It's not a complete fix, and it may only muddy things further on systems
that are having the kind of trouble it's trying to avoid, so hold off.
For now, at least.
- pull in proposed fix for attempts to get initial creds, which end up
following referrals, incorrectly trying to always use master KDCs if
they talked to a master at any point (should fix RT#7650)
Add a patch to create /run/user/0 if we're trying to resolve a
DIR: ccache somewhere below it and neither the target location
nor /run/user/0 exist yet.
The better workaround is to set the location's owner to "linger"
via logind, since even after we do what we're doing here, if
the user logs in and logs back out, our location is still removed.
- pull in patches from master to not test GSSRPC-over-UDP and to not
depend on the portmapper, which are areas where our build systems
often give us trouble, too
In addition to basing the contents of an encrypted-timestamp preauth
data item on the server's idea of the current time, go ahead and do the
same for the times in the request.
- pull in upstream fix to start treating a KRB5CCNAME value that begins
with DIR:: the same as it would a DIR: value with just one ccache file
in it (RT#7172, #965574)
- pull the changing of the compiled-in default ccache location to
DIR:/run/user/%%{uid}/krb5cc back into F19, in line with SSSD and
the most recent pam_krb5 build
- when testing the RPC library, treat denials from the local portmapper the
same as a portmapper-not-running situation, to allow other library tests
to be run while building the package
- create and own /var/kerberos/krb5/user instead of /var/kerberos/kdc/user,
since that's what the libraries actually look for
- add buildrequires on nss-myhostname, in an attempt to get more of the tests
to run properly during builds
- go back to using reconf to run autoconf and autoheader (part of #925640)
- add temporary patch to use newer config.guess/config.sub (more of #925640)
drop the kerberos-iv portreserve file (long overdue), and drop the rest
on systemd systems, since we don't currently poke portreserve when we're
starting a service
- update to the 1.11 final release
- drop the rawbuild tag from a couple of patches which we don't actually
need to apply to get things to compile the way the package expects
- handle releases where texlive packaging wasn't yet as complicated as it
is in Fedora 18
- fix an uninitialized-variable error building one of the test programs
- move the rather large pile of html and pdf docs to -workstation, so
that just having something that links to the libraries won't drag
them onto a system
- actually create %%{_var}/kerberos/kdc/user, so that it can be packaged
- correct the list of packaged man pages
