
|
||||
-with-custom-automount::
|
||||
-Ignore "automount" map set by the profile.
|
||||
-
|
||||
-with-custom-ethers::
|
||||
-Ignore "ethers" map set by the profile.
|
||||
-
|
||||
-with-custom-group::
|
||||
-Ignore "group" map set by the profile.
|
||||
-
|
||||
-with-custom-hosts::
|
||||
-Ignore "hosts" map set by the profile.
|
||||
-
|
||||
-with-custom-initgroups::
|
||||
-Ignore "initgroups" map set by the profile.
|
||||
-
|
||||
-with-custom-netgroup::
|
||||
-Ignore "netgroup" map set by the profile.
|
||||
-
|
||||
-with-custom-networks::
|
||||
-Ignore "networks" map set by the profile.
|
||||
-
|
||||
-with-custom-passwd::
|
||||
-Ignore "passwd" map set by the profile.
|
||||
-
|
||||
-with-custom-protocols::
|
||||
-Ignore "protocols" map set by the profile.
|
||||
-
|
||||
-with-custom-publickey::
|
||||
-Ignore "publickey" map set by the profile.
|
||||
-
|
||||
-with-custom-rpc::
|
||||
-Ignore "rpc" map set by the profile.
|
||||
-
|
||||
-with-custom-services::
|
||||
-Ignore "services" map set by the profile.
|
||||
-
|
||||
-with-custom-shadow::
|
||||
-Ignore "shadow" map set by the profile.
|
||||
-
|
||||
-EXAMPLES
|
||||
---------
|
||||
-* Enable NIS with no additional modules
|
||||
-
|
||||
- authselect select nis
|
||||
-
|
||||
-* Enable NIS and create home directories for users on their first login
|
||||
-
|
||||
- authselect select nis with-mkhomedir
|
||||
diff --git a/profiles/nis/REQUIREMENTS b/profiles/nis/REQUIREMENTS
|
||||
deleted file mode 100644
|
||||
index c58aa2789f4ef064b7904cacf4fc3158dce7ad41..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/REQUIREMENTS
|
||||
+++ /dev/null
|
||||
@@ -1,13 +0,0 @@
|
||||
-Make sure that NIS service is configured and enabled. See NIS documentation for more information.
|
||||
- {include if "with-fingerprint"}
|
||||
-- with-fingerprint is selected, make sure fprintd service is configured and enabled {include if "with-fingerprint"}
|
||||
- {include if "with-pam-u2f"}
|
||||
-- with-pam-u2f is selected, make sure that the pam u2f module is installed {include if "with-pam-u2f"}
|
||||
- - users can then configure keys using the pamu2fcfg tool {include if "with-pam-u2f"}
|
||||
- {include if "with-pam-u2f-2fa"}
|
||||
-- with-pam-u2f-2fa is selected, make sure that the pam u2f module is installed {include if "with-pam-u2f-2fa"}
|
||||
- - users can then configure keys using the pamu2fcfg tool {include if "with-pam-u2f-2fa"}
|
||||
- {include if "with-mkhomedir"}
|
||||
-- with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module {include if "with-mkhomedir"}
|
||||
- is present and oddjobd service is enabled and active {include if "with-mkhomedir"}
|
||||
- - systemctl enable --now oddjobd.service {include if "with-mkhomedir"}
|
||||
diff --git a/profiles/nis/dconf-db b/profiles/nis/dconf-db
|
||||
deleted file mode 100644
|
||||
index bd32b2819f66acdc75ab0fc522ec85673d10ed72..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/dconf-db
|
||||
+++ /dev/null
|
||||
@@ -1,3 +0,0 @@
|
||||
-[org/gnome/login-screen]
|
||||
-enable-smartcard-authentication=false
|
||||
-enable-fingerprint-authentication={if "with-fingerprint":true|false}
|
||||
diff --git a/profiles/nis/dconf-locks b/profiles/nis/dconf-locks
|
||||
deleted file mode 100644
|
||||
index 8a36fa9568344338272786394aece872185d0ab3..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/dconf-locks
|
||||
+++ /dev/null
|
||||
@@ -1,2 +0,0 @@
|
||||
-/org/gnome/login-screen/enable-smartcard-authentication
|
||||
-/org/gnome/login-screen/enable-fingerprint-authentication
|
||||
diff --git a/profiles/nis/fingerprint-auth b/profiles/nis/fingerprint-auth
|
||||
deleted file mode 100644
|
||||
index eebec6d0d6edeae6a3eb224f0ff284016b0fc642..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/fingerprint-auth
|
||||
+++ /dev/null
|
||||
@@ -1,19 +0,0 @@
|
||||
-{continue if "with-fingerprint"}
|
||||
-auth required pam_env.so
|
||||
-auth required pam_faillock.so preauth silent {include if "with-faillock"}
|
||||
-auth sufficient pam_fprintd.so
|
||||
-auth required pam_faillock.so authfail {include if "with-faillock"}
|
||||
-auth required pam_deny.so
|
||||
-
|
||||
-account required pam_access.so {include if "with-pamaccess"}
|
||||
-account required pam_faillock.so {include if "with-faillock"}
|
||||
-account required pam_unix.so broken_shadow
|
||||
-
|
||||
-password required pam_deny.so
|
||||
-
|
||||
-session optional pam_keyinit.so revoke
|
||||
-session required pam_limits.so
|
||||
--session optional pam_systemd.so
|
||||
-session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
-session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
-session required pam_unix.so
|
||||
diff --git a/profiles/nis/nsswitch.conf b/profiles/nis/nsswitch.conf
|
||||
deleted file mode 100644
|
||||
index 9bee7d839f84ff39d54cb6ead9dea38e51736b4d..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/nsswitch.conf
|
||||
+++ /dev/null
|
||||
@@ -1,14 +0,0 @@
|
||||
-aliases: files nis {exclude if "with-custom-aliases"}
|
||||
-automount: files nis {exclude if "with-custom-automount"}
|
||||
-ethers: files nis {exclude if "with-custom-ethers"}
|
||||
-group: files nis systemd {exclude if "with-custom-group"}
|
||||
-hosts: files nis dns myhostname {exclude if "with-custom-hosts"}
|
||||
-initgroups: files nis {exclude if "with-custom-initgroups"}
|
||||
-netgroup: files nis {exclude if "with-custom-netgroup"}
|
||||
-networks: files nis {exclude if "with-custom-networks"}
|
||||
-passwd: files nis systemd {exclude if "with-custom-passwd"}
|
||||
-protocols: files nis {exclude if "with-custom-protocols"}
|
||||
-publickey: files nis {exclude if "with-custom-publickey"}
|
||||
-rpc: files nis {exclude if "with-custom-rpc"}
|
||||
-services: files nis {exclude if "with-custom-services"}
|
||||
-shadow: files nis {exclude if "with-custom-shadow"}
|
||||
diff --git a/profiles/nis/password-auth b/profiles/nis/password-auth
|
||||
deleted file mode 100644
|
||||
index 9a8ae9cde644a4ac981f4b9553af2f0f428bfebb..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/password-auth
|
||||
+++ /dev/null
|
||||
@@ -1,23 +0,0 @@
|
||||
-auth required pam_env.so
|
||||
-auth required pam_faildelay.so delay=2000000
|
||||
-auth required pam_faillock.so preauth silent {include if "with-faillock"}
|
||||
-auth sufficient pam_u2f.so cue {include if "with-pam-u2f"}
|
||||
-auth required pam_u2f.so cue {if not "without-pam-u2f-nouserok":nouserok} {include if "with-pam-u2f-2fa"}
|
||||
-auth sufficient pam_unix.so {if not "without-nullok":nullok} try_first_pass
|
||||
-auth required pam_faillock.so authfail {include if "with-faillock"}
|
||||
-auth required pam_deny.so
|
||||
-
|
||||
-account required pam_access.so {include if "with-pamaccess"}
|
||||
-account required pam_faillock.so {include if "with-faillock"}
|
||||
-account required pam_unix.so broken_shadow
|
||||
-
|
||||
-password requisite pam_pwquality.so try_first_pass {if not "with-nispwquality":local_users_only}
|
||||
-password sufficient pam_unix.so sha512 shadow {if not "without-nullok":nullok} try_first_pass use_authtok nis
|
||||
-password required pam_deny.so
|
||||
-
|
||||
-session optional pam_keyinit.so revoke
|
||||
-session required pam_limits.so
|
||||
--session optional pam_systemd.so
|
||||
-session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
-session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
-session required pam_unix.so
|
||||
diff --git a/profiles/nis/postlogin b/profiles/nis/postlogin
|
||||
deleted file mode 100644
|
||||
index 04a11f049bc1e220c9064fba7b46eb243ddd4996..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/postlogin
|
||||
+++ /dev/null
|
||||
@@ -1,4 +0,0 @@
|
||||
-session optional pam_umask.so silent
|
||||
-session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
|
||||
-session [default=1] pam_lastlog.so nowtmp {if "with-silent-lastlog":silent|showfailed}
|
||||
-session optional pam_lastlog.so silent noupdate showfailed
|
||||
diff --git a/profiles/nis/system-auth b/profiles/nis/system-auth
|
||||
deleted file mode 100644
|
||||
index 2e7462983d35e4a2f5cef8151ed53baaf7e5c790..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/system-auth
|
||||
+++ /dev/null
|
||||
@@ -1,24 +0,0 @@
|
||||
-auth required pam_env.so
|
||||
-auth required pam_faildelay.so delay=2000000
|
||||
-auth required pam_faillock.so preauth silent {include if "with-faillock"}
|
||||
-auth sufficient pam_fprintd.so {include if "with-fingerprint"}
|
||||
-auth sufficient pam_u2f.so cue {include if "with-pam-u2f"}
|
||||
-auth required pam_u2f.so cue {if not "without-pam-u2f-nouserok":nouserok} {include if "with-pam-u2f-2fa"}
|
||||
-auth sufficient pam_unix.so {if not "without-nullok":nullok} try_first_pass
|
||||
-auth required pam_faillock.so authfail {include if "with-faillock"}
|
||||
-auth required pam_deny.so
|
||||
-
|
||||
-account required pam_access.so {include if "with-pamaccess"}
|
||||
-account required pam_faillock.so {include if "with-faillock"}
|
||||
-account required pam_unix.so broken_shadow
|
||||
-
|
||||
-password requisite pam_pwquality.so try_first_pass {if not "with-nispwquality":local_users_only}
|
||||
-password sufficient pam_unix.so sha512 shadow {if not "without-nullok":nullok} try_first_pass use_authtok nis
|
||||
-password required pam_deny.so
|
||||
-
|
||||
-session optional pam_keyinit.so revoke
|
||||
-session required pam_limits.so
|
||||
--session optional pam_systemd.so
|
||||
-session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
-session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
-session required pam_unix.so
|
||||
diff --git a/rpm/authselect.spec.in b/rpm/authselect.spec.in
|
||||
index 628d6c91e9b3b4448787915fc1f9ac42f445bfc6..a0d508a716603771878781a62168fe0a71207f66 100644
|
||||
--- a/rpm/authselect.spec.in
|
||||
+++ b/rpm/authselect.spec.in
|
||||
@@ -155,7 +155,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%dir %{_datadir}/authselect/vendor
|
||||
%dir %{_datadir}/authselect/default
|
||||
%dir %{_datadir}/authselect/default/minimal/
|
||||
-%dir %{_datadir}/authselect/default/nis/
|
||||
%dir %{_datadir}/authselect/default/sssd/
|
||||
%dir %{_datadir}/authselect/default/winbind/
|
||||
%{_datadir}/authselect/default/minimal/nsswitch.conf
|
||||
@@ -164,15 +163,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%{_datadir}/authselect/default/minimal/README
|
||||
%{_datadir}/authselect/default/minimal/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/minimal/system-auth
|
||||
-%{_datadir}/authselect/default/nis/dconf-db
|
||||
-%{_datadir}/authselect/default/nis/dconf-locks
|
||||
-%{_datadir}/authselect/default/nis/fingerprint-auth
|
||||
-%{_datadir}/authselect/default/nis/nsswitch.conf
|
||||
-%{_datadir}/authselect/default/nis/password-auth
|
||||
-%{_datadir}/authselect/default/nis/postlogin
|
||||
-%{_datadir}/authselect/default/nis/README
|
||||
-%{_datadir}/authselect/default/nis/REQUIREMENTS
|
||||
-%{_datadir}/authselect/default/nis/system-auth
|
||||
%{_datadir}/authselect/default/sssd/dconf-db
|
||||
%{_datadir}/authselect/default/sssd/dconf-locks
|
||||
%{_datadir}/authselect/default/sssd/fingerprint-auth
|
||||
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
||||
index 4e39b7ec66d0e2ba911c7280467ba78fd29c196c..7c0fdf341212250f03dc14ddf6680e90da8e217e 100755
|
||||
--- a/src/compat/authcompat.py.in.in
|
||||
+++ b/src/compat/authcompat.py.in.in
|
||||
@@ -240,20 +240,6 @@ class Configuration:
|
||||
|
||||
config.write(keys)
|
||||
|
||||
- class Network(Base):
|
||||
- def __init__(self, options):
|
||||
- super(Configuration.Network, self).__init__(options)
|
||||
-
|
||||
- def write(self):
|
||||
- nisdomain = self.get("nisdomain")
|
||||
- config = EnvironmentFile(Path.System('network'))
|
||||
-
|
||||
- if nisdomain is None:
|
||||
- return
|
||||
-
|
||||
- config.set("NISDOMAIN", nisdomain)
|
||||
- config.write()
|
||||
-
|
||||
class SSSD(Base):
|
||||
def __init__(self, options):
|
||||
super(Configuration.SSSD, self).__init__(options, ServiceName="sssd")
|
||||
@@ -375,83 +361,6 @@ class Configuration:
|
||||
# other applications may depend on it.
|
||||
return
|
||||
|
||||
- class NIS(Base):
|
||||
- def __init__(self, options):
|
||||
- super(Configuration.NIS, self).__init__(options)
|
||||
- self.rpcbind = Service("rpcbind")
|
||||
- self.ypbind = Service("ypbind")
|
||||
-
|
||||
- def isEnabled(self):
|
||||
- if not self.isset("nis"):
|
||||
- return None
|
||||
-
|
||||
- return self.getBool("nis")
|
||||
-
|
||||
- def enableService(self, nostart):
|
||||
- if not self.isset("nisdomain"):
|
||||
- return
|
||||
-
|
||||
- nisdom = self.get("nisdomain")
|
||||
-
|
||||
- if not nostart:
|
||||
- cmd = Command(Path.System('cmd-domainname'), [nisdom])
|
||||
- cmd.run()
|
||||
-
|
||||
- cmd = Command(Path.System('cmd-setsebool'),
|
||||
- ['-P', 'allow_ypbind', '1'])
|
||||
- cmd.run()
|
||||
-
|
||||
- self.rpcbind.enable()
|
||||
- self.ypbind.enable()
|
||||
-
|
||||
- if not nostart:
|
||||
- self.rpcbind.start(Restart=False)
|
||||
- self.ypbind.start()
|
||||
-
|
||||
- def disableService(self, nostop):
|
||||
- if not nostop:
|
||||
- cmd = Command(Path.System('cmd-domainname'), ["(none)"])
|
||||
- cmd.run()
|
||||
-
|
||||
- cmd = Command(Path.System('cmd-setsebool'),
|
||||
- ['-P', 'allow_ypbind', '0'])
|
||||
- cmd.run()
|
||||
-
|
||||
- self.rpcbind.disable()
|
||||
- self.ypbind.disable()
|
||||
-
|
||||
- if not nostop:
|
||||
- self.rpcbind.stop()
|
||||
- self.ypbind.stop()
|
||||
-
|
||||
- def write(self):
|
||||
- if not self.isset("nisdomain"):
|
||||
- return
|
||||
-
|
||||
- output = "domain " + self.get("nisdomain")
|
||||
-
|
||||
- additional_servers = []
|
||||
- if self.isset("nisserver"):
|
||||
- servers = self.get("nisserver").split(",")
|
||||
- additional_servers = servers[1:]
|
||||
- output += " server " + servers[0] + "\n"
|
||||
- else:
|
||||
- output += " broadcast\n"
|
||||
-
|
||||
- for server in additional_servers:
|
||||
- output += "ypserver " + server + "\n"
|
||||
-
|
||||
- filename = Path.System('yp.conf')
|
||||
- if self.getBool("test-call"):
|
||||
- print("========== BEGIN Content of [%s] ==========" % filename)
|
||||
- print(output)
|
||||
- print("========== END Content of [%s] ==========\n" % filename)
|
||||
- return
|
||||
-
|
||||
- with open(filename, "w") as f:
|
||||
- f.write(output)
|
||||
-
|
||||
-
|
||||
class AuthCompat:
|
||||
def __init__(self):
|
||||
self.sysconfig = EnvironmentFile(Path.System('authconfig'))
|
||||
@@ -533,8 +442,6 @@ class AuthCompat:
|
||||
if (self.options.getBool("ldap") or self.options.getBool("ldapauth") or
|
||||
self.options.getBool("sssd") or self.options.getBool("sssdauth")):
|
||||
profile = "sssd"
|
||||
- elif self.options.getBool("nis"):
|
||||
- profile = "nis"
|
||||
elif self.options.getBool("winbind"):
|
||||
profile = "winbind"
|
||||
|
||||
@@ -591,13 +498,11 @@ class AuthCompat:
|
||||
def writeConfiguration(self):
|
||||
configs = [
|
||||
Configuration.LDAP(self.options),
|
||||
- Configuration.Network(self.options),
|
||||
Configuration.Kerberos(self.options),
|
||||
Configuration.SSSD(self.options),
|
||||
Configuration.Winbind(self.options),
|
||||
Configuration.PWQuality(self.options),
|
||||
Configuration.MakeHomedir(self.options),
|
||||
- Configuration.NIS(self.options)
|
||||
]
|
||||
|
||||
for config in configs:
|
||||
diff --git a/src/compat/authcompat_Options.py b/src/compat/authcompat_Options.py
|
||||
index 433a3340bac29739174e78928701214c08ec6f3c..2712d85a377ee92c7816e3d2284302307084b0c4 100644
|
||||
--- a/src/compat/authcompat_Options.py
|
||||
+++ b/src/compat/authcompat_Options.py
|
||||
@@ -79,9 +79,6 @@ class Options:
|
||||
# However, they will just make sure that an authentication against
|
||||
# expected service is working. They may not result in the exact same
|
||||
# configuration as authconfig would generate.
|
||||
- Option.Feature("nis", _("NIS for user information by default")),
|
||||
- Option.Valued ("nisdomain", _("<domain>"), _("default NIS domain")),
|
||||
- Option.Valued ("nisserver", _("<server>"), _("default NIS server")),
|
||||
Option.Feature("ldap", _("LDAP for user information by default")),
|
||||
Option.Feature("ldapauth", _("LDAP for authentication by default")),
|
||||
Option.Valued ("ldapserver", _("<server>"), _("default LDAP server hostname or URI")),
|
||||
@@ -164,6 +161,11 @@ class Options:
|
||||
Option.UnsupportedFeature("locauthorize"),
|
||||
Option.UnsupportedFeature("sysnetauth"),
|
||||
Option.UnsupportedValued ("faillockargs", _("<options>")),
|
||||
+
|
||||
+ # NIS is no longer supported
|
||||
+ Option.UnsupportedFeature("nis"),
|
||||
+ Option.UnsupportedValued ("nisdomain", _("<domain>")),
|
||||
+ Option.UnsupportedValued ("nisserver", _("<server>")),
|
||||
]
|
||||
|
||||
Map = {
|
||||
diff --git a/src/man/authselect-migration.7.adoc b/src/man/authselect-migration.7.adoc
|
||||
index a27af036738274d8d392f7fe1f7d59c89e9c4ffb..515104b160d956d04b9ec8cacd25d166983e02d5 100644
|
||||
--- a/src/man/authselect-migration.7.adoc
|
||||
+++ b/src/man/authselect-migration.7.adoc
|
||||
@@ -72,7 +72,7 @@ configuration file for required services.
|
||||
|--enablesssd --enablesssdauth |sssd
|
||||
|--enablekrb5 |sssd
|
||||
|--enablewinbind --enablewinbindauth |winbind
|
||||
-|--enablenis |nis
|
||||
+|--enablenis |none
|
||||
|=========================================================
|
||||
|
||||
.Relation of authconfig options to authselect profile features
|
||||
--
|
||||
2.20.1
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
Name: authselect
|
||||
Version: 1.2.3
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: Configures authentication and identity sources from supported profiles
|
||||
URL: https://github.com/authselect/authselect
|
||||
|
||||
@ -16,6 +16,7 @@ Patch9001: 9001-rhel9-remove-mention-of-Fedora-Change-page-in-compat.patch
|
||||
Patch9002: 9002-rhel9-remove-ecryptfs-support.patch
|
||||
Patch9003: 9003-rhel9-sssd-default-to-files-first-for-users-and-grou.patch
|
||||
Patch9004: 9004-rhel9-remove-support-for-for-resolved.patch
|
||||
Patch0005: 9005-rhel9-remove-nis-support.patch
|
||||
%endif
|
||||
|
||||
%global makedir %{_builddir}/%{name}-%{version}
|
||||
@ -153,7 +154,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%dir %{_datadir}/authselect/vendor
|
||||
%dir %{_datadir}/authselect/default
|
||||
%dir %{_datadir}/authselect/default/minimal/
|
||||
%dir %{_datadir}/authselect/default/nis/
|
||||
%dir %{_datadir}/authselect/default/sssd/
|
||||
%dir %{_datadir}/authselect/default/winbind/
|
||||
%{_datadir}/authselect/default/minimal/dconf-db
|
||||
@ -164,15 +164,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%{_datadir}/authselect/default/minimal/README
|
||||
%{_datadir}/authselect/default/minimal/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/minimal/system-auth
|
||||
%{_datadir}/authselect/default/nis/dconf-db
|
||||
%{_datadir}/authselect/default/nis/dconf-locks
|
||||
%{_datadir}/authselect/default/nis/fingerprint-auth
|
||||
%{_datadir}/authselect/default/nis/nsswitch.conf
|
||||
%{_datadir}/authselect/default/nis/password-auth
|
||||
%{_datadir}/authselect/default/nis/postlogin
|
||||
%{_datadir}/authselect/default/nis/README
|
||||
%{_datadir}/authselect/default/nis/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/nis/system-auth
|
||||
%{_datadir}/authselect/default/sssd/dconf-db
|
||||
%{_datadir}/authselect/default/sssd/dconf-locks
|
||||
%{_datadir}/authselect/default/sssd/fingerprint-auth
|
||||
@ -300,6 +291,9 @@ exit 0
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Wed Jun 9 2021 Pavel Březina <pbrezina@redhat.com> - 1.2.3-4
|
||||
- Remove nis support (rhbz#1968396)
|
||||
|
||||
* Tue Jun 1 2021 Pavel Březina <pbrezina@redhat.com> - 1.2.3-3
|
||||
- Remove systemd-resolved support (rhbz#1966484)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user