[shibboleth-sp2] 05/12: Revert all patches in preparation for gbp-pq switch
Russ Allbery
rra at stanford.edu
Mon Mar 17 08:20:17 UTC 2014
This is an automated email from the git hooks/post-receive script.
rra pushed a commit to branch master
in repository shibboleth-sp2.
commit 6c413e1bac05c92db2e0cbb3d0dd5f1c0ecdb0e7
Author: Russ Allbery <rra at debian.org>
Date: Sun Mar 16 16:15:29 2014 -0700
Revert all patches in preparation for gbp-pq switch
Patches will be managed using a patch queue going forward. Revert
the patches applied directly to the master branch in preparation.
Note that this commit is intermediate between two working states
and will not build on its own.
---
configs/Makefile.am | 2 +-
configs/keygen.sh | 9 +--
configs/native.logger.in | 44 +++++----------
configs/shibd-debian.in | 143 ++++++++++-------------------------------------
configure.ac | 3 +-
schemas/Makefile.am | 3 +-
schemas/catalog.xml.in | 2 -
7 files changed, 47 insertions(+), 159 deletions(-)
diff --git a/configs/Makefile.am b/configs/Makefile.am
index 841f9de..ee90def 100644
--- a/configs/Makefile.am
+++ b/configs/Makefile.am
@@ -4,7 +4,7 @@ AUTOMAKE_OPTIONS = foreign
pkglibdir = ${libdir}/@PACKAGE_NAME@
pkglogdir = ${localstatedir}/log/@PACKAGE_NAME@
-shirelogdir = ${localstatedir}/log/apache2
+shirelogdir = ${localstatedir}/log/httpd
pkgxmldir = $(datadir)/xml/@PACKAGE_NAME@
pkgwebdir = $(datadir)/@PACKAGE_NAME@
pkgrundir = $(localstatedir)/run/@PACKAGE_NAME@
diff --git a/configs/keygen.sh b/configs/keygen.sh
index 7787b63..4ee69f6 100755
--- a/configs/keygen.sh
+++ b/configs/keygen.sh
@@ -1,11 +1,5 @@
#! /bin/sh
-# Defaults added for Debian. They can still be overridden by command-line
-# options.
-OUT=/etc/shibboleth
-USER=_shibd
-GROUP=_shibd
-
while getopts h:u:g:o:e:y:bf c
do
case $c in
@@ -38,9 +32,8 @@ if [ -s $OUT/sp-key.pem -o -s $OUT/sp-cert.pem ] ; then
exit 0
fi
-# --fqdn flag added for Debian to generate better names for certificates.
if [ -z "$FQDN" ] ; then
- FQDN=`hostname --fqdn`
+ FQDN=`hostname`
fi
if [ -z "$YEARS" ] ; then
diff --git a/configs/native.logger.in b/configs/native.logger.in
index 5785d7e..52a90ae 100644
--- a/configs/native.logger.in
+++ b/configs/native.logger.in
@@ -1,9 +1,5 @@
# set overall behavior
-#
-# Debian: remove warn_log. All logs go to syslog, so there's no need to
-# have multiple log destinations differentiated only by log threshold.
-#log4j.rootCategory=INFO, native_log, warn_log
-log4j.rootCategory=INFO, native_log
+log4j.rootCategory=INFO, native_log, warn_log
# fairly verbose for DEBUG, so generally leave at INFO
log4j.category.XMLTooling.XMLObject=INFO
@@ -31,29 +27,17 @@ log4j.category.XMLTooling.libcurl=INFO
# define the appender
-# This is the default, but it's essentially useless under normal
-# circumstances since Apache doesn't have access to write to that
-# directory.
-#log4j.appender.native_log=org.apache.log4j.RollingFileAppender
-#log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log
-#log4j.appender.native_log.maxFileSize=1000000
-#log4j.appender.native_log.maxBackupIndex=10
-#log4j.appender.native_log.layout=org.apache.log4j.PatternLayout
-#log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
-#log4j.appender.warn_log=org.apache.log4j.RollingFileAppender
-#log4j.appender.warn_log.fileName=@-SHIRELOGDIR-@/native_warn.log
-#log4j.appender.warn_log.maxFileSize=1000000
-#log4j.appender.warn_log.maxBackupIndex=10
-#log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout
-#log4j.appender.warn_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
-#log4j.appender.warn_log.threshold=WARN
+log4j.appender.native_log=org.apache.log4j.RollingFileAppender
+log4j.appender.native_log.fileName=@-SHIRELOGDIR-@/native.log
+log4j.appender.native_log.maxFileSize=1000000
+log4j.appender.native_log.maxBackupIndex=10
+log4j.appender.native_log.layout=org.apache.log4j.PatternLayout
+log4j.appender.native_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
-# Use syslog instead, since then at least the messages will go somewhere.
-# That facility is LOG_DAEMON, since log4cpp apparently doesn't recognize
-# symbolic log facilities.
-#
-# This is a Debian-specific change.
-log4j.appender.native_log=org.apache.log4j.LocalSyslogAppender
-log4j.appender.native_log.syslogName=shibboleth-sp
-log4j.appender.native_log.facility=3
-log4j.appender.native_log.layout=org.apache.log4j.BasicLayout
+log4j.appender.warn_log=org.apache.log4j.RollingFileAppender
+log4j.appender.warn_log.fileName=@-SHIRELOGDIR-@/native_warn.log
+log4j.appender.warn_log.maxFileSize=1000000
+log4j.appender.warn_log.maxBackupIndex=10
+log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout
+log4j.appender.warn_log.layout.ConversionPattern=%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n
+log4j.appender.warn_log.threshold=WARN
diff --git a/configs/shibd-debian.in b/configs/shibd-debian.in
index 0eefbb2..59f0995 100644
--- a/configs/shibd-debian.in
+++ b/configs/shibd-debian.in
@@ -1,20 +1,18 @@
#! /bin/sh
### BEGIN INIT INFO
-# Provides: shibd
-# Required-Start: $local_fs $remote_fs $network
-# Required-Stop: $local_fs $remote_fs
-# Default-Start: 2 3 4 5
-# Default-Stop:
-# Short-Description: Shibboleth 2 Service Provider Daemon
-# Description: Starts the separate daemon used by the Shibboleth
-# Apache module to manage sessions and to retrieve
-# attributes from Shibboleth Identity Providers.
+# Provides: shibd
+# Required-Start: $local_fs $remote_fs $network
+# Required-Stop: $local_fs $remote_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Shibboleth 2 Service Provider Daemon
+# Description: Starts the separate daemon used by the Shibboleth
+# Apache module to manage sessions and to retrieve
+# attributes from Shibboleth Identity Providers.
### END INIT INFO
#
# Written by Quanah Gibson-Mount <quanah at stanford.edu>
# Modified by Lukas Haemmerle <lukas.haemmerle at switch.ch> for Shibboleth 2
-# Updated to use the LSB init functions by Russ Allbery <rra at debian.org>
-#
# Based on the dh-make template written by:
#
# Written by Miquel van Smoorenburg <miquels at cistron.nl>.
@@ -31,7 +29,6 @@ DAEMON=@-PREFIX-@/sbin/$NAME
SCRIPTNAME=/etc/init.d/$NAME
PIDFILE=@-PKGRUNDIR-@/$NAME.pid
DAEMON_OPTS=""
-DAEMON_USER=_shibd
# Force removal of socket
DAEMON_OPTS="$DAEMON_OPTS -f"
@@ -51,122 +48,38 @@ DAEMON_OPTS="$DAEMON_OPTS -w 30"
# Read configuration if it is present.
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
-# Load the VERBOSE setting and other rcS variables
-. /lib/init/vars.sh
-
-# Define LSB log_* functions.
-. /lib/lsb/init-functions
-
-prepare_environment () {
- # Ensure @-PKGRUNDIR-@ exists. /var/run may be on a tmpfs file system.
- [ -d '@-PKGRUNDIR-@' ] || mkdir -p '@-PKGRUNDIR-@'
-
- # If $DAEMON_USER is set, try to run shibd as that user. However,
- # versions of the Debian package prior to 2.3+dfsg-1 ran shibd as root,
- # and the local administrator may not have made the server's private key
- # readable by $DAEMON_USER. We therefore test first by running shibd -t
- # and looking for the error code indicating that the private key could not
- # be read. If we get that error, we fall back on running shibd as root.
- if [ -n "$DAEMON_USER" ]; then
- DIAG=$(su -s $DAEMON $DAEMON_USER -- -t $DAEMON_OPTS 2>/dev/null)
- if [ $? = 0 ] ; then
- # openssl errstr 200100D (hex for 33558541) says:
- # error:0200100D:system library:fopen:Permission denied
- ERROR='ERROR OpenSSL : error code: 33558541 '
- if echo "$DIAG" | fgrep -q "$ERROR" ; then
- unset DAEMON_USER
- log_warning_msg "$NAME: file permissions require running as" \
- "root"
- else
- chown -Rh "$DAEMON_USER" '@-PKGRUNDIR-@' '@-PKGLOGDIR-@'
- fi
- else
- unset DAEMON_USER
- log_warning_msg "$NAME: unable to run config check as user" \
- "$DAEMON_USER"
- fi
- unset DIAG
- fi
-}
-
-# Start shibd.
-do_start () {
- # Return
- # 0 if daemon has been started
- # 1 if daemon was already running
- # 2 if daemon could not be started
- start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
- --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
- || return 1
- start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
- --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS \
- || return 2
-}
-
-# Stop shibd.
-do_stop () {
- # Return
- # 0 if daemon has been stopped
- # 1 if daemon was already stopped
- # 2 if daemon could not be stopped
- # other if a failure occurred
- start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 \
- --pidfile $PIDFILE --name $NAME
- RETVAL="$?"
- return "$RETVAL"
-}
+# Get the setting of VERBOSE and other rcS variables.
+[ -f /etc/default/rcS ] && . /etc/default/rcS
case "$1" in
start)
- prepare_environment
-
# Don't start shibd if NO_START is set.
if [ "$NO_START" = 1 ] ; then
- if [ "$VERBOSE" != no ] ; then
- echo "Not starting $DESC (see /etc/default/$NAME)"
- fi
+ echo "Not starting $DESC (see /etc/default/$NAME)"
exit 0
fi
- [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
- do_start
- case "$?" in
- 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
+ echo -n "Starting $DESC: "
+ start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
+ echo "$NAME."
;;
stop)
- [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
- do_stop
- case "$?" in
- 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
+ echo -n "Stopping $DESC: "
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE \
+ --exec $DAEMON
+ echo "$NAME."
;;
restart|force-reload)
- prepare_environment
-
- log_daemon_msg "Restarting $DESC" "$NAME"
- do_stop
- case "$?" in
- 0|1)
- do_start
- case "$?" in
- 0) log_end_msg 0 ;;
- 1) log_end_msg 1 ;; # Old process is still running
- *) log_end_msg 1 ;; # Failed to start
- esac
- ;;
- *)
- # Failed to stop
- log_end_msg 1
- ;;
- esac
- ;;
-status)
- status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $?
+ echo -n "Restarting $DESC: "
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE \
+ --exec $DAEMON
+ sleep 1
+ start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
+ echo "$NAME."
;;
*)
- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
diff --git a/configure.ac b/configure.ac
index 2e17582..6c71412 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1351,7 +1351,6 @@ if test -n "$APXS24_CC" && test "$APXS24_CC" != "$CC" ; then
echo "=================================================================="
fi
-dnl Disabled on Debian since build log analysis wants verbose logs.
-dnl LIBTOOL="$LIBTOOL --silent"
+LIBTOOL="$LIBTOOL --silent"
AC_OUTPUT
diff --git a/schemas/Makefile.am b/schemas/Makefile.am
index 4ed2cd8..f8c246f 100644
--- a/schemas/Makefile.am
+++ b/schemas/Makefile.am
@@ -13,7 +13,8 @@ schemafiles = \
shibboleth-2.0-afp.xsd \
shibboleth-2.0-afp-mf-basic.xsd \
shibboleth-2.0-afp-mf-saml.xsd \
- shibboleth-2.0-attribute-map.xsd
+ shibboleth-2.0-attribute-map.xsd \
+ WS-Trust.xsd
pkgxml_DATA = \
catalog.xml \
diff --git a/schemas/catalog.xml.in b/schemas/catalog.xml.in
index fbb3fe3..ca7c797 100644
--- a/schemas/catalog.xml.in
+++ b/schemas/catalog.xml.in
@@ -9,7 +9,5 @@
<system systemId="urn:mace:shibboleth:2.0:afp:mf:saml" uri="@-PKGXMLDIR-@/shibboleth-2.0-afp-mf-saml.xsd"/>
<system systemId="urn:mace:shibboleth:2.0:attribute-map" uri="@-PKGXMLDIR-@/shibboleth-2.0-attribute-map.xsd"/>
<system systemId="urn:mace:shibboleth:1.0" uri="@-PKGXMLDIR-@/shibboleth.xsd"/>
- <!-- WS-Trust.xsd has been removed from the Debian package because of license problems
<system systemId="http://schemas.xmlsoap.org/ws/2005/02/trust" uri="@-PKGXMLDIR-@/WS-Trust.xsd"/>
- -->
</catalog>
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/shibboleth-sp2.git
More information about the Pkg-shibboleth-devel
mailing list