[Pkg-sssd-devel] sssd: Changes to 'ubuntu-precise'
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Tue Dec 4 09:25:11 UTC 2012
debian/changelog | 14 ++++++++++----
debian/control | 2 +-
debian/libnss-sss.postinst | 19 +++++--------------
debian/libnss-sss.postrm | 17 +++++------------
debian/libpam-sss.pam-auth-update | 5 -----
debian/libpam-sss.pam-auth-update-password | 9 +++++++++
debian/rules | 6 +++---
debian/sssd.upstart.in | 5 -----
8 files changed, 33 insertions(+), 44 deletions(-)
New commits:
commit 74ec5bbc62a3e74790e69ee91af904b055cda0f3
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Tue Dec 4 11:15:51 2012 +0200
libnss-sss can't handle shadow maps
diff --git a/debian/libnss-sss.postinst b/debian/libnss-sss.postinst
index 49c6145..13a2f12 100644
--- a/debian/libnss-sss.postinst
+++ b/debian/libnss-sss.postinst
@@ -22,7 +22,7 @@ insert_nss_entry() {
fi
# append 'sss' to the end of the line if it's not found already
sed -i --regexp-extended '
- /^(passwd|group|shadow|netgroup):/ {
+ /^(passwd|group|netgroup):/ {
/\bsss\b/! s/$/ sss/
}
' /etc/nsswitch.conf
commit d9e4afcc6f2ec7887c58d45597e2834d8072defd
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Tue Dec 4 11:14:48 2012 +0200
rules: Drop remnants of cdbs, use proper paths for configure. (LP: #1079938)
diff --git a/debian/changelog b/debian/changelog
index aec4cbd..d7e10e6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -16,6 +16,8 @@ sssd (1.8.5-0ubuntu0.1) UNRELEASED; urgency=low
from the rest so that password changes work with both the default install
and when pam_cracklib is installed.
(LP: #1086272)
+ * rules: Drop remnants of cdbs, use proper paths for configure.
+ (LP: #1079938)
-- Timo Aaltonen <tjaalton at ubuntu.com> Tue, 30 Oct 2012 18:45:30 +0200
diff --git a/debian/rules b/debian/rules
index 7f57b54..084550a 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,9 +12,9 @@ endif
override_dh_auto_configure:
dh_auto_configure -- --enable-krb5-locator-plugin \
- --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) \
- --with-ldb-lib-dir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH)/ldb/modules/ldb \
- --with-krb5-plugin-path=\$${libdir}/krb5/plugins/libkrb5 \
+ --libdir=/usr/lib/$(DEB_HOST_MULTIARCH) \
+ --with-ldb-lib-dir=/usr/lib/$(DEB_HOST_MULTIARCH)/ldb/modules/ldb \
+ --with-krb5-plugin-path=/usr/krb5/plugins/libkrb5 \
--enable-nsslibdir=/lib/$(DEB_HOST_MULTIARCH) \
--enable-pammoddir=/lib/$(DEB_HOST_MULTIARCH)/security \
--disable-static \
commit 94ba4d759630181d9ae1464c15e8fdfab0df5618
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Wed Nov 21 18:50:39 2012 +0200
cherry-pick split pam-auth-update config file
diff --git a/debian/changelog b/debian/changelog
index e98b530..aec4cbd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,13 +7,15 @@ sssd (1.8.5-0ubuntu0.1) UNRELEASED; urgency=low
nested structure (LP: #981125)
- Don't corrupt the credential cache when canonizing principals
(LP: #985031)
- * libpam-sss.pam-auth-update: Drop 'use_authtok' from the password stack,
- since it only works when pam_cracklib is installed. This will allow
- password changes on the default install.
* sssd.upstart.in: Delete an invisible control character from the pre-start
script. (LP: #1003845)
* Replace perl snippet from libnss-sss.post* with sed, drop perl from
Depends. (LP: #692727)
+ * libpam-sss.pam-auth-update*: Add a separate file for the password stack,
+ and drop it from the main file. It needs to have a higher priority
+ from the rest so that password changes work with both the default install
+ and when pam_cracklib is installed.
+ (LP: #1086272)
-- Timo Aaltonen <tjaalton at ubuntu.com> Tue, 30 Oct 2012 18:45:30 +0200
diff --git a/debian/libpam-sss.pam-auth-update b/debian/libpam-sss.pam-auth-update
index c6948b8..7d719e4 100644
--- a/debian/libpam-sss.pam-auth-update
+++ b/debian/libpam-sss.pam-auth-update
@@ -11,11 +11,6 @@ Account-Type: Additional
Account:
sufficient pam_localuser.so
[default=bad success=ok user_unknown=ignore] pam_sss.so
-Password-Type: Primary
-Password:
- sufficient pam_sss.so
-Password-Initial:
- sufficient pam_sss.so
Session-Type: Additional
Session-Interactive-Only: yes
Session:
diff --git a/debian/libpam-sss.pam-auth-update-password b/debian/libpam-sss.pam-auth-update-password
new file mode 100644
index 0000000..7c3f221
--- /dev/null
+++ b/debian/libpam-sss.pam-auth-update-password
@@ -0,0 +1,9 @@
+Name: SSS password change
+Default: yes
+Priority: 512
+
+Password-Type: Primary
+Password:
+ sufficient pam_sss.so use_authtok
+Password-Initial:
+ sufficient pam_sss.so
commit faafe372f4e97f679256e07b9db9a913e6588b5c
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Tue Dec 4 09:14:45 2012 +0200
explain the bugfix release some more
diff --git a/debian/changelog b/debian/changelog
index 2b1b8e4..e98b530 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
sssd (1.8.5-0ubuntu0.1) UNRELEASED; urgency=low
- * New upstream bugfix release.
+ * New upstream bugfix release from the Long Term Maintenance branch.
- Move SELinux processing from session to account PAM stack
(LP: #1012900)
- LDAP nested groups: Do not process callback with _post deep in the
commit 0e917cb637b3ebb126c65255034e3f64f450e880
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Tue Dec 4 09:13:38 2012 +0200
fix merge cruft
diff --git a/debian/sssd.upstart.in b/debian/sssd.upstart.in
index 58b6cd2..86e2344 100644
--- a/debian/sssd.upstart.in
+++ b/debian/sssd.upstart.in
@@ -16,12 +16,7 @@ respawn
env DEFAULTFILE=/etc/default/sssd
pre-start script
-<<<<<<< HEAD
- test -f /etc/sssd/sssd.conf || { stop; exit 0; }
-=======
test -f /etc/sssd/sssd.conf || { stop; exit 0; }
- /lib/init/apparmor-profile-load usr.sbin.sssd
->>>>>>> 580d1ab... sssd.upstart.in: Delete an invisible control character from the pre-start script. (LP: #1003845)
end script
script
commit 3151f5527f648bdcc56cb536ef006697a1f300c8
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Mon Nov 19 12:47:46 2012 +0200
Replace perl snippet from libnss-sss.post* with sed, drop perl from Depends. (Closes: #686237)
Conflicts:
debian/changelog
diff --git a/debian/changelog b/debian/changelog
index 2b9a144..2b1b8e4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,6 +12,8 @@ sssd (1.8.5-0ubuntu0.1) UNRELEASED; urgency=low
password changes on the default install.
* sssd.upstart.in: Delete an invisible control character from the pre-start
script. (LP: #1003845)
+ * Replace perl snippet from libnss-sss.post* with sed, drop perl from
+ Depends. (LP: #692727)
-- Timo Aaltonen <tjaalton at ubuntu.com> Tue, 30 Oct 2012 18:45:30 +0200
diff --git a/debian/control b/debian/control
index e75ee35..452ec1d 100644
--- a/debian/control
+++ b/debian/control
@@ -80,7 +80,7 @@ Description: System Security Services Daemon -- tools
Package: libnss-sss
Architecture: any
-Depends: ${shlibs:Depends}, ${misc:Depends}, perl
+Depends: ${shlibs:Depends}, ${misc:Depends}
Pre-Depends: multiarch-support
Recommends: sssd
Multi-Arch: same
diff --git a/debian/libnss-sss.postinst b/debian/libnss-sss.postinst
index 8163f57..49c6145 100644
--- a/debian/libnss-sss.postinst
+++ b/debian/libnss-sss.postinst
@@ -20,20 +20,11 @@ insert_nss_entry() {
log "Could not find /etc/nsswitch.conf."
return
fi
- perl -i -pe '
- sub insert {
- # this also splits on tab
- my @bits=split(" ", shift);
- # do not break configuration if the line already
- # references sss
- if (grep { $_ eq "sss"} @bits) {
- return join " ", @bits;
- }
- # append sss at the end
- push @bits, "sss";
- return join " ", at bits;
- }
- s/^(passwd:\s+|group:\s+|shadow:\s+|netgroup:\s+)(.*)/$1.insert($2)/e;
+ # append 'sss' to the end of the line if it's not found already
+ sed -i --regexp-extended '
+ /^(passwd|group|shadow|netgroup):/ {
+ /\bsss\b/! s/$/ sss/
+ }
' /etc/nsswitch.conf
}
diff --git a/debian/libnss-sss.postrm b/debian/libnss-sss.postrm
index 304827f..baae1b1 100644
--- a/debian/libnss-sss.postrm
+++ b/debian/libnss-sss.postrm
@@ -16,18 +16,11 @@ remove_nss_entry() {
log "Could not find /etc/nsswitch.conf."
return
fi
- perl -i -pe '
- my @remove=(
- "sss",
- );
- sub remove {
- my $s=shift;
- foreach my $bit (@remove) {
- $s=~s/\s+\Q$bit\E//g;
- }
- return $s;
- }
- s/^(passwd:|group:|shadow:|netgroup:)(.*)/$1.remove($2)/e;
+ sed -i --regexp-extended '
+ /^(passwd|group|shadow|netgroup):/ {
+ s/\bsss\b//g
+ s/[[:space:]]+$//
+ }
' /etc/nsswitch.conf
}
More information about the Pkg-sssd-devel
mailing list