[Pkg-freeipa-devel] freeipa: Changes to 'master-next'
Timo Aaltonen
tjaalton at moszumanska.debian.org
Mon Apr 18 14:48:57 UTC 2016
debian/changelog | 121 ++++++++++++++++++++++-------------------
debian/control | 12 ++--
debian/freeipa-client.postinst | 7 --
3 files changed, 73 insertions(+), 67 deletions(-)
New commits:
commit d4252bb77704a1344c8b306da187df18f9a59b0d
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 17:40:53 2016 +0300
releasing package freeipa version 4.3.1-1
diff --git a/debian/changelog b/debian/changelog
index ec53044..7a6b9a0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
-freeipa (4.3.1-1) UNRELEASED; urgency=medium
+freeipa (4.3.1-1) unstable; urgency=medium
- * New upstream release.
+ * New upstream release. (Closes: #781607, #786411) (LP: #1449304)
- drop no-test-lang.diff, obsolete
* fix-match-hostname.diff, control: Drop the patch and python-openssl
deps, not needed anymore
@@ -61,7 +61,7 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
/usr/local/share/ca-certificates, and run update-ca-certificates
- Map smb service to smbd (LP: #1543230)
- Don't ship /var/cache/bind/data, fix named.conf a bit.
- - Use DebianNoService() for dbus.
+ - Use DebianNoService() for dbus. (LP: #1564981)
- Add more constants
* Split freeipa-server-dns from freeipa-server, add -dns to -server
Recommends.
@@ -86,7 +86,7 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* platform.diff, rules, server.install: Drop generate-rndc-key.sh, bind
already generates the keyfile.
- -- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
+ -- Timo Aaltonen <tjaalton at debian.org> Mon, 18 Apr 2016 17:40:32 +0300
freeipa (4.1.4-1) experimental; urgency=medium
commit 5757d7a17fbe5a5cf546a48d22e565584798112f
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 17:40:20 2016 +0300
bump opendnssec dependency
diff --git a/debian/control b/debian/control
index 39a01fe..d344e51 100644
--- a/debian/control
+++ b/debian/control
@@ -125,7 +125,7 @@ Depends:
freeipa-server (>= ${source:Version}),
bind9 (>= 1:9.10.3.dfsg.P4-8),
bind9-dyndb-ldap (>= 8.0-4),
- opendnssec,
+ opendnssec (>= 1:1.4.9-2),
${misc:Depends},
${python:Depends},
${shlibs:Depends}
commit 94b55ec6bbde5f1fd749630a9e9c2df2e8a6fba9
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 11:17:45 2016 +0300
bump certmonger, bind9, bind9-dyndb-ldap depends
diff --git a/debian/control b/debian/control
index 3870608..39a01fe 100644
--- a/debian/control
+++ b/debian/control
@@ -72,7 +72,7 @@ Depends:
389-ds-base (>= 1.3.4.0),
acl,
apache2,
- certmonger (>= 0.78.6-2),
+ certmonger (>= 0.78.6-3),
custodia,
fonts-font-awesome,
freeipa-admintools (= ${source:Version}),
@@ -123,8 +123,8 @@ Breaks: freeipa-server (<< 4.3.0-1)
Replaces: freeipa-server (<< 4.3.0-1)
Depends:
freeipa-server (>= ${source:Version}),
- bind9,
- bind9-dyndb-ldap (>= 8.0-2),
+ bind9 (>= 1:9.10.3.dfsg.P4-8),
+ bind9-dyndb-ldap (>= 8.0-4),
opendnssec,
${misc:Depends},
${python:Depends},
@@ -177,7 +177,7 @@ Package: freeipa-client
Architecture: any
Depends:
bind9utils,
- certmonger (>= 0.78.6-2),
+ certmonger (>= 0.78.6-3),
curl,
dnsutils,
freeipa-common (= ${source:Version}),
commit 61e8e82eb34b21c05e61904d690841f959901366
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Thu Apr 14 14:55:02 2016 +0300
add server-dns to server Recommends to make sure upgrades work
diff --git a/debian/changelog b/debian/changelog
index 7b7bb9a..ec53044 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -63,7 +63,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
- Don't ship /var/cache/bind/data, fix named.conf a bit.
- Use DebianNoService() for dbus.
- Add more constants
- * Split freeipa-server-dns from freeipa-server.
+ * Split freeipa-server-dns from freeipa-server, add -dns to -server
+ Recommends.
* server.postinst: Use ipa-server-upgrade.
* admintools: Use the new location for bash completions.
* rules: Remove obsolete configure.jar, preferences.html.
diff --git a/debian/control b/debian/control
index 7d96031..3870608 100644
--- a/debian/control
+++ b/debian/control
@@ -107,6 +107,8 @@ Depends:
${misc:Depends},
${python:Depends},
${shlibs:Depends}
+Recommends:
+ freeipa-server-dns,
Description: FreeIPA centralized identity framework -- server
FreeIPA is an integrated solution to provide centrally managed Identity
(machine, user, virtual machines, groups, authentication credentials), Policy
commit 1a0ccf6b3f06e695cea20d60276a9547fde85a7d
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Thu Apr 7 18:29:31 2016 +0300
changelog rewrite
diff --git a/debian/changelog b/debian/changelog
index b754a14..7b7bb9a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,83 +1,89 @@
freeipa (4.3.1-1) UNRELEASED; urgency=medium
- * New upstream snapshot.
- - refresh patches
+ * New upstream release.
- drop no-test-lang.diff, obsolete
* fix-match-hostname.diff, control: Drop the patch and python-openssl
deps, not needed anymore
- * *.install: Updated.
- * control: Add python-cryptography to build-deps and python-freeipa
- deps.
- * control: Add libp11-kit-dev to build-deps, p11-kit to server deps.
- * patches: Drop bits of platform.diff and other patches that are now
- upstream. Refresh others.
- * control: Depend on python-gssapi instead of python-kerberos/-krbV.
- * control: Add libini-config-dev and python-dbus to build-deps,
- replace wget with curl.
- * control: Bump libkrb5-dev build-dep.
- * control: Add pki-base to build-deps and pki-kra to server deps, bump
- pki-ca version.
- * control: Drop python-m2crypto from deps, obsolete.
- * control: Bump sssd deps to 1.13.1.
- * control: Add python-six to build-deps and python-freeipa deps.
- * control: Split python stuff from server, client, tests to python-
- ipa{server,client,tests}, rename python-freeipa to match and move
- translations to freeipa-common. Mark them Arch:all where possible,
- and add Breaks/Replaces.
- * prefix.patch: Fix ipalib install too.
- * control: Bump certmonger deps, add oddjob to server and oddjob-
- mkhomedir to client deps.
- * server.postinst: Use ipa-server-upgrade.
- * control: Add python-setuptools to python-ipalib deps.
- * control: Bump 389-ds-base* deps.
+ * rules, platform, server.dirs, server.install:
+ Add support for DNSSEC.
* control, rules: Add support for kdcproxy.
* control, server: Migrate to mod-auth-gssapi.
- * Split freeipa-server-dns from server.
- * admintools: Use the new location for bash completions.
* control, rules, fix-ipa-conf.diff: Add support for custodia.
- * rules: Remove obsolete configure.jar, preferences.html.
- * platform: Fix ipautil.run stdout handling, add support for systemd.
- * control: Bump server and python-ipaserver dependency on python-ldap
- to 2.4.22 to fix a bug on ipa-server-upgrade.
- * control: Bump server dependency on oddjob to 0.34.3-2.
- * server.postinst, tmpfile: Create state directories for
- mod_auth_gssapi.
- * fix-kdcproxy-paths.diff: Fix paths in kdcproxy configs.
+ * control:
+ - Add python-cryptography to build-deps and python-freeipa deps.
+ - Add libp11-kit-dev to build-deps, p11-kit to server deps.
+ - Depend on python-gssapi instead of python-kerberos/-krbV.
+ - Add libini-config-dev and python-dbus to build-deps, replace wget
+ with curl.
+ - Bump libkrb5-dev build-dep.
+ - Add pki-base to build-deps and pki-kra to server deps, bump pki-ca
+ version.
+ - Drop python-m2crypto from deps, obsolete.
+ - Bump sssd deps to 1.13.1.
+ - Add python-six to build-deps and python-freeipa deps.
+ - Split python stuff from server, client, tests to python-
+ ipa{server,client,tests}, rename python-freeipa to match and move
+ translations to freeipa-common. Mark them Arch:all where possible,
+ and add Breaks/Replaces.
+ - Add oddjob to server and oddjob-mkhomedir to client deps.
+ - Add python-setuptools to python-ipalib deps.
+ - Bump 389-ds-base* deps.
+ - Bump server and python-ipaserver dependency on python-ldap to 2.4.22
+ to fix a bug on ipa-server-upgrade.
+ - Add pki-tools to python-ipaserver deps.
+ - Add zip to python-ipaserver depends.
+ - Add python-systemd to server depends.
+ - Add opendnssec to freeipa-server-dns depends.
+ - Add python-cffi to python-ipalib depends.
+ - Bump dep on bind9-dyndb-ldap.
+ - Bump certmonger dependency to version that has helpers in the correct
+ place.
+ * patches:
+ - prefix.patch: Fix ipalib install too.
+ - Drop bits of platform.diff and other patches that are now upstream.
+ - fix-kdcproxy-paths.diff: Fix paths in kdcproxy configs.
+ - fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ - fix-replicainstall.diff: Use ldap instead of ldaps for conncheck.
+ - fix-dnssec-services.diff: Debianize ipa-dnskeysyncd & ipa-ods-
+ exporter units.
+ - create-sysconfig-ods.diff: Create an empty file for opendnssec
+ daemons, until opendnssec itself is fixed.
+ - purge-firefox-extension.diff: Clean obsolete kerberosauth.xpi.
+ - enable-mod-nss-during-setup.diff: Split from platform.diff, call
+ a2enmod/a2dismod from httpinstance.py.
+ - fix-memcached.diff: Split from platform.diff, debianize memcached
+ conf & unit.
+ - hack-libarch.diff: Don't use fedora libpaths.
* add-debian-platform.diff:
- Update paths.py to include all variables, comment out ones we don't
modify.
- Use systemwide certificate store; put ipa-ca.crt in
/usr/local/share/ca-certificates, and run update-ca-certificates
- Map smb service to smbd (LP: #1543230)
+ - Don't ship /var/cache/bind/data, fix named.conf a bit.
+ - Use DebianNoService() for dbus.
+ - Add more constants
+ * Split freeipa-server-dns from freeipa-server.
+ * server.postinst: Use ipa-server-upgrade.
+ * admintools: Use the new location for bash completions.
+ * rules: Remove obsolete configure.jar, preferences.html.
+ * platform: Fix ipautil.run stdout handling, add support for systemd.
+ * server.postinst, tmpfile: Create state directories for
+ mod_auth_gssapi.
* rules, server.install: Install scripts under /usr/lib instead of
multiarch path to avoid hacking the code too much.
* fix-ipa-otpd-install.diff, rules, server.install: Put ipa-otpd in
/usr/lib/ipa instead of directly under multiarch lib path.
* control, server*.install: Move dirsrv plugins from server-trust-ad
to server, needed on upgrades even if trust-ad isn't set up.
- * control: Add pki-tools to python-ipaserver deps.
* server: Enable mod_proxy_ajp and mod_proxy_http on postinst, disable
on postrm.
- * control: Add zip to python-ipaserver depends.
- * fix-replicainstall.diff: Use ldap instead of ldaps for conncheck.
- * ipaplatform-Move-remaining-user-group-constants-to-i.patch: Port
- various bits to use ipaplatform.constants.
- * fix-dnssec-services.diff: Debianize ipa-dnskeysyncd & ipa-ods-
- exporter units.
- * control: Add python-systemd to server depends.
- * rules, platform, server.dirs, server.install: Add support for
- DNSSEC.
- * create-sysconfig-ods.diff: Create an empty file for opendnssec
- daemons, until opendnssec itself is fixed.
- * control: Bump dep on bind9-dyndb-ldap.
* rules: Add SKIP_API_VERSION_CHECK, and adjust directories to clean.
- * control: Add opendnssec to freeipa-server-dns depends.
- * control: Add python-cffi to python-ipalib depends.
- * fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ * rules: Don't enable systemd units on install.
* client: Don't create /etc/pki/nssdb on postinst, it's not used
anymore.
- * control: Bump certmonger dependency to version that has helpers in
- the correct place.
+ * platform.diff, rules, server.install: Drop generate-rndc-key.sh, bind
+ already generates the keyfile.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
commit 5a3a2ac14ba91d8ff0dfa6416e48204aaffb81ea
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Apr 6 11:07:01 2016 +0300
control: Bump certmonger dependency to version that has helpers in the correct place.
diff --git a/debian/changelog b/debian/changelog
index b04ca1a..b754a14 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -76,6 +76,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* fix-oddjobs.diff: Fix paths and uids in oddjob configs.
* client: Don't create /etc/pki/nssdb on postinst, it's not used
anymore.
+ * control: Bump certmonger dependency to version that has helpers in
+ the correct place.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
diff --git a/debian/control b/debian/control
index c881d94..7d96031 100644
--- a/debian/control
+++ b/debian/control
@@ -72,7 +72,7 @@ Depends:
389-ds-base (>= 1.3.4.0),
acl,
apache2,
- certmonger (>= 0.78.5-2),
+ certmonger (>= 0.78.6-2),
custodia,
fonts-font-awesome,
freeipa-admintools (= ${source:Version}),
@@ -175,7 +175,7 @@ Package: freeipa-client
Architecture: any
Depends:
bind9utils,
- certmonger (>= 0.78),
+ certmonger (>= 0.78.6-2),
curl,
dnsutils,
freeipa-common (= ${source:Version}),
commit d9110a42786a8275055ecb4d5b959fba9ca509ba
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Apr 6 11:03:17 2016 +0300
client: Don't create /etc/pki/nssdb on postinst, it's not used anymore.
diff --git a/debian/changelog b/debian/changelog
index a1963cc..b04ca1a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -74,6 +74,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* control: Add opendnssec to freeipa-server-dns depends.
* control: Add python-cffi to python-ipalib depends.
* fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ * client: Don't create /etc/pki/nssdb on postinst, it's not used
+ anymore.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
diff --git a/debian/freeipa-client.postinst b/debian/freeipa-client.postinst
index e4fdd53..c4e8b79 100644
--- a/debian/freeipa-client.postinst
+++ b/debian/freeipa-client.postinst
@@ -2,13 +2,6 @@
set -e
if [ "$1" = configure ]; then
- if [ ! -f /etc/pki/nssdb/cert8.db ]; then
- tmp=$(mktemp) || exit
- printf "\n" > $tmp
- certutil -N -d /etc/pki/nssdb -f $tmp
- chmod 644 /etc/pki/nssdb/*
- rm $tmp
- fi
if [ ! -f /etc/ipa/nssdb/cert8.db ]; then
python2 -c 'from ipapython.certdb import create_ipa_nssdb; create_ipa_nssdb()' >/dev/null 2>&1
tmp=$(mktemp) || exit
More information about the Pkg-freeipa-devel
mailing list