Updated to upstream 3.1.0 GA
- Set minimum for sssd to 1.9.2 - Set minimum for pki-ca to 10.0.0-1 - Set minimum for 389-ds-base to 1.3.0 - Set minimum for selinux-policy to 3.11.1-60 - Remove unneeded dogtag package requires
This commit is contained in:
parent
0348a328fd
commit
5e038ec750
1
.gitignore
vendored
1
.gitignore
vendored
@ -19,3 +19,4 @@
|
|||||||
/freeipa-3.0.0.rc1.tar.gz
|
/freeipa-3.0.0.rc1.tar.gz
|
||||||
/freeipa-3.0.0.rc2.tar.gz
|
/freeipa-3.0.0.rc2.tar.gz
|
||||||
/freeipa-3.0.0.tar.gz
|
/freeipa-3.0.0.tar.gz
|
||||||
|
/freeipa-3.1.0.tar.gz
|
||||||
|
68
freeipa.spec
68
freeipa.spec
@ -11,11 +11,11 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
|
|||||||
%endif
|
%endif
|
||||||
%global POLICYCOREUTILSVER 2.1.12-5
|
%global POLICYCOREUTILSVER 2.1.12-5
|
||||||
%global gettext_domain ipa
|
%global gettext_domain ipa
|
||||||
%global VERSION 3.0.0
|
%global VERSION 3.1.0
|
||||||
|
|
||||||
Name: freeipa
|
Name: freeipa
|
||||||
Version: 3.0.0
|
Version: 3.1.0
|
||||||
Release: 3%{?dist}
|
Release: 1%{?dist}
|
||||||
Summary: The Identity, Policy and Audit system
|
Summary: The Identity, Policy and Audit system
|
||||||
|
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
@ -24,10 +24,8 @@ URL: http://www.freeipa.org/
|
|||||||
Source0: http://www.freeipa.org/downloads/src/freeipa-%{VERSION}.tar.gz
|
Source0: http://www.freeipa.org/downloads/src/freeipa-%{VERSION}.tar.gz
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
|
|
||||||
Patch1: 0001-Use-TLS-for-CA-replication.patch
|
|
||||||
|
|
||||||
%if ! %{ONLY_CLIENT}
|
%if ! %{ONLY_CLIENT}
|
||||||
BuildRequires: 389-ds-base-devel >= 1.2.11.14
|
BuildRequires: 389-ds-base-devel >= 1.3.0
|
||||||
BuildRequires: svrcore-devel
|
BuildRequires: svrcore-devel
|
||||||
BuildRequires: /usr/share/selinux/devel/Makefile
|
BuildRequires: /usr/share/selinux/devel/Makefile
|
||||||
BuildRequires: policycoreutils >= %{POLICYCOREUTILSVER}
|
BuildRequires: policycoreutils >= %{POLICYCOREUTILSVER}
|
||||||
@ -66,11 +64,11 @@ BuildRequires: pylint
|
|||||||
BuildRequires: python-polib
|
BuildRequires: python-polib
|
||||||
BuildRequires: libipa_hbac-python
|
BuildRequires: libipa_hbac-python
|
||||||
BuildRequires: python-memcached
|
BuildRequires: python-memcached
|
||||||
BuildRequires: sssd >= 1.9.0
|
BuildRequires: sssd >= 1.9.2
|
||||||
BuildRequires: python-lxml
|
BuildRequires: python-lxml
|
||||||
BuildRequires: python-pyasn1 >= 0.0.9a
|
BuildRequires: python-pyasn1 >= 0.0.9a
|
||||||
BuildRequires: python-dns
|
BuildRequires: python-dns
|
||||||
BuildRequires: python-crypto
|
BuildRequires: m2crypto
|
||||||
BuildRequires: check >= 0.9.5
|
BuildRequires: check >= 0.9.5
|
||||||
BuildRequires: libsss_idmap-devel
|
BuildRequires: libsss_idmap-devel
|
||||||
|
|
||||||
@ -88,7 +86,7 @@ Requires: %{name}-python = %{version}-%{release}
|
|||||||
Requires: %{name}-client = %{version}-%{release}
|
Requires: %{name}-client = %{version}-%{release}
|
||||||
Requires: %{name}-admintools = %{version}-%{release}
|
Requires: %{name}-admintools = %{version}-%{release}
|
||||||
Requires: %{name}-server-selinux = %{version}-%{release}
|
Requires: %{name}-server-selinux = %{version}-%{release}
|
||||||
Requires(pre): 389-ds-base >= 1.3.0
|
Requires: 389-ds-base >= 1.3.0
|
||||||
Requires: openldap-clients
|
Requires: openldap-clients
|
||||||
Requires: nss
|
Requires: nss
|
||||||
Requires: nss-tools
|
Requires: nss-tools
|
||||||
@ -110,17 +108,11 @@ Requires: python-memcached
|
|||||||
Requires: systemd-units >= 36-3
|
Requires: systemd-units >= 36-3
|
||||||
Requires(pre): systemd-units
|
Requires(pre): systemd-units
|
||||||
Requires(post): systemd-units
|
Requires(post): systemd-units
|
||||||
Requires: selinux-policy >= 3.11.1-33
|
Requires: selinux-policy >= 3.11.1-60
|
||||||
Requires(post): selinux-policy-base
|
Requires(post): selinux-policy-base
|
||||||
Requires: slapi-nis >= 0.40
|
Requires: slapi-nis >= 0.44
|
||||||
Requires: pki-ca >= pki-ca-10.0.0-0.43.b1
|
Requires: pki-ca >= 10.0.0-1
|
||||||
Requires: pki-silent >= 10.0.0-0.43.b1
|
Requires: dogtag-pki-server-theme
|
||||||
Requires: pki-setup >= 10.0.0-0.43.b1
|
|
||||||
# Temporary until dogtag adds their own requires: 09/21/12
|
|
||||||
Requires: pki-symkey >= 10.0.0-0.43.a1
|
|
||||||
Requires: tomcat >= 7.0.29
|
|
||||||
Requires: dogtag-pki-common-theme
|
|
||||||
Requires: dogtag-pki-ca-theme
|
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
Requires: subscription-manager
|
Requires: subscription-manager
|
||||||
%endif
|
%endif
|
||||||
@ -129,11 +121,13 @@ Requires(postun): python systemd-units
|
|||||||
Requires: python-dns
|
Requires: python-dns
|
||||||
Requires: keyutils
|
Requires: keyutils
|
||||||
Requires: zip
|
Requires: zip
|
||||||
|
Requires: policycoreutils >= %{POLICYCOREUTILSVER}
|
||||||
|
Requires: tar
|
||||||
|
|
||||||
# We have a soft-requires on bind. It is an optional part of
|
# We have a soft-requires on bind. It is an optional part of
|
||||||
# IPA but if it is configured we need a way to require versions
|
# IPA but if it is configured we need a way to require versions
|
||||||
# that work for us.
|
# that work for us.
|
||||||
Conflicts: bind-dyndb-ldap < 1.1.0-0.16.rc1
|
Conflicts: bind-dyndb-ldap < 2.3-2
|
||||||
Conflicts: bind < 9.9.1-10.P3
|
Conflicts: bind < 9.9.1-10.P3
|
||||||
|
|
||||||
# mod_proxy provides a single API to communicate over SSL. If mod_ssl
|
# mod_proxy provides a single API to communicate over SSL. If mod_ssl
|
||||||
@ -223,7 +217,7 @@ Requires: pam_krb5
|
|||||||
Requires: wget
|
Requires: wget
|
||||||
Requires: libcurl
|
Requires: libcurl
|
||||||
Requires: xmlrpc-c
|
Requires: xmlrpc-c
|
||||||
Requires: sssd >= 1.9.0
|
Requires: sssd >= 1.9.2
|
||||||
Requires: certmonger >= 0.60
|
Requires: certmonger >= 0.60
|
||||||
Requires: nss-tools
|
Requires: nss-tools
|
||||||
Requires: bind-utils
|
Requires: bind-utils
|
||||||
@ -312,7 +306,7 @@ done
|
|||||||
%build
|
%build
|
||||||
export CFLAGS="$CFLAGS %{optflags}"
|
export CFLAGS="$CFLAGS %{optflags}"
|
||||||
export CPPFLAGS="$CPPFLAGS %{optflags}"
|
export CPPFLAGS="$CPPFLAGS %{optflags}"
|
||||||
export SUPPORTED_PLATFORM=fedora16
|
export SUPPORTED_PLATFORM=fedora18
|
||||||
# Force re-generate of platform support
|
# Force re-generate of platform support
|
||||||
rm -f ipapython/services.py
|
rm -f ipapython/services.py
|
||||||
make version-update
|
make version-update
|
||||||
@ -334,7 +328,7 @@ make IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} client
|
|||||||
%install
|
%install
|
||||||
rm -rf %{buildroot}
|
rm -rf %{buildroot}
|
||||||
%if ! %{ONLY_CLIENT}
|
%if ! %{ONLY_CLIENT}
|
||||||
export SUPPORTED_PLATFORM=fedora16
|
export SUPPORTED_PLATFORM=fedora18
|
||||||
# Force re-generate of platform support
|
# Force re-generate of platform support
|
||||||
rm -f ipapython/services.py
|
rm -f ipapython/services.py
|
||||||
make install DESTDIR=%{buildroot}
|
make install DESTDIR=%{buildroot}
|
||||||
@ -412,6 +406,7 @@ mkdir %{buildroot}%{_sysconfdir}/sysconfig/
|
|||||||
install -m 644 init/ipa_memcached.conf %{buildroot}%{_sysconfdir}/sysconfig/ipa_memcached
|
install -m 644 init/ipa_memcached.conf %{buildroot}%{_sysconfdir}/sysconfig/ipa_memcached
|
||||||
mkdir -p %{buildroot}%{_localstatedir}/run/
|
mkdir -p %{buildroot}%{_localstatedir}/run/
|
||||||
install -d -m 0700 %{buildroot}%{_localstatedir}/run/ipa_memcached/
|
install -d -m 0700 %{buildroot}%{_localstatedir}/run/ipa_memcached/
|
||||||
|
install -d -m 0700 %{buildroot}%{_localstatedir}/run/ipa/
|
||||||
|
|
||||||
mkdir -p %{buildroot}%{_libdir}/krb5/plugins/libkrb5
|
mkdir -p %{buildroot}%{_libdir}/krb5/plugins/libkrb5
|
||||||
touch %{buildroot}%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
|
touch %{buildroot}%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so
|
||||||
@ -451,7 +446,7 @@ if [ $1 -gt 1 ] ; then
|
|||||||
# Note also it is now safe to run this script against working FreeIPA install
|
# Note also it is now safe to run this script against working FreeIPA install
|
||||||
# after it has been migrated to systemd setup
|
# after it has been migrated to systemd setup
|
||||||
/usr/libexec/freeipa-systemd-upgrade || :
|
/usr/libexec/freeipa-systemd-upgrade || :
|
||||||
/usr/sbin/ipa-upgradeconfig >/dev/null 2>&1|| :
|
/usr/sbin/ipa-upgradeconfig --quiet >/dev/null || :
|
||||||
fi
|
fi
|
||||||
|
|
||||||
%posttrans server
|
%posttrans server
|
||||||
@ -532,6 +527,21 @@ if [ $1 -eq 0 ]; then
|
|||||||
fi
|
fi
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%post client
|
||||||
|
if [ $1 -gt 1 ] ; then
|
||||||
|
# Has the client been configured?
|
||||||
|
restore=0
|
||||||
|
test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
|
||||||
|
|
||||||
|
if [ -f '/etc/sssd/sssd.conf' -a $restore -ge 2 ]; then
|
||||||
|
if ! egrep -q '/var/lib/sss/pubconf/krb5.include.d/' /etc/krb5.conf 2>/dev/null ; then
|
||||||
|
echo "includedir /var/lib/sss/pubconf/krb5.include.d/" > /etc/krb5.conf.ipanew
|
||||||
|
cat /etc/krb5.conf >> /etc/krb5.conf.ipanew
|
||||||
|
mv /etc/krb5.conf.ipanew /etc/krb5.conf
|
||||||
|
/sbin/restorecon /etc/krb5.conf
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
%if ! %{ONLY_CLIENT}
|
%if ! %{ONLY_CLIENT}
|
||||||
%files server -f server-python.list
|
%files server -f server-python.list
|
||||||
@ -557,6 +567,7 @@ fi
|
|||||||
%{_sysconfdir}/cron.d/ipa-compliance
|
%{_sysconfdir}/cron.d/ipa-compliance
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached
|
%config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached
|
||||||
%dir %attr(0700,apache,apache) %{_localstatedir}/run/ipa_memcached/
|
%dir %attr(0700,apache,apache) %{_localstatedir}/run/ipa_memcached/
|
||||||
|
%dir %attr(0700,root,root) %{_localstatedir}/run/ipa/
|
||||||
%config %{_sysconfdir}/tmpfiles.d/ipa.conf
|
%config %{_sysconfdir}/tmpfiles.d/ipa.conf
|
||||||
# Use systemd scheme
|
# Use systemd scheme
|
||||||
%attr(644,root,root) %{_unitdir}/ipa.service
|
%attr(644,root,root) %{_unitdir}/ipa.service
|
||||||
@ -570,6 +581,7 @@ fi
|
|||||||
%attr(755,root,root) %{_libdir}/ipa/certmonger/*
|
%attr(755,root,root) %{_libdir}/ipa/certmonger/*
|
||||||
%dir %{_usr}/share/ipa
|
%dir %{_usr}/share/ipa
|
||||||
%{_usr}/share/ipa/wsgi.py*
|
%{_usr}/share/ipa/wsgi.py*
|
||||||
|
%{_usr}/share/ipa/copy-schema-to-ca.py*
|
||||||
%{_usr}/share/ipa/*.ldif
|
%{_usr}/share/ipa/*.ldif
|
||||||
%{_usr}/share/ipa/*.uldif
|
%{_usr}/share/ipa/*.uldif
|
||||||
%{_usr}/share/ipa/*.template
|
%{_usr}/share/ipa/*.template
|
||||||
@ -744,6 +756,14 @@ fi
|
|||||||
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
|
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Dec 10 2012 Rob Crittenden <rcritten@redhat.com> - 3.1.0-1
|
||||||
|
- Updated to upstream 3.1.0 GA
|
||||||
|
- Set minimum for sssd to 1.9.2
|
||||||
|
- Set minimum for pki-ca to 10.0.0-1
|
||||||
|
- Set minimum for 389-ds-base to 1.3.0
|
||||||
|
- Set minimum for selinux-policy to 3.11.1-60
|
||||||
|
- Remove unneeded dogtag package requires
|
||||||
|
|
||||||
* Fri Oct 23 2012 Martin Kosek <mkosek@redhat.com> - 3.0.0-3
|
* Fri Oct 23 2012 Martin Kosek <mkosek@redhat.com> - 3.0.0-3
|
||||||
- Update Requires on krb5-server to 1.11
|
- Update Requires on krb5-server to 1.11
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user