[Pkg-freeipa-devel] freeipa: Changes to 'ubuntu'
Timo Aaltonen
tjaalton at moszumanska.debian.org
Mon Sep 19 06:51:14 UTC 2016
Rebased ref, commits from common ancestor:
commit c56381dc37bd0e92a1b925448ec7f2aac48071d2
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Tue Apr 19 13:53:29 2016 +0300
upload to xenial
diff --git a/debian/changelog b/debian/changelog
index 7a6b9a0..78bff98 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+freeipa (4.3.1-0ubuntu1) xenial; urgency=medium
+
+ * Sync from Debian.
+
+ -- Timo Aaltonen <tjaalton at debian.org> Tue, 19 Apr 2016 00:15:05 +0300
+
freeipa (4.3.1-1) unstable; urgency=medium
* New upstream release. (Closes: #781607, #786411) (LP: #1449304)
commit d4252bb77704a1344c8b306da187df18f9a59b0d
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 17:40:53 2016 +0300
releasing package freeipa version 4.3.1-1
diff --git a/debian/changelog b/debian/changelog
index ec53044..7a6b9a0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
-freeipa (4.3.1-1) UNRELEASED; urgency=medium
+freeipa (4.3.1-1) unstable; urgency=medium
- * New upstream release.
+ * New upstream release. (Closes: #781607, #786411) (LP: #1449304)
- drop no-test-lang.diff, obsolete
* fix-match-hostname.diff, control: Drop the patch and python-openssl
deps, not needed anymore
@@ -61,7 +61,7 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
/usr/local/share/ca-certificates, and run update-ca-certificates
- Map smb service to smbd (LP: #1543230)
- Don't ship /var/cache/bind/data, fix named.conf a bit.
- - Use DebianNoService() for dbus.
+ - Use DebianNoService() for dbus. (LP: #1564981)
- Add more constants
* Split freeipa-server-dns from freeipa-server, add -dns to -server
Recommends.
@@ -86,7 +86,7 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* platform.diff, rules, server.install: Drop generate-rndc-key.sh, bind
already generates the keyfile.
- -- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
+ -- Timo Aaltonen <tjaalton at debian.org> Mon, 18 Apr 2016 17:40:32 +0300
freeipa (4.1.4-1) experimental; urgency=medium
commit 5757d7a17fbe5a5cf546a48d22e565584798112f
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 17:40:20 2016 +0300
bump opendnssec dependency
diff --git a/debian/control b/debian/control
index 39a01fe..d344e51 100644
--- a/debian/control
+++ b/debian/control
@@ -125,7 +125,7 @@ Depends:
freeipa-server (>= ${source:Version}),
bind9 (>= 1:9.10.3.dfsg.P4-8),
bind9-dyndb-ldap (>= 8.0-4),
- opendnssec,
+ opendnssec (>= 1:1.4.9-2),
${misc:Depends},
${python:Depends},
${shlibs:Depends}
commit 94b55ec6bbde5f1fd749630a9e9c2df2e8a6fba9
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Mon Apr 18 11:17:45 2016 +0300
bump certmonger, bind9, bind9-dyndb-ldap depends
diff --git a/debian/control b/debian/control
index 3870608..39a01fe 100644
--- a/debian/control
+++ b/debian/control
@@ -72,7 +72,7 @@ Depends:
389-ds-base (>= 1.3.4.0),
acl,
apache2,
- certmonger (>= 0.78.6-2),
+ certmonger (>= 0.78.6-3),
custodia,
fonts-font-awesome,
freeipa-admintools (= ${source:Version}),
@@ -123,8 +123,8 @@ Breaks: freeipa-server (<< 4.3.0-1)
Replaces: freeipa-server (<< 4.3.0-1)
Depends:
freeipa-server (>= ${source:Version}),
- bind9,
- bind9-dyndb-ldap (>= 8.0-2),
+ bind9 (>= 1:9.10.3.dfsg.P4-8),
+ bind9-dyndb-ldap (>= 8.0-4),
opendnssec,
${misc:Depends},
${python:Depends},
@@ -177,7 +177,7 @@ Package: freeipa-client
Architecture: any
Depends:
bind9utils,
- certmonger (>= 0.78.6-2),
+ certmonger (>= 0.78.6-3),
curl,
dnsutils,
freeipa-common (= ${source:Version}),
commit 61e8e82eb34b21c05e61904d690841f959901366
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Thu Apr 14 14:55:02 2016 +0300
add server-dns to server Recommends to make sure upgrades work
diff --git a/debian/changelog b/debian/changelog
index 7b7bb9a..ec53044 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -63,7 +63,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
- Don't ship /var/cache/bind/data, fix named.conf a bit.
- Use DebianNoService() for dbus.
- Add more constants
- * Split freeipa-server-dns from freeipa-server.
+ * Split freeipa-server-dns from freeipa-server, add -dns to -server
+ Recommends.
* server.postinst: Use ipa-server-upgrade.
* admintools: Use the new location for bash completions.
* rules: Remove obsolete configure.jar, preferences.html.
diff --git a/debian/control b/debian/control
index 7d96031..3870608 100644
--- a/debian/control
+++ b/debian/control
@@ -107,6 +107,8 @@ Depends:
${misc:Depends},
${python:Depends},
${shlibs:Depends}
+Recommends:
+ freeipa-server-dns,
Description: FreeIPA centralized identity framework -- server
FreeIPA is an integrated solution to provide centrally managed Identity
(machine, user, virtual machines, groups, authentication credentials), Policy
commit 1a0ccf6b3f06e695cea20d60276a9547fde85a7d
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Thu Apr 7 18:29:31 2016 +0300
changelog rewrite
diff --git a/debian/changelog b/debian/changelog
index b754a14..7b7bb9a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,83 +1,89 @@
freeipa (4.3.1-1) UNRELEASED; urgency=medium
- * New upstream snapshot.
- - refresh patches
+ * New upstream release.
- drop no-test-lang.diff, obsolete
* fix-match-hostname.diff, control: Drop the patch and python-openssl
deps, not needed anymore
- * *.install: Updated.
- * control: Add python-cryptography to build-deps and python-freeipa
- deps.
- * control: Add libp11-kit-dev to build-deps, p11-kit to server deps.
- * patches: Drop bits of platform.diff and other patches that are now
- upstream. Refresh others.
- * control: Depend on python-gssapi instead of python-kerberos/-krbV.
- * control: Add libini-config-dev and python-dbus to build-deps,
- replace wget with curl.
- * control: Bump libkrb5-dev build-dep.
- * control: Add pki-base to build-deps and pki-kra to server deps, bump
- pki-ca version.
- * control: Drop python-m2crypto from deps, obsolete.
- * control: Bump sssd deps to 1.13.1.
- * control: Add python-six to build-deps and python-freeipa deps.
- * control: Split python stuff from server, client, tests to python-
- ipa{server,client,tests}, rename python-freeipa to match and move
- translations to freeipa-common. Mark them Arch:all where possible,
- and add Breaks/Replaces.
- * prefix.patch: Fix ipalib install too.
- * control: Bump certmonger deps, add oddjob to server and oddjob-
- mkhomedir to client deps.
- * server.postinst: Use ipa-server-upgrade.
- * control: Add python-setuptools to python-ipalib deps.
- * control: Bump 389-ds-base* deps.
+ * rules, platform, server.dirs, server.install:
+ Add support for DNSSEC.
* control, rules: Add support for kdcproxy.
* control, server: Migrate to mod-auth-gssapi.
- * Split freeipa-server-dns from server.
- * admintools: Use the new location for bash completions.
* control, rules, fix-ipa-conf.diff: Add support for custodia.
- * rules: Remove obsolete configure.jar, preferences.html.
- * platform: Fix ipautil.run stdout handling, add support for systemd.
- * control: Bump server and python-ipaserver dependency on python-ldap
- to 2.4.22 to fix a bug on ipa-server-upgrade.
- * control: Bump server dependency on oddjob to 0.34.3-2.
- * server.postinst, tmpfile: Create state directories for
- mod_auth_gssapi.
- * fix-kdcproxy-paths.diff: Fix paths in kdcproxy configs.
+ * control:
+ - Add python-cryptography to build-deps and python-freeipa deps.
+ - Add libp11-kit-dev to build-deps, p11-kit to server deps.
+ - Depend on python-gssapi instead of python-kerberos/-krbV.
+ - Add libini-config-dev and python-dbus to build-deps, replace wget
+ with curl.
+ - Bump libkrb5-dev build-dep.
+ - Add pki-base to build-deps and pki-kra to server deps, bump pki-ca
+ version.
+ - Drop python-m2crypto from deps, obsolete.
+ - Bump sssd deps to 1.13.1.
+ - Add python-six to build-deps and python-freeipa deps.
+ - Split python stuff from server, client, tests to python-
+ ipa{server,client,tests}, rename python-freeipa to match and move
+ translations to freeipa-common. Mark them Arch:all where possible,
+ and add Breaks/Replaces.
+ - Add oddjob to server and oddjob-mkhomedir to client deps.
+ - Add python-setuptools to python-ipalib deps.
+ - Bump 389-ds-base* deps.
+ - Bump server and python-ipaserver dependency on python-ldap to 2.4.22
+ to fix a bug on ipa-server-upgrade.
+ - Add pki-tools to python-ipaserver deps.
+ - Add zip to python-ipaserver depends.
+ - Add python-systemd to server depends.
+ - Add opendnssec to freeipa-server-dns depends.
+ - Add python-cffi to python-ipalib depends.
+ - Bump dep on bind9-dyndb-ldap.
+ - Bump certmonger dependency to version that has helpers in the correct
+ place.
+ * patches:
+ - prefix.patch: Fix ipalib install too.
+ - Drop bits of platform.diff and other patches that are now upstream.
+ - fix-kdcproxy-paths.diff: Fix paths in kdcproxy configs.
+ - fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ - fix-replicainstall.diff: Use ldap instead of ldaps for conncheck.
+ - fix-dnssec-services.diff: Debianize ipa-dnskeysyncd & ipa-ods-
+ exporter units.
+ - create-sysconfig-ods.diff: Create an empty file for opendnssec
+ daemons, until opendnssec itself is fixed.
+ - purge-firefox-extension.diff: Clean obsolete kerberosauth.xpi.
+ - enable-mod-nss-during-setup.diff: Split from platform.diff, call
+ a2enmod/a2dismod from httpinstance.py.
+ - fix-memcached.diff: Split from platform.diff, debianize memcached
+ conf & unit.
+ - hack-libarch.diff: Don't use fedora libpaths.
* add-debian-platform.diff:
- Update paths.py to include all variables, comment out ones we don't
modify.
- Use systemwide certificate store; put ipa-ca.crt in
/usr/local/share/ca-certificates, and run update-ca-certificates
- Map smb service to smbd (LP: #1543230)
+ - Don't ship /var/cache/bind/data, fix named.conf a bit.
+ - Use DebianNoService() for dbus.
+ - Add more constants
+ * Split freeipa-server-dns from freeipa-server.
+ * server.postinst: Use ipa-server-upgrade.
+ * admintools: Use the new location for bash completions.
+ * rules: Remove obsolete configure.jar, preferences.html.
+ * platform: Fix ipautil.run stdout handling, add support for systemd.
+ * server.postinst, tmpfile: Create state directories for
+ mod_auth_gssapi.
* rules, server.install: Install scripts under /usr/lib instead of
multiarch path to avoid hacking the code too much.
* fix-ipa-otpd-install.diff, rules, server.install: Put ipa-otpd in
/usr/lib/ipa instead of directly under multiarch lib path.
* control, server*.install: Move dirsrv plugins from server-trust-ad
to server, needed on upgrades even if trust-ad isn't set up.
- * control: Add pki-tools to python-ipaserver deps.
* server: Enable mod_proxy_ajp and mod_proxy_http on postinst, disable
on postrm.
- * control: Add zip to python-ipaserver depends.
- * fix-replicainstall.diff: Use ldap instead of ldaps for conncheck.
- * ipaplatform-Move-remaining-user-group-constants-to-i.patch: Port
- various bits to use ipaplatform.constants.
- * fix-dnssec-services.diff: Debianize ipa-dnskeysyncd & ipa-ods-
- exporter units.
- * control: Add python-systemd to server depends.
- * rules, platform, server.dirs, server.install: Add support for
- DNSSEC.
- * create-sysconfig-ods.diff: Create an empty file for opendnssec
- daemons, until opendnssec itself is fixed.
- * control: Bump dep on bind9-dyndb-ldap.
* rules: Add SKIP_API_VERSION_CHECK, and adjust directories to clean.
- * control: Add opendnssec to freeipa-server-dns depends.
- * control: Add python-cffi to python-ipalib depends.
- * fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ * rules: Don't enable systemd units on install.
* client: Don't create /etc/pki/nssdb on postinst, it's not used
anymore.
- * control: Bump certmonger dependency to version that has helpers in
- the correct place.
+ * platform.diff, rules, server.install: Drop generate-rndc-key.sh, bind
+ already generates the keyfile.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
commit 5a3a2ac14ba91d8ff0dfa6416e48204aaffb81ea
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Apr 6 11:07:01 2016 +0300
control: Bump certmonger dependency to version that has helpers in the correct place.
diff --git a/debian/changelog b/debian/changelog
index b04ca1a..b754a14 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -76,6 +76,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* fix-oddjobs.diff: Fix paths and uids in oddjob configs.
* client: Don't create /etc/pki/nssdb on postinst, it's not used
anymore.
+ * control: Bump certmonger dependency to version that has helpers in
+ the correct place.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
diff --git a/debian/control b/debian/control
index c881d94..7d96031 100644
--- a/debian/control
+++ b/debian/control
@@ -72,7 +72,7 @@ Depends:
389-ds-base (>= 1.3.4.0),
acl,
apache2,
- certmonger (>= 0.78.5-2),
+ certmonger (>= 0.78.6-2),
custodia,
fonts-font-awesome,
freeipa-admintools (= ${source:Version}),
@@ -175,7 +175,7 @@ Package: freeipa-client
Architecture: any
Depends:
bind9utils,
- certmonger (>= 0.78),
+ certmonger (>= 0.78.6-2),
curl,
dnsutils,
freeipa-common (= ${source:Version}),
commit d9110a42786a8275055ecb4d5b959fba9ca509ba
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Apr 6 11:03:17 2016 +0300
client: Don't create /etc/pki/nssdb on postinst, it's not used anymore.
diff --git a/debian/changelog b/debian/changelog
index a1963cc..b04ca1a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -74,6 +74,8 @@ freeipa (4.3.1-1) UNRELEASED; urgency=medium
* control: Add opendnssec to freeipa-server-dns depends.
* control: Add python-cffi to python-ipalib depends.
* fix-oddjobs.diff: Fix paths and uids in oddjob configs.
+ * client: Don't create /etc/pki/nssdb on postinst, it's not used
+ anymore.
-- Timo Aaltonen <tjaalton at debian.org> Sat, 03 Oct 2015 08:56:31 +0300
diff --git a/debian/freeipa-client.postinst b/debian/freeipa-client.postinst
index e4fdd53..c4e8b79 100644
--- a/debian/freeipa-client.postinst
+++ b/debian/freeipa-client.postinst
@@ -2,13 +2,6 @@
set -e
if [ "$1" = configure ]; then
- if [ ! -f /etc/pki/nssdb/cert8.db ]; then
- tmp=$(mktemp) || exit
- printf "\n" > $tmp
- certutil -N -d /etc/pki/nssdb -f $tmp
- chmod 644 /etc/pki/nssdb/*
- rm $tmp
- fi
if [ ! -f /etc/ipa/nssdb/cert8.db ]; then
python2 -c 'from ipapython.certdb import create_ipa_nssdb; create_ipa_nssdb()' >/dev/null 2>&1
tmp=$(mktemp) || exit
commit 8605c7b6e2d560bbe2dacb3cf31d1c161cba98a8
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Mar 30 06:49:02 2016 +0300
rules: Don't enable systemd units on install.
diff --git a/debian/rules b/debian/rules
index 3721bcf..2647fe7 100755
--- a/debian/rules
+++ b/debian/rules
@@ -108,6 +108,13 @@ endif
override_dh_install:
dh_install --fail-missing
+override_dh_systemd_enable:
+ dh_systemd_enable -pfreeipa-server --no-enable ipa.service
+ dh_systemd_enable -pfreeipa-server --no-enable ipa_memcached.service
+ dh_systemd_enable -pfreeipa-server --no-enable ipa-dnskeysyncd.service
+ dh_systemd_enable -pfreeipa-server --no-enable ipa-custodia.service
+ dh_systemd_enable -pfreeipa-server --no-enable ipa-ods-exporter.service
+
override_dh_fixperms:
dh_fixperms
chmod 0700 $(CURDIR)/debian/freeipa-server/etc/ipa/custodia
commit b6186dd3aef59f455df8ee001341bb14f5fc24da
Author: Timo Aaltonen <tjaalton at debian.org>
Date: Wed Mar 30 06:48:18 2016 +0300
purge-firefox-extension.diff: Clean obsolete kerberosauth.xpi
diff --git a/debian/freeipa-server.install b/debian/freeipa-server.install
index 9acd28c..8ef3ff1 100644
--- a/debian/freeipa-server.install
+++ b/debian/freeipa-server.install
@@ -59,7 +59,6 @@ usr/share/ipa/*.template
usr/share/ipa/*.uldif
usr/share/ipa/advise/legacy/*.template
usr/share/ipa/copy-schema-to-ca.py
-usr/share/ipa/ffextension/*
usr/share/ipa/html/*
usr/share/ipa/ipa-pki-proxy.conf
usr/share/ipa/ipa-rewrite.conf
diff --git a/debian/patches/purge-firefox-extension.diff b/debian/patches/purge-firefox-extension.diff
new file mode 100644
index 0000000..2339516
--- /dev/null
+++ b/debian/patches/purge-firefox-extension.diff
@@ -0,0 +1,682 @@
+commit 5d6e79b8f03198056103a31acc20536f8323756d
+Author: Timo Aaltonen <tjaalton at debian.org>
+Date: Tue Mar 29 21:33:15 2016 +0300
+
+ Purge firefox extension
+
+diff --git a/freeipa.spec.in b/freeipa.spec.in
+index b0861d8..67152f6 100644
+--- a/freeipa.spec.in
++++ b/freeipa.spec.in
+@@ -158,7 +158,6 @@ Requires: pki-ca >= 10.2.6-13
+ Requires: pki-kra >= 10.2.6-13
+ Requires(preun): python systemd-units
+ Requires(postun): python systemd-units
+-Requires: zip
+ Requires: policycoreutils >= 2.1.12-5
+ Requires: tar
+ Requires(pre): certmonger >= 0.78
+diff --git a/install/Makefile.am b/install/Makefile.am
+index ac52ad3..d13ecb7 100644
+--- a/install/Makefile.am
++++ b/install/Makefile.am
+@@ -7,7 +7,6 @@ NULL =
+ SUBDIRS = \
+ certmonger \
+ conf \
+- ffextension \
+ html \
+ migration \
+ share \
+diff --git a/install/ffextension/Makefile.am b/install/ffextension/Makefile.am
+deleted file mode 100644
+index 7a72205..0000000
+--- a/install/ffextension/Makefile.am
++++ /dev/null
+@@ -1,23 +0,0 @@
+-AUTOMAKE_OPTIONS = 1.7
+-
+-NULL =
+-
+-SUBDIRS = \
+- chrome \
+- locale \
+- $(NULL)
+-
+-appdir = $(IPA_DATA_DIR)/ffextension
+-app_DATA = \
+- bootstrap.js \
+- chrome.manifest \
+- install.rdf \
+- $(NULL)
+-
+-EXTRA_DIST = \
+- $(app_DATA) \
+- $(NULL)
+-
+-MAINTAINERCLEANFILES = \
+- *~ \
+- Makefile.in
+diff --git a/install/ffextension/bootstrap.js b/install/ffextension/bootstrap.js
+deleted file mode 100644
+index 7e2ae57..0000000
+--- a/install/ffextension/bootstrap.js
++++ /dev/null
+@@ -1,88 +0,0 @@
+-// Heavily inspired by Dave Townsend's post:
+-// Playing with windows in restartless (bootstrapped) extensions
+-// http://www.oxymoronical.com/blog/2011/01/Playing-with-windows-in-restartless-bootstrapped-extensions
+-
+-const Cc = Components.classes;
+-const Ci = Components.interfaces;
+-const Cu = Components.utils;
+-
+-var WindowListener = {
+-
+- setupBrowserUI: function(domWindow) {
+- var doc = domWindow.document;
+- domWindow.kerberosauth_listener = kerberosauth_listener(domWindow);
+- doc.addEventListener('kerberos-auth-config', domWindow.kerberosauth_listener, false, true);
+- },
+-
+- tearDownBrowserUI: function(domWindow) {
+-
+- var doc = domWindow.document;
+- doc.removeEventListener('kerberos-auth-config', domWindow.kerberosauth_listener);
+- delete domWindow.kerberosauth_listener;
+- },
+-
+- // nsIWindowMediatorListener functions
+- onOpenWindow: function(xulWindow) {
+- // A new window has opened
+- var domWindow = xulWindow.QueryInterface(Ci.nsIInterfaceRequestor).
+- getInterface(Ci.nsIDOMWindowInternal);
+-
+- // Wait for it to finish loading
+- domWindow.addEventListener("load", function listener() {
+- domWindow.removeEventListener("load", listener, false);
+-
+- // If this is a browser window then setup its UI
+- if (domWindow.document.documentElement.getAttribute("windowtype") === "navigator:browser") {
+- WindowListener.setupBrowserUI(domWindow);
+- }
+- }, false);
+- },
+-
+- onCloseWindow: function(xulWindow) {
+- },
+-
+- onWindowTitleChange: function(xulWindow, newTitle) {
+- }
+-};
+-
+-function startup(data, reason) {
+- var wm = Cc["@mozilla.org/appshell/window-mediator;1"].getService(Ci.nsIWindowMediator);
+-
+- Cu['import']("chrome://kerberosauth/content/kerberosauth.js");
+-
+- // Get the list of browser windows already open
+- var windows = wm.getEnumerator("navigator:browser");
+- while (windows.hasMoreElements()) {
+- var domWindow = windows.getNext().QueryInterface(Ci.nsIDOMWindow);
+-
+- WindowListener.setupBrowserUI(domWindow);
+- }
+-
+- // Wait for any new browser windows to open
+- wm.addListener(WindowListener);
+-}
+-
+-function shutdown(data, reason) {
+- // When the application is shutting down we normally don't have to clean
+- // up any UI changes made
+- if (reason == APP_SHUTDOWN)
+- return;
+-
+- var wm = Cc["@mozilla.org/appshell/window-mediator;1"].
+- getService(Ci.nsIWindowMediator);
+-
+- // Get the list of browser windows already open
+- var windows = wm.getEnumerator("navigator:browser");
+- while (windows.hasMoreElements()) {
+- var domWindow = windows.getNext().QueryInterface(Ci.nsIDOMWindow);
+- WindowListener.tearDownBrowserUI(domWindow);
+- }
+-
+- // Stop listening for any new browser windows to open
+- wm.removeListener(WindowListener);
+-
+- Cu.unload("chrome://kerberosauth/content/kerberosauth.js");
+-}
+-
+-function install() {}
+-function uninstall() {}
+\ No newline at end of file
+diff --git a/install/ffextension/chrome.manifest b/install/ffextension/chrome.manifest
+deleted file mode 100644
+index 775d3a3..0000000
+--- a/install/ffextension/chrome.manifest
++++ /dev/null
+@@ -1,4 +0,0 @@
+-content kerberosauth chrome/content/
+-resource kerberosauth chrome/content/
+-overlay chrome://browser/content/browser.xul resource://kerberosauth/kerberosauth_overlay.xul
+-locale kerberosauth en-US locale/en-US/
+\ No newline at end of file
+diff --git a/install/ffextension/chrome/Makefile.am b/install/ffextension/chrome/Makefile.am
+deleted file mode 100644
+index 10d23a7..0000000
+--- a/install/ffextension/chrome/Makefile.am
++++ /dev/null
+@@ -1,19 +0,0 @@
+-AUTOMAKE_OPTIONS = 1.7
+-
+-NULL =
+-
+-SUBDIRS = \
+- content \
+- $(NULL)
+-
+-appdir = $(IPA_DATA_DIR)/ffextension/chrome
+-app_DATA = \
+- $(NULL)
+-
+-EXTRA_DIST = \
+- $(app_DATA) \
+- $(NULL)
+-
+-MAINTAINERCLEANFILES = \
+- *~ \
+- Makefile.in
+diff --git a/install/ffextension/chrome/content/Makefile.am b/install/ffextension/chrome/content/Makefile.am
+deleted file mode 100644
+index 7ff81e5..0000000
+--- a/install/ffextension/chrome/content/Makefile.am
++++ /dev/null
+@@ -1,17 +0,0 @@
+-AUTOMAKE_OPTIONS = 1.7
+-
+-NULL =
+-
+-appdir = $(IPA_DATA_DIR)/ffextension/chrome/content
+-app_DATA = \
+- kerberosauth_overlay.xul \
+- kerberosauth.js \
+- $(NULL)
+-
+-EXTRA_DIST = \
+- $(app_DATA) \
+- $(NULL)
+-
+-MAINTAINERCLEANFILES = \
+- *~ \
+- Makefile.in
+diff --git a/install/ffextension/chrome/content/kerberosauth.js b/install/ffextension/chrome/content/kerberosauth.js
+deleted file mode 100644
+index c5afde9..0000000
+--- a/install/ffextension/chrome/content/kerberosauth.js
++++ /dev/null
+@@ -1,197 +0,0 @@
+-/* Authors:
+- * Petr Vobornik <pvoborni at redhat.com>
+- *
+- * Copyright (C) 2012 Red Hat
+- * see file 'COPYING' for use and warranty information
+- *
+- * This program is free software; you can redistribute it and/or modify
+- * it under the terms of the GNU General Public License as published by
+- * the Free Software Foundation, either version 3 of the License, or
+- * (at your option) any later version.
+- *
+- * This program is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU General Public License for more details.
+- *
+- * You should have received a copy of the GNU General Public License
+- * along with this program. If not, see <http://www.gnu.org/licenses/>.
+- */
+-
+-var EXPORTED_SYMBOLS = ["kerberosauth", "kerberosauth_listener"];
+-
+-var Cc = Components.classes;
+-var Ci = Components.interfaces;
+-
+-var kerberosauth = {
+-
+- // Dictionary of configuration options this extension can configure.
+- // An alias (key) is set for each options. Using a set of aliases limits
+- // configuration pages from supplying potential malicious options.
+- config_options: {
+- referer: ['network.http.sendRefererHeader', 'int'],
+- native_gss_lib: ['network.negotiate-auth.using-native-gsslib', 'bool'],
+- trusted_uris: ['network.negotiate-auth.trusted-uris', 'str'],
+- allow_proxies: ['network.negotiate-auth.allow-proxies', 'bool']
+- },
+-
+- // Some preconfigurations to make things easier. Can be good if UI is added
+- // (mostly for future usage).
+- predefined_configurations: {
+- ipa: {
+- referer: '2',
+- native_gss_lib: 'true',
+- trusted_uris: '',
+- allow_proxies: 'true',
+- append: ['trusted_uris']
+- }
+- },
+-
+- page_listener: function(event, dom_window) {
+-
+- var self = this;
+-
+- var conf = {
+- event: event,
+- window: dom_window || window,
+- element: event.target
+- };
+-
+- if (!conf.element.hasAttribute('method')) return;
+-
+- var method = conf.element.getAttribute('method');
+-
+- if (method === 'configure') self.configure(conf);
+- if (method === 'can_configure') self.send_response(conf.element, { answer: 'true' });
+- },
+-
+- send_response: function(element, options) {
+-
+- options = options || {};
+-
+- var doc = element.ownerDocument;
+-
+- for (var opt in options) {
+- element.setAttribute(opt, options[opt]);
+- }
+-
+- var answer_event = doc.createEvent("HTMLEvents");
+- answer_event.initEvent("kerberos-auth-answer", true, false);
+- element.dispatchEvent(answer_event);
+- },
+-
+- notify_installed: function(window) {
+- var doc = window.document;
+- var event = doc.createEvent("HTMLEvents");
+- event.initEvent("kerberos-auth-installed", true, false);
+- doc.dispatchEvent(event);
+- },
+-
+- configure: function(conf) {
+- var self = this;
+-
+- var options = {}; // options to be configured
+- var opt;
+-
+- // use predefined configuration if supplied
+- if (conf.element.hasAttribute('predefined')) {
+- var predefined = conf.element.getAttribute('predefined');
+-
+- var pconfig = self.predefined_configurations[predefined];
+- if (pconfig) {
+- for (opt in pconfig) {
+- options[opt] = pconfig[opt];
+- }
+- }
+- }
+-
+- // overwrite predefined with supplied and only supported options
+- for (var i=0; i < conf.element.attributes.length; i++) {
+- var attr = conf.element.attributes[i].name;
+- if (attr in self.config_options) {
+- options[attr] = conf.element.getAttribute(attr);
+- }
+- }
+-
+- if (self.prompt(conf, options)) {
+- self.configure_core(conf, options);
+- self.send_response(conf.element, { answer: 'configured' });
+- } else {
+- self.send_response(conf.element, { answer: 'aborted' });
+- }
+- },
+-
+- configure_core: function(conf, options) {
+-
+- var self = this;
+-
+- var prefs = Cc["@mozilla.org/preferences-service;1"].getService(Ci.nsIPrefBranch);
+- var append_opts = options.append || [];
+-
+- for (var opt in options) {
+-
+- if (!self.config_options[opt]) continue;
+-
+- var name = self.config_options[opt][0];
+- var type = self.config_options[opt][1];
+- var value = options[opt];
+-
+- if (type === 'str') {
+- if (value && append_opts.indexOf(opt) > -1) {
+- var current = prefs.getCharPref(name) || '';
+- if (this.str_contains(current, value)) {
+- continue;
+- } else if (current) {
+- value = current + ', ' + value;
+- }
+- }
+- prefs.setCharPref(name, value);
+- } else if (type ==='int') {
+- prefs.setIntPref(name, Number(value));
+- } else if (type === 'bool') {
+- prefs.setBoolPref(name, value === 'true');
+- }
+- }
+- },
+-
+- str_contains: function(str, value) {
+-
+- if (!str) return false;
+- var vals = str.split(',');
+- for (var i=0, l=vals.length; i<l; i++) {
+- if (vals[i].trim() === value) return true;
+- }
+- return false;
+- },
+-
+- prompt: function(conf, options) {
+- var strs = Cc["@mozilla.org/intl/stringbundle;1"].
+- getService(Ci.nsIStringBundleService).
+- createBundle("chrome://kerberosauth/locale/kerberosauth.properties");
+-
+- var prompts = Cc["@mozilla.org/embedcomp/prompt-service;1"].
+- getService(Ci.nsIPromptService);
+-
+- var title = strs.GetStringFromName('prompt_title');
+- var text = strs.GetStringFromName('prompt_topic');
+-
+- if (options.trusted_uris) {
+- text += strs.GetStringFromName('prompt_domain').replace('${domain}', options.trusted_uris);
+- }
+- text += strs.GetStringFromName('prompt_question');
+-
+- var flags = prompts.STD_YES_NO_BUTTONS;
+-
+- var confirmed = prompts.confirmEx(conf.window, title, text, flags, "","","",
+- null,{value: false}) === 0;
+- return confirmed;
+- }
+-};
+-
+-var kerberosauth_listener = function(window) {
+-
+- return function(event) {
+-
+- kerberosauth.page_listener(event, window);
+- };
+-};
+\ No newline at end of file
+diff --git a/install/ffextension/chrome/content/kerberosauth_overlay.xul b/install/ffextension/chrome/content/kerberosauth_overlay.xul
+deleted file mode 100644
+index acad079..0000000
+--- a/install/ffextension/chrome/content/kerberosauth_overlay.xul
++++ /dev/null
+@@ -1,9 +0,0 @@
+-<?xml version="1.0"?>
+-
+-<overlay id="kerberosauthOverlay" xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+-
+- <script type="application/x-javascript">
+- Components.utils['import']("resource://kerberosauth/kerberosauth.js");
+- window.addEventListener('kerberos-auth-config', kerberosauth_listener(window), false, true);
+- </script>
+-</overlay>
+\ No newline at end of file
+diff --git a/install/ffextension/install.rdf b/install/ffextension/install.rdf
+deleted file mode 100644
+index d931f19..0000000
+--- a/install/ffextension/install.rdf
++++ /dev/null
+@@ -1,26 +0,0 @@
+-<?xml version="1.0"?>
+-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+- xmlns:em="http://www.mozilla.org/2004/em-rdf#">
+-
+- <Description about="urn:mozilla:install-manifest">
+-
+- <em:id>kerberosauth at redhat.com</em:id>
+- <em:name>Kerberos Configuration</em:name>
+- <em:version>0.1</em:version>
+- <em:description>Configures browser to use negotiate authentication</em:description>
+- <em:type>2</em:type>
+- <em:creator>Red Hat, Inc.</em:creator>
+- <em:developer>Petr Vobornik</em:developer>
+- <em:homepageURL>http://www.redhat.com/</em:homepageURL>
+- <em:bootstrap>true</em:bootstrap>
+-
+- <!-- Firefox -->
+- <em:targetApplication>
+- <Description>
+- <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
+- <em:minVersion>10.0</em:minVersion>
+- <em:maxVersion>15.0.*</em:maxVersion>
+- </Description>
+- </em:targetApplication>
+- </Description>
+-</RDF>
+\ No newline at end of file
+diff --git a/install/ffextension/locale/Makefile.am b/install/ffextension/locale/Makefile.am
+deleted file mode 100644
+index 7e64536..0000000
+--- a/install/ffextension/locale/Makefile.am
++++ /dev/null
+@@ -1,19 +0,0 @@
+-AUTOMAKE_OPTIONS = 1.7
+-
+-NULL =
+-
+-SUBDIRS = \
+- en-US \
+- $(NULL)
+-
+-appdir = $(IPA_DATA_DIR)/ffextension/locale
+-app_DATA = \
+- $(NULL)
+-
+-EXTRA_DIST = \
+- $(app_DATA) \
+- $(NULL)
+-
+-MAINTAINERCLEANFILES = \
+- *~ \
+- Makefile.in
+diff --git a/install/ffextension/locale/en-US/Makefile.am b/install/ffextension/locale/en-US/Makefile.am
+deleted file mode 100644
+index d19e8c7..0000000
+--- a/install/ffextension/locale/en-US/Makefile.am
++++ /dev/null
+@@ -1,16 +0,0 @@
+-AUTOMAKE_OPTIONS = 1.7
+-
+-NULL =
+-
+-appdir = $(IPA_DATA_DIR)/ffextension/locale/en-US
+-app_DATA = \
+- kerberosauth.properties \
+- $(NULL)
+-
+-EXTRA_DIST = \
+- $(app_DATA) \
+- $(NULL)
+-
+-MAINTAINERCLEANFILES = \
+- *~ \
+- Makefile.in
+diff --git a/install/ffextension/locale/en-US/kerberosauth.properties b/install/ffextension/locale/en-US/kerberosauth.properties
+deleted file mode 100644
+index b822535..0000000
+--- a/install/ffextension/locale/en-US/kerberosauth.properties
++++ /dev/null
+@@ -1,4 +0,0 @@
+-prompt_title=Kerberos configuration confirmation
+-prompt_topic=The page you are visiting is trying to configure Firefox for Kerberos authentication.
+-prompt_domain=\n\nDomain: ${domain}
+-prompt_question=\n\nDo you want to configure the browser?
+\ No newline at end of file
+diff --git a/install/share/Makefile.am b/install/share/Makefile.am
+index b4cb831..b666bb2 100644
+--- a/install/share/Makefile.am
++++ b/install/share/Makefile.am
+@@ -51,7 +51,6 @@ app_DATA = \
+ krb5.conf.template \
+ krb5.ini.template \
+ krb.con.template \
+- krb.js.template \
+ krbrealm.con.template \
+ smb.conf.template \
+ smb.conf.empty \
+diff --git a/install/share/krb.js.template b/install/share/krb.js.template
+deleted file mode 100644
+index e7ea055..0000000
+--- a/install/share/krb.js.template
++++ /dev/null
+@@ -1,2 +0,0 @@
+-var IPA_REALM = "$REALM";
+-var IPA_DOMAIN = "$DOMAIN";
+\ No newline at end of file
+diff --git a/ipaplatform/base/paths.py b/ipaplatform/base/paths.py
+index 1b79015..19dffb0 100644
+--- a/ipaplatform/base/paths.py
++++ b/ipaplatform/base/paths.py
+@@ -180,7 +180,6 @@ class BasePathNamespace(object):
+ BIN_TIMEOUT = "/usr/bin/timeout"
+ UPDATE_CA_TRUST = "/usr/bin/update-ca-trust"
+ BIN_CURL = "/usr/bin/curl"
+- ZIP = "/usr/bin/zip"
+ BIND_LDAP_SO = "/usr/lib/bind/ldap.so"
+ BIND_LDAP_DNS_IPA_WORKDIR = "/var/named/dyndb-ldap/ipa/"
+ BIND_LDAP_DNS_ZONE_WORKDIR = "/var/named/dyndb-ldap/ipa/master/"
+@@ -223,12 +222,9 @@ class BasePathNamespace(object):
+ USERADD = "/usr/sbin/useradd"
+ USR_SHARE_IPA_DIR = "/usr/share/ipa/"
+ CA_TOPOLOGY_ULDIF = "/usr/share/ipa/ca-topology.uldif"
More information about the Pkg-freeipa-devel
mailing list