ipa-4.12.2-3

Resolves: RHEL-33818 Remove python3-ipalib's dependency on python3-netifaces

Signed-off-by: Rafael Guterres Jeffman <rjeffman@redhat.com>
This commit is contained in:
Rafael Guterres Jeffman 2024-09-24 10:21:52 -03:00
parent 5d90090676
commit c94e6ae745
2 changed files with 8 additions and 244 deletions

View File

@ -1,238 +0,0 @@
From dfeb01d5e4e8934bae8f495bbbd5b6570f3dc862 Mon Sep 17 00:00:00 2001
From: Florence Blanc-Renaud <flo@redhat.com>
Date: Tue, 4 Jun 2024 13:56:56 +0200
Subject: [PATCH] Revert "Replace netifaces with ifaddr"
This reverts commit 6c6b9354b5f970983655ca5423c726763d9015fa.
---
doc/requirements.txt | 1 -
freeipa.spec.in | 4 +--
ipaclient/install/client.py | 43 ++++++++++++++-----------------
ipapython/ipautil.py | 51 ++++++++++++++++++++-----------------
ipapython/setup.py | 2 +-
ipasetup.py.in | 2 +-
pylintrc | 1 +
7 files changed, 52 insertions(+), 52 deletions(-)
diff --git a/doc/requirements.txt b/doc/requirements.txt
index 8d91b893fbcb5de784f5abdf802b976c6b2ae277..cdaa42658c73e495379d87b7c50195fbd79533ee 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -11,7 +11,6 @@ m2r2
## ipa dependencies
dnspython
jwcrypto
-ifaddr
netaddr
qrcode
six
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 6803de752bc122bf6e1eafd610d399cde994cad5..a532fe85c34a523519187b6fd1297c198d9f4a4e 100755
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -403,7 +403,7 @@ BuildRequires: python3-libipa_hbac
BuildRequires: python3-libsss_nss_idmap
BuildRequires: python3-lxml
BuildRequires: python3-netaddr >= %{python_netaddr_version}
-BuildRequires: python3-ifaddr
+BuildRequires: python3-netifaces
BuildRequires: python3-pki >= %{pki_version}
BuildRequires: python3-polib
BuildRequires: python3-pyasn1
@@ -885,7 +885,7 @@ Requires: python3-gssapi >= 1.2.0
Requires: python3-jwcrypto >= 0.4.2
Requires: python3-libipa_hbac
Requires: python3-netaddr >= %{python_netaddr_version}
-Requires: python3-ifaddr
+Requires: python3-netifaces >= 0.10.4
Requires: python3-pyasn1 >= 0.3.2-2
Requires: python3-pyasn1-modules >= 0.3.2-2
Requires: python3-pyusb
diff --git a/ipaclient/install/client.py b/ipaclient/install/client.py
index 29aff5f413e7f27136e236382031171f068284c5..263dc8e302cccd76412c294e0740af9744a2c62d 100644
--- a/ipaclient/install/client.py
+++ b/ipaclient/install/client.py
@@ -18,7 +18,7 @@ import logging
import dns
import getpass
import gssapi
-import ifaddr
+import netifaces
import os
import re
import SSSDConfig
@@ -1374,36 +1374,31 @@ def unconfigure_nisdomain(statestore):
def get_iface_from_ip(ip_addr):
- for adapter in ifaddr.get_adapters():
- for ips in adapter.ips:
- # IPv6 is reported as a tuple, IPv4 is reported as str
- if ip_addr in (ips.ip[0], ips.ip):
- return adapter.name
+ for interface in netifaces.interfaces():
+ if_addrs = netifaces.ifaddresses(interface)
+ for family in [netifaces.AF_INET, netifaces.AF_INET6]:
+ for ip in if_addrs.get(family, []):
+ if ip['addr'] == ip_addr:
+ return interface
raise RuntimeError("IP %s not assigned to any interface." % ip_addr)
-def __get_ifaddr_adapters(iface=None):
+def get_local_ipaddresses(iface=None):
if iface:
- interfaces = set(iface if isinstance(iface, (list, tuple)) else [iface])
+ interfaces = [iface]
else:
- interfaces = set(adapter.name for adapter in ifaddr.get_adapters())
- return [
- adapter
- for adapter in ifaddr.get_adapters()
- if adapter.name in interfaces or adapter.nice_name in interfaces
- ]
+ interfaces = netifaces.interfaces()
-
-def get_local_ipaddresses(iface=None):
ips = []
- for adapter in __get_ifaddr_adapters(iface):
- for ifip in adapter.ips:
- try:
- ip_addr = ifip.ip[0] if isinstance(ifip.ip, tuple) else ifip.ip
- ips.append(ipautil.CheckedIPAddress(ip_addr))
- logger.debug('IP check successful: %s', ip_addr)
- except ValueError as e:
- logger.debug('IP check failed: %s', e)
+ for interface in interfaces:
+ if_addrs = netifaces.ifaddresses(interface)
+ for family in [netifaces.AF_INET, netifaces.AF_INET6]:
+ for ip in if_addrs.get(family, []):
+ try:
+ ips.append(ipautil.CheckedIPAddress(ip['addr']))
+ logger.debug('IP check successful: %s', ip['addr'])
+ except ValueError as e:
+ logger.debug('IP check failed: %s', e)
return ips
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
index b02d58839ed74215d7253fc23be94846d689f91e..6802dde574d179b2d4bf868a2c38546cc01fc46b 100644
--- a/ipapython/ipautil.py
+++ b/ipapython/ipautil.py
@@ -48,9 +48,9 @@ import six
from six.moves import input
try:
- import ifaddr
+ import netifaces
except ImportError:
- ifaddr = None
+ netifaces = None
from ipapython.dn import DN
from ipaplatform.paths import paths
@@ -203,37 +203,42 @@ class CheckedIPAddress(UnsafeIPAddress):
:return: InterfaceDetails named tuple or None if no interface has
this address
"""
- if ifaddr is None:
- raise ImportError("ifaddr")
+ if netifaces is None:
+ raise ImportError("netifaces")
logger.debug("Searching for an interface of IP address: %s", self)
-
if self.version == 4:
- family_ips = (
- (ip.ip, ip.network_prefix, ip.nice_name)
- for ips in [a.ips for a in ifaddr.get_adapters()]
- for ip in ips if not isinstance(ip.ip, tuple)
- )
+ family = netifaces.AF_INET
elif self.version == 6:
- family_ips = (
- (ip.ip[0], ip.network_prefix, ip.nice_name)
- for ips in [a.ips for a in ifaddr.get_adapters()]
- for ip in ips if isinstance(ip.ip, tuple)
- )
+ family = netifaces.AF_INET6
else:
raise ValueError(
"Unsupported address family ({})".format(self.version)
)
- for ip, prefix, ifname in family_ips:
- ifaddrmask = "{ip}/{prefix}".format(ip=ip, prefix=prefix)
- logger.debug(
- "Testing local IP address: %s (interface: %s)",
- ifaddrmask, ifname)
- ifnet = netaddr.IPNetwork(ifaddrmask)
+ for interface in netifaces.interfaces():
+ for ifdata in netifaces.ifaddresses(interface).get(family, []):
+
+ # link-local addresses contain '%suffix' that causes parse
+ # errors in IPNetwork
+ ifaddr = ifdata['addr'].split(u'%', 1)[0]
+
+ # newer versions of netifaces provide IPv6 netmask in format
+ # 'ffff:ffff:ffff:ffff::/64'. We have to split and use prefix
+ # or the netmask with older versions
+ ifmask = ifdata['netmask'].split(u'/')[-1]
+
+ ifaddrmask = '{addr}/{netmask}'.format(
+ addr=ifaddr,
+ netmask=ifmask
+ )
+ logger.debug(
+ "Testing local IP address: %s (interface: %s)",
+ ifaddrmask, interface)
- if ifnet.ip == self:
- return InterfaceDetails(ifname, ifnet)
+ ifnet = netaddr.IPNetwork(ifaddrmask)
+ if ifnet.ip == self:
+ return InterfaceDetails(interface, ifnet)
return None
def set_ip_net(self, ifnet):
diff --git a/ipapython/setup.py b/ipapython/setup.py
index b7b25c8b480f0dc80ae20c4027554b27fe6d87b3..ea55f5c729e8ba65a4436ebf3eb4898870558648 100644
--- a/ipapython/setup.py
+++ b/ipapython/setup.py
@@ -48,6 +48,6 @@ if __name__ == '__main__':
extras_require={
"ldap": ["python-ldap"], # ipapython.ipaldap
# CheckedIPAddress.get_matching_interface
- "ifaddr": ["ifaddr"],
+ "netifaces": ["netifaces"],
},
)
diff --git a/ipasetup.py.in b/ipasetup.py.in
index 56a1f3b066c70385949c86d0d35ce393331ad1c5..25eac3b214b4e6443fe29dd3d656c2fdbe84343a 100644
--- a/ipasetup.py.in
+++ b/ipasetup.py.in
@@ -75,7 +75,7 @@ PACKAGE_VERSION = {
'ipaserver': 'ipaserver == {}'.format(VERSION),
'jwcrypto': 'jwcrypto >= 0.4.2',
'kdcproxy': 'kdcproxy >= 0.3',
- 'ifaddr': 'ifaddr >= 0.1.7',
+ 'netifaces': 'netifaces >= 0.10.4',
'python-ldap': 'python-ldap >= 3.0.0',
'python-yubico': 'python-yubico >= 1.2.3',
'qrcode': 'qrcode >= 5.0',
diff --git a/pylintrc b/pylintrc
index 50278cc76031af68959a138f6ea185c4288c7155..22053a9b55e9dc8e71c1835a63c9393e8ad6803d 100644
--- a/pylintrc
+++ b/pylintrc
@@ -13,6 +13,7 @@ extension-pkg-allow-list=
_ldap,
cryptography,
gssapi,
+ netifaces,
lxml.etree,
pysss_murmur,
--
2.45.1

View File

@ -205,7 +205,7 @@
Name: %{package_name} Name: %{package_name}
Version: %{IPA_VERSION} Version: %{IPA_VERSION}
Release: 2%{?rc_version:.%rc_version}%{?dist} Release: 3%{?rc_version:.%rc_version}%{?dist}
Summary: The Identity, Policy and Audit system Summary: The Identity, Policy and Audit system
License: GPL-3.0-or-later License: GPL-3.0-or-later
@ -237,7 +237,6 @@ Patch1001: 1001-Change-branding-to-IPA-and-Identity-Management.patch
Patch1002: 1002-Revert-freeipa.spec-depend-on-bind-dnssec-utils.patch Patch1002: 1002-Revert-freeipa.spec-depend-on-bind-dnssec-utils.patch
%endif %endif
%if 0%{?rhel} >= 9 %if 0%{?rhel} >= 9
Patch0001: 0001-Revert-Replace-netifaces-with-ifaddr.patch
Patch0002: 0002-freeipa-disable-nis.patch Patch0002: 0002-freeipa-disable-nis.patch
Patch0003: 0003-ipatests-Check-Default-PAC-type-is-added-to-config.patch Patch0003: 0003-ipatests-Check-Default-PAC-type-is-added-to-config.patch
Patch0004: 0004-selinux-add-all-IPA-log-files-to-ipa_log_t-file-cont.patch Patch0004: 0004-selinux-add-all-IPA-log-files-to-ipa_log_t-file-cont.patch
@ -399,7 +398,7 @@ BuildRequires: python3-libipa_hbac
BuildRequires: python3-libsss_nss_idmap BuildRequires: python3-libsss_nss_idmap
BuildRequires: python3-lxml BuildRequires: python3-lxml
BuildRequires: python3-netaddr >= %{python_netaddr_version} BuildRequires: python3-netaddr >= %{python_netaddr_version}
BuildRequires: python3-netifaces BuildRequires: python3-ifaddr
BuildRequires: python3-pki >= %{pki_version} BuildRequires: python3-pki >= %{pki_version}
BuildRequires: python3-polib BuildRequires: python3-polib
BuildRequires: python3-pyasn1 BuildRequires: python3-pyasn1
@ -877,7 +876,7 @@ Requires: python3-gssapi >= 1.2.0
Requires: python3-jwcrypto >= 0.4.2 Requires: python3-jwcrypto >= 0.4.2
Requires: python3-libipa_hbac Requires: python3-libipa_hbac
Requires: python3-netaddr >= %{python_netaddr_version} Requires: python3-netaddr >= %{python_netaddr_version}
Requires: python3-netifaces >= 0.10.4 Requires: python3-ifaddr >= 0.1.7
Requires: python3-pyasn1 >= 0.3.2-2 Requires: python3-pyasn1 >= 0.3.2-2
Requires: python3-pyasn1-modules >= 0.3.2-2 Requires: python3-pyasn1-modules >= 0.3.2-2
Requires: python3-pyusb Requires: python3-pyusb
@ -1871,7 +1870,10 @@ fi
%endif %endif
%changelog %changelog
* Wed Sep 18 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2.2 * Tue Sep 24 2024 Rafael Guteres Jeffman <rjeffman@redhat.com> - 4.12.2-3
- Resolves: RHEL-33818 Remove python3-ipalib's dependency on python3-netifaces
* Wed Sep 18 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2-2
- Resolves: RHEL-47294 SID generation task is failing when SELinux is in Enforcing mode - Resolves: RHEL-47294 SID generation task is failing when SELinux is in Enforcing mode
- Resolves: RHEL-56472 Include latest fixes in python3-ipatests packages - Resolves: RHEL-56472 Include latest fixes in python3-ipatests packages
- Resolves: RHEL-56917 RFE add a tool to quickly detect and fix issues with IPA ID ranges - Resolves: RHEL-56917 RFE add a tool to quickly detect and fix issues with IPA ID ranges
@ -1880,7 +1882,7 @@ fi
- Resolves: RHEL-59265 Default hbac rules are duplicated on remote server post ipa-migrate in prod-mode - Resolves: RHEL-59265 Default hbac rules are duplicated on remote server post ipa-migrate in prod-mode
- Resolves: RHEL-59266 Also enable SSSD's ssh service when enabling sss_ssh_knownhosts - Resolves: RHEL-59266 Also enable SSSD's ssh service when enabling sss_ssh_knownhosts
* Thu Aug 22 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2.1 * Thu Aug 22 2024 Florence Blanc-Renaud <flo@redhat.com> - 4.12.2-1
- Resolves: RHEL-54545 Covscan issues: Resource Leak - Resolves: RHEL-54545 Covscan issues: Resource Leak
- Resolves: RHEL-54304 support for python cryptography 43.0.0 - Resolves: RHEL-54304 support for python cryptography 43.0.0
- Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w - Resolves: RHEL-49805 misleading warning for missing ipa-selinux-nfast package on luna hsm h/w