From 42299a57bb5eca9294975451145046d02a455faa Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud Date: Tue, 29 Jun 2021 19:30:17 +0200 Subject: [PATCH] ipa-4.9.6-1.el9 - Resolves: rhbz#1969351 Rebase IPA to latest 4.9.x version - Resolves: rhbz#1976288 ansible-freeipa automember test fails with `automember_add_condition: testgroup: 'objectclass'` due to ldap cache - Resolves: rhbz#1975139 Upgrade error: Add failure missing required attribute "objectclass" - Resolves: rhbz#1973024 CA_less ipa-server-install fails if CA cert subject contains non ascii chars - Resolves: rhbz#1966101 [RFE] - IDM - Allow specifying permanent logging settings for BIND - Resolves: rhbz#1962570 IPA in c9s should not require redhat-logos-ipa as a runtime package - Resolves: rhbz#1957736 [RFE] IPA to allow configuring auto-private-groups at idrange level --- .gitignore | 2 ++ freeipa.spec | 56 ++++++++++++++++++++++++++++++++++++---------------- sources | 4 ++-- 3 files changed, 43 insertions(+), 19 deletions(-) diff --git a/.gitignore b/.gitignore index d10e24e..cc6b345 100644 --- a/.gitignore +++ b/.gitignore @@ -108,3 +108,5 @@ /freeipa-4.9.2.tar.gz.asc /freeipa-4.9.3.tar.gz /freeipa-4.9.3.tar.gz.asc +/freeipa-4.9.6.tar.gz +/freeipa-4.9.6.tar.gz.asc diff --git a/freeipa.spec b/freeipa.spec index f62bac2..d8ca7bb 100644 --- a/freeipa.spec +++ b/freeipa.spec @@ -49,7 +49,7 @@ # lint is not executed during rpmbuild # %%global with_lint 1 %if %{with lint} - %global linter_options --enable-pylint --with-jslint --enable-rpmlint + %global linter_options --enable-pylint --without-jslint --enable-rpmlint %else %global linter_options --disable-pylint --without-jslint --disable-rpmlint %endif @@ -105,11 +105,11 @@ # fix for segfault in python3-ldap, https://pagure.io/freeipa/issue/7324 %global python_ldap_version 3.1.0-1 -# Make sure to use 389-ds-base versions that fix https://github.com/389ds/389-ds-base/issues/4609 +# Make sure to use 389-ds-base versions that fix https://github.com/389ds/389-ds-base/issues/4700 %if 0%{?fedora} < 34 -%global ds_version %{lua: local v={}; v['32']='1.4.3.20-2'; v['33']='1.4.4.13-2'; print(v[rpm.expand('%{fedora}')])} +%global ds_version %{lua: local v={}; v['32']='1.4.3.20-2'; v['33']='1.4.4.16-1'; print(v[rpm.expand('%{fedora}')])} %else -%global ds_version 2.0.3-3 +%global ds_version 2.0.5-1 %endif # Fix for TLS 1.3 PHA, RHBZ#1775146 @@ -160,6 +160,16 @@ %global systemd_version 239 %endif +# augeas support for new chrony options +# see https://pagure.io/freeipa/issue/8676 +# Note: will need to be updated for RHEL9 when a fix is available for +# https://bugzilla.redhat.com/show_bug.cgi?id=1931787 +%if 0%{?fedora} >= 33 +%global augeas_version 1.12.0-6 +%else +%global augeas_version 1.12.0-3 +%endif + %global plugin_dir %{_libdir}/dirsrv/plugins %global etc_systemd_dir %{_sysconfdir}/systemd/system %global gettext_domain ipa @@ -168,7 +178,7 @@ # Work-around fact that RPM SPEC parser does not accept # "Version: @VERSION@" in freeipa.spec.in used for Autoconf string replacement -%define IPA_VERSION 4.9.3 +%define IPA_VERSION 4.9.6 # Release candidate version -- uncomment with one percent for RC versions #%%global rc_version %%nil %define AT_SIGN @ @@ -181,7 +191,7 @@ Name: %{package_name} Version: %{IPA_VERSION} -Release: 2%{?rc_version:.%rc_version}%{?dist}.1 +Release: 1%{?rc_version:.%rc_version}%{?dist} Summary: The Identity, Policy and Audit system License: GPLv3+ @@ -309,7 +319,10 @@ BuildRequires: python3-m2r # %if %{with lint} BuildRequires: git +%if 0%{?fedora} < 34 +# jsl is orphaned in Fedora 34+ BuildRequires: jsl +%endif BuildRequires: nss-tools BuildRequires: rpmlint BuildRequires: softhsm @@ -318,7 +331,6 @@ BuildRequires: keyutils BuildRequires: python3-augeas BuildRequires: python3-cffi BuildRequires: python3-cryptography >= 1.6 -BuildRequires: python3-custodia >= 0.3.1 BuildRequires: python3-dateutil BuildRequires: python3-dbus BuildRequires: python3-dns >= 1.15 @@ -341,12 +353,8 @@ BuildRequires: python3-polib BuildRequires: python3-pyasn1 BuildRequires: python3-pyasn1-modules BuildRequires: python3-pycodestyle -%if 0%{?fedora} || 0%{?rhel} > 8 -# https://bugzilla.redhat.com/show_bug.cgi?id=1648299 -BuildRequires: python3-pylint >= 2.1.1-2 -%else -BuildRequires: python3-pylint >= 1.7 -%endif +# .wheelconstraints.in limits pylint version in Azure and tox tests +BuildRequires: python3-pylint BuildRequires: python3-pytest-multihost BuildRequires: python3-pytest-sourceorder BuildRequires: python3-qrcode-core >= 5.0.0 @@ -433,7 +441,12 @@ Requires(pre): certmonger >= %{certmonger_version} Requires(pre): 389-ds-base >= %{ds_version} Requires: fontawesome-fonts Requires: open-sans-fonts +%if 0%{?fedora} >= 32 || 0%{?rhel} >= 9 +# https://pagure.io/freeipa/issue/8632 +Requires: openssl > 1.1.1i +%else Requires: openssl +%endif Requires: softhsm >= 2.0.0rc1-1 Requires: p11-kit Requires: %{etc_systemd_dir} @@ -485,7 +498,7 @@ Requires: %{name}-common = %{version}-%{release} # we need pre-requires since earlier versions may break upgrade Requires(pre): python3-ldap >= %{python_ldap_version} Requires: python3-augeas -Requires: python3-custodia >= 0.3.1 +Requires: augeas-libs >= %{augeas_version} Requires: python3-dbus Requires: python3-dns >= 1.15 Requires: python3-gssapi >= 1.2.0 @@ -519,9 +532,8 @@ BuildArch: noarch Requires: %{name}-client-common = %{version}-%{release} Requires: httpd >= %{httpd_version} Requires: systemd-units >= %{systemd_version} -Requires: custodia >= 0.3.1 -%if 0%{?rhel} >= 8 -Requires: redhat-logos-ipa >= 80.4 +%if 0%{?rhel} >= 8 && ! 0%{?eln} +Requires: system-logos-ipa >= 80.4 %endif Provides: %{alt_name}-server-common = %{version} @@ -708,6 +720,7 @@ Requires: %{name}-client-common = %{version}-%{release} Requires: %{name}-common = %{version}-%{release} Requires: python3-ipalib = %{version}-%{release} Requires: python3-augeas +Requires: augeas-libs >= %{augeas_version} Requires: python3-dns >= 1.15 Requires: python3-jinja2 @@ -1677,6 +1690,15 @@ fi %endif %changelog +* Wed Jun 30 2021 Florence Blanc-Renaud - 4.9.6-1 +- Resolves: rhbz#1969351 Rebase IPA to latest 4.9.x version +- Resolves: rhbz#1976288 ansible-freeipa automember test fails with `automember_add_condition: testgroup: 'objectclass'` due to ldap cache +- Resolves: rhbz#1975139 Upgrade error: Add failure missing required attribute "objectclass" +- Resolves: rhbz#1973024 CA_less ipa-server-install fails if CA cert subject contains non ascii chars +- Resolves: rhbz#1966101 [RFE] - IDM - Allow specifying permanent logging settings for BIND +- Resolves: rhbz#1962570 IPA in c9s should not require redhat-logos-ipa as a runtime package +- Resolves: rhbz#1957736 [RFE] IPA to allow configuring auto-private-groups at idrange level + * Wed Jun 16 2021 Mohan Boddu - 4.9.3-2.1 - Rebuilt for RHEL 9 BETA for openssl 3.0 Related: rhbz#1971065 diff --git a/sources b/sources index fa4620c..07d123f 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (freeipa-4.9.3.tar.gz) = a0c1b0271bb1fa2504a366b487825473abe76534bb5518fdc7d543a6e14a3521689c695c7ec979ff83e3cef8c6c94f6280683a1da9b8b12305e361b3a6a7749c -SHA512 (freeipa-4.9.3.tar.gz.asc) = c4a265c54266ba858ef9b7e2e61ae305fa4fe254fa476d55ddb8b74415767b2c04d62c9478caee07a07d0b627cdb6a9b7ad13dd6e3ab6d077a0945003fcd5c08 +SHA512 (freeipa-4.9.6.tar.gz) = e87300449e12d225cdd5a4814e48d113b8bfe9b0d118e089865837c77416b6b5d54ee6dc381096e158220351838dfc5a8759305858752dd36aa8e2f74938729e +SHA512 (freeipa-4.9.6.tar.gz.asc) = cff0f03f25e5f59713e4e6fbf5c6da7833cfed50a70a5aae14c3cf7aae02455e68065d478d360407d20cce721f202ffe0710371cb878e277b8eadb6920a740ae