Commit Graph

334 Commits

Author SHA1 Message Date
Fedora Release Engineering
a8d1e96588 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 20:46:40 +00:00
Fedora Release Engineering
dfcf49a987 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 08:44:20 +00:00
Tomas Krizek
4e8781975d
4.5.3-1: Update to upstream 4.5.3
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-07-21 16:31:34 +02:00
Alexander Bokovoy
fe61781bfa Make sure tmpfiles.d snippet is in place after replica install 2017-07-13 10:34:49 +03:00
Alexander Bokovoy
ed08e3296d Increase Java stack size to 16m
ppc64-le builds fail with a crash when running Rhino to compile js code.
In past such failures were associated with inadequate Java stack size.
Test this idea with a larger stack size.
2017-07-10 12:30:58 +03:00
Alexander Bokovoy
8fa3823f90 Fix build with Samba 4.7.0-RC1 2017-07-10 09:56:04 +03:00
Tomas Krizek
71dac404bd
fix ip address checks and python-netifaces
Important patches that will be part of 4.5.3 release.

Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-06-20 14:33:05 +02:00
Tomas Krizek
eefef33439
Update to upstream 4.5.2
Signed-off-by: Tomas Krizek <tkrizek@redhat.com>
2017-06-18 20:09:59 +02:00
Tomas Krizek
c72eb707b4
Update to upstream 4.5.1 2017-05-25 15:11:33 +02:00
Tomas Krizek
1a7895e56c
4.4.4-2 bugfixes
- Fixes #1448049 Subpackage freeipa-server-common has unmet dependencies on Rawhide
- Fixes #1430247 FreeIPA server deployment runs ipa-custodia on Python 3, should use Python 2
- Fixes #1446744 python2-ipaclient subpackage does not own %{python_sitelib}/ipaclient/plugins
- Fixes #1440525 surplus 'the' in output of `ipa-adtrust-install`
- Fixes #1411810 ipa-replica-install fails with 406 Client Error
- Fixes #1405814 ipa plugins: ERROR an internal error occured
2017-05-23 12:36:52 +02:00
Tomas Krizek
0cfff8c8ae
Update to upstream 4.4.4 2017-03-24 14:27:06 +01:00
Alexander Bokovoy
ffb418a5d6 Use different method to keep /usr/bin/ipa on Python 2
Fixes #1426847 - cannot upgrade freeipa-client on rawhide

Thanks to Petr Viktorin for coming up with the change
2017-03-01 08:12:37 +02:00
Tomas Krizek
09bdd29080
4.4.3-7
- Fixes #1413137 CVE-2017-2590 ipa: Insufficient permission check for
  ca-del, ca-disable and ca-enable commands
2017-02-27 14:21:48 +01:00
Alexander Bokovoy
3f4b03b412 Rebuild to pick up system-python dependency change
Fixes #1426847 -- Cannot upgrade freeipa-client on rawhide
2017-02-27 10:36:26 +02:00
Tomas Krizek
99f783444d
Add support for KRB DAL 6.1 and bind-dyndb-ldap 11.0 2017-02-15 15:48:51 +01:00
Fedora Release Engineering
8a7de36eea - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 10:00:13 +00:00
Igor Gnatenko
11f9ba7934 Rebuild for xmlrpc-c
Signed-off-by: Igor Gnatenko <ignatenko@redhat.com>
2017-01-21 14:50:01 +01:00
Miro Hrončok
53083d6830 Rebuild for Python 3.6 2016-12-22 13:08:41 +01:00
Pavel Vomacka
f573742499 Update to upstream 4.4.3 2016-12-16 21:14:48 +01:00
Pavel Vomacka
d3389e055a 4.4.2-4: CVE-2016-9575, CVE-2016-7030
Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod
Fixes 1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services
  by abusing password policy
2016-12-14 22:19:06 +01:00
Petr Vobornik
26b01c4688 Fix bz 1389866
Support DAL version 5 and version 6 in KDB driver

https://bugzilla.redhat.com/show_bug.cgi?id=1389866
2016-11-29 10:22:46 +01:00
Petr Vobornik
064dc19e83 Rebuild against krb5-1.15
fixes: #1387460
2016-10-21 23:54:12 +02:00
Petr Vobornik
d16eb0d756 Update to upstream 4.4.2 2016-10-13 18:19:53 +02:00
Alexander Bokovoy
070313822d Add changelog 2016-09-01 18:16:29 +03:00
Alexander Bokovoy
47a0c67ac7 Update to upstream 4.4.1 release 2016-09-01 16:47:48 +03:00
Petr Vobornik
6b7ae28924 4.3.2-2: CVE-2016-5404 2016-08-19 15:14:46 +02:00
Petr Vobornik
56944c4963 Update to upstream 4.3.2 2016-07-22 18:08:20 +02:00
Fedora Release Engineering
8b518cbb8f - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages 2016-07-19 07:06:29 +00:00
Petr Vobornik
ffe6f461b2 Update to upstream 4.3.1 2016-03-24 16:21:34 +01:00
Petr Vobornik
21c82e0cbb fix build with Samba 4.4
- Fix build with Samba 4.4
- Update SELinux requires to fix connection check during installation
2016-02-04 12:18:14 +01:00
Dennis Gilmore
101663ab3b - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-03 20:46:39 +00:00
Petr Vobornik
f43314092f spec: do not require arch specific ipalib package from noarch packages
noarch packages should not contain:
  Requires: some-package-{?_isa}
2016-01-19 18:53:41 +01:00
Petr Vobornik
b2442d51ba Workarounds for SELinux execmem violations in crypto 2015-12-18 17:48:36 +01:00
Petr Vobornik
00828c7569 Update to upstream 4.3.0 2015-12-18 17:48:36 +01:00
Petr Vobornik
a33b200323 Workarounds for SELinux execmem violations in cryptography
ipaserver.dcerpc uses M2Crypto again on Python 2.7 and Dogtag's
pki.client no longer tries to use PyOpenSSL instead of Python's ssl
module.

Some dependencies like Dogtag's pki.client library and custodia use
python-requsts to make HTTPS connection. python-requests prefers
PyOpenSSL over Python's stdlib ssl module. PyOpenSSL is build on top
of python-cryptography which trigger a execmem SELinux violation
in the context of Apache HTTPD (httpd_execmem).
When requests is imported, it always tries to import pyopenssl glue
code from urllib3's contrib directory. The import of PyOpenSSL is
enough to trigger the SELinux denial.
A hack in wsgi.py prevents the import by raising an ImportError.
2015-12-08 21:28:39 +01:00
Petr Vobornik
efcb307b47 Update to upstream 4.2.3 2015-11-02 19:58:16 +01:00
Alexander Bokovoy
5e5a1f4339 Rebuild against krb5 1.14 2015-10-21 19:45:51 +03:00
Alexander Bokovoy
08336be7d8 Add dependency to samba-common-tools to -trust-ad subpackage
Samba packaging moved samba-common to be multi-architecture-friendly
and moved net utility to samba-common-tools. We use net utility in
ipa-adtrust-install, thus we need to depend on the correct package.
2015-10-21 19:40:20 +03:00
Petr Vobornik
e26c3e5b2a Update to upstream 4.2.2 2015-10-08 14:30:13 +02:00
Petr Vobornik
ece84f751e Update to upstream 4.2.1 2015-09-07 19:01:45 +02:00
Dennis Gilmore
a944f13c98 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 06:41:22 +00:00
Alexander Bokovoy
54c544a18d Fix typo in the patch to fix trusts 2015-05-12 15:42:37 +03:00
Alexander Bokovoy
9e1a9ca424 Separate build- and install time requires for Samba 2015-05-11 20:44:44 +03:00
Alexander Bokovoy
3291aa48e8 Fix establishing trust when using Samba 4.2
Fixes: 1219834
2015-05-11 20:32:13 +03:00
Petr Vobornik
5e8ed97275 replace mod_auth-kerb with mod_auth_gssapi 2015-03-30 15:51:59 +02:00
Alexander Bokovoy
c25f465e18 Upstreamed patch 2015-03-26 16:54:08 +02:00
Alexander Bokovoy
32b772b3ee Upstream 4.1.4 release to fix CVE-2015-1827 2015-03-26 16:46:20 +02:00
Petr Vobornik
37a047a11a Timeout when performing time sync during client installation
https://fedorahosted.org/freeipa/ticket/4842
2015-03-17 10:35:32 +01:00
Petr Vobornik
b0ad0e0344 Add missing sssd python dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1197218
2015-03-04 18:49:31 +01:00
Petr Vobornik
fd86e26a5f Update to upstream 4.1.3
- see http://www.freeipa.org/page/Releases/4.1.3
2015-02-18 18:32:22 +01:00
Alexander Bokovoy
a69b40e56b Fix wrong date in the changelog 2015-01-19 11:26:26 +02:00
Alexander Bokovoy
c504f905a4 Unblock rawhide
- Support Samba PASSDB 0.2.0 with libsamba-passdb
- Fix marshalling of NETLOGON responses over CLDAP
- Use python-dateutil15 instead of python-dateutil 2.x until we validate
  the new version
2015-01-19 11:22:49 +02:00
Petr Vobornik
81defaec91 Update to upstream 4.1.2
- see http://www.freeipa.org/page/Releases/4.1.2
- fix CVE-2014-7850
2014-11-25 14:36:38 +01:00
Simo Sorce
da888bc1a9 Patch blokers and feature freze exceptions
- Resolves: bz1165674
- Resolves: bz1165856 (CVE-2014-7850)
- Fixes DNS install issue that prevents the server from working
2014-11-21 13:18:37 +01:00
Martin Kosek
366080a717 Lower pki-ca requires to 10.1.2
Current Dogtag 10.2 and it's requirements are not properly packaged for
CentOS, yet. To enable FreeIPA running on CentOS 7.0, lower the
Requires on Fedora 20 and CentOS platform on Dogtag 10.1.2 which
has the patches required by FreeIPA backported and which has all
dependencies avaiable.

https://fedorahosted.org/freeipa/ticket/4737
2014-11-19 12:58:29 +01:00
Petr Spacek
9a877166ea Fix minimal version of BIND for Fedora 20 and 21 2014-11-10 09:32:25 +01:00
Petr Vobornik
00870e3919 Update to upstream 4.1.1
- see http://www.freeipa.org/page/Releases/4.1.1
- fix CVE-2014-7828
2014-11-06 14:42:41 +01:00
Petr Vobornik
c8a68dfb66 Fix armv7 build failure, external CA install 2014-10-22 14:41:16 +02:00
Petr Vobornik
7ccb103e8e Update to upstream 4.1.0
see http://www.freeipa.org/page/Releases/4.1.0
2014-10-21 19:02:12 +02:00
Petr Viktorin
743ef0138f Update to upstream 4.0.3 - see http://www.freeipa.org/page/Releases/4.0.3 2014-09-12 21:59:09 +02:00
Petr Viktorin
694ce2174a Update to upstream 4.0.1 - see http://www.freeipa.org/page/Releases/4.0.2 2014-09-05 19:56:45 +02:00
Pádraig Brady
c1d3c76c37 update to Java/8
Java/7 is no longer available in rawhide,
so update to allow rebuilds to proceed.
2014-09-02 18:40:34 +01:00
Pádraig Brady
cf4ceb30fb rebuild for libunistring soname bump 2014-09-02 18:09:28 +01:00
Peter Robinson
21b496feed - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 13:08:47 +00:00
Martin Kosek
f08947f751 Update to upstream 4.0.1 2014-07-25 14:14:39 +02:00
Petr Viktorin
92ad420100 Update to upstream 4.0.0
Remove Fedora patches, all are in the upstream release
Remove the freeipa-server-strict package
Update to upstream 4.0.0
2014-07-07 19:25:32 +02:00
Dennis Gilmore
da4983b208 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 07:48:25 -05:00
Petr Vobornik
a291203c66 Increase Java Stack size for Web UI build on aarch64 2014-05-21 10:11:48 +02:00
Peter Robinson
a14925ccb8 Add rhino as dependency to fix FTBFS 2014-04-16 15:15:57 +01:00
Martin Kosek
78bfe5614a Update to upstream 3.3.5 2014-03-28 13:34:35 +01:00
Martin Kosek
9ea7eb2ddf 3.3.4-3
- Move ipa-otpd socket directory to /var/run/krb5kdc
- Require krb5-server 1.11.5-3 supporting the new directory
- ipa_lockout plugin did not work with users's without krbPwdPolicyReference
2014-02-11 18:06:25 +01:00
Martin Kosek
5b79ddb067 3.3.4-2
- Fix hardened build
2014-01-29 08:54:27 +01:00
Martin Kosek
9d21232151 3.3.4-1
- Update to upstream 3.3.4
- Install CA anchor into standard location (#928478)
- ipa-client-install part of ipa-server-install fails on reinstall (#1044994)
- Remove mod_ssl workaround (RHEL bug #1029046)
- Enable syncrepl plugin to support bind-dyndb-ldap 4.0
2014-01-28 13:37:46 +01:00
Martin Kosek
3242eeabec 3.3.3-5
- Build crashed with rhino exception on s390 architectures (#1040576)
2014-01-03 13:44:59 +01:00
Martin Kosek
84f4ed20a9 Fix typo in patch specification part 2013-12-13 15:52:59 +01:00
Martin Kosek
2071255d02 3.3.3-4
- Build crashed rhino exception on some architectures (#1040576)
2013-12-13 15:48:01 +01:00
Martin Kosek
e17b01f313 3.3.3-3
Update to upstream 3.3.3, patch merged from F20.

Fix -Werror=format-security errors (#1037070)
2013-12-03 12:10:14 +01:00
Petr Viktorin
679f2cd646 Update release number 2013-09-26 13:12:08 +02:00
Petr Viktorin
404a6dfdfc Update translations from transifex 2013-09-26 12:12:13 +02:00
Petr Viktorin
54300af2fb Restore forgotten setup line 2013-08-30 12:39:29 +02:00
Petr Viktorin
1aec1ac2f5 Bring back Fedora-only changes 2013-08-29 17:41:58 +02:00
Petr Viktorin
3ee1e7d905 Update to upstream 3.3.1 2013-08-29 17:09:48 +02:00
Alexander Bokovoy
2e523789e0 upgrade: do not run sysv to systemd upgrade anymore 2013-08-14 14:29:52 +03:00
Martin Kosek
8a7e6ad5ed Update to upstream 3.3.0 2013-08-08 15:30:10 +02:00
Dennis Gilmore
7fbdddd791 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild 2013-08-03 06:53:55 -05:00
Martin Kosek
9f9581104f Update to upstream 3.2.2
- Drop freeipa-server-selinux subpackage
- Drop redundant directory /var/cache/ipa/sessions
- Do not create /var/lib/ipa/pki-ca/publish, retain reference as ghost
- Run ipa-upgradeconfig and server restart in posttrans to avoid inconsistency
  issues when there are still old parts of software (like entitlements plugin)
2013-07-18 15:09:09 +02:00
Rob Crittenden
12216fc83f Add OTP patches and patch to fix 389-ds ccache
The OTP patches add basic support for TOTP and Radius.

The 389-ds patch sets KRB5CCNAME in /etc/sysconfig/dirsrv so it can
get a usable ccache.
2013-05-14 16:28:58 -04:00
Rob Crittenden
5e12d2ddce Update to upstream 3.2.0 GA
- ipa-client-install fails if /etc/ipa does not exist (#961483)
- Certificate status is not visible in Service and Host page (#956718)
- ipa-client-install removes needed options from ldap.conf (#953991)
- Handle socket.gethostbyaddr() exceptions when verifying hostnames
  (#953957)
- Add triggerin scriptlet to support OpenSSH 6.2 (#953617)
- Require nss 3.14.3-12.0 to address certutil certificate import
  errors (#953485)
- Require pki-ca 10.0.2-3 to pull in fix for sslget and mixed IPv4/6
  environments. (#953464)
- ipa-client-install removes 'sss' from /etc/nsswitch.conf (#953453)
- ipa-server-install --uninstall doesn't stop dirsrv instances
  (#953432)
-   Add requires for openldap-2.4.35-4 to pickup fixed SASL_NOCANON
  behavior for socket based connections (#960222)
- Require libsss_nss_idmap-python
- Add Conflicts on nss-pam-ldapd < 0.8.4. The mapping from uniqueMember
  to member is now done automatically and having it in the config file
  raises an error.
- Add backup and restore tools, directory.
- require at least systemd 38 which provides the journal (we no longer
  need to require syslog.target)
- Update Requires on policycoreutils to 2.1.14-37
- Update Requires on selinux-policy to 3.12.1-42
- Update Requires on 389-ds-base to 1.3.1.0
2013-05-10 12:33:54 -04:00
Martin Kosek
45d13fba45 Update to upstream 3.2.0 Prerelease 1
Spec file was also merged with up-to-date upstream reference spec
file to keep them consistent.
2013-04-02 18:47:49 +02:00
Kevin Fenzi
c7811c4ad8 Rebuild for broken deps
- Fix 389-ds-base strict dep to be 1.3.0.5 and krb5-server 1.11.1
2013-03-30 11:49:49 -06:00
Kevin Fenzi
e432b0144a Rebuild for broken deps in rawhide
- Fix 389-ds-base strict dep to be 1.3.0.3
2013-02-23 12:57:28 -07:00
Dennis Gilmore
e3032bd32c - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild 2013-02-13 15:59:20 -06:00
Rob Crittenden
586582a2c2 Correct VERSION in the spec file 2013-01-23 17:28:20 -05:00
Rob Crittenden
ab5b2748dc Updated strict dependencies to 389-ds-base = 1.3.0.2 and pki-ca = 10.0.1 2013-01-23 17:16:53 -05:00
Rob Crittenden
3d64806b7a Update to upstream 3.1.2
- CVE-2012-4546: Incorrect CRLs publishing
- CVE-2012-5484: MITM Attack during Join process
- CVE-2013-0199: Cross-Realm Trust key leak
2013-01-23 17:13:20 -05:00
Martin Kosek
c6c1e1d976 Backport additional spec fixes from upstream
- Remove redundat Requires versions that are already in Fedora 17
- Replace python-crypto Requires with m2crypto
- Add missing Requires(post) for client and server-trust-ad subpackages
- Restart httpd service when server-trust-ad subpackage is installed
- Bump selinux-policy Requires to pick up PKI/LDAP port labeling fixes
2012-12-20 10:33:39 +01:00
Rob Crittenden
5e038ec750 Updated to upstream 3.1.0 GA
- Set minimum for sssd to 1.9.2
- Set minimum for pki-ca to 10.0.0-1
- Set minimum for 389-ds-base to 1.3.0
- Set minimum for selinux-policy to 3.11.1-60
- Remove unneeded dogtag package requires
2012-12-10 15:52:46 -05:00
Martin Kosek
0348a328fd Update Requires on krb5-server to 1.11 2012-11-23 14:49:15 +01:00
Rob Crittenden
e93bd136ff Configure CA replication to use TLS instead of SSL 2012-10-12 14:48:18 -04:00
Rob Crittenden
4de47b3304 Updated to upstream 3.0.0 GA
- Set minimum for samba to 4.0.0-153.
- Make sure server-trust-ad subpackage alternates winbind_krb5_locator.so
  plugin to /dev/null since they cannot be used when trusts are configured
- Restrict krb5-server to 1.10.
- Update minimum for 389-ds-base to 1.3.0
- Add directory /var/lib/ipa/pki-ca/publish for CRL published by pki-ca
- Add Requires on zip for generating FF browser extension
2012-10-12 12:02:17 -04:00
Rob Crittenden
8a8da0b567 - Updated to upstream 3.0.0 rc 2
- Include new FF configuration extension
2012-10-09 16:22:06 -04:00
Martin Kosek
53622bb0da Require samba packages instead of obsoleted samba4 packages 2012-10-02 08:36:19 +02:00
Rob Crittenden
23bbd3f9b4 Updated to upstream 3.0.0 rc 1
- Update BR for 389-ds-base to 1.2.11.14
- Update BR for krb5 to 1.10
- Update BR for samba4-devel to 4.0.0-139 (rc1)
- Add BR for python-polib
- Update Requires on policycoreutils to 2.1.12-5
- Update Requires on 389-ds-base to 1.2.11.14
- Update Requires on selinux-policy to 3.11.1-21
- Update Requires on dogtag to 10.0.0-0.33.a1
- Update Requires on certmonger to 0.60
- Update Requires on tomcat to 7.0.29
- Update minimum version of bind to 9.9.1-10.P3
- Update minimum version of bind-dyndb-ldap to 1.1.0-0.16.rc1
- Remove Requires on authconfig from python sub-package
2012-09-21 16:34:00 -04:00
Rob Crittenden
2d22c7100c Rebuild against samba4 beta8 2012-09-05 09:12:31 -04:00
Rob Crittenden
7caae3a676 Rebuild against samba4 beta7 2012-08-31 15:09:05 -04:00
Alexander Bokovoy
5c0f47e71d Adopt to samba4 beta6 and add samba4-winbind dependency to freeipa-server-trust-ad 2012-08-22 18:31:36 +03:00
Rob Crittenden
3c1392be1b Update to upstream 3.0.0 beta 2 2012-08-17 11:31:03 -04:00
Martin Kosek
23157c3804 Update to current upstream state of 3.0.0 beta 2 development 2012-08-06 17:16:15 +02:00
Alexander Bokovoy
10af3ccf36 Rebuild against samba4 beta4 2012-07-23 17:23:54 +03:00
Rob Crittenden
a0ca5be798 Update to upstream 3.0.0 beta 1 2012-07-02 15:55:25 -04:00
Rob Crittenden
b191f14e04 - Updated to upstream 2.2.0 GA
- Update minimum n-v-r of certmonger to 0.53
- Update minimum n-v-r of slapi-nis to 0.40
- Add Requires in client to oddjob-mkhomedir and python-krbV
- Update minimum selinux-policy to 3.10.0-110
2012-05-03 14:40:11 -04:00
Rob Crittenden
18a9ea07cd Update to 2.2.0 beta1, fix shell escaping to work with dogtag 9.0.18.
- Update to upstream 2.2.0 beta 1 (2.1.90.rc1)
- Set minimum n-v-r for pki-ca and pki-silent to 9.0.18.
- Add Conflicts on mod_ssl
- Update minimum n-v-r of 389-ds-base to 1.2.10.4
- Update minimum n-v-r of sssd to 1.8.0
- Update minimum n-v-r of slapi-nis to 0.38
- Update minimum n-v-r of pki-* to 9.0.18
- Update conflicts on bind-dyndb-ldap to < 1.1.0-0.9.b1
- Update conflicts on bind to < 9.9.0-1
- Drop requires on krb5-server-ldap
- Add patch to remove escaping arguments to pkisilent
2012-05-03 14:40:05 -04:00
Rob Crittenden
c3929a4ff3 Update to upstream 2.2.0 alpha 1 (2.1.90.pre1)
Remove unused patches, update tarball, sync spec to upstream spec

ipa_kpasswd has been dropped upstream
2012-02-06 14:51:43 -05:00
Alexander Bokovoy
fd3bdcaf1e - Force to use 389-ds 1.2.10-0.8.a7 or above
- Improve upgrade script to handle systemd 389-ds change
  - fixes FreeIPA tickets 2117 and 2300
- Fix freeipa to work with python-ldap 2.4.6
2012-02-01 21:25:07 +02:00
Martin Kosek
3d6f0d2911 Fix FreeIPA installation problems
This release fixes:
- ipa-replica-install crashes due to invalid Python calls
- ipa-server-install and ipa-dns-install may fail to produce log
- ipa-server-install crash due to sslget problem (#771357)
2012-01-11 11:34:54 +01:00
Alexander Bokovoy
0c5ab6443d Fix 769440
Rebuild SLAPI plugins against thread-safe ldap library as requirement of new 389-ds build
2011-12-21 14:49:37 +02:00
Alexander Bokovoy
e32f1a7067 Allow ipa-ldap-updater to wait for dirsrv service on systemd setups 2011-12-11 19:38:03 +02:00
Rob Crittenden
9cc2d9f70c Update to upstream 2.1.4 (CVE-2011-3636) 2011-12-06 12:09:19 -05:00
Rob Crittenden
44560406dd Update SELinux policy to allow ipa_kpasswd to connect ldap and
read /dev/urandom. (#759679)
2011-12-05 13:11:22 -05:00
Alexander Bokovoy
31a2cbeaa0 Update release 2011-11-30 15:36:42 +02:00
Alexander Bokovoy
ce4a13930d Fix wrong path in packaging freeipa-systemd-upgrade 2011-11-30 15:35:30 +02:00
Alexander Bokovoy
e95356d723 Introduce systemd upgrade script
As user has no means to recover existing FreeIPA install after
upgrading from SysV to systemd, introduce upgrade script.

The upgrade script does following:
    - restores symlinks in FreeIPA's Dogtag installation
    - converts FreeIPA directory server instances to systemd
    - converts FreeIPA directory server configuration to be compatible
      with systemd services
    - converts FreeIPA KDC configuration to be compatible
      with systemd services
    - re-enables FreeIPA

Script does nothing if FreeIPA is already active systemd service
2011-11-30 15:14:40 +02:00
Dennis Gilmore
3bfb4b3f41 - Rebuilt for glibc bug#747377 2011-10-26 18:45:58 -05:00
Alexander Bokovoy
70948ccd2a Upstream 2.1.3 release 2011-10-19 18:07:43 +03:00
Rob Crittenden
92a3878415 Update to 2.1.0 2011-08-16 17:20:37 -04:00
Simo Sorce
e3b0a5690f Fix bug #702633 2011-05-06 16:22:28 -04:00
Rob Crittenden
eed524353c - Update minimum selinux-policy to 3.9.16-18
- Update minimum pki-ca and pki-selinux to 9.0.7
- Update minimum 389-ds-base to 1.2.8.0-1
- Update to upstream 2.0.1
2011-05-02 13:33:13 -04:00
Rob Crittenden
f2186254fd - Update to upstream GA release
- Automatically apply updates when the package is upgraded
2011-03-24 17:57:00 -04:00
Rob Crittenden
c6cab8a0d0 - Update to upstream freeipa-2.0.0.rc2
- Set minimum version of python-nss to 0.11 to make sure IPv6 support is in
- Set minimum version of sssd to 1.5.1
- Patch to include SuiteSpotGroup when setting up 389-ds instances
- Move a lot of BuildRequires so this will build with ONLY_CLIENT enabled
2011-02-25 18:12:29 -05:00
Rob Crittenden
1127f3631f Fix the N-V-R so rc1 is an update to beta2 2011-02-15 09:45:55 -05:00
Rob Crittenden
68ba56c22b - Set minimum version of sssd to 1.5.1
- Update to upstream freeipa-2.0.0.rc1
- Move server-only binaries from admintools subpackage to server
2011-02-14 21:45:41 -05:00
Dennis Gilmore
34c9a74675 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 15:36:14 -06:00
Rob Crittenden
2bb258d1d1 Set min version of 389-ds-base to 1.2.8
Set min version of mod_nss 1.0.8-10
Set min version of selinux-policy to 3.9.7-27
Add dogtag themes to Requires
Update to upstream freeipa-2.0.0.pre2
2011-02-03 16:55:42 -05:00
Rob Crittenden
ce15e9e9d6 Initial import (#672986). 2011-01-27 23:33:55 -05:00