import authselect-1.2.5-1.el9
This commit is contained in:
parent
77518afb47
commit
244df81de1
@ -1 +1 @@
|
||||
3f004c30e9f07c0dd259403f1cd9f13c5ec297ce SOURCES/authselect-1.2.3.tar.gz
|
||||
4eb7fbb53b31d92f0fae17d6fd5e5da46bc8b434 SOURCES/authselect-1.2.5.tar.gz
|
||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
||||
SOURCES/authselect-1.2.3.tar.gz
|
||||
SOURCES/authselect-1.2.5.tar.gz
|
||||
|
@ -1,31 +0,0 @@
|
||||
From 6924b8f8d82ecd32e897cf5f441e5c87f8816859 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Thu, 22 Jul 2021 11:29:20 +0200
|
||||
Subject: [PATCH] lib: avoid freeing uninitialized variable in
|
||||
authselect_apply_changes()
|
||||
|
||||
If authselect_profile() fails, we goto done and try to free uninitialized
|
||||
variable.
|
||||
|
||||
Resolves:
|
||||
https://github.com/authselect/authselect/issues/265
|
||||
---
|
||||
src/lib/authselect.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lib/authselect.c b/src/lib/authselect.c
|
||||
index 0f43e12202c16769dfc6ac7dee41812159cc1d3a..a901e02719713bd13d5a4fab606ee713b3d6ddca 100644
|
||||
--- a/src/lib/authselect.c
|
||||
+++ b/src/lib/authselect.c
|
||||
@@ -163,7 +163,7 @@ authselect_uninstall(void)
|
||||
_PUBLIC_ int
|
||||
authselect_apply_changes(void)
|
||||
{
|
||||
- struct authselect_profile *profile;
|
||||
+ struct authselect_profile *profile = NULL;
|
||||
char **supported = NULL;
|
||||
char *profile_id;
|
||||
char **features;
|
||||
--
|
||||
2.31.1
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 2e2a7143cbfa719905cb130a5e67313c65bf3b65 Mon Sep 17 00:00:00 2001
|
||||
From c3c2c3b7ffe04dc2e810c9fffdd82689543a94df Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Tue, 30 Oct 2018 14:08:12 +0100
|
||||
Subject: [PATCH 1/3] rhel9: remove mention of Fedora Change page in compat
|
||||
Subject: [PATCH 1/4] rhel9: remove mention of Fedora Change page in compat
|
||||
tool
|
||||
|
||||
---
|
||||
@ -9,10 +9,10 @@ Subject: [PATCH 1/3] rhel9: remove mention of Fedora Change page in compat
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
||||
index f879e08eb94e9620dfc28f245b0ea5815df7e4f2..e4b8c05c6a11a215529ba66f8b36b72a6ac18448 100755
|
||||
index 1a68d95c71b51beabe80e9b07c084ea9c2f3580d..8334293911d1d4c2d98a6d233b91fc348cf06575 100755
|
||||
--- a/src/compat/authcompat.py.in.in
|
||||
+++ b/src/compat/authcompat.py.in.in
|
||||
@@ -468,7 +468,6 @@ class AuthCompat:
|
||||
@@ -471,7 +471,6 @@ class AuthCompat:
|
||||
"It does not provide all capabilities of authconfig.\n"))
|
||||
print(_("IMPORTANT: authconfig is replaced by authselect, "
|
||||
"please update your scripts."))
|
||||
@ -21,5 +21,5 @@ index f879e08eb94e9620dfc28f245b0ea5815df7e4f2..e4b8c05c6a11a215529ba66f8b36b72a
|
||||
|
||||
options = self.options.getSetButUnsupported()
|
||||
--
|
||||
2.29.2
|
||||
2.34.1
|
||||
|
@ -1,7 +1,7 @@
|
||||
From 6de7d2e033d67f23b33620a2b80f5a6c106bd6f5 Mon Sep 17 00:00:00 2001
|
||||
From 9da7355f1e2c8a148d4730fec4c4707c56e6dfa1 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Mon, 10 Jun 2019 10:53:15 +0200
|
||||
Subject: [PATCH 2/3] rhel9: remove ecryptfs support
|
||||
Subject: [PATCH 2/4] rhel9: remove ecryptfs support
|
||||
|
||||
---
|
||||
profiles/nis/README | 3 ---
|
||||
@ -26,7 +26,7 @@ Subject: [PATCH 2/3] rhel9: remove ecryptfs support
|
||||
19 files changed, 3 insertions(+), 36 deletions(-)
|
||||
|
||||
diff --git a/profiles/nis/README b/profiles/nis/README
|
||||
index 5dbb9b49fb7708ef3b073aff7e1883e3f9a0bd06..cac3428bf844b0a9d251015988583f4c1b15c3c9 100644
|
||||
index 895e8fa8650c04d41bf8bc8d6e3cda18db9bf814..71e23d61a8c1ea773c98524256a5eaad5a75d197 100644
|
||||
--- a/profiles/nis/README
|
||||
+++ b/profiles/nis/README
|
||||
@@ -21,9 +21,6 @@ with-mkhomedir::
|
||||
@ -40,10 +40,10 @@ index 5dbb9b49fb7708ef3b073aff7e1883e3f9a0bd06..cac3428bf844b0a9d251015988583f4c
|
||||
Enable authentication with fingerprint reader through *pam_fprintd*.
|
||||
|
||||
diff --git a/profiles/nis/fingerprint-auth b/profiles/nis/fingerprint-auth
|
||||
index 756993cf1b2095f505208df19dd739dcaed1af31..eebec6d0d6edeae6a3eb224f0ff284016b0fc642 100644
|
||||
index 3a2609df4ca29cdfcbff84b37576bb7b840d72b2..0b2f583a2fcf164647f7de387e9be2982bdf36cb 100644
|
||||
--- a/profiles/nis/fingerprint-auth
|
||||
+++ b/profiles/nis/fingerprint-auth
|
||||
@@ -13,7 +13,6 @@ password required pam_deny.so
|
||||
@@ -15,7 +15,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -52,10 +52,10 @@ index 756993cf1b2095f505208df19dd739dcaed1af31..eebec6d0d6edeae6a3eb224f0ff28401
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/nis/password-auth b/profiles/nis/password-auth
|
||||
index 7997ea8de61ad6392ed01c39727f70253b5cc0ca..9a8ae9cde644a4ac981f4b9553af2f0f428bfebb 100644
|
||||
index f181a58ab7792c7e1a4234e677cbb7e3d0a6548d..79fb521eb5dff4978203166491b185887d1ec744 100644
|
||||
--- a/profiles/nis/password-auth
|
||||
+++ b/profiles/nis/password-auth
|
||||
@@ -17,7 +17,6 @@ password required pam_deny.so
|
||||
@@ -18,7 +18,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -76,10 +76,10 @@ index 137cd00dc65ee9ea83123f1d3a6f7ba04f0aea04..04a11f049bc1e220c9064fba7b46eb24
|
||||
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
|
||||
session [default=1] pam_lastlog.so nowtmp {if "with-silent-lastlog":silent|showfailed}
|
||||
diff --git a/profiles/nis/system-auth b/profiles/nis/system-auth
|
||||
index 057b31e074f29c46b492fa310a954e281631800e..2e7462983d35e4a2f5cef8151ed53baaf7e5c790 100644
|
||||
index bc3f402435aafb5294dbae94096b184af51cf914..38c10c1afcf936c1d24d8edef941ae849d1186fc 100644
|
||||
--- a/profiles/nis/system-auth
|
||||
+++ b/profiles/nis/system-auth
|
||||
@@ -18,7 +18,6 @@ password required pam_deny.so
|
||||
@@ -19,7 +19,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -88,7 +88,7 @@ index 057b31e074f29c46b492fa310a954e281631800e..2e7462983d35e4a2f5cef8151ed53baa
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/sssd/README b/profiles/sssd/README
|
||||
index 95ef5dc785ed0530122837b5e08d03590ed1ada5..ac063e8d065d0488279dc2381bdd7f8ac361bfcb 100644
|
||||
index 61d5aedf65b2351cf23cea0a6b6b0932e32f0e48..ab9af237442089ded86b63942dd856397108ccf0 100644
|
||||
--- a/profiles/sssd/README
|
||||
+++ b/profiles/sssd/README
|
||||
@@ -40,9 +40,6 @@ with-mkhomedir::
|
||||
@ -102,10 +102,10 @@ index 95ef5dc785ed0530122837b5e08d03590ed1ada5..ac063e8d065d0488279dc2381bdd7f8a
|
||||
Enable authentication with smartcards through SSSD. Please note that
|
||||
smartcard support must be also explicitly enabled within
|
||||
diff --git a/profiles/sssd/fingerprint-auth b/profiles/sssd/fingerprint-auth
|
||||
index fe3cac7a976845017d034ac1158a38f889926ce8..ad0a95440ebd006ff88264177598c77afc472dda 100644
|
||||
index 20ad3613e66ec85c7d2462d0449854e522383b3a..dc7befe7a4839a1ae5a4d21f4e5232126df55564 100644
|
||||
--- a/profiles/sssd/fingerprint-auth
|
||||
+++ b/profiles/sssd/fingerprint-auth
|
||||
@@ -18,7 +18,6 @@ password required pam_deny.so
|
||||
@@ -20,7 +20,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -114,10 +114,10 @@ index fe3cac7a976845017d034ac1158a38f889926ce8..ad0a95440ebd006ff88264177598c77a
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/sssd/password-auth b/profiles/sssd/password-auth
|
||||
index d6953428cca7d6518f63c3fdbaabc4746c35f91b..6d87cbe0a805bf5d3ab2a6192d570b9e5c6dc143 100644
|
||||
index 3e33dcc09f68055f2f87709e638005929bd577b3..858c6db357d07dc554806f4807f9b0858a649f44 100644
|
||||
--- a/profiles/sssd/password-auth
|
||||
+++ b/profiles/sssd/password-auth
|
||||
@@ -27,7 +27,6 @@ password required pam_deny.so
|
||||
@@ -28,7 +28,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -138,10 +138,10 @@ index 137cd00dc65ee9ea83123f1d3a6f7ba04f0aea04..04a11f049bc1e220c9064fba7b46eb24
|
||||
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
|
||||
session [default=1] pam_lastlog.so nowtmp {if "with-silent-lastlog":silent|showfailed}
|
||||
diff --git a/profiles/sssd/smartcard-auth b/profiles/sssd/smartcard-auth
|
||||
index 230269c42508a50ad5b4677ab6514b9afe4d5fbf..874ffaca1b2c15c81adc4ca130c15834154bdc0e 100644
|
||||
index 0d8bcab250633b09bce0232a5747f3a7e740d5d7..754847f2d8885ff35cbc57ec2364d82b963caa3b 100644
|
||||
--- a/profiles/sssd/smartcard-auth
|
||||
+++ b/profiles/sssd/smartcard-auth
|
||||
@@ -16,7 +16,6 @@ account required pam_permit.so
|
||||
@@ -18,7 +18,6 @@ account required pam_permit.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -150,10 +150,10 @@ index 230269c42508a50ad5b4677ab6514b9afe4d5fbf..874ffaca1b2c15c81adc4ca130c15834
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/sssd/system-auth b/profiles/sssd/system-auth
|
||||
index 6f914ea91eb7782d60959ced56112f9cc1365347..dfc53b4ce55a0d575dc4fe68004a846f43360ccc 100644
|
||||
index a43341120f55bad3fb07dfea1c04453d0a278329..88c49e2dd5b60847d1d19154622a8614a21e5e1f 100644
|
||||
--- a/profiles/sssd/system-auth
|
||||
+++ b/profiles/sssd/system-auth
|
||||
@@ -32,7 +32,6 @@ password required pam_deny.so
|
||||
@@ -35,7 +35,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -162,7 +162,7 @@ index 6f914ea91eb7782d60959ced56112f9cc1365347..dfc53b4ce55a0d575dc4fe68004a846f
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/winbind/README b/profiles/winbind/README
|
||||
index 40a1a459355d2ee8ab98e31d2868cb24261e2c17..0e80bb697f8050ac8eb3c78d4f41945b9bcbba29 100644
|
||||
index 0048c29256f5d4064edfb84a2f4b761fd09e90f6..6f7a7cab1efc768c4c82791d6a8f00def1771d37 100644
|
||||
--- a/profiles/winbind/README
|
||||
+++ b/profiles/winbind/README
|
||||
@@ -33,9 +33,6 @@ with-mkhomedir::
|
||||
@ -176,10 +176,10 @@ index 40a1a459355d2ee8ab98e31d2868cb24261e2c17..0e80bb697f8050ac8eb3c78d4f41945b
|
||||
Enable authentication with fingerprint reader through *pam_fprintd*.
|
||||
|
||||
diff --git a/profiles/winbind/fingerprint-auth b/profiles/winbind/fingerprint-auth
|
||||
index c4b8261ca45d4f6b9eda03ea96850bb32d605d30..6262549af2ca8aed540e7a7e1d97e0ba3b2ef088 100644
|
||||
index e8997c6c78ce7305fa7068fb169c05c68167880d..c5485ab848989a252e4ff4b1376a41202d21fd67 100644
|
||||
--- a/profiles/winbind/fingerprint-auth
|
||||
+++ b/profiles/winbind/fingerprint-auth
|
||||
@@ -17,7 +17,6 @@ password required pam_deny.so
|
||||
@@ -19,7 +19,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -188,10 +188,10 @@ index c4b8261ca45d4f6b9eda03ea96850bb32d605d30..6262549af2ca8aed540e7a7e1d97e0ba
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/profiles/winbind/password-auth b/profiles/winbind/password-auth
|
||||
index bbeca057d49102889e3eeee040ea256dbd751eef..aef4d5ce6a6ec9496deabc1010cde0370a3ecba7 100644
|
||||
index 58705f3b15165c8d8bd4938889e3fb4d89c1a528..e84e2fcbb2bad9af6156e6e6db23f089f2b5d210 100644
|
||||
--- a/profiles/winbind/password-auth
|
||||
+++ b/profiles/winbind/password-auth
|
||||
@@ -24,7 +24,6 @@ password required pam_deny.so
|
||||
@@ -25,7 +25,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -212,10 +212,10 @@ index 137cd00dc65ee9ea83123f1d3a6f7ba04f0aea04..04a11f049bc1e220c9064fba7b46eb24
|
||||
session [success=1 default=ignore] pam_succeed_if.so service !~ gdm* service !~ su* quiet
|
||||
session [default=1] pam_lastlog.so nowtmp {if "with-silent-lastlog":silent|showfailed}
|
||||
diff --git a/profiles/winbind/system-auth b/profiles/winbind/system-auth
|
||||
index 8e6026b782f8bd7e64632a9acedf304bd95f29e1..e4bdd0bf1c315c86cc8064625b80161baa5c455f 100644
|
||||
index 994c342441a0ed2738765a9fa7f6cc84f692d1d8..b5c5cfaa964a31b1cd8ac4cb62998c0a0a53a03e 100644
|
||||
--- a/profiles/winbind/system-auth
|
||||
+++ b/profiles/winbind/system-auth
|
||||
@@ -25,7 +25,6 @@ password required pam_deny.so
|
||||
@@ -26,7 +26,6 @@ password required pam_deny.so
|
||||
|
||||
session optional pam_keyinit.so revoke
|
||||
session required pam_limits.so
|
||||
@ -224,39 +224,39 @@ index 8e6026b782f8bd7e64632a9acedf304bd95f29e1..e4bdd0bf1c315c86cc8064625b80161b
|
||||
session optional pam_oddjob_mkhomedir.so {include if "with-mkhomedir"}
|
||||
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
|
||||
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
||||
index e4b8c05c6a11a215529ba66f8b36b72a6ac18448..4e39b7ec66d0e2ba911c7280467ba78fd29c196c 100755
|
||||
index 8334293911d1d4c2d98a6d233b91fc348cf06575..55e205bae2c0b1f7892f8b286c288dfeaa26a60d 100755
|
||||
--- a/src/compat/authcompat.py.in.in
|
||||
+++ b/src/compat/authcompat.py.in.in
|
||||
@@ -520,7 +520,6 @@ class AuthCompat:
|
||||
'smartcard' : 'with-smartcard',
|
||||
'requiresmartcard' : 'with-smartcard-required',
|
||||
'fingerprint' : 'with-fingerprint',
|
||||
- 'ecryptfs' : 'with-ecryptfs',
|
||||
'mkhomedir' : 'with-mkhomedir',
|
||||
'faillock' : 'with-faillock',
|
||||
'pamaccess' : 'with-pamaccess',
|
||||
@@ -523,7 +523,6 @@ class AuthCompat:
|
||||
'smartcard': 'with-smartcard',
|
||||
'requiresmartcard': 'with-smartcard-required',
|
||||
'fingerprint': 'with-fingerprint',
|
||||
- 'ecryptfs': 'with-ecryptfs',
|
||||
'mkhomedir': 'with-mkhomedir',
|
||||
'faillock': 'with-faillock',
|
||||
'pamaccess': 'with-pamaccess',
|
||||
diff --git a/src/compat/authcompat_Options.py b/src/compat/authcompat_Options.py
|
||||
index c8f52ab6773c4cd5371f32121dba8053f3443261..433a3340bac29739174e78928701214c08ec6f3c 100644
|
||||
index d26dedabdfb9519861076b58cddd0dd0eb04b7cb..5c8b21b55014198d6d9dfc98bd807c3c922b06f4 100644
|
||||
--- a/src/compat/authcompat_Options.py
|
||||
+++ b/src/compat/authcompat_Options.py
|
||||
@@ -93,7 +93,6 @@ class Options:
|
||||
Option.Valued ("smartcardaction", _("<0=Lock|1=Ignore>"), _("action to be taken on smart card removal")),
|
||||
Option.Feature("requiresmartcard",_("require smart card for authentication by default")),
|
||||
Option.Feature("fingerprint", _("authentication with fingerprint readers by default")),
|
||||
- Option.Feature("ecryptfs", _("automatic per-user ecryptfs")),
|
||||
Option.Feature("krb5", _("Kerberos authentication by default")),
|
||||
Option.Valued ("krb5kdc", _("<server>"), _("default Kerberos KDC")),
|
||||
Option.Valued ("krb5adminserver", _("<server>"), _("default Kerberos admin server")),
|
||||
Option.Valued("smartcardaction", _("<0=Lock|1=Ignore>"), _("action to be taken on smart card removal")),
|
||||
Option.Feature("requiresmartcard", _("require smart card for authentication by default")),
|
||||
Option.Feature("fingerprint", _("authentication with fingerprint readers by default")),
|
||||
- Option.Feature("ecryptfs", _("automatic per-user ecryptfs")),
|
||||
Option.Feature("krb5", _("Kerberos authentication by default")),
|
||||
Option.Valued("krb5kdc", _("<server>"), _("default Kerberos KDC")),
|
||||
Option.Valued("krb5adminserver", _("<server>"), _("default Kerberos admin server")),
|
||||
@@ -141,6 +140,7 @@ class Options:
|
||||
# layers and will produce warning when used. They will not affect
|
||||
# the system.
|
||||
Option.UnsupportedFeature("cache"),
|
||||
+ Option.UnsupportedFeature("ecryptfs"),
|
||||
Option.UnsupportedFeature("shadow"),
|
||||
Option.UnsupportedSwitch ("useshadow"),
|
||||
Option.UnsupportedSwitch("useshadow"),
|
||||
Option.UnsupportedFeature("md5"),
|
||||
diff --git a/src/man/authselect-migration.7.adoc b/src/man/authselect-migration.7.adoc
|
||||
index 35ba484d576ab8a3d923a124f6b1577085deedd4..a27af036738274d8d392f7fe1f7d59c89e9c4ffb 100644
|
||||
index 3513a7e7cd3d7cc0045167e8224248c5be90ab2c..888cd4e5a0750d4e1aa5898887f5f7fd42472741 100644
|
||||
--- a/src/man/authselect-migration.7.adoc
|
||||
+++ b/src/man/authselect-migration.7.adoc
|
||||
@@ -80,7 +80,6 @@ configuration file for required services.
|
||||
@ -267,7 +267,7 @@ index 35ba484d576ab8a3d923a124f6b1577085deedd4..a27af036738274d8d392f7fe1f7d59c8
|
||||
|--enablemkhomedir |with-mkhomedir
|
||||
|--enablefaillock |with-faillock
|
||||
|--enablepamaccess |with-pamaccess
|
||||
@@ -95,8 +94,8 @@ authselect select sssd with-faillock
|
||||
@@ -103,8 +102,8 @@ authselect select sssd with-faillock
|
||||
authconfig --enablesssd --enablesssdauth --enablesmartcard --smartcardmodule=sssd --updateall
|
||||
authselect select sssd with-smartcard
|
||||
|
||||
@ -279,5 +279,5 @@ index 35ba484d576ab8a3d923a124f6b1577085deedd4..a27af036738274d8d392f7fe1f7d59c8
|
||||
authconfig --enablewinbind --enablewinbindauth --winbindjoin=Administrator --updateall
|
||||
realm join -U Administrator --client-software=winbind WINBINDDOMAIN
|
||||
--
|
||||
2.29.2
|
||||
2.34.1
|
||||
|
@ -1,11 +1,9 @@
|
||||
From 259e4e50a97a5196436e3d7ed42d2ecf0be3203f Mon Sep 17 00:00:00 2001
|
||||
From 6381b49e90b3850fade68c8af03b17d0cc016d3c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Mon, 31 May 2021 15:42:49 +0200
|
||||
Subject: [PATCH] rhel9: remove support for for resolved
|
||||
Date: Wed, 25 Nov 2020 14:05:00 +0100
|
||||
Subject: [PATCH 3/4] rhel9: Revert "profiles: add support for resolved"
|
||||
|
||||
systemd-resolved is an experimental feature at this point and it
|
||||
should not be enabled by default. Steps to switch this feature on
|
||||
will be documented in RHEL guide.
|
||||
systemd-resolved should not be enabled by default on rhel8.
|
||||
|
||||
This reverts commit c5294c508a940291440eb32d5d750f33baf1ae54.
|
||||
---
|
||||
@ -40,5 +38,5 @@ index 50a3ffb7431a91b88b4bfef4c09df19310fac7e7..9bee7d839f84ff39d54cb6ead9dea38e
|
||||
netgroup: files nis {exclude if "with-custom-netgroup"}
|
||||
networks: files nis {exclude if "with-custom-networks"}
|
||||
--
|
||||
2.31.1
|
||||
2.34.1
|
||||
|
@ -1,34 +1,30 @@
|
||||
From 7236f7a303215805de7195a8fdef7567543e8b0b Mon Sep 17 00:00:00 2001
|
||||
From fde1c60f1e87383596ee7060f4d748675b2efae9 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Wed, 9 Jun 2021 13:59:01 +0200
|
||||
Subject: [PATCH] rhel9: remove nis support
|
||||
Subject: [PATCH 4/4] rhel9: remove nis support
|
||||
|
||||
NIS is no longer supported in RHEL9.
|
||||
---
|
||||
profiles/Makefile.am | 13 ----
|
||||
profiles/nis/README | 111 ----------------------------
|
||||
profiles/nis/REQUIREMENTS | 13 ----
|
||||
profiles/nis/dconf-db | 3 -
|
||||
profiles/nis/dconf-locks | 2 -
|
||||
profiles/nis/nsswitch.conf | 14 ----
|
||||
profiles/nis/postlogin | 4 -
|
||||
rpm/authselect.spec.in | 10 ---
|
||||
src/compat/authcompat.py.in.in | 95 ------------------------
|
||||
src/compat/authcompat_Options.py | 8 +-
|
||||
src/man/authselect-migration.7.adoc | 2 +-
|
||||
11 files changed, 6 insertions(+), 269 deletions(-)
|
||||
delete mode 100644 profiles/nis/README
|
||||
delete mode 100644 profiles/nis/REQUIREMENTS
|
||||
profiles/Makefile.am | 14 -----
|
||||
profiles/nis/dconf-db | 3 -
|
||||
profiles/nis/dconf-locks | 2 -
|
||||
profiles/nis/nsswitch.conf | 14 -----
|
||||
profiles/nis/postlogin | 4 --
|
||||
rpm/authselect.spec.in | 11 ----
|
||||
src/compat/authcompat.py.in.in | 95 -----------------------------
|
||||
src/compat/authcompat_Options.py | 8 ++-
|
||||
src/man/authselect-migration.7.adoc | 2 +-
|
||||
9 files changed, 6 insertions(+), 147 deletions(-)
|
||||
delete mode 100644 profiles/nis/dconf-db
|
||||
delete mode 100644 profiles/nis/dconf-locks
|
||||
delete mode 100644 profiles/nis/nsswitch.conf
|
||||
delete mode 100644 profiles/nis/postlogin
|
||||
|
||||
diff --git a/profiles/Makefile.am b/profiles/Makefile.am
|
||||
index 95e27147b2b0a229a76a293884d605484d3fa841..c658521de01130f19f669fe0a6cb86c11043a406 100644
|
||||
index 7191b2604ca2c9ebaba3a4f1beb950e7d0e03970..4ab613f42a581df02c427636a0070092b58ec418 100644
|
||||
--- a/profiles/Makefile.am
|
||||
+++ b/profiles/Makefile.am
|
||||
@@ -13,19 +13,6 @@ dist_profile_minimal_DATA = \
|
||||
@@ -15,20 +15,6 @@ dist_profile_minimal_DATA = \
|
||||
$(top_srcdir)/profiles/minimal/dconf-locks \
|
||||
$(NULL)
|
||||
|
||||
@ -39,6 +35,7 @@ index 95e27147b2b0a229a76a293884d605484d3fa841..c658521de01130f19f669fe0a6cb86c1
|
||||
- $(top_srcdir)/profiles/nis/postlogin \
|
||||
- $(top_srcdir)/profiles/nis/README \
|
||||
- $(top_srcdir)/profiles/nis/REQUIREMENTS \
|
||||
- $(top_srcdir)/profiles/nis/smartcard-auth \
|
||||
- $(top_srcdir)/profiles/nis/system-auth \
|
||||
- $(top_srcdir)/profiles/nis/fingerprint-auth \
|
||||
- $(top_srcdir)/profiles/nis/dconf-db \
|
||||
@ -48,142 +45,6 @@ index 95e27147b2b0a229a76a293884d605484d3fa841..c658521de01130f19f669fe0a6cb86c1
|
||||
profile_sssddir = $(authselect_profile_dir)/sssd
|
||||
dist_profile_sssd_DATA = \
|
||||
$(top_srcdir)/profiles/sssd/nsswitch.conf \
|
||||
diff --git a/profiles/nis/README b/profiles/nis/README
|
||||
deleted file mode 100644
|
||||
index cac3428bf844b0a9d251015988583f4c1b15c3c9..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/README
|
||||
+++ /dev/null
|
||||
@@ -1,111 +0,0 @@
|
||||
-Enable NIS for system authentication
|
||||
-====================================
|
||||
-
|
||||
-Selecting this profile will enable Network Information Services as the source
|
||||
-of identity and authentication providers.
|
||||
-
|
||||
-NIS CONFIGURATION
|
||||
------------------
|
||||
-
|
||||
-Authselect does not touch NIS configuration. Please, read NIS' documentation
|
||||
-to see how to configure it manually.
|
||||
-
|
||||
-AVAILABLE OPTIONAL FEATURES
|
||||
----------------------------
|
||||
-
|
||||
-with-faillock::
|
||||
- Enable account locking in case of too many consecutive
|
||||
- authentication failures.
|
||||
-
|
||||
-with-mkhomedir::
|
||||
- Enable automatic creation of home directories for users on their
|
||||
- first login.
|
||||
-
|
||||
-with-fingerprint::
|
||||
- Enable authentication with fingerprint reader through *pam_fprintd*.
|
||||
-
|
||||
-with-pam-u2f::
|
||||
- Enable authentication via u2f dongle through *pam_u2f*.
|
||||
-
|
||||
-with-pam-u2f-2fa::
|
||||
- Enable 2nd factor authentication via u2f dongle through *pam_u2f*.
|
||||
-
|
||||
-without-pam-u2f-nouserok::
|
||||
- Module argument nouserok is omitted if also with-pam-u2f-2fa is used.
|
||||
- *WARNING*: Omitting nouserok argument means that users without pam-u2f
|
||||
- authentication configured will not be able to log in *INCLUDING* root.
|
||||
- Make sure you are able to log in before losing root privileges.
|
||||
-
|
||||
-with-silent-lastlog::
|
||||
- Do not produce pam_lastlog message during login.
|
||||
-
|
||||
-with-pamaccess::
|
||||
- Check access.conf during account authorization.
|
||||
-
|
||||
-with-nispwquality::
|
||||
- If this option is set pam_pwquality module will check password quality
|
||||
- for NIS users as well as local users during password change. Without this
|
||||
- option only local users passwords are checked.
|
||||
-
|
||||
-without-nullok::
|
||||
- Do not add nullok parameter to pam_unix.
|
||||
-
|
||||
-DISABLE SPECIFIC NSSWITCH DATABASES
|
||||
------------------------------------
|
||||
-
|
||||
-Normally, nsswitch databases set by the profile overwrites values set in
|
||||
-user-nsswitch.conf. The following options can force authselect to
|
||||
-ignore value set by the profile and use the one set in user-nsswitch.conf
|
||||
-instead.
|
||||
-
|
||||
-with-custom-aliases::
|
||||
-Ignore "aliases" map set by the profile.
|
||||
-
|
||||
-with-custom-automount::
|
||||
-Ignore "automount" map set by the profile.
|
||||
-
|
||||
-with-custom-ethers::
|
||||
-Ignore "ethers" map set by the profile.
|
||||
-
|
||||
-with-custom-group::
|
||||
-Ignore "group" map set by the profile.
|
||||
-
|
||||
-with-custom-hosts::
|
||||
-Ignore "hosts" map set by the profile.
|
||||
-
|
||||
-with-custom-initgroups::
|
||||
-Ignore "initgroups" map set by the profile.
|
||||
-
|
||||
-with-custom-netgroup::
|
||||
-Ignore "netgroup" map set by the profile.
|
||||
-
|
||||
-with-custom-networks::
|
||||
-Ignore "networks" map set by the profile.
|
||||
-
|
||||
-with-custom-passwd::
|
||||
-Ignore "passwd" map set by the profile.
|
||||
-
|
||||
-with-custom-protocols::
|
||||
-Ignore "protocols" map set by the profile.
|
||||
-
|
||||
-with-custom-publickey::
|
||||
-Ignore "publickey" map set by the profile.
|
||||
-
|
||||
-with-custom-rpc::
|
||||
-Ignore "rpc" map set by the profile.
|
||||
-
|
||||
-with-custom-services::
|
||||
-Ignore "services" map set by the profile.
|
||||
-
|
||||
-with-custom-shadow::
|
||||
-Ignore "shadow" map set by the profile.
|
||||
-
|
||||
-EXAMPLES
|
||||
---------
|
||||
-* Enable NIS with no additional modules
|
||||
-
|
||||
- authselect select nis
|
||||
-
|
||||
-* Enable NIS and create home directories for users on their first login
|
||||
-
|
||||
- authselect select nis with-mkhomedir
|
||||
diff --git a/profiles/nis/REQUIREMENTS b/profiles/nis/REQUIREMENTS
|
||||
deleted file mode 100644
|
||||
index c58aa2789f4ef064b7904cacf4fc3158dce7ad41..0000000000000000000000000000000000000000
|
||||
--- a/profiles/nis/REQUIREMENTS
|
||||
+++ /dev/null
|
||||
@@ -1,13 +0,0 @@
|
||||
-Make sure that NIS service is configured and enabled. See NIS documentation for more information.
|
||||
- {include if "with-fingerprint"}
|
||||
-- with-fingerprint is selected, make sure fprintd service is configured and enabled {include if "with-fingerprint"}
|
||||
- {include if "with-pam-u2f"}
|
||||
-- with-pam-u2f is selected, make sure that the pam u2f module is installed {include if "with-pam-u2f"}
|
||||
- - users can then configure keys using the pamu2fcfg tool {include if "with-pam-u2f"}
|
||||
- {include if "with-pam-u2f-2fa"}
|
||||
-- with-pam-u2f-2fa is selected, make sure that the pam u2f module is installed {include if "with-pam-u2f-2fa"}
|
||||
- - users can then configure keys using the pamu2fcfg tool {include if "with-pam-u2f-2fa"}
|
||||
- {include if "with-mkhomedir"}
|
||||
-- with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module {include if "with-mkhomedir"}
|
||||
- is present and oddjobd service is enabled and active {include if "with-mkhomedir"}
|
||||
- - systemctl enable --now oddjobd.service {include if "with-mkhomedir"}
|
||||
diff --git a/profiles/nis/dconf-db b/profiles/nis/dconf-db
|
||||
deleted file mode 100644
|
||||
index bd32b2819f66acdc75ab0fc522ec85673d10ed72..0000000000000000000000000000000000000000
|
||||
@ -232,20 +93,20 @@ index 04a11f049bc1e220c9064fba7b46eb243ddd4996..00000000000000000000000000000000
|
||||
-session [default=1] pam_lastlog.so nowtmp {if "with-silent-lastlog":silent|showfailed}
|
||||
-session optional pam_lastlog.so silent noupdate showfailed
|
||||
diff --git a/rpm/authselect.spec.in b/rpm/authselect.spec.in
|
||||
index 628d6c91e9b3b4448787915fc1f9ac42f445bfc6..a0d508a716603771878781a62168fe0a71207f66 100644
|
||||
index f8539d5a028da1a7184b47609a8efdb5ce0be14e..95da183a41a29f7913a0a255a94070908ed9a66c 100644
|
||||
--- a/rpm/authselect.spec.in
|
||||
+++ b/rpm/authselect.spec.in
|
||||
@@ -155,7 +155,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
@@ -165,7 +165,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%dir %{_datadir}/authselect/vendor
|
||||
%dir %{_datadir}/authselect/default
|
||||
%dir %{_datadir}/authselect/default/minimal/
|
||||
-%dir %{_datadir}/authselect/default/nis/
|
||||
%dir %{_datadir}/authselect/default/sssd/
|
||||
%dir %{_datadir}/authselect/default/winbind/
|
||||
%{_datadir}/authselect/default/minimal/nsswitch.conf
|
||||
@@ -164,15 +163,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%{_datadir}/authselect/default/minimal/README
|
||||
%{_datadir}/authselect/default/minimal/dconf-db
|
||||
@@ -178,16 +177,6 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%{_datadir}/authselect/default/minimal/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/minimal/smartcard-auth
|
||||
%{_datadir}/authselect/default/minimal/system-auth
|
||||
-%{_datadir}/authselect/default/nis/dconf-db
|
||||
-%{_datadir}/authselect/default/nis/dconf-locks
|
||||
@ -255,15 +116,16 @@ index 628d6c91e9b3b4448787915fc1f9ac42f445bfc6..a0d508a716603771878781a62168fe0a
|
||||
-%{_datadir}/authselect/default/nis/postlogin
|
||||
-%{_datadir}/authselect/default/nis/README
|
||||
-%{_datadir}/authselect/default/nis/REQUIREMENTS
|
||||
-%{_datadir}/authselect/default/nis/smartcard-auth
|
||||
-%{_datadir}/authselect/default/nis/system-auth
|
||||
%{_datadir}/authselect/default/sssd/dconf-db
|
||||
%{_datadir}/authselect/default/sssd/dconf-locks
|
||||
%{_datadir}/authselect/default/sssd/fingerprint-auth
|
||||
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
||||
index 4e39b7ec66d0e2ba911c7280467ba78fd29c196c..7c0fdf341212250f03dc14ddf6680e90da8e217e 100755
|
||||
index 55e205bae2c0b1f7892f8b286c288dfeaa26a60d..c6d1f2786c233f7ebdbfe5f2503aa0016012aee0 100755
|
||||
--- a/src/compat/authcompat.py.in.in
|
||||
+++ b/src/compat/authcompat.py.in.in
|
||||
@@ -240,20 +240,6 @@ class Configuration:
|
||||
@@ -243,20 +243,6 @@ class Configuration:
|
||||
|
||||
config.write(keys)
|
||||
|
||||
@ -284,7 +146,7 @@ index 4e39b7ec66d0e2ba911c7280467ba78fd29c196c..7c0fdf341212250f03dc14ddf6680e90
|
||||
class SSSD(Base):
|
||||
def __init__(self, options):
|
||||
super(Configuration.SSSD, self).__init__(options, ServiceName="sssd")
|
||||
@@ -375,83 +361,6 @@ class Configuration:
|
||||
@@ -378,83 +364,6 @@ class Configuration:
|
||||
# other applications may depend on it.
|
||||
return
|
||||
|
||||
@ -368,16 +230,16 @@ index 4e39b7ec66d0e2ba911c7280467ba78fd29c196c..7c0fdf341212250f03dc14ddf6680e90
|
||||
class AuthCompat:
|
||||
def __init__(self):
|
||||
self.sysconfig = EnvironmentFile(Path.System('authconfig'))
|
||||
@@ -533,8 +442,6 @@ class AuthCompat:
|
||||
if (self.options.getBool("ldap") or self.options.getBool("ldapauth") or
|
||||
self.options.getBool("sssd") or self.options.getBool("sssdauth")):
|
||||
@@ -538,8 +447,6 @@ class AuthCompat:
|
||||
or self.options.getBool("sssd")
|
||||
or self.options.getBool("sssdauth")):
|
||||
profile = "sssd"
|
||||
- elif self.options.getBool("nis"):
|
||||
- profile = "nis"
|
||||
elif self.options.getBool("winbind"):
|
||||
profile = "winbind"
|
||||
|
||||
@@ -591,13 +498,11 @@ class AuthCompat:
|
||||
@@ -596,13 +503,11 @@ class AuthCompat:
|
||||
def writeConfiguration(self):
|
||||
configs = [
|
||||
Configuration.LDAP(self.options),
|
||||
@ -392,33 +254,33 @@ index 4e39b7ec66d0e2ba911c7280467ba78fd29c196c..7c0fdf341212250f03dc14ddf6680e90
|
||||
|
||||
for config in configs:
|
||||
diff --git a/src/compat/authcompat_Options.py b/src/compat/authcompat_Options.py
|
||||
index 433a3340bac29739174e78928701214c08ec6f3c..2712d85a377ee92c7816e3d2284302307084b0c4 100644
|
||||
index 5c8b21b55014198d6d9dfc98bd807c3c922b06f4..79ead60fa9edc1244227e3b69df025471b7c7991 100644
|
||||
--- a/src/compat/authcompat_Options.py
|
||||
+++ b/src/compat/authcompat_Options.py
|
||||
@@ -79,9 +79,6 @@ class Options:
|
||||
# However, they will just make sure that an authentication against
|
||||
# expected service is working. They may not result in the exact same
|
||||
# configuration as authconfig would generate.
|
||||
- Option.Feature("nis", _("NIS for user information by default")),
|
||||
- Option.Valued ("nisdomain", _("<domain>"), _("default NIS domain")),
|
||||
- Option.Valued ("nisserver", _("<server>"), _("default NIS server")),
|
||||
Option.Feature("ldap", _("LDAP for user information by default")),
|
||||
Option.Feature("ldapauth", _("LDAP for authentication by default")),
|
||||
Option.Valued ("ldapserver", _("<server>"), _("default LDAP server hostname or URI")),
|
||||
- Option.Feature("nis", _("NIS for user information by default")),
|
||||
- Option.Valued("nisdomain", _("<domain>"), _("default NIS domain")),
|
||||
- Option.Valued("nisserver", _("<server>"), _("default NIS server")),
|
||||
Option.Feature("ldap", _("LDAP for user information by default")),
|
||||
Option.Feature("ldapauth", _("LDAP for authentication by default")),
|
||||
Option.Valued("ldapserver", _("<server>"), _("default LDAP server hostname or URI")),
|
||||
@@ -164,6 +161,11 @@ class Options:
|
||||
Option.UnsupportedFeature("locauthorize"),
|
||||
Option.UnsupportedFeature("sysnetauth"),
|
||||
Option.UnsupportedValued ("faillockargs", _("<options>")),
|
||||
Option.UnsupportedValued("faillockargs", _("<options>")),
|
||||
+
|
||||
+ # NIS is no longer supported
|
||||
+ Option.UnsupportedFeature("nis"),
|
||||
+ Option.UnsupportedValued ("nisdomain", _("<domain>")),
|
||||
+ Option.UnsupportedValued ("nisserver", _("<server>")),
|
||||
+ Option.UnsupportedValued("nisdomain", _("<domain>")),
|
||||
+ Option.UnsupportedValued("nisserver", _("<server>")),
|
||||
]
|
||||
|
||||
Map = {
|
||||
diff --git a/src/man/authselect-migration.7.adoc b/src/man/authselect-migration.7.adoc
|
||||
index a27af036738274d8d392f7fe1f7d59c89e9c4ffb..515104b160d956d04b9ec8cacd25d166983e02d5 100644
|
||||
index 888cd4e5a0750d4e1aa5898887f5f7fd42472741..d9777b9b473859d7ec532f39f7e14bd81c4f1b90 100644
|
||||
--- a/src/man/authselect-migration.7.adoc
|
||||
+++ b/src/man/authselect-migration.7.adoc
|
||||
@@ -72,7 +72,7 @@ configuration file for required services.
|
||||
@ -431,5 +293,5 @@ index a27af036738274d8d392f7fe1f7d59c89e9c4ffb..515104b160d956d04b9ec8cacd25d166
|
||||
|
||||
.Relation of authconfig options to authselect profile features
|
||||
--
|
||||
2.20.1
|
||||
2.34.1
|
||||
|
@ -1,58 +0,0 @@
|
||||
From 9fc2d8061c811c4522484f4cb62a2025fe9282b2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Thu, 18 Feb 2021 13:38:53 +0100
|
||||
Subject: [PATCH 3/3] rhel9: sssd: default to files first for users and groups
|
||||
|
||||
The passwd and group databases will now default to files first.
|
||||
The order "sss files" can be enabled with "with-files-provider"
|
||||
feature.
|
||||
---
|
||||
profiles/sssd/README | 5 +++++
|
||||
profiles/sssd/REQUIREMENTS | 4 ++++
|
||||
profiles/sssd/nsswitch.conf | 4 ++--
|
||||
3 files changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/profiles/sssd/README b/profiles/sssd/README
|
||||
index ac063e8d065d0488279dc2381bdd7f8ac361bfcb..699d490b90710a53c3959f196b9ef435149a4bd0 100644
|
||||
--- a/profiles/sssd/README
|
||||
+++ b/profiles/sssd/README
|
||||
@@ -76,6 +76,11 @@ with-sudo::
|
||||
with-pamaccess::
|
||||
Check access.conf during account authorization.
|
||||
|
||||
+with-files-domain::
|
||||
+ If set, SSSD will be contacted before "files" when resolving users and
|
||||
+ groups. The order in nsswitch.conf will be set to "sss files" instead of
|
||||
+ "files sss" for passwd and group maps.
|
||||
+
|
||||
with-files-access-provider::
|
||||
If set, account management for local users is handled also by pam_sss. This
|
||||
is needed if there is an explicitly configured domain with id_provider=files
|
||||
diff --git a/profiles/sssd/REQUIREMENTS b/profiles/sssd/REQUIREMENTS
|
||||
index cbffac54bbd2598c2a53cd3014ebeb271dad9c57..ba3b3bd0fa143c3cc74d00faaf6ff94a2b4aaf84 100644
|
||||
--- a/profiles/sssd/REQUIREMENTS
|
||||
+++ b/profiles/sssd/REQUIREMENTS
|
||||
@@ -14,3 +14,7 @@ Make sure that SSSD service is configured and enabled. See SSSD documentation fo
|
||||
- with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module {include if "with-mkhomedir"}
|
||||
is present and oddjobd service is enabled and active {include if "with-mkhomedir"}
|
||||
- systemctl enable --now oddjobd.service {include if "with-mkhomedir"}
|
||||
+ {include if "with-files-domain"}
|
||||
+- with-files-domain is selected, make sure the files provider is enabled in SSSD {include if "with-files-domain"}
|
||||
+ - set enable_files_domain=true in [sssd] section of /etc/sssd/sssd.conf {include if "with-files-domain"}
|
||||
+ - or create a custom domain with id_provider=files {include if "with-files-domain"}
|
||||
\ No newline at end of file
|
||||
diff --git a/profiles/sssd/nsswitch.conf b/profiles/sssd/nsswitch.conf
|
||||
index 9734bbbe68e7cf73a4a560e3573162d353e551e8..91c9fe9ef60fde07d55269247c885db0f738c776 100644
|
||||
--- a/profiles/sssd/nsswitch.conf
|
||||
+++ b/profiles/sssd/nsswitch.conf
|
||||
@@ -1,5 +1,5 @@
|
||||
-passwd: sss files systemd {exclude if "with-custom-passwd"}
|
||||
-group: sss files systemd {exclude if "with-custom-group"}
|
||||
+passwd: {if "with-files-domain":sss files|files sss} systemd {exclude if "with-custom-passwd"}
|
||||
+group: {if "with-files-domain":sss files|files sss} systemd {exclude if "with-custom-group"}
|
||||
netgroup: sss files {exclude if "with-custom-netgroup"}
|
||||
automount: sss files {exclude if "with-custom-automount"}
|
||||
services: sss files {exclude if "with-custom-services"}
|
||||
--
|
||||
2.29.2
|
||||
|
@ -2,24 +2,19 @@
|
||||
%define _empty_manifest_terminate_build 0
|
||||
|
||||
Name: authselect
|
||||
Version: 1.2.3
|
||||
Release: 7%{?dist}
|
||||
Version: 1.2.5
|
||||
Release: 1%{?dist}
|
||||
Summary: Configures authentication and identity sources from supported profiles
|
||||
URL: https://github.com/authselect/authselect
|
||||
|
||||
License: GPLv3+
|
||||
Source0: %{url}/archive/%{version}/%{name}-%{version}.tar.gz
|
||||
|
||||
Patch0001: 0001-lib-avoid-freeing-uninitialized-variable-in-authsele.patch
|
||||
|
||||
### Downstream Patches ###
|
||||
%if 0%{?rhel}
|
||||
Patch9001: 9001-rhel9-remove-mention-of-Fedora-Change-page-in-compat.patch
|
||||
Patch9002: 9002-rhel9-remove-ecryptfs-support.patch
|
||||
Patch9003: 9003-rhel9-sssd-default-to-files-first-for-users-and-grou.patch
|
||||
Patch9004: 9004-rhel9-remove-support-for-for-resolved.patch
|
||||
Patch0005: 9005-rhel9-remove-nis-support.patch
|
||||
%endif
|
||||
Patch0901: 0901-rhel9-remove-mention-of-Fedora-Change-page-in-compat.patch
|
||||
Patch0902: 0902-rhel9-remove-ecryptfs-support.patch
|
||||
Patch0903: 0903-rhel9-Revert-profiles-add-support-for-resolved.patch
|
||||
Patch0904: 0904-rhel9-remove-nis-support.patch
|
||||
|
||||
%global makedir %{_builddir}/%{name}-%{version}
|
||||
|
||||
@ -36,6 +31,7 @@ BuildRequires: po4a
|
||||
BuildRequires: %{_bindir}/a2x
|
||||
BuildRequires: libcmocka-devel >= 1.0.0
|
||||
BuildRequires: libselinux-devel
|
||||
BuildRequires: python3-devel
|
||||
Requires: authselect-libs%{?_isa} = %{version}-%{release}
|
||||
Suggests: sssd
|
||||
Suggests: samba-winbind
|
||||
@ -70,8 +66,6 @@ command line tool and any other potential front-ends.
|
||||
Summary: Tool to provide minimum backwards compatibility with authconfig
|
||||
Obsoletes: authconfig < 7.0.1-6
|
||||
Provides: authconfig
|
||||
BuildRequires: python3-devel
|
||||
BuildRequires: make
|
||||
Requires: authselect%{?_isa} = %{version}-%{release}
|
||||
Recommends: oddjob-mkhomedir
|
||||
Suggests: sssd
|
||||
@ -104,7 +98,7 @@ done
|
||||
|
||||
%build
|
||||
autoreconf -if
|
||||
%configure --with-pythonbin="%{__python3}"
|
||||
%configure --with-pythonbin="%{__python3}" --with-compat
|
||||
%make_build
|
||||
|
||||
%check
|
||||
@ -160,11 +154,13 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%dir %{_datadir}/authselect/default/winbind/
|
||||
%{_datadir}/authselect/default/minimal/dconf-db
|
||||
%{_datadir}/authselect/default/minimal/dconf-locks
|
||||
%{_datadir}/authselect/default/minimal/fingerprint-auth
|
||||
%{_datadir}/authselect/default/minimal/nsswitch.conf
|
||||
%{_datadir}/authselect/default/minimal/password-auth
|
||||
%{_datadir}/authselect/default/minimal/postlogin
|
||||
%{_datadir}/authselect/default/minimal/README
|
||||
%{_datadir}/authselect/default/minimal/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/minimal/smartcard-auth
|
||||
%{_datadir}/authselect/default/minimal/system-auth
|
||||
%{_datadir}/authselect/default/sssd/dconf-db
|
||||
%{_datadir}/authselect/default/sssd/dconf-locks
|
||||
@ -184,6 +180,7 @@ find $RPM_BUILD_ROOT -name "*.a" -exec %__rm -f {} \;
|
||||
%{_datadir}/authselect/default/winbind/postlogin
|
||||
%{_datadir}/authselect/default/winbind/README
|
||||
%{_datadir}/authselect/default/winbind/REQUIREMENTS
|
||||
%{_datadir}/authselect/default/winbind/smartcard-auth
|
||||
%{_datadir}/authselect/default/winbind/system-auth
|
||||
%{_libdir}/libauthselect.so.*
|
||||
%{_mandir}/man5/authselect-profiles.5*
|
||||
@ -293,6 +290,12 @@ exit 0
|
||||
exit 0
|
||||
|
||||
%changelog
|
||||
* Thu May 5 2022 Pavel Březina <pbrezina@redhat.com> - 1.2.5-1
|
||||
- Rebase to 1.2.5 (RHBZ #2080239)
|
||||
- backup-restore now works correctly (RHBZ #2070541)
|
||||
- add with-subid to sssd profile (RHBZ #2075192)
|
||||
- add with-gssapi to sssd profile (RHBZ #2077893)
|
||||
|
||||
* Thu Aug 26 2021 Pavel Březina <pbrezina@redhat.com> - 1.2.3-7
|
||||
- Avoid freeing uninitialized variable in authselect_apply_changes (rhbz#1970871)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user