diff --git a/.gitignore b/.gitignore index 64fac4b..0d79b72 100644 --- a/.gitignore +++ b/.gitignore @@ -41,3 +41,4 @@ /freeipa-4.2.1.tar.gz /freeipa-4.2.2.tar.gz /freeipa-4.2.3.tar.gz +/freeipa-4.3.0.tar.gz diff --git a/freeipa.spec b/freeipa.spec index ed4c676..d4906c6 100644 --- a/freeipa.spec +++ b/freeipa.spec @@ -2,6 +2,12 @@ # subpackages %{!?ONLY_CLIENT:%global ONLY_CLIENT 0} +%if 0%{?rhel} +%global with_python3 0 +%else +%global with_python3 1 +%endif + %global alt_name ipa %if 0%{?rhel} %global samba_version 4.0.5-1 @@ -24,13 +30,13 @@ %global platform_module fedora %endif -%global VERSION 4.2.3 +%global VERSION 4.3.0 %define _hardened_build 1 Name: freeipa Version: %{VERSION} -Release: 2%{?dist} +Release: 1%{?dist} Summary: The Identity, Policy and Audit system Group: System Environment/Base @@ -39,10 +45,8 @@ URL: http://www.freeipa.org/ Source0: http://www.freeipa.org/downloads/src/freeipa-%{VERSION}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Patch0001: 0001-Workarounds-for-SELinux-execmem-violations-in-crypto.patch - %if ! %{ONLY_CLIENT} -BuildRequires: 389-ds-base-devel >= 1.3.4.0 +BuildRequires: 389-ds-base-devel >= 1.3.4.4 BuildRequires: svrcore-devel BuildRequires: policycoreutils >= 2.1.12-5 BuildRequires: systemd-units @@ -70,24 +74,20 @@ BuildRequires: gettext BuildRequires: python-devel BuildRequires: python-ldap BuildRequires: python-setuptools -BuildRequires: python-krbV BuildRequires: python-nss BuildRequires: python-cryptography BuildRequires: python-netaddr -BuildRequires: python-kerberos >= 1.1-14 +BuildRequires: python-gssapi >= 1.1.2 BuildRequires: python-rhsm BuildRequires: pyOpenSSL BuildRequires: pylint >= 1.0 BuildRequires: python-polib BuildRequires: python-libipa_hbac BuildRequires: python-memcached -BuildRequires: sssd >= 1.13 BuildRequires: python-lxml BuildRequires: python-pyasn1 >= 0.0.9a BuildRequires: python-qrcode-core >= 5.0.0 BuildRequires: python-dns >= 1.11.1 -BuildRequires: m2crypto -BuildRequires: check BuildRequires: libsss_idmap-devel BuildRequires: libsss_nss_idmap-devel >= 1.12.2 BuildRequires: java-headless @@ -95,7 +95,6 @@ BuildRequires: rhino BuildRequires: libverto-devel BuildRequires: systemd BuildRequires: libunistring-devel -BuildRequires: rhino BuildRequires: python-lesscpy BuildRequires: python-yubico >= 1.2.3 BuildRequires: softhsm-devel >= 2.0.0rc1-1 @@ -105,6 +104,19 @@ BuildRequires: pki-base >= 10.2.6 BuildRequires: python-pytest-multihost >= 0.5 BuildRequires: python-pytest-sourceorder BuildRequires: python-kdcproxy >= 0.3 +BuildRequires: python-six +BuildRequires: python-jwcrypto +BuildRequires: custodia +BuildRequires: libini_config-devel >= 1.2.0 +BuildRequires: dbus-python + +# Build dependencies for unit tests +BuildRequires: libcmocka-devel +BuildRequires: nss_wrapper + +%if 0%{?with_python3} +BuildRequires: python3-devel +%endif # with_python3 %description IPA is an integrated solution to provide centrally managed Identity (users, @@ -113,14 +125,18 @@ hosts, services), Authentication (SSO, 2FA), and Authorization features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). + %if ! %{ONLY_CLIENT} + %package server Summary: The IPA authentication server Group: System Environment/Base -Requires: %{name}-python = %{version}-%{release} +Requires: %{name}-server-common = %{version}-%{release} Requires: %{name}-client = %{version}-%{release} Requires: %{name}-admintools = %{version}-%{release} -Requires: 389-ds-base >= 1.3.4.0 +Requires: %{name}-common = %{version}-%{release} +Requires: python2-ipaserver = %{version}-%{release} +Requires: 389-ds-base >= 1.3.4.4 Requires: openldap-clients > 2.4.35-4 Requires: nss >= 3.14.3-12.0 Requires: nss-tools >= 3.14.3-12.0 @@ -130,16 +146,13 @@ Requires: cyrus-sasl-gssapi%{?_isa} Requires: ntp Requires: httpd >= 2.4.6-6 Requires: mod_wsgi -Requires: mod_auth_gssapi >= 1.1.0-2 +Requires: mod_auth_gssapi >= 1.3.0-2 Requires: mod_nss >= 1.0.8-26 Requires: python-ldap >= 2.4.15 -Requires: python-krbV -Requires: python-sssdconfig +Requires: python-gssapi >= 1.1.2 Requires: acl -Requires: python-pyasn1 Requires: memcached Requires: python-memcached -Requires: dbus-python Requires: systemd-units >= 38 Requires(pre): shadow-utils Requires(pre): systemd-units @@ -151,13 +164,11 @@ Requires: pki-ca >= 10.2.6-12 Requires: pki-kra >= 10.2.6-12 Requires(preun): python systemd-units Requires(postun): python systemd-units -Requires: python-dns >= 1.11.1 -Requires: python-kdcproxy >= 0.3 Requires: zip Requires: policycoreutils >= 2.1.12-5 Requires: tar Requires(pre): certmonger >= 0.78 -Requires(pre): 389-ds-base >= 1.3.4.0 +Requires(pre): 389-ds-base >= 1.3.4.4 Requires: fontawesome-fonts Requires: open-sans-fonts Requires: openssl @@ -166,7 +177,9 @@ Requires: p11-kit Requires: systemd-python Requires: %{etc_systemd_dir} Requires: gzip +Requires: oddjob +Provides: %{alt_name}-server = %{version} Conflicts: %{alt_name}-server Obsoletes: %{alt_name}-server < %{version} @@ -175,7 +188,7 @@ Obsoletes: %{alt_name}-server < %{version} Obsoletes: freeipa-server-selinux < 3.3.0 # upgrade path from monolithic -server to -server + -server-dns -Obsoletes: %{name}-server <= 4.2.0.0 +Obsoletes: %{name}-server <= 4.2.0 # Versions of nss-pam-ldapd < 0.8.4 require a mapping from uniqueMember to # member. @@ -190,9 +203,57 @@ and integration with Active Directory based infrastructures (Trusts). If you are installing an IPA server, you need to install this package. +%package -n python2-ipaserver +Summary: Python libraries used by IPA server +Group: System Environment/Libraries +BuildArch: noarch +%{?python_provide:%python_provide python2-ipaserver} +Requires: %{name}-server-common = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} +Requires: python2-ipaclient = %{version}-%{release} +Requires: python-ldap >= 2.4.15 +Requires: python-gssapi >= 1.1.2 +Requires: python-sssdconfig +Requires: python-pyasn1 +Requires: dbus-python +Requires: python-dns >= 1.11.1 +Requires: python-kdcproxy >= 0.3 + +%description -n python2-ipaserver +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are installing an IPA server, you need to install this package. + + +%package server-common +Summary: Common files used by IPA server +Group: System Environment/Base +BuildArch: noarch +Requires: %{name}-client-common = %{version}-%{release} +Requires: httpd >= 2.4.6-6 +Requires: systemd-units >= 38 +Requires: custodia + +Provides: %{alt_name}-server-common = %{version} +Conflicts: %{alt_name}-server-common +Obsoletes: %{alt_name}-server-common < %{version} + +%description server-common +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are installing an IPA server, you need to install this package. + + %package server-dns Summary: IPA integrated DNS server with support for automatic DNSSEC signing Group: System Environment/Base +BuildArch: noarch Requires: %{name}-server = %{version}-%{release} Requires: bind-dyndb-ldap >= 6.0-4 %if 0%{?fedora} >= 21 @@ -208,11 +269,12 @@ Requires: bind-pkcs11-utils >= 9.9.4-21 %endif Requires: opendnssec >= 1.4.6-4 +Provides: %{alt_name}-server-dns = %{version} Conflicts: %{alt_name}-server-dns Obsoletes: %{alt_name}-server-dns < %{version} # upgrade path from monolithic -server to -server + -server-dns -Obsoletes: %{name}-server <= 4.2.0.0 +Obsoletes: %{name}-server <= 4.2.0 %description server-dns IPA integrated DNS server with support for automatic DNSSEC signing. @@ -222,15 +284,13 @@ Integrated DNS server is BIND 9. OpenDNSSEC provides key management. %package server-trust-ad Summary: Virtual package to install packages required for Active Directory trusts Group: System Environment/Base -Requires: %{name}-server = %version-%release -Requires: m2crypto -Requires: samba-common-tools +Requires: %{name}-server = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} Requires: samba-python Requires: samba >= %{samba_version} Requires: samba-winbind Requires: libsss_idmap Requires: python-libsss_nss_idmap -Requires: oddjob Requires: python-sss # We use alternatives to divert winbind_krb5_locator.so plugin to libkrb5 # on the installes where server-trust-ad subpackage is installed because @@ -241,6 +301,7 @@ Requires(post): python Requires(postun): %{_sbindir}/update-alternatives Requires(preun): %{_sbindir}/update-alternatives +Provides: %{alt_name}-server-trust-ad = %{version} Conflicts: %{alt_name}-server-trust-ad Obsoletes: %{alt_name}-server-trust-ad < %{version} @@ -255,30 +316,32 @@ dependencies at once. %package client Summary: IPA authentication for use on clients Group: System Environment/Base -Requires: %{name}-python = %{version}-%{release} +Requires: %{name}-client-common = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} +Requires: python2-ipaclient = %{version}-%{release} Requires: python-ldap Requires: cyrus-sasl-gssapi%{?_isa} Requires: ntp Requires: krb5-workstation Requires: authconfig Requires: pam_krb5 -Requires: wget +Requires: curl Requires: libcurl >= 7.21.7-2 Requires: xmlrpc-c >= 1.27.4 -Requires: sssd >= 1.13.0-5 +Requires: sssd >= 1.13.1 Requires: python-sssdconfig Requires: certmonger >= 0.78 Requires: nss-tools Requires: bind-utils Requires: oddjob-mkhomedir -Requires: python-krbV -Requires: python-dns >= 1.11.1 +Requires: python-gssapi >= 1.1.2 Requires: libsss_autofs Requires: autofs Requires: libnfsidmap Requires: nfs-utils Requires(post): policycoreutils +Provides: %{alt_name}-client = %{version} Conflicts: %{alt_name}-client Obsoletes: %{alt_name}-client < %{version} @@ -292,14 +355,54 @@ If your network uses IPA for authentication, this package should be installed on every client machine. +%package -n python2-ipaclient +Summary: Python libraries used by IPA client +Group: System Environment/Libraries +BuildArch: noarch +%{?python_provide:%python_provide python2-ipaclient} +Requires: %{name}-client-common = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} +Requires: python2-ipalib%{?_isa} = %{version}-%{release} +Requires: python-dns >= 1.11.1 + +%description -n python2-ipaclient +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If your network uses IPA for authentication, this package should be +installed on every client machine. + + +%package client-common +Summary: Common files used by IPA client +Group: System Environment/Base +BuildArch: noarch + +Provides: %{alt_name}-client-common = %{version} +Conflicts: %{alt_name}-client-common +Obsoletes: %{alt_name}-client-common < %{version} + +%description client-common +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If your network uses IPA for authentication, this package should be +installed on every client machine. + + %package admintools Summary: IPA administrative tools Group: System Environment/Base -Requires: %{name}-python = %{version}-%{release} -Requires: %{name}-client = %{version}-%{release} -Requires: python-krbV +BuildArch: noarch +Requires: %{name}-client-common = %{version}-%{release} +Requires: python2-ipalib%{?_isa} = %{version}-%{release} Requires: python-ldap +Provides: %{alt_name}-admintools = %{version} Conflicts: %{alt_name}-admintools Obsoletes: %{alt_name}-admintools < %{version} @@ -311,10 +414,47 @@ features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). This package provides command-line tools for IPA administrators. -%package python + +%package python-compat +Summary: Compatiblity package for Python libraries used by IPA +Group: System Environment/Libraries +BuildArch: noarch +Obsoletes: %{name}-python < 4.2.91 +Provides: %{name}-python = %{version}-%{release} +Requires: %{name}-common = %{version}-%{release} +Requires: python2-ipalib%{?_isa} = %{version}-%{release} + +Provides: %{alt_name}-python-compat = %{version} +Conflicts: %{alt_name}-python-compat +Obsoletes: %{alt_name}-python-compat < %{version} + +Obsoletes: %{alt_name}-python < 4.2.91 +Provides: %{alt_name}-python = %{version} + +%description python-compat +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +This is a compatibility package to accommodate %{name}-python split into +python2-ipalib and %{name}-common. Packages still depending on +%{name}-python should be fixed to depend on python2-ipaclient or +%{name}-common instead. + + +%package -n python2-ipalib Summary: Python libraries used by IPA Group: System Environment/Libraries -Requires: python-kerberos >= 1.1-14 +Conflicts: %{name}-python < %{version}-%{release} +%{?python_provide:%python_provide python2-ipalib} +%{?python_provide:%{?_isa:%python_provide python2-ipalib%{_isa}}} +Provides: python2-ipapython = %{version}-%{release} +%{?python_provide:%python_provide python2-ipapython} +Provides: python2-ipaplatform = %{version}-%{release} +%{?python_provide:%python_provide python2-ipaplatform} +Requires: %{name}-common = %{version}-%{release} +Requires: python-gssapi >= 1.1.2 Requires: gnupg Requires: iproute Requires: keyutils @@ -329,15 +469,15 @@ Requires: python-pyasn1 Requires: python-dateutil Requires: python-yubico >= 1.2.3 Requires: python-sss-murmur -Requires: libsss_nss_idmap-python -Requires: wget +Requires: curl Requires: dbus-python Requires: python-setuptools +Requires: python-six +Requires: python-jwcrypto -Conflicts: %{alt_name}-python -Obsoletes: %{alt_name}-python < %{version} +Conflicts: %{alt_name}-python < %{version} -%description python +%description -n python2-ipalib IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides @@ -345,11 +485,82 @@ features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If you are using IPA, you need to install this package. + +%if 0%{?with_python3} + +%package -n python3-ipalib +Summary: Python3 libraries used by IPA +Group: System Environment/Libraries +%{?python_provide:%python_provide python3-ipalib} +%{?python_provide:%{?_isa:%python_provide python3-ipalib%{_isa}}} +Provides: python3-ipapython = %{version}-%{release} +%{?python_provide:%python_provide python3-ipapython} +Provides: python3-ipaplatform = %{version}-%{release} +%{?python_provide:%python_provide python3-ipaplatform} +Requires: %{name}-common = %{version}-%{release} +Requires: python3-gssapi >= 1.1.2 +Requires: gnupg +Requires: iproute +Requires: keyutils +Requires: python3-pyOpenSSL +Requires: python3-nss >= 0.16 +Requires: python3-cryptography +Requires: python3-lxml +Requires: python3-netaddr +Requires: python3-libipa_hbac +Requires: python3-qrcode-core >= 5.0.0 +Requires: python3-pyasn1 +Requires: python3-dateutil +Requires: python3-yubico >= 1.2.3 +Requires: python3-sss-murmur +Requires: curl +Requires: python3-dbus +Requires: python3-setuptools +Requires: python3-six +Requires: python3-jwcrypto + +%description -n python3-ipalib +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are using IPA with Python 3, you need to install this package. + +%endif # with_python3 + + +%package common +Summary: Common files used by IPA +Group: System Environment/Libraries +BuildArch: noarch +Conflicts: %{name}-python < %{version}-%{release} + +Provides: %{alt_name}-common = %{version} +Conflicts: %{alt_name}-common +Obsoletes: %{alt_name}-common < %{version} + +Conflicts: %{alt_name}-python < %{version} + +%description common +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are using IPA, you need to install this package. + + %if ! %{ONLY_CLIENT} -%package tests + +%package -n python2-ipatests Summary: IPA tests and test tools -Requires: %{name}-client = %{version}-%{release} -Requires: %{name}-python = %{version}-%{release} +BuildArch: noarch +Obsoletes: %{name}-tests < 4.2.91 +Provides: %{name}-tests%{?_isa} = %{version}-%{release} +%{?python_provide:%python_provide python2-ipatests} +Requires: %{name}-client-common = %{version}-%{release} +Requires: python2-ipalib%{?_isa} = %{version}-%{release} Requires: tar Requires: xz Requires: python-nose @@ -360,10 +571,11 @@ Requires: python-polib Requires: python-pytest-multihost >= 0.5 Requires: python-pytest-sourceorder +Provides: %{alt_name}-tests%{?_isa} = %{version} Conflicts: %{alt_name}-tests Obsoletes: %{alt_name}-tests < %{version} -%description tests +%description -n python2-ipatests IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides @@ -371,33 +583,40 @@ features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). This package contains tests that verify IPA functionality. + +%if 0%{?with_python3} + +%package -n python3-ipatests +Summary: IPA tests and test tools +BuildArch: noarch +%{?python_provide:%python_provide python3-ipatests} +Requires: %{name}-client-common = %{version}-%{release} +Requires: python3-ipalib%{?_isa} = %{version}-%{release} +Requires: tar +Requires: xz +Requires: python3-nose +Requires: python3-pytest >= 2.6 +Requires: python3-coverage +Requires: python3-polib +Requires: python3-pytest-multihost >= 0.5 +Requires: python3-pytest-sourceorder + +%description -n python3-ipatests +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +This package contains tests that verify IPA functionality under Python 3. + +%endif # with_python3 + %endif # ONLY_CLIENT %prep -# Fedora spec file only: START -# Update timestamps on the files touched by a patch, to avoid non-equal -# .pyc/.pyo files across the multilib peers within a build, where "Level" -# is the patch prefix option (e.g. -p1) -# Taken from specfile for sssd and python-simplejson -UpdateTimestamps() { - Level=$1 - PatchFile=$2 +%setup -n freeipa-%{version} -q - # Locate the affected files: - for f in $(diffstat $Level -l $PatchFile); do - # Set the files to have the same timestamp as that of the patch: - touch -r $PatchFile $f - done -} - -%setup -n freeipa-%{VERSION} -q - -for p in %patches ; do - %__patch -p1 -i $p - UpdateTimestamps -p1 $p -done -# Fedora spec file only: END %build # UI compilation segfaulted on some arches when the stack was lower (#1040576) @@ -421,12 +640,21 @@ cd daemons; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localst cd install; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir} --mandir=%{_mandir}; cd .. %endif # ONLY_CLIENT +%if 0%{?with_python3} +(cd ipapython/ipap11helper && make PYTHON=%{__python3} IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} all) +%endif + %if ! %{ONLY_CLIENT} make IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} all %else make IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} client %endif # ONLY_CLIENT + +%check +make %{?_smp_mflags} check VERBOSE=yes + + %install rm -rf %{buildroot} export SUPPORTED_PLATFORM=%{platform_module} @@ -440,15 +668,46 @@ rm -f ipaplatform/constants.py make version-update %if ! %{ONLY_CLIENT} make install DESTDIR=%{buildroot} + +mv %{buildroot}%{_bindir}/ipa-run-tests %{buildroot}%{_bindir}/ipa-run-tests-%{python2_version} +mv %{buildroot}%{_bindir}/ipa-test-config %{buildroot}%{_bindir}/ipa-test-config-%{python2_version} +mv %{buildroot}%{_bindir}/ipa-test-task %{buildroot}%{_bindir}/ipa-test-task-%{python2_version} + +%if 0%{?with_python3} +(cd ipatests && %{__python3} setup.py install --root %{buildroot}) +mv %{buildroot}%{_bindir}/ipa-run-tests %{buildroot}%{_bindir}/ipa-run-tests-%{python3_version} +mv %{buildroot}%{_bindir}/ipa-test-config %{buildroot}%{_bindir}/ipa-test-config-%{python3_version} +mv %{buildroot}%{_bindir}/ipa-test-task %{buildroot}%{_bindir}/ipa-test-task-%{python3_version} +ln -s %{_bindir}/ipa-run-tests-%{python3_version} %{buildroot}%{_bindir}/ipa-run-tests-3 +ln -s %{_bindir}/ipa-test-config-%{python3_version} %{buildroot}%{_bindir}/ipa-test-config-3 +ln -s %{_bindir}/ipa-test-task-%{python3_version} %{buildroot}%{_bindir}/ipa-test-task-3 +%endif # with_python3 + +ln -s %{_bindir}/ipa-run-tests-%{python2_version} %{buildroot}%{_bindir}/ipa-run-tests-2 +ln -s %{_bindir}/ipa-test-config-%{python2_version} %{buildroot}%{_bindir}/ipa-test-config-2 +ln -s %{_bindir}/ipa-test-task-%{python2_version} %{buildroot}%{_bindir}/ipa-test-task-2 +ln -s %{_bindir}/ipa-run-tests-%{python2_version} %{buildroot}%{_bindir}/ipa-run-tests +ln -s %{_bindir}/ipa-test-config-%{python2_version} %{buildroot}%{_bindir}/ipa-test-config +ln -s %{_bindir}/ipa-test-task-%{python2_version} %{buildroot}%{_bindir}/ipa-test-task + %else make client-install DESTDIR=%{buildroot} %endif # ONLY_CLIENT -%find_lang %{gettext_domain} +%if 0%{?with_python3} +(cd ipalib && make PYTHON=%{__python3} IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} DESTDIR=%{buildroot} install) +(cd ipapython && make PYTHON=%{__python3} IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} DESTDIR=%{buildroot} install) +(cd ipaplatform && %{__python3} setup.py install --root %{buildroot}) +%endif # with_python3 + +%find_lang %{gettext_domain} mkdir -p %{buildroot}%{_usr}/share/ipa %if ! %{ONLY_CLIENT} +# FIXME: https://bugzilla.redhat.com/show_bug.cgi?id=1289930 +mv %{buildroot}%{_libexecdir}/ipa/oddjob/com.redhat.idm.trust-fetch-domains %{buildroot}%{_libexecdir}/ipa/com.redhat.idm.trust-fetch-domains + # Remove .la files from libtool - we don't want to package # these files rm %{buildroot}/%{plugin_dir}/libipa_pwd_extop.la @@ -495,13 +754,11 @@ mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d/ /bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-rewrite.conf mkdir -p %{buildroot}%{_usr}/share/ipa/html/ /bin/touch %{buildroot}%{_usr}/share/ipa/html/ca.crt -/bin/touch %{buildroot}%{_usr}/share/ipa/html/configure.jar /bin/touch %{buildroot}%{_usr}/share/ipa/html/kerberosauth.xpi /bin/touch %{buildroot}%{_usr}/share/ipa/html/krb.con /bin/touch %{buildroot}%{_usr}/share/ipa/html/krb.js /bin/touch %{buildroot}%{_usr}/share/ipa/html/krb5.ini /bin/touch %{buildroot}%{_usr}/share/ipa/html/krbrealm.con -/bin/touch %{buildroot}%{_usr}/share/ipa/html/preferences.html mkdir -p %{buildroot}%{_initrddir} mkdir %{buildroot}%{_sysconfdir}/sysconfig/ install -m 644 init/ipa_memcached.conf %{buildroot}%{_sysconfdir}/sysconfig/ipa_memcached @@ -520,6 +777,9 @@ install daemons/dnssec/ipa-ods-exporter %{buildroot}%{_libexecdir}/ipa/ipa-ods-e # Web UI plugin dir mkdir -p %{buildroot}%{_usr}/share/ipa/ui/js/plugins +# DNSSEC config +mkdir -p %{buildroot}%{_sysconfdir}/ipa/dnssec + # KDC proxy config (Apache config sets KDCPROXY_CONFIG to load this file) mkdir -p %{buildroot}%{_sysconfdir}/ipa/kdcproxy/ install -m 644 install/share/kdcproxy.conf %{buildroot}%{_sysconfdir}/ipa/kdcproxy/kdcproxy.conf @@ -545,6 +805,7 @@ mkdir -p %{buildroot}%{etc_systemd_dir} install -m 644 init/systemd/ipa.service %{buildroot}%{_unitdir}/ipa.service install -m 644 init/systemd/ipa_memcached.service %{buildroot}%{_unitdir}/ipa_memcached.service install -m 644 init/systemd/httpd.service %{buildroot}%{etc_systemd_dir}/httpd.service +install -m 644 init/systemd/ipa-custodia.service %{buildroot}%{_unitdir}/ipa-custodia.service # END mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa/backup %endif # ONLY_CLIENT @@ -552,7 +813,6 @@ mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa/backup mkdir -p %{buildroot}%{_sysconfdir}/ipa/ /bin/touch %{buildroot}%{_sysconfdir}/ipa/default.conf /bin/touch %{buildroot}%{_sysconfdir}/ipa/ca.crt -mkdir -p %{buildroot}%{_sysconfdir}/ipa/dnssec mkdir -p %{buildroot}%{_sysconfdir}/ipa/nssdb mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa-client/sysrestore mkdir -p %{buildroot}%{_sysconfdir}/bash_completion.d @@ -562,19 +822,24 @@ install -pm 644 contrib/completion/ipa.bash_completion %{buildroot}%{_sysconfdir mkdir -p %{buildroot}%{_sysconfdir}/cron.d (cd %{buildroot}/%{python_sitelib}/ipaserver && find . -type f | \ - grep -v dcerpc | grep -v adtrustinstance | \ sed -e 's,\.py.*$,.*,g' | sort -u | \ sed -e 's,\./,%%{python_sitelib}/ipaserver/,g' ) >server-python.list (cd %{buildroot}/%{python_sitelib}/ipatests && find . -type f | \ sed -e 's,\.py.*$,.*,g' | sort -u | \ sed -e 's,\./,%%{python_sitelib}/ipatests/,g' ) >tests-python.list + +mkdir -p %{buildroot}%{_sysconfdir}/ipa/custodia + %endif # ONLY_CLIENT + %clean rm -rf %{buildroot} + %if ! %{ONLY_CLIENT} + %post server # NOTE: systemd specific section /bin/systemctl --system daemon-reload 2>&1 || : @@ -582,6 +847,9 @@ rm -rf %{buildroot} if [ $1 -gt 1 ] ; then /bin/systemctl condrestart certmonger.service 2>&1 || : fi +/bin/systemctl reload-or-try-restart dbus +/bin/systemctl reload-or-try-restart oddjobd + %posttrans server # This must be run in posttrans so that updates from previous @@ -600,14 +868,18 @@ if [ $? -eq 0 ]; then fi # END + %preun server if [ $1 = 0 ]; then # NOTE: systemd specific section /bin/systemctl --quiet stop ipa.service || : /bin/systemctl --quiet disable ipa.service || : + /bin/systemctl reload-or-try-restart dbus + /bin/systemctl reload-or-try-restart oddjobd # END fi + %pre server # Stop ipa_kpasswd if it exists before upgrading so we don't have a # zombie process when we're done. @@ -617,6 +889,7 @@ if [ -e /usr/sbin/ipa_kpasswd ]; then # END fi + %postun server-trust-ad if [ "$1" -ge "1" ]; then if [ "`readlink %{_sysconfdir}/alternatives/winbind_krb5_locator.so`" == "/dev/null" ]; then @@ -624,12 +897,14 @@ if [ "$1" -ge "1" ]; then fi fi + %post server-trust-ad %{_sbindir}/update-alternatives --install %{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so \ winbind_krb5_locator.so /dev/null 90 /bin/systemctl reload-or-try-restart dbus /bin/systemctl reload-or-try-restart oddjobd + %posttrans server-trust-ad python2 -c "import sys; from ipaserver.install import installutils; sys.exit(0 if installutils.is_ipa_configured() else 1);" > /dev/null 2>&1 if [ $? -eq 0 ]; then @@ -638,6 +913,7 @@ if [ $? -eq 0 ]; then # END fi + %preun server-trust-ad if [ $1 -eq 0 ]; then %{_sbindir}/update-alternatives --remove winbind_krb5_locator.so /dev/null @@ -647,6 +923,7 @@ fi %endif # ONLY_CLIENT + %post client if [ $1 -gt 1 ] ; then # Has the client been configured? @@ -682,7 +959,8 @@ if [ $1 -gt 1 ] ; then fi fi -%triggerin -n %{name}-client -- openssh-server + +%triggerin client -- openssh-server # Has the client been configured? restore=0 test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}') @@ -717,8 +995,10 @@ if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then fi fi + %if ! %{ONLY_CLIENT} -%files server -f server-python.list + +%files server %defattr(-,root,root,-) %doc README Contributors.txt %license COPYING @@ -752,6 +1032,78 @@ fi %{_libexecdir}/ipa/ipa-dnskeysync-replica %{_libexecdir}/ipa/ipa-ods-exporter %{_libexecdir}/ipa/ipa-httpd-kdcproxy +%dir %{_libexecdir}/ipa/oddjob +%attr(0755,root,root) %{_libexecdir}/ipa/oddjob/org.freeipa.server.conncheck +%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freeipa.server.conf +%config(noreplace) %{_sysconfdir}/oddjobd.conf.d/ipa-server.conf +%dir %{_libdir}/ipa/certmonger +%attr(755,root,root) %{_libdir}/ipa/certmonger/* +# NOTE: systemd specific section +%attr(644,root,root) %{_unitdir}/ipa.service +%attr(644,root,root) %{_unitdir}/ipa-otpd.socket +%attr(644,root,root) %{_unitdir}/ipa-otpd@.service +%attr(644,root,root) %{_unitdir}/ipa-dnskeysyncd.service +%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.socket +%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.service +# END +%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so +%attr(755,root,root) %{plugin_dir}/libipa_enrollment_extop.so +%attr(755,root,root) %{plugin_dir}/libipa_winsync.so +%attr(755,root,root) %{plugin_dir}/libipa_repl_version.so +%attr(755,root,root) %{plugin_dir}/libipa_uuid.so +%attr(755,root,root) %{plugin_dir}/libipa_modrdn.so +%attr(755,root,root) %{plugin_dir}/libipa_lockout.so +%attr(755,root,root) %{plugin_dir}/libipa_cldap.so +%attr(755,root,root) %{plugin_dir}/libipa_dns.so +%attr(755,root,root) %{plugin_dir}/libipa_range_check.so +%attr(755,root,root) %{plugin_dir}/libipa_otp_counter.so +%attr(755,root,root) %{plugin_dir}/libipa_otp_lasttoken.so +%attr(755,root,root) %{plugin_dir}/libtopology.so +%attr(755,root,root) %{plugin_dir}/libipa_sidgen.so +%attr(755,root,root) %{plugin_dir}/libipa_sidgen_task.so +%attr(755,root,root) %{plugin_dir}/libipa_extdom_extop.so +%attr(755,root,root) %{_libdir}/krb5/plugins/kdb/ipadb.so +%{_mandir}/man1/ipa-replica-conncheck.1.gz +%{_mandir}/man1/ipa-replica-install.1.gz +%{_mandir}/man1/ipa-replica-manage.1.gz +%{_mandir}/man1/ipa-csreplica-manage.1.gz +%{_mandir}/man1/ipa-replica-prepare.1.gz +%{_mandir}/man1/ipa-server-certinstall.1.gz +%{_mandir}/man1/ipa-server-install.1.gz +%{_mandir}/man1/ipa-server-upgrade.1.gz +%{_mandir}/man1/ipa-ca-install.1.gz +%{_mandir}/man1/ipa-kra-install.1.gz +%{_mandir}/man1/ipa-compat-manage.1.gz +%{_mandir}/man1/ipa-nis-manage.1.gz +%{_mandir}/man1/ipa-managed-entries.1.gz +%{_mandir}/man1/ipa-ldap-updater.1.gz +%{_mandir}/man8/ipactl.8.gz +%{_mandir}/man8/ipa-upgradeconfig.8.gz +%{_mandir}/man1/ipa-backup.1.gz +%{_mandir}/man1/ipa-restore.1.gz +%{_mandir}/man1/ipa-advise.1.gz +%{_mandir}/man1/ipa-otptoken-import.1.gz +%{_mandir}/man1/ipa-cacert-manage.1.gz +%{_mandir}/man1/ipa-winsync-migrate.1.gz + + +%files -n python2-ipaserver -f server-python.list +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING +%dir %{python_sitelib}/ipaserver +%dir %{python_sitelib}/ipaserver/install +%dir %{python_sitelib}/ipaserver/install/plugins +%dir %{python_sitelib}/ipaserver/install/server +%dir %{python_sitelib}/ipaserver/advise +%dir %{python_sitelib}/ipaserver/advise/plugins +%dir %{python_sitelib}/ipaserver/plugins + + +%files server-common +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING %ghost %verify(not owner group) %dir %{_sharedstatedir}/kdcproxy %dir %attr(0755,root,root) %{_sysconfdir}/ipa/kdcproxy %config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached @@ -765,24 +1117,10 @@ fi %dir %attr(0700,apache,apache) %{_localstatedir}/run/httpd/ipa/krbcache/ # NOTE: systemd specific section %{_tmpfilesdir}/%{name}.conf -%attr(644,root,root) %{_unitdir}/ipa.service %attr(644,root,root) %{_unitdir}/ipa_memcached.service -%attr(644,root,root) %{_unitdir}/ipa-otpd.socket -%attr(644,root,root) %{_unitdir}/ipa-otpd@.service -%attr(644,root,root) %{_unitdir}/ipa-dnskeysyncd.service -%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.socket -%attr(644,root,root) %{_unitdir}/ipa-ods-exporter.service +%attr(644,root,root) %{_unitdir}/ipa-custodia.service %attr(644,root,root) %{etc_systemd_dir}/httpd.service # END -%dir %{python_sitelib}/ipaserver -%dir %{python_sitelib}/ipaserver/install -%dir %{python_sitelib}/ipaserver/install/plugins -%dir %{python_sitelib}/ipaserver/install/server -%dir %{python_sitelib}/ipaserver/advise -%dir %{python_sitelib}/ipaserver/advise/plugins -%dir %{python_sitelib}/ipaserver/plugins -%dir %{_libdir}/ipa/certmonger -%attr(755,root,root) %{_libdir}/ipa/certmonger/* %dir %{_usr}/share/ipa %{_usr}/share/ipa/wsgi.py* %{_usr}/share/ipa/copy-schema-to-ca.py* @@ -851,36 +1189,19 @@ fi %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-kdc-proxy.conf %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-pki-proxy.conf %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/kdcproxy/ipa-kdc-proxy.conf +%dir %attr(0755,root,root) %{_sysconfdir}/ipa/dnssec %{_usr}/share/ipa/ipa.conf %{_usr}/share/ipa/ipa-rewrite.conf %{_usr}/share/ipa/ipa-pki-proxy.conf %{_usr}/share/ipa/kdcproxy.conf %ghost %attr(0644,root,apache) %config(noreplace) %{_usr}/share/ipa/html/ca.crt -%ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/configure.jar %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/kerberosauth.xpi %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb.con %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb.js %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krb5.ini %ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/krbrealm.con -%ghost %attr(0644,root,apache) %{_usr}/share/ipa/html/preferences.html %dir %{_usr}/share/ipa/updates/ %{_usr}/share/ipa/updates/* -%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so -%attr(755,root,root) %{plugin_dir}/libipa_enrollment_extop.so -%attr(755,root,root) %{plugin_dir}/libipa_winsync.so -%attr(755,root,root) %{plugin_dir}/libipa_repl_version.so -%attr(755,root,root) %{plugin_dir}/libipa_uuid.so -%attr(755,root,root) %{plugin_dir}/libipa_modrdn.so -%attr(755,root,root) %{plugin_dir}/libipa_lockout.so -%attr(755,root,root) %{plugin_dir}/libipa_cldap.so -%attr(755,root,root) %{plugin_dir}/libipa_dns.so -%attr(755,root,root) %{plugin_dir}/libipa_range_check.so -%attr(755,root,root) %{plugin_dir}/libipa_otp_counter.so -%attr(755,root,root) %{plugin_dir}/libipa_otp_lasttoken.so -%attr(755,root,root) %{plugin_dir}/libtopology.so -%attr(755,root,root) %{plugin_dir}/libipa_sidgen.so -%attr(755,root,root) %{plugin_dir}/libipa_sidgen_task.so -%attr(755,root,root) %{plugin_dir}/libipa_extdom_extop.so %dir %{_localstatedir}/lib/ipa %attr(700,root,root) %dir %{_localstatedir}/lib/ipa/backup %attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore @@ -888,41 +1209,25 @@ fi %attr(755,root,root) %dir %{_localstatedir}/lib/ipa/pki-ca %ghost %{_localstatedir}/lib/ipa/pki-ca/publish %ghost %{_localstatedir}/named/dyndb-ldap/ipa -%attr(755,root,root) %{_libdir}/krb5/plugins/kdb/ipadb.so -%{_mandir}/man1/ipa-replica-conncheck.1.gz -%{_mandir}/man1/ipa-replica-install.1.gz -%{_mandir}/man1/ipa-replica-manage.1.gz -%{_mandir}/man1/ipa-csreplica-manage.1.gz -%{_mandir}/man1/ipa-replica-prepare.1.gz -%{_mandir}/man1/ipa-server-certinstall.1.gz -%{_mandir}/man1/ipa-server-install.1.gz -%{_mandir}/man1/ipa-server-upgrade.1.gz -%{_mandir}/man1/ipa-ca-install.1.gz -%{_mandir}/man1/ipa-kra-install.1.gz -%{_mandir}/man1/ipa-compat-manage.1.gz -%{_mandir}/man1/ipa-nis-manage.1.gz -%{_mandir}/man1/ipa-managed-entries.1.gz -%{_mandir}/man1/ipa-ldap-updater.1.gz -%{_mandir}/man8/ipactl.8.gz -%{_mandir}/man8/ipa-upgradeconfig.8.gz -%{_mandir}/man1/ipa-backup.1.gz -%{_mandir}/man1/ipa-restore.1.gz -%{_mandir}/man1/ipa-advise.1.gz -%{_mandir}/man1/ipa-otptoken-import.1.gz -%{_mandir}/man1/ipa-cacert-manage.1.gz -%{_mandir}/man1/ipa-winsync-migrate.1.gz +%dir %attr(0700,root,root) %{_sysconfdir}/ipa/custodia + %files server-dns +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING %{_sbindir}/ipa-dns-install %{_mandir}/man1/ipa-dns-install.1.gz + %files server-trust-ad +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING %{_sbindir}/ipa-adtrust-install %{_usr}/share/ipa/smb.conf.empty %attr(755,root,root) %{_libdir}/samba/pdb/ipasam.so %{_mandir}/man1/ipa-adtrust-install.1.gz -%{python_sitelib}/ipaserver/dcerpc* -%{python_sitelib}/ipaserver/install/adtrustinstance* %ghost %{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so %{_sysconfdir}/dbus-1/system.d/oddjob-ipa-trust.conf %{_sysconfdir}/oddjobd.conf.d/oddjobd-ipa-trust.conf @@ -930,6 +1235,7 @@ fi %endif # ONLY_CLIENT + %files client %defattr(-,root,root,-) %doc README Contributors.txt @@ -940,19 +1246,41 @@ fi %{_sbindir}/ipa-getkeytab %{_sbindir}/ipa-rmkeytab %{_sbindir}/ipa-join -%dir %{_usr}/share/ipa -%dir %{_localstatedir}/lib/ipa-client -%dir %{_localstatedir}/lib/ipa-client/sysrestore -%dir %{python_sitelib}/ipaclient -%{python_sitelib}/ipaclient/*.py* %{_mandir}/man1/ipa-getkeytab.1.gz %{_mandir}/man1/ipa-rmkeytab.1.gz %{_mandir}/man1/ipa-client-install.1.gz %{_mandir}/man1/ipa-client-automount.1.gz %{_mandir}/man1/ipa-certupdate.1.gz %{_mandir}/man1/ipa-join.1.gz + + +%files -n python2-ipaclient +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING +%dir %{python_sitelib}/ipaclient +%{python_sitelib}/ipaclient/*.py* + + +%files client-common +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING +%dir %attr(0755,root,root) %{_sysconfdir}/ipa/ +%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf +%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt +%dir %attr(0755,root,root) %{_sysconfdir}/ipa/nssdb +%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/cert8.db +%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/key3.db +%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/secmod.db +%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/pwdfile.txt +%ghost %config(noreplace) %{_sysconfdir}/pki/ca-trust/source/ipa.p11-kit +%dir %{_usr}/share/ipa +%dir %{_localstatedir}/lib/ipa-client +%dir %{_localstatedir}/lib/ipa-client/sysrestore %{_mandir}/man5/default.conf.5.gz + %files admintools %defattr(-,root,root,-) %doc README Contributors.txt @@ -961,7 +1289,14 @@ fi %config %{_sysconfdir}/bash_completion.d %{_mandir}/man1/ipa.1.gz -%files python -f %{gettext_domain}.lang + +%files python-compat +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING + + +%files -n python2-ipalib %defattr(-,root,root,-) %doc README Contributors.txt %license COPYING @@ -971,6 +1306,8 @@ fi %{python_sitelib}/ipapython/dnssec/*.py* %dir %{python_sitelib}/ipapython/install %{python_sitelib}/ipapython/install/*.py* +%dir %{python_sitelib}/ipapython/secrets +%{python_sitelib}/ipapython/secrets/*.py* %dir %{python_sitelib}/ipalib %{python_sitelib}/ipalib/* %dir %{python_sitelib}/ipaplatform @@ -978,23 +1315,41 @@ fi %attr(0644,root,root) %{python_sitearch}/default_encoding_utf8.so %attr(0644,root,root) %{python_sitearch}/_ipap11helper.so %{python_sitelib}/ipapython-*.egg-info +%{python_sitelib}/ipalib-*.egg-info %{python_sitelib}/freeipa-*.egg-info %{python_sitelib}/ipaplatform-*.egg-info %{python_sitearch}/python_default_encoding-*.egg-info %{python_sitearch}/_ipap11helper-*.egg-info -%dir %attr(0755,root,root) %{_sysconfdir}/ipa/ -%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf -%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt -%dir %attr(0755,root,root) %{_sysconfdir}/ipa/nssdb -%dir %attr(0755,root,root) %{_sysconfdir}/ipa/dnssec -%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/cert8.db -%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/key3.db -%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/secmod.db -%ghost %config(noreplace) %{_sysconfdir}/ipa/nssdb/pwdfile.txt -%ghost %config(noreplace) %{_sysconfdir}/pki/ca-trust/source/ipa.p11-kit + + +%files common -f %{gettext_domain}.lang +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING + + +%if 0%{?with_python3} + +%files -n python3-ipalib +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING + +%{python3_sitelib}/ipapython/ +%{python3_sitelib}/ipalib/ +%{python3_sitelib}/ipaplatform/ +%{python3_sitelib}/ipapython-*.egg-info +%{python3_sitelib}/ipalib-*.egg-info +%{python3_sitelib}/ipaplatform-*.egg-info +%attr(0644,root,root) %{python3_sitearch}/_ipap11helper.cpython-*.so +%{python3_sitearch}/_ipap11helper-*.egg-info + +%endif # with_python3 + %if ! %{ONLY_CLIENT} -%files tests -f tests-python.list + +%files -n python2-ipatests -f tests-python.list %defattr(-,root,root,-) %doc README Contributors.txt %license COPYING @@ -1012,13 +1367,41 @@ fi %{_bindir}/ipa-run-tests %{_bindir}/ipa-test-config %{_bindir}/ipa-test-task +%{_bindir}/ipa-run-tests-2 +%{_bindir}/ipa-test-config-2 +%{_bindir}/ipa-test-task-2 +%{_bindir}/ipa-run-tests-%{python2_version} +%{_bindir}/ipa-test-config-%{python2_version} +%{_bindir}/ipa-test-task-%{python2_version} %{python_sitelib}/ipatests-*.egg-info %{_mandir}/man1/ipa-run-tests.1.gz %{_mandir}/man1/ipa-test-config.1.gz %{_mandir}/man1/ipa-test-task.1.gz + +%if 0%{?with_python3} + +%files -n python3-ipatests +%defattr(-,root,root,-) +%doc README Contributors.txt +%license COPYING + +%{python3_sitelib}/ipatests/ +%{_bindir}/ipa-run-tests-3 +%{_bindir}/ipa-test-config-3 +%{_bindir}/ipa-test-task-3 +%{_bindir}/ipa-run-tests-%{python3_version} +%{_bindir}/ipa-test-config-%{python3_version} +%{_bindir}/ipa-test-task-%{python3_version} +%{python3_sitelib}/ipatests-*.egg-info + +%endif # with_python3 + %endif # ONLY_CLIENT %changelog +* Fri Dec 18 2015 Petr Vobornik - 4.3.0-1 +- Update to upstream 4.3.0 - see http://www.freeipa.org/page/Releases/4.3.0 + * Mon Dec 07 2015 Petr Vobornik - 4.2.3-2 - Workarounds for SELinux execmem violations in cryptography diff --git a/sources b/sources index 54ea3d1..5b729cd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3cc2967b741760c97ba7740a4669d7f8 freeipa-4.2.3.tar.gz +e325b4f025e1320d4815734fa0fcd2c7 freeipa-4.3.0.tar.gz