[Pkg-freeipa-devel] [Git][freeipa-team/freeipa][master] 4 commits: server.postinst: Drop creating old ccaches for mod_auth_gssapi, obsolete.
Timo Aaltonen (@tjaalton)
gitlab at salsa.debian.org
Thu Nov 18 19:22:41 GMT 2021
Timo Aaltonen pushed to branch master at FreeIPA packaging / freeipa
Commits:
2b5cb6c3 by Timo Aaltonen at 2021-11-18T18:50:16+02:00
server.postinst: Drop creating old ccaches for mod_auth_gssapi, obsolete.
- - - - -
7bba5e75 by Timo Aaltonen at 2021-11-18T18:52:43+02:00
server.postinst: Drop old upgrade rules.
- - - - -
97062538 by Timo Aaltonen at 2021-11-18T19:11:43+02:00
patches: Fix named keytab name.
- - - - -
9fe1b05e by Timo Aaltonen at 2021-11-18T21:20:45+02:00
releasing package freeipa version 4.9.7-3
- - - - -
4 changed files:
- debian/changelog
- debian/freeipa-server.postinst
- + debian/patches/0001-ipaplatform-debian-Fix-named-keytab-name.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,16 @@
+freeipa (4.9.7-3) unstable; urgency=medium
+
+ * tests: Set KRB5_TRACE to use stderr.
+ * patches: Fix apache group properly.
+ * client: Move .tmpfile -> .tmpfiles.
+ * control: Bump debhelper to 13, gain dh_installtmpfiles being run.
+ * control, rules: Add --without-ipa-join-xml and drop libxmlrpc from depends.
+ * server.postinst: Drop creating old ccaches for mod_auth_gssapi, obsolete.
+ * server.postinst: Drop old upgrade rules.
+ * patches: Fix named keytab name.
+
+ -- Timo Aaltonen <tjaalton at debian.org> Thu, 18 Nov 2021 21:20:16 +0200
+
freeipa (4.9.7-2) unstable; urgency=medium
* lintian: Drop override on python-script-but-no-python-dep, which doesn't
=====================================
debian/freeipa-server.postinst
=====================================
@@ -17,25 +17,6 @@ if [ "$1" = configure ]; then
ipaapi > $OUT
fi
- # fix upgrade
- if dpkg --compare-versions "$2" lt "4.7.0~pre2-1"; then
- # mod_nss needs to be disabled before mod_ssl is enabled
- if [ -e /etc/apache2/mods-enabled/nss.load ]; then
- . /usr/share/apache2/apache2-maintscript-helper
- apache2_invoke dismod nss || exit $?
- # and if that's not enough, just remove the links to be sure
- rm /etc/apache2/mods-enabled/nss.load /etc/apache2/mods-enabled/nss.conf
- fi
-
- # this is new in tmpfiles.d/ipa.conf, need to create it here
- # for the upgrader
- if [ ! -e /var/run/ipa/ccaches ]; then
- mkdir /var/run/ipa/ccaches
- chown ipaapi:ipaapi /var/run/ipa/ccaches
- chmod 770 /var/run/ipa/ccaches
- fi
- fi
-
chmod 711 /var/lib/ipa/sysrestore > $OUT || true
chmod 700 /var/lib/ipa/passwds > $OUT || true
chmod 700 /var/lib/ipa/private > $OUT || true
@@ -94,18 +75,4 @@ if [ "$1" = configure ]; then
fi
fi
-if [ ! -e /run/apache2/ipa ]; then
- mkdir -m 0700 /run/apache2/ipa
- chown www-data:www-data /run/apache2/ipa
-
- if [ ! -e /run/apache2/ipa/clientcaches ]; then
- mkdir -m 0700 /run/apache2/ipa/clientcaches
- chown www-data:www-data /run/apache2/ipa/clientcaches
- fi
- if [ ! -e /run/apache2/ipa/krbcache ]; then
- mkdir -m 0700 /run/apache2/ipa/krbcache
- chown www-data:www-data /run/apache2/ipa/krbcache
- fi
-fi
-
#DEBHELPER#
=====================================
debian/patches/0001-ipaplatform-debian-Fix-named-keytab-name.patch
=====================================
@@ -0,0 +1,28 @@
+From 5814a18e99bcea70325d1d3f872d87ec1b91037d Mon Sep 17 00:00:00 2001
+From: Timo Aaltonen <tjaalton at debian.org>
+Date: Sat, 23 Oct 2021 09:36:11 +0300
+Subject: [PATCH] ipaplatform/debian: Fix named keytab name
+
+This was changed in bind9 9.16 packaging
+
+Signed-off-by: Timo Aaltonen <tjaalton at debian.org>
+---
+ ipaplatform/debian/paths.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ipaplatform/debian/paths.py b/ipaplatform/debian/paths.py
+index ff235a2e9..c596e18c2 100644
+--- a/ipaplatform/debian/paths.py
++++ b/ipaplatform/debian/paths.py
+@@ -36,7 +36,7 @@ class DebianPathNamespace(BasePathNamespace):
+ NAMED_CUSTOM_OPTIONS_CONF = "/etc/bind/ipa-options-ext.conf"
+ NAMED_LOGGING_OPTIONS_CONF = "/etc/bind/ipa-logging-ext.conf"
+ NAMED_VAR_DIR = "/var/cache/bind"
+- NAMED_KEYTAB = "/etc/bind/named.keytab"
++ NAMED_KEYTAB = "/etc/bind/krb5.keytab"
+ NAMED_RFC1912_ZONES = "/etc/bind/named.conf.default-zones"
+ NAMED_ROOT_KEY = "/etc/bind/bind.keys"
+ NAMED_MANAGED_KEYS_DIR = "/var/cache/bind/dynamic"
+--
+2.32.0
+
=====================================
debian/patches/series
=====================================
@@ -8,3 +8,4 @@ dnssec-race-wa.diff
fix-sssd-socket-activation.diff
fix-paths.diff
0001-configure-Use-HTTPD_GROUP-in-init-tmpfiles-ipa.conf..patch
+0001-ipaplatform-debian-Fix-named-keytab-name.patch
View it on GitLab: https://salsa.debian.org/freeipa-team/freeipa/-/compare/038c24afcc564a96130f7e4bd1b0a37025067406...9fe1b05eb0aa7f074425c0990e756a6411a773e3
--
View it on GitLab: https://salsa.debian.org/freeipa-team/freeipa/-/compare/038c24afcc564a96130f7e4bd1b0a37025067406...9fe1b05eb0aa7f074425c0990e756a6411a773e3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20211118/6393377f/attachment-0001.htm>
More information about the Pkg-freeipa-devel
mailing list