diff --git a/.gitignore b/.gitignore index 5116b4d..663c66e 100644 --- a/.gitignore +++ b/.gitignore @@ -39,3 +39,4 @@ /freeipa-4.1.3.tar.gz /freeipa-4.1.4.tar.gz /freeipa-4.2.1.tar.gz +/freeipa-4.2.2.tar.gz diff --git a/freeipa.spec b/freeipa.spec index 4e63044..90e6683 100644 --- a/freeipa.spec +++ b/freeipa.spec @@ -24,14 +24,10 @@ %global platform_module fedora %endif -%global VERSION 4.2.1 +%global VERSION 4.2.2 %define _hardened_build 1 -%define kdcproxy_user kdcproxy -%define kdcproxy_group kdcproxy -%define kdcproxy_home %{_sharedstatedir}/kdcproxy - Name: freeipa Version: %{VERSION} Release: 1%{?dist} @@ -109,10 +105,11 @@ BuildRequires: python-pytest-sourceorder BuildRequires: python-kdcproxy >= 0.3 %description -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). %if ! %{ONLY_CLIENT} %package server @@ -166,6 +163,7 @@ Requires: softhsm >= 2.0.0rc1-1 Requires: p11-kit Requires: systemd-python Requires: %{etc_systemd_dir} +Requires: gzip Conflicts: %{alt_name}-server Obsoletes: %{alt_name}-server < %{version} @@ -182,12 +180,12 @@ Obsoletes: %{name}-server <= 4.2.0.0 Conflicts: nss-pam-ldapd < 0.8.4 %description server -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). If you are installing an IPA server you need -to install this package (in other words, most people should NOT install -this package). +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are installing an IPA server, you need to install this package. %package server-dns @@ -282,11 +280,13 @@ Conflicts: %{alt_name}-client Obsoletes: %{alt_name}-client < %{version} %description client -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). If your network uses IPA for authentication, -this package should be installed on every client machine. +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If your network uses IPA for authentication, this package should be +installed on every client machine. %package admintools @@ -301,11 +301,12 @@ Conflicts: %{alt_name}-admintools Obsoletes: %{alt_name}-admintools < %{version} %description admintools -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). This package provides command-line tools for -IPA administrators. +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +This package provides command-line tools for IPA administrators. %package python Summary: Python libraries used by IPA @@ -334,11 +335,12 @@ Conflicts: %{alt_name}-python Obsoletes: %{alt_name}-python < %{version} %description python -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). If you are using IPA you need to install this -package. +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). +If you are using IPA, you need to install this package. %if ! %{ONLY_CLIENT} %package tests @@ -359,10 +361,11 @@ Conflicts: %{alt_name}-tests Obsoletes: %{alt_name}-tests < %{version} %description tests -IPA is an integrated solution to provide centrally managed Identity (machine, -user, virtual machines, groups, authentication credentials), Policy -(configuration settings, access control information) and Audit (events, -logs, analysis thereof). +IPA is an integrated solution to provide centrally managed Identity (users, +hosts, services), Authentication (SSO, 2FA), and Authorization +(host access control, SELinux user roles, services). The solution provides +features for further integration with Linux based clients (SUDO, automount) +and integration with Active Directory based infrastructures (Trusts). This package contains tests that verify IPA functionality. %endif # ONLY_CLIENT @@ -515,7 +518,6 @@ install daemons/dnssec/ipa-ods-exporter %{buildroot}%{_libexecdir}/ipa/ipa-ods-e mkdir -p %{buildroot}%{_usr}/share/ipa/ui/js/plugins # KDC proxy config (Apache config sets KDCPROXY_CONFIG to load this file) -mkdir -p %{buildroot}%{kdcproxy_home} mkdir -p %{buildroot}%{_sysconfdir}/ipa/kdcproxy/ install -m 644 install/share/kdcproxy.conf %{buildroot}%{_sysconfdir}/ipa/kdcproxy/kdcproxy.conf @@ -612,13 +614,6 @@ if [ -e /usr/sbin/ipa_kpasswd ]; then # END fi -# create kdcproxy user -getent group %{kdcproxy_group} >/dev/null || groupadd -r %{kdcproxy_group} -getent passwd %{kdcproxy_user} >/dev/null || \ - /usr/sbin/useradd -r -c "IPA KDC Proxy User" -s /sbin/nologin \ - -g %{kdcproxy_group} -d %{kdcproxy_home} %{kdcproxy_user} -exit 0 - %postun server-trust-ad if [ "$1" -ge "1" ]; then if [ "`readlink %{_sysconfdir}/alternatives/winbind_krb5_locator.so`" == "/dev/null" ]; then @@ -754,8 +749,8 @@ fi %{_libexecdir}/ipa/ipa-dnskeysync-replica %{_libexecdir}/ipa/ipa-ods-exporter %{_libexecdir}/ipa/ipa-httpd-kdcproxy +%ghost %verify(not owner group) %dir %{_sharedstatedir}/kdcproxy %dir %attr(0755,root,root) %{_sysconfdir}/ipa/kdcproxy -%dir %attr(0700,%{kdcproxy_user},%{kdcproxy_group}) %{kdcproxy_home} %config(noreplace) %{_sysconfdir}/sysconfig/ipa_memcached %config(noreplace) %{_sysconfdir}/sysconfig/ipa-dnskeysyncd %config(noreplace) %{_sysconfdir}/sysconfig/ipa-ods-exporter @@ -790,7 +785,6 @@ fi %{_usr}/share/ipa/copy-schema-to-ca.py* %{_usr}/share/ipa/*.ldif %{_usr}/share/ipa/*.uldif -%{_usr}/share/ipa/*.update %{_usr}/share/ipa/*.template %dir %{_usr}/share/ipa/advise %dir %{_usr}/share/ipa/advise/legacy @@ -1022,6 +1016,9 @@ fi %endif # ONLY_CLIENT %changelog +* Thu Oct 8 2015 Petr Vobornik - 4.2.2-1 +- Update to upstream 4.2.2 - see http://www.freeipa.org/page/Releases/4.2.2 + * Mon Sep 7 2015 Petr Vobornik - 4.2.1-1 - Update to upstream 4.2.1 - see http://www.freeipa.org/page/Releases/4.2.1 diff --git a/sources b/sources index f855c52..4fb040c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -7fe8b04fc855cf5a4df892c7e5ba1674 freeipa-4.2.1.tar.gz +6507212f35ffc22aa11f4c155c094a4e freeipa-4.2.2.tar.gz