Hello community,
here is the log from the commit of package yast2-kerberos-client
checked in at Tue Feb 19 00:04:27 CET 2008.
--------
--- yast2-kerberos-client/yast2-kerberos-client.changes 2007-12-14 11:04:31.000000000 +0100
+++ /mounts/work_src_done/NOARCH/yast2-kerberos-client/yast2-kerberos-client.changes 2008-02-18 15:50:21.358883000 +0100
@@ -1,0 +2,12 @@
+Mon Feb 18 15:48:16 CET 2008 - jsuchome@suse.cz
+
+- now domain has the leading dot in domain_realm section (#298362)
+- 2.16.3
+
+-------------------------------------------------------------------
+Tue Jan 29 12:46:31 CET 2008 - jsuchome@suse.cz
+
+- added option to provide Kerberos data via DNS (F301812)
+- 2.16.2
+
+-------------------------------------------------------------------
Old:
----
yast2-kerberos-client-2.16.1.tar.bz2
New:
----
yast2-kerberos-client-2.16.3.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-kerberos-client.spec ++++++
--- /var/tmp/diff_new_pack.f28672/_old 2008-02-19 00:01:24.000000000 +0100
+++ /var/tmp/diff_new_pack.f28672/_new 2008-02-19 00:01:24.000000000 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package yast2-kerberos-client (Version 2.16.1)
+# spec file for package yast2-kerberos-client (Version 2.16.3)
#
-# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@@ -10,13 +10,14 @@
# norootforbuild
+
Name: yast2-kerberos-client
-Version: 2.16.1
+Version: 2.16.3
Release: 1
License: GPL v2 or later
Group: System/YaST
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-kerberos-client-2.16.1.tar.bz2
+Source0: yast2-kerberos-client-2.16.3.tar.bz2
Prefix: /usr
BuildRequires: doxygen perl-XML-Writer update-desktop-files yast2 yast2-devtools yast2-pam yast2-testsuite
# new Pam.ycp API
@@ -35,7 +36,7 @@
Jiri Suchomel
%prep
-%setup -n yast2-kerberos-client-2.16.1
+%setup -n yast2-kerberos-client-2.16.3
%build
%{prefix}/bin/y2tool y2autoconf
@@ -73,285 +74,291 @@
/usr/share/YaST2/include/kerberos-client/wizards.ycp
%doc %{prefix}/share/doc/packages/yast2-kerberos-client
%changelog
-* Tue Dec 11 2007 - jsuchome@suse.cz
+* Mon Feb 18 2008 jsuchome@suse.cz
+- now domain has the leading dot in domain_realm section (#298362)
+- 2.16.3
+* Tue Jan 29 2008 jsuchome@suse.cz
+- added option to provide Kerberos data via DNS (F301812)
+- 2.16.2
+* Tue Dec 11 2007 jsuchome@suse.cz
- removed obsolete retain_after_close option
- implemented support for more pam_krb5 options (F302014)
- 2.16.1
-* Fri Oct 19 2007 - jsuchome@suse.cz
+* Fri Oct 19 2007 jsuchome@suse.cz
- Use Kerberos checked by default during installation (#330054)
- 2.16.0
-* Tue Jul 31 2007 - jsuchome@suse.cz
+* Tue Jul 31 2007 jsuchome@suse.cz
- Smart Card Integration (F302132):
- modify /etc/pam_pkcs11/pam_pkcs11.conf if it is present
- write domain without leading dot in domain_realm section
- 2.15.7
-* Tue Jun 19 2007 - jsuchome@suse.cz
+* Tue Jun 19 2007 jsuchome@suse.cz
- added support for "pkinit" section in krb5.conf (F302132)
- 2.15.6
-* Fri May 25 2007 - jsrain@suse.cz
+* Fri May 25 2007 jsrain@suse.cz
- removed outdated translations from .desktop-files (#271209)
-* Fri Mar 30 2007 - jsuchome@suse.cz
+* Fri Mar 30 2007 jsuchome@suse.cz
- correct using of krb5.conf file sections during write (#258840)
- 2.15.5
-* Tue Feb 27 2007 - jsuchome@suse.cz
+* Tue Feb 27 2007 jsuchome@suse.cz
- added option to "Ignore Unknown Principles" (#217369)
- 2.15.4
-* Tue Feb 20 2007 - jsuchome@suse.cz
+* Tue Feb 20 2007 jsuchome@suse.cz
- support multiple values for KDC (#246241)
- 2.15.3
-* Fri Feb 16 2007 - jsuchome@suse.cz
+* Fri Feb 16 2007 jsuchome@suse.cz
- install required packages at the end of configuration (#233160)
- 2.15.2
-* Mon Jan 15 2007 - jsuchome@suse.cz
+* Mon Jan 15 2007 jsuchome@suse.cz
- merged texts from proofread
- 2.15.1
-* Fri Jan 12 2007 - jsuchome@suse.cz
+* Fri Jan 12 2007 jsuchome@suse.cz
- enable calling modules for NSS configuration (F5673)
- fixed map with architecture dependent packages
- 2.15.0
-* Wed Nov 29 2006 - jsuchome@suse.cz
+* Wed Nov 29 2006 jsuchome@suse.cz
- install more architecture-specific packages (#224510)
- 2.14.5
-* Tue Nov 14 2006 - jsuchome@suse.cz
+* Tue Nov 14 2006 jsuchome@suse.cz
- added RNC file for autoyast profile validation (#220775)
- 2.14.4
-* Thu Sep 21 2006 - jsuchome@suse.cz
+* Thu Sep 21 2006 jsuchome@suse.cz
- show Next instead of Finish during installation (F120214)
- 2.14.3
-* Tue Sep 12 2006 - jsuchome@suse.cz
+* Tue Sep 12 2006 jsuchome@suse.cz
- changed the default value of minimum_uid to 1
- 2.14.2
-* Tue Sep 12 2006 - jsuchome@suse.cz
+* Tue Sep 12 2006 jsuchome@suse.cz
- write use_shmem=sshd to pam section of krb5.conf (#201706)
- 2.14.1
-* Fri Aug 25 2006 - jsuchome@suse.cz
+* Fri Aug 25 2006 jsuchome@suse.cz
- adapted for pam-config usage (F300956)
- API of PamSettings module is obsolete
- 2.14.0
-* Wed Apr 12 2006 - jsuchome@suse.cz
+* Wed Apr 12 2006 jsuchome@suse.cz
- fixed installing architecture-specific packages (#164313)
- 2.13.4
-* Thu Mar 02 2006 - jsuchome@suse.cz
+* Thu Mar 02 2006 jsuchome@suse.cz
- reduced BuildRequires
- 2.13.3
-* Mon Dec 19 2005 - jsuchome@suse.cz
+* Mon Dec 19 2005 jsuchome@suse.cz
- merged proofread texts
- revert setting of "mappings" value (not needed)
- 2.13.2
-* Thu Dec 01 2005 - jsuchome@suse.cz
+* Thu Dec 01 2005 jsuchome@suse.cz
- support "mappings" value, necessary for samba-client config
- 2.13.1
-* Thu Nov 24 2005 - jsuchome@suse.cz
+* Thu Nov 24 2005 jsuchome@suse.cz
- removed AFS configuration (not supported: F100215)
- added missing comments for translators
- 2.13.0
-* Wed Sep 07 2005 - jsuchome@suse.cz
+* Wed Sep 07 2005 jsuchome@suse.cz
- allow setting the port number in KDC entry (#115451)
- 2.12.7
-* Tue Sep 06 2005 - jsuchome@suse.cz
+* Tue Sep 06 2005 jsuchome@suse.cz
- adapted to the rename of openafs service and sysconfig file (#115335)
- 2.12.6
-* Mon Aug 15 2005 - jsuchome@suse.cz
+* Mon Aug 15 2005 jsuchome@suse.cz
- do not set use_authok (#104051)
- 2.12.5
-* Thu Jul 28 2005 - jsuchome@suse.cz
+* Thu Jul 28 2005 jsuchome@suse.cz
- updated desktop file
- 2.12.4
-* Tue Jun 21 2005 - jsuchome@suse.cz
+* Tue Jun 21 2005 jsuchome@suse.cz
- fixed texts from proofreader (rwalter)
- 2.12.3
-* Thu May 19 2005 - jsuchome@suse.cz
+* Thu May 19 2005 jsuchome@suse.cz
- add new default parameters (use_authtok, try_first_pass) to "pam"
section of /etc/krb5.conf to enable chaning the passwords (#76162)
- 2.12.2
-* Mon May 02 2005 - jsuchome@suse.cz
+* Mon May 02 2005 jsuchome@suse.cz
- use FileUtils library
- 2.12.1
-* Tue Mar 29 2005 - jsuchome@suse.cz
+* Tue Mar 29 2005 jsuchome@suse.cz
- better checks for defaults
- 2.12.0
-* Fri Mar 11 2005 - jsuchome@suse.cz
+* Fri Mar 11 2005 jsuchome@suse.cz
- new tests
-* Thu Mar 03 2005 - jsuchome@suse.cz
+* Thu Mar 03 2005 jsuchome@suse.cz
- replace new default values in /etc/krb5.conf (#67297)
- do not write epmty values to /etc/krb5.conf
-* Tue Mar 01 2005 - jsuchome@suse.cz
+* Tue Mar 01 2005 jsuchome@suse.cz
- use admin_server instead of kpasswd_server in /etc/krb5.conf
(#67034)
-* Mon Jan 31 2005 - jsuchome@suse.cz
+* Mon Jan 31 2005 jsuchome@suse.cz
- install also architecture-specific packages (#49808)
- 2.11.4
-* Tue Jan 11 2005 - jsuchome@suse.cz
+* Tue Jan 11 2005 jsuchome@suse.cz
- switch from heimdal to MIT kerberos
- check validity of KDC adress
- 2.11.3
-* Wed Jan 05 2005 - jsuchome@suse.cz
+* Wed Jan 05 2005 jsuchome@suse.cz
- removed last select
- switch Progress off in auto-client
- 2.11.2
-* Thu Dec 16 2004 - jsuchome@suse.cz
+* Thu Dec 16 2004 jsuchome@suse.cz
- do not ask for 'Abort Installation' when called from users
- do not show Abort button in 'pseudo-popups'
- 2.11.1
-* Wed Oct 27 2004 - jsuchome@suse.cz
+* Wed Oct 27 2004 jsuchome@suse.cz
- adapted for new Mode:: interface
- 2.11.0
-* Mon Aug 30 2004 - jsuchome@suse.cz
+* Mon Aug 30 2004 jsuchome@suse.cz
- Added GetModified function to _auto client (nashif)
- 2.10.5
-* Thu Aug 19 2004 - jsuchome@suse.cz
+* Thu Aug 19 2004 jsuchome@suse.cz
- AFS support is back
- 2.10.4
-* Mon Aug 16 2004 - jsuchome@suse.cz
+* Mon Aug 16 2004 jsuchome@suse.cz
- 2.10.3
-* Tue Aug 10 2004 - jsuchome@suse.cz
+* Tue Aug 10 2004 jsuchome@suse.cz
- merged proofread texts
-* Wed Aug 04 2004 - jsuchome@suse.cz
+* Wed Aug 04 2004 jsuchome@suse.cz
- use Package instead of Require
- provide AFS texts for translation
- 2.10.2
-* Mon Jun 28 2004 - jsuchome@suse.cz
+* Mon Jun 28 2004 jsuchome@suse.cz
- adapted to current yast2-pam behaviour
- 2.10.1
-* Wed Jun 16 2004 - jsuchome@suse.cz
+* Wed Jun 16 2004 jsuchome@suse.cz
- updated testsuite (use Testsuite:: module, set testedfiles)
- 2.10.0
-* Thu Apr 22 2004 - jsuchome@suse.cz
+* Thu Apr 22 2004 jsuchome@suse.cz
- fix of #39286 (configuration not saved during installation)
- 2.9.9
-* Fri Apr 02 2004 - jsuchome@suse.cz
+* Fri Apr 02 2004 jsuchome@suse.cz
- changed license to GPL
- 2.9.8
-* Tue Mar 30 2004 - jsuchome@suse.cz
+* Tue Mar 30 2004 jsuchome@suse.cz
- adapt to current 'continue' behaviour
- 2.9.7
-* Tue Mar 30 2004 - nashif@suse.de
+* Tue Mar 30 2004 nashif@suse.de
- #37426: Disable NTP Configuration in config mode (autoyast)
-* Thu Mar 11 2004 - jsuchome@suse.cz
+* Thu Mar 11 2004 jsuchome@suse.cz
- set icon for wizard
- testsuite enabled again
- 2.9.6
-* Wed Mar 10 2004 - jsuchome@suse.de
+* Wed Mar 10 2004 jsuchome@suse.de
- disabled testsuite
- 2.9.5
-* Wed Mar 10 2004 - nashif@suse.de
+* Wed Mar 10 2004 nashif@suse.de
- adapted for new wizard
-* Mon Mar 08 2004 - jsuchome@suse.cz
+* Mon Mar 08 2004 jsuchome@suse.cz
- used Sequencer module
- more type fixes
-* Fri Mar 05 2004 - jsuchome@suse.cz
+* Fri Mar 05 2004 jsuchome@suse.cz
- correct type handling
- removed AFS configuration
- 2.9.4
-* Mon Mar 01 2004 - jsuchome@suse.cz
+* Mon Mar 01 2004 jsuchome@suse.cz
- merged texts from proofread
- 2.9.3
-* Wed Feb 18 2004 - jsuchome@suse.cz
+* Wed Feb 18 2004 jsuchome@suse.cz
- added possibility to call ShortSummary function from auto-client
-* Mon Feb 09 2004 - jsuchome@suse.cz
+* Mon Feb 09 2004 jsuchome@suse.cz
- removed config file (y2cc)
-* Fri Jan 30 2004 - jsuchome@suse.cz
+* Fri Jan 30 2004 jsuchome@suse.cz
- fixed testsuite
- 2.9.2
-* Fri Nov 28 2003 - jsuchome@suse.cz
+* Fri Nov 28 2003 jsuchome@suse.cz
- syntax fixes for new interpreter
- 2.9.1
-* Tue Nov 25 2003 - jsuchome@suse.cz
+* Tue Nov 25 2003 jsuchome@suse.cz
- added possibility to run NTP client (new button in Advanced dialog)
-* Tue Nov 18 2003 - jsuchome@suse.cz
+* Tue Nov 18 2003 jsuchome@suse.cz
- adapted to new Network types interface
-* Thu Sep 25 2003 - jsuchome@suse.cz
+* Thu Sep 25 2003 jsuchome@suse.cz
- changed button label in Advanced dialog: Next to Ok
- 2.9.0
-* Thu Sep 11 2003 - jsuchome@suse.cz
+* Thu Sep 11 2003 jsuchome@suse.cz
- save value of kpasswd_server to /etc/krb5.conf (#30485)
- do not try to read from non-existent /etc/sysconfig/afs-client
-* Thu Sep 11 2003 - jsuchome@suse.cz
+* Thu Sep 11 2003 jsuchome@suse.cz
- there is no Require::IsPackageAvailableTarget function (#30459)
- 2.8.10
-* Tue Sep 09 2003 - jsuchome@suse.cz
+* Tue Sep 09 2003 jsuchome@suse.cz
- do not require KDC and realm entries when Kerberos is not
enabled (#30323)
-* Tue Sep 09 2003 - nashif@suse.de
+* Tue Sep 09 2003 nashif@suse.de
- #30291: return list of required packages
-* Fri Sep 05 2003 - jsuchome@suse.cz
+* Fri Sep 05 2003 jsuchome@suse.cz
- merged in proofread texts
- check packages correctly in autoyast config mode (#30014)
-* Tue Sep 02 2003 - jsuchome@suse.cz
+* Tue Sep 02 2003 jsuchome@suse.cz
- fixed testsuite
-* Tue Sep 02 2003 - jsuchome@suse.cz
+* Tue Sep 02 2003 jsuchome@suse.cz
- basic command-line interface (new texts)
- ask before restarting/stopping afs-client
- 2.8.8
-* Mon Sep 01 2003 - arvin@suse.de
+* Mon Sep 01 2003 arvin@suse.de
- used Popup::ConfirmAbort
-* Fri Aug 29 2003 - jsuchome@suse.de
+* Fri Aug 29 2003 jsuchome@suse.de
- updated desktop file
-* Mon Aug 25 2003 - jsuchome@suse.cz
+* Mon Aug 25 2003 jsuchome@suse.cz
- fixed AFS support
- stop/start afs-client
-* Fri Aug 22 2003 - jsuchome@suse.cz
+* Fri Aug 22 2003 jsuchome@suse.cz
- Add variable for required packages and return them in auto client
-* Wed Aug 20 2003 - jsuchome@suse.cz
+* Wed Aug 20 2003 jsuchome@suse.cz
- removed redundant "initialization dialog" (#28779)
- dialogs rearanged ("client enabled" together with basic settings)
- required/optional applications are installed at the end
- added testsuite
- 2.8.6
-* Mon Aug 18 2003 - jsuchome@suse.cz
+* Mon Aug 18 2003 jsuchome@suse.cz
- fixed agent for /etc/ssh/ssh_config ("Host" sections allowed)
-* Wed Aug 13 2003 - jsuchome@suse.de
+* Wed Aug 13 2003 jsuchome@suse.de
- do not ask for heimdal-tools in autoinst config (#28716)
-* Wed Aug 13 2003 - jsuchome@suse.de
+* Wed Aug 13 2003 jsuchome@suse.de
- dialogs redesign, new helptext
- 2.8.5
-* Mon Aug 11 2003 - arvin@suse.de
+* Mon Aug 11 2003 arvin@suse.de
- fixed requires
-* Mon Aug 11 2003 - jsuchome@suse.de
+* Mon Aug 11 2003 jsuchome@suse.de
- updated helptexts
-* Mon Aug 11 2003 - jsuchome@suse.de
+* Mon Aug 11 2003 jsuchome@suse.de
- proofread texts (1st round)
- pam_krb5, heimdal-libs checked in yast module (removed from spec file)
- 2.8.3
-* Wed Aug 06 2003 - jsuchome@suse.de
+* Wed Aug 06 2003 jsuchome@suse.de
- new workflow, enabled editing more settings
- AFS support
- new agents for /etc/sysconfig/afs-client, /etc/ssh/ssh_config
- 2.8.2
-* Mon Aug 04 2003 - jsuchome@suse.de
+* Mon Aug 04 2003 jsuchome@suse.de
- using new option for pam_unix2 (call_modules)
- added .desktop file
-* Fri Jul 18 2003 - jsuchome@suse.de
+* Fri Jul 18 2003 jsuchome@suse.de
- pam_krb is now set via PamSettings interface, not into /etc/pam.d/*
- 2.8.1
-* Thu Jul 10 2003 - jsuchome@suse.de
+* Thu Jul 10 2003 jsuchome@suse.de
- ShortSummary
- remove use_first_pass from pam files after disabling (bug #26985)
-* Tue Mar 25 2003 - jsuchome@suse.de
+* Tue Mar 25 2003 jsuchome@suse.de
- adapted to Require interface
- 2.8.0
-* Tue Feb 18 2003 - nashif@suse.de
+* Tue Feb 18 2003 nashif@suse.de
- replaced functions in auto client: Result -> Export
- 2.7.3
-* Thu Feb 06 2003 - jsuchome@suse.de
+* Thu Feb 06 2003 jsuchome@suse.de
- merged proofread texts
-* Wed Jan 29 2003 - jsuchome@suse.cz
+* Wed Jan 29 2003 jsuchome@suse.cz
- merged proofread texts
-* Fri Jan 24 2003 - jsuchome@suse.cz
+* Fri Jan 24 2003 jsuchome@suse.cz
- removed helps.ycp and complex.ycp
(do not include their texts in pot file)
-* Fri Jan 17 2003 - jsuchome@suse.de
+* Fri Jan 17 2003 jsuchome@suse.de
- fixes: agent added to package, global keys enabled in agent
- added "required" control mode
- heimdal-lib is required package
- 2.7.2
-* Mon Jan 06 2003 - jsuchome@suse.de
+* Mon Jan 06 2003 jsuchome@suse.de
- splited to two dialogs: pam and klient configuration
- autoinstallation
- 2.7.1
-* Tue Dec 17 2002 - jsuchome@suse.de
+* Tue Dec 17 2002 jsuchome@suse.de
- proposing values for realm, kdc
- enabled domain setting
-* Mon Dec 16 2002 - jsuchome@suse.de
+* Mon Dec 16 2002 jsuchome@suse.de
- initial version
- moved from yast2-users module
++++++ yast2-kerberos-client-2.16.1.tar.bz2 -> yast2-kerberos-client-2.16.3.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/src/dialogs.ycp new/yast2-kerberos-client-2.16.3/src/dialogs.ycp
--- old/yast2-kerberos-client-2.16.1/src/dialogs.ycp 2007-12-14 10:16:50.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/src/dialogs.ycp 2008-02-18 15:38:03.000000000 +0100
@@ -4,7 +4,7 @@
* Summary: Dialogs definitions
* Authors: Jiri Suchomel
*
- * $Id: dialogs.ycp 41478 2007-10-19 10:07:15Z jsuchome $
+ * $Id: dialogs.ycp 44585 2008-02-18 14:38:03Z jsuchome $
*/
{
@@ -236,7 +236,9 @@
It is common practice to use the domain name in uppercase as your default realm name, but you can select freely. If the realm is not available on the server, you cannot log in. Ask your server administrator if you need more information.</p>
") +
- //rwalter: the appearance order of this and 4/5 is reversed. Please fix.
+ // help text for Use DNS to aquire the configuration data at runtime
+ _("Check <b>Use DNS to aquire the configuration data at runtime</b> to let your client use the Kerberos authentication data provided by DNS. This option cannot be selected if DNS server doesn't provide such data.</p>") +
+
// help text 5/5
_("<p>To configure more settings, click <b>Advanced Settings</b>.</p>");
@@ -247,6 +249,8 @@
string kdc = Kerberos::kdc;
string default_domain = Kerberos::default_domain;
boolean use_pam_krb = Kerberos::use_pam_krb || installation;
+ boolean dns_used = Kerberos::dns_used;
+ boolean dns_available = Kerberos::dns_available;
term con = `HBox (`HSpacing (3), `VBox (
`VSpacing (0.5),
@@ -257,6 +261,14 @@
// radio button label
`Left(`RadioButton(`id(`pamyes), `opt (`notify), _("&Use Kerberos"), use_pam_krb)))))
),
+ `VSpacing (0.2),
+ `Left (`HBox (
+ `HSpacing (2),
+ `CheckBox (`id (`dns), `opt (`notify),
+ // checkbox label
+ _("Use DN&S to aquire the configuration data at runtime"),
+ dns_used)
+ )),
`VSpacing (),
// frame label
`Frame (_("Basic Kerberos Settings"), `HBox(`HSpacing (0.5), `VBox(
@@ -286,9 +298,13 @@
);
Wizard::RestoreAbortButton ();
+ UI::ChangeWidget (`id (`dns), `Enabled, dns_available);
foreach (symbol widget, [`realm, `domain, `kdc, `advanced], ``{
UI::ChangeWidget (`id (widget), `Enabled, use_pam_krb);
+ if (widget != `advanced && use_pam_krb)
+ UI::ChangeWidget (`id (widget), `Enabled, !dns_used);
});
+
// during installation, only enabling makes sence
if (installation)
{
@@ -307,12 +323,23 @@
UI::ChangeWidget (`id (widget), `Enabled, use_pam_krb);
});
}
+ if (result == `dns)
+ {
+ dns_used = (boolean) UI::QueryWidget (`id (`dns), `Value);
+ foreach (symbol widget, [`realm, `domain, `kdc ], {
+ UI::ChangeWidget (`id (widget), `Enabled, !dns_used);
+ });
+ // fill the values with the ones provided by DNS...
+ UI::ChangeWidget (`id(`realm), `Value, Kerberos::dns_default_realm);
+ UI::ChangeWidget (`id(`kdc), `Value, Kerberos::dns_kdc);
+ }
if (result == `next || result == `advanced) {
default_realm = (string) UI::QueryWidget (`id(`realm), `Value);
default_domain = (string) UI::QueryWidget (`id(`domain), `Value);
kdc = (string) UI::QueryWidget (`id(`kdc), `Value);
+ dns_used = (boolean) UI::QueryWidget (`id (`dns), `Value);
if (use_pam_krb && default_realm == "")
{
@@ -374,6 +401,7 @@
Kerberos::default_domain = default_domain;
Kerberos::default_realm = default_realm;
Kerberos::kdc = kdc;
+ Kerberos::dns_used = dns_used;
if (use_pam_krb != Kerberos::use_pam_krb)
{
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/src/kerberos.ycp new/yast2-kerberos-client-2.16.3/src/kerberos.ycp
--- old/yast2-kerberos-client-2.16.1/src/kerberos.ycp 2007-12-14 10:32:03.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/src/kerberos.ycp 2007-12-14 11:04:46.000000000 +0100
@@ -4,7 +4,7 @@
* Summary: Main file
* Authors: Jiri Suchomel
*
- * $Id: kerberos.ycp 36225 2007-02-16 15:13:34Z jsuchome $
+ * $Id: kerberos.ycp 43075 2007-12-14 10:04:45Z jsuchome $
*
* Main file for kerberos-client configuration. Uses all other files.
*/
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/src/Kerberos.ycp new/yast2-kerberos-client-2.16.3/src/Kerberos.ycp
--- old/yast2-kerberos-client-2.16.1/src/Kerberos.ycp 2007-12-14 10:29:15.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/src/Kerberos.ycp 2008-02-18 15:48:03.000000000 +0100
@@ -4,7 +4,7 @@
* Summary: Data for configuration of kerberos-client, i/o functions.
* Authors: Jiri Suchomel
*
- * $Id: Kerberos.ycp 39996 2007-08-06 13:01:00Z jsuchome $
+ * $Id: Kerberos.ycp 44585 2008-02-18 14:38:03Z jsuchome $
*
* Representation of the configuration of kerberos-client.
* Input and output routines.
@@ -44,6 +44,9 @@
global string default_realm = "";
global string default_domain = "";
+global string dns_default_realm = "";
+global string dns_kdc = "";
+
// adress of KDC (key distribution centre) server for default realm
global string kdc = "";
string admin_server = "";
@@ -96,6 +99,12 @@
],
];
+// if DNS can be used for retrieving configuration data
+global boolean dns_available = false;
+
+// if DNS is used for retrieving configuration data
+global boolean dns_used = false;
+
/**
map with the settings configurable in the expert tabs
*/
@@ -226,7 +235,7 @@
global boolean WriteKrb5ConfValues (path path_to_value, list<string> values) {
if (values == nil || values == [])
- return SCR::Write (path_to_value, nil); // FIXME test
+ return SCR::Write (path_to_value, nil);
return SCR::Write (path_to_value, values);
}
@@ -249,7 +258,7 @@
global boolean WriteKrb5ConfValue (path path_to_value, string value) {
if (value == nil || value == "")
- return SCR::Write (path_to_value, nil); // FIXME test
+ return SCR::Write (path_to_value, nil);
return WriteKrb5ConfValues (path_to_value, [value]);
}
@@ -292,7 +301,6 @@
admin_server = mergestring (ReadKrb5ConfValues(add (realm, "admin_server"),""), " ");
default_domain = ReadKrb5ConfValue (add (realm,"default_domain"), "");
}
-
if (admin_server == kdc)
admin_server = ""; // we could replace it in Write in this case...
@@ -306,7 +314,7 @@
foreach (string key, [ "keytab", "ccache_dir", "ccname_template",
"mappings", "existing_ticket", "external", "validate", "use_shmem",
"addressless", "debug", "debug_sensitive",
- "initial_prompt", "subsequent_prompt", ],
+ "initial_prompt", "subsequent_prompt", "banner"],
{
string val = ReadKrb5ConfValue (add (pam_p, key), nil);
if (val != nil)
@@ -337,6 +345,38 @@
default_domain = deletechars (out["stdout"]:"", "\n");
}
+ // now, check DNS status (Fate 301812)
+ if (FileUtils::Exists ("/usr/bin/dig") && default_domain != "" &&
+ !Mode::test ())
+ {
+ map out = (map) SCR::Execute (.target.bash_output, sformat ("dig TXT _kerberos.%1 +short", default_domain));
+ dns_default_realm = deletechars (out["stdout"]:"", "\n\"");
+ if (dns_default_realm != "")
+ {
+ out = (map) SCR::Execute (.target.bash_output, sformat ("dig SRV _kerberos._udp.%1 +short", default_domain));
+ list split = splitstring (deletechars (out["stdout"]:"", "\n")," ");
+ dns_kdc = split[3]:"";
+ if (dns_kdc != "" &&
+ substring (dns_kdc, size (dns_kdc) - 1, 1) == ".")
+ dns_kdc = substring (dns_kdc, 0, size (dns_kdc) - 1);
+ if (dns_kdc != "")
+ dns_available = true;
+ // empty domain_realm section and no kdc entry defined and
+ // values via DNS are available -> DNS is used
+ if (kdc == "" &&
+ (!contains ((list)SCR::Dir(.etc.krb5_conf.s), "domain_realm") ||
+ SCR::Dir(.etc.krb5_conf.v.domain_realm) == []))
+ {
+ dns_used = true;
+ kdc = dns_kdc;
+ default_realm = dns_default_realm;
+ y2milestone ("kdc by DNS %1, default_domain: %2",
+ dns_kdc, dns_default_realm);
+ y2milestone ("DNS is used for Kerberos data");
+ }
+ }
+ }
+
if ((default_realm == "" || default_realm == "MY.REALM" ||
default_realm == "EXAMPLE.COM") &&
default_domain != "")
@@ -465,7 +505,7 @@
// -- write to /etc/krb5.conf
Progress::NextStage ();
- if (modified)
+ if (modified && !dns_used)
{
// change the default realm name
WriteKrb5ConfValue (.etc.krb5_conf.v.libdefaults.default_realm, default_realm);
@@ -474,12 +514,9 @@
if (default_domain != "")
{
string domain = default_domain;
- WriteKrb5ConfValue (add(.etc.krb5_conf.v.domain_realm,domain),default_realm);
if ( findfirstof (domain, ".") != 0)
- {
domain = "." + domain;
- WriteKrb5ConfValue (add(.etc.krb5_conf.v.domain_realm,domain),default_realm);
- }
+ WriteFile (add(.etc.krb5_conf.v.domain_realm,domain),default_realm);
}
WriteKrb5ConfValue (.etc.krb5_conf.v.libdefaults.clockskew, clockskew);
@@ -510,6 +547,24 @@
WriteKrb5ConfValuesAsString (add (add (.etc.krb5_conf.v.realms, default_realm),
"admin_server"), kdc);
}
+ }
+ if (modified)
+ {
+ /*
+ 3. Yes, if the user chooses DNS you need to remove the domain_realm
+ section (so that the domain->realm mapping can be read through DNS)
+ and at least the complete sub-section describing the realm
+ (maybe even the whole [realms]-section).
+ */
+ if (dns_used)
+ {
+ y2milestone ("DNS set to use: removing domain info from krb5.conf");
+ WriteKrb5ConfValue (.etc.krb5_conf.s.domain_realm, nil);
+ WriteKrb5ConfValue (add (.etc.krb5_conf.s, default_realm), nil);
+ // write the default realm name
+ WriteKrb5ConfValue (.etc.krb5_conf.v.libdefaults.default_realm,
+ default_realm);
+ }
// write advanced settings
path pam_sect = .etc.krb5_conf.v.pam;
@@ -538,7 +593,7 @@
WriteKrb5ConfValue (pth, (string) value);
// removin
else if (OrigExpertSettings[key]:"" != "")
- WriteKrb5ConfValue (pth, nil); // FIXME doesn't work!
+ WriteKrb5ConfValue (pth, nil);
});
if (trusted_servers != "" &&
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/testsuite/tests/Read.out new/yast2-kerberos-client-2.16.3/testsuite/tests/Read.out
--- old/yast2-kerberos-client-2.16.1/testsuite/tests/Read.out 2007-12-14 10:47:49.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/testsuite/tests/Read.out 2008-01-29 11:27:47.000000000 +0100
@@ -24,6 +24,7 @@
Read .etc.krb5_conf.v.pam."debug_sensitive" nil
Read .etc.krb5_conf.v.pam."initial_prompt" nil
Read .etc.krb5_conf.v.pam."subsequent_prompt" nil
+Read .etc.krb5_conf.v.pam."banner" ["haha"]
Read .etc.krb5_conf.v.pkinit.trusted_servers nil
Execute .target.bash_output "/bin/ypdomainname" $["stdout":"password: "]
Dir .etc.ssh.ssh_config.s: ["*"]
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/testsuite/tests/Read.ycp new/yast2-kerberos-client-2.16.3/testsuite/tests/Read.ycp
--- old/yast2-kerberos-client-2.16.1/testsuite/tests/Read.ycp 2007-12-12 22:08:47.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/testsuite/tests/Read.ycp 2008-02-18 15:38:03.000000000 +0100
@@ -2,7 +2,7 @@
* Read.ycp
* Test of Kerberos::Read function (whole read process, many config files)
* Author: Jiri Suchomel
- * $Id: Read.ycp 38969 2007-06-22 14:32:11Z jsuchome $
+ * $Id: Read.ycp 44585 2008-02-18 14:38:03Z jsuchome $
*/
{
@@ -46,6 +46,7 @@
"initial_prompt" : nil,
"subsequent_prompt" : nil,
"addressless" : ["false"],
+ "banner" : ["haha"],
],
"pkinit" : $[
"trusted_servers": nil,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-kerberos-client-2.16.1/VERSION new/yast2-kerberos-client-2.16.3/VERSION
--- old/yast2-kerberos-client-2.16.1/VERSION 2007-12-12 22:01:20.000000000 +0100
+++ new/yast2-kerberos-client-2.16.3/VERSION 2008-02-18 15:49:12.000000000 +0100
@@ -1 +1 @@
-2.16.1
+2.16.3
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org