From 098a308f7e923e0cb8c6d784587a9cc9da5f9fea Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Fri, 7 Oct 2011 15:10:35 -0400 Subject: [PATCH] - kadmin.service: fix #723723 again - kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command lines, because systemd parsing doesn't handle alternate value shell variable syntax - kprop.service: add missing Type=forking so that systemd doesn't assume simple - kprop.service: expect the ACL configuration to be there, not absent --- kadmin.service | 5 ++--- kadmin.sysconfig | 1 - kprop.service | 8 ++++---- krb5.spec | 12 +++++++++++- krb5kdc.service | 5 ++--- krb5kdc.sysconfig | 1 - 6 files changed, 19 insertions(+), 13 deletions(-) diff --git a/kadmin.service b/kadmin.service index 516c92a..7775ea7 100644 --- a/kadmin.service +++ b/kadmin.service @@ -1,14 +1,13 @@ [Unit] -Description=Kerberos 5 Administrative Server +Description=Kerberos 5 Password-changing and Administration After=syslog.target network.target -ConditionPathExists=/var/kerberos/krb5kdc/principal ConditionPathExists=!/var/kerberos/krb5kdc/kpropd.acl [Service] Type=forking PIDFile=/var/run/kadmind.pid EnvironmentFile=-/etc/sysconfig/kadmin -ExecStart=/usr/sbin/kadmind -r $KRB5REALM -P /var/run/kadmind.pid $KADMIND_ARGS +ExecStart=/usr/sbin/kadmind -P /var/run/kadmind.pid $KADMIND_ARGS ExecReload=/bin/kill -HUP $MAINPID [Install] diff --git a/kadmin.sysconfig b/kadmin.sysconfig index fe76198..fa72039 100644 --- a/kadmin.sysconfig +++ b/kadmin.sysconfig @@ -1,2 +1 @@ KADMIND_ARGS= -KRB5REALM= diff --git a/kprop.service b/kprop.service index 532a8ea..99ba129 100644 --- a/kprop.service +++ b/kprop.service @@ -1,11 +1,11 @@ [Unit] -Description=Kerberos 5 Propagation Client +Description=Kerberos 5 Propagation After=syslog.target network.target -ConditionPathExists=!/var/kerberos/krb5kdc/kpropd.acl +ConditionPathExists=/var/kerberos/krb5kdc/kpropd.acl [Service] -ExecStart=/usr/sbin/kpropd -S +Type=forking +ExecStart=/usr/sbin/kpropd -S [Install] WantedBy=multi-user.target - diff --git a/krb5.spec b/krb5.spec index f29cf5c..3f3c6d5 100644 --- a/krb5.spec +++ b/krb5.spec @@ -699,6 +699,14 @@ exit 0 %{_sbindir}/uuserver %changelog +* Fri Oct 7 2011 Nalin Dahyabhai 1.9.1-16 +- kadmin.service: fix #723723 again +- kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command + lines, because systemd parsing doesn't handle alternate value shell variable + syntax +- kprop.service: add missing Type=forking so that systemd doesn't assume simple +- kprop.service: expect the ACL configuration to be there, not absent + * Sun Oct 2 2011 Tom Callaway 1.9.1-15 - hardcode pid file as option in krb5kdc.service @@ -734,7 +742,9 @@ exit 0 way of Kevin Coffman * Wed Jul 20 2011 Nalin Dahyabhai 1.9.1-7 -- kadmind.init: drop the attempt to detect no-database-present errors (#723723) +- kadmind.init: drop the attempt to detect no-database-present errors (#723723), + which is too fragile in cases where the database has been manually moved or + is accessed through another kdb plugin * Tue Jul 19 2011 Nalin Dahyabhai 1.9.1-6 - backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE diff --git a/krb5kdc.service b/krb5kdc.service index e0dbff9..bc49204 100644 --- a/krb5kdc.service +++ b/krb5kdc.service @@ -1,14 +1,13 @@ [Unit] -Description=Kerberos 5 Servers +Description=Kerberos 5 KDC After=syslog.target network.target [Service] Type=forking PIDFile=/var/run/krb5kdc.pid EnvironmentFile=-/etc/sysconfig/krb5kdc -ExecStart=/usr/sbin/krb5kdc -r $KRB5REALM -P /var/run/krb5kdc.pid $KRB5KDC_ARGS +ExecStart=/usr/sbin/krb5kdc -P /var/run/krb5kdc.pid $KRB5KDC_ARGS ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target - diff --git a/krb5kdc.sysconfig b/krb5kdc.sysconfig index 1025f7e..791216d 100644 --- a/krb5kdc.sysconfig +++ b/krb5kdc.sysconfig @@ -1,2 +1 @@ KRB5KDC_ARGS= -KRB5REALM=