Hello community,
here is the log from the commit of package krb5 for openSUSE:Factory
checked in at Fri Mar 5 02:10:00 CET 2010.
--------
--- krb5/krb5-doc.changes 2009-07-08 19:41:43.000000000 +0200
+++ /mounts/work_src_done/STABLE/krb5/krb5-doc.changes 2010-03-04 11:58:11.000000000 +0100
@@ -1,0 +2,5 @@
+Thu Mar 4 11:45:22 CET 2010 - mc@suse.de
+
+- update to version 1.8
+
+-------------------------------------------------------------------
--- krb5/krb5-mini.changes 2010-01-14 15:33:50.000000000 +0100
+++ /mounts/work_src_done/STABLE/krb5/krb5-mini.changes 2010-03-05 02:08:51.471446000 +0100
@@ -2 +2 @@
-Thu Jan 7 11:45:14 CET 2010 - mc@suse.de
+Thu Mar 4 10:42:29 CET 2010 - mc@suse.de
@@ -3,0 +4,17 @@
+- update to version 1.8
+ * Increase code quality
+ * Move toward improved KDB interface
+ * Investigate and remedy repeatedly-reported performance
+ bottlenecks.
+ * Reduce DNS dependence by implementing an interface that allows
+ client library to track whether a KDC supports service
+ principal referrals.
+ * Disable DES by default
+ * Account lockout for repeated login failures
+ * Bridge layer to allow Heimdal HDB modules to act as KDB
+ backend modules
+ * FAST enhancements
+ * Microsoft Services for User (S4U) compatibility
+ * Anonymous PKINIT
+- fix KDC denial of service
+ CVE-2010-0283, MITKRB5-SA-2010-001 (bnc#571781)
@@ -7,0 +25 @@
+- moved krb5 applications (telnet, ftp, rlogin, ...) to krb5-appl
krb5.changes: same change
calling whatdependson for head-i586
Old:
----
README.Source
krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
krb5-1.5.1-fix-var-used-before-value-set.dif
krb5-1.7-MITKRB5-SA-2009-003.dif
krb5-1.7-MITKRB5-SA-2009-004.dif
krb5-1.7-rpmlintrc
krb5-1.7.tar.bz2
krb5-doc-1.7-rpmlintrc
spx.c
New:
----
krb5-1.8-rpmlintrc
krb5-1.8.tar.bz2
krb5-doc-1.8-rpmlintrc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ krb5-doc.spec ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package krb5-doc (Version 1.7)
+# spec file for package krb5-doc (Version 1.8)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -20,15 +20,14 @@
Name: krb5-doc
BuildRequires: ghostscript-library latex2html texlive
-Version: 1.7
-Release: 7
-%define srcRoot krb5-1.7
+Version: 1.8
+Release: 1
+%define srcRoot krb5-1.8
Summary: MIT Kerberos5 Implementation--Documentation
License: MIT License (or similar)
Url: http://web.mit.edu/kerberos/www/
Group: Documentation/Other
-Source: krb5-%{version}.tar.bz2
-Source1: README.Source
+Source: krb5-1.8.tar.bz2
Source3: %{name}-%{version}-rpmlintrc
Patch0: krb5-1.3.5-perlfix.dif
Patch1: krb5-1.6.3-texi2dvi-fix.dif
++++++ krb5-mini.spec ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package krb5-mini (Version 1.7)
+# spec file for package krb5-mini (Version 1.8)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -18,7 +18,7 @@
# norootforbuild
%define build_mini 1
-%define srcRoot krb5-1.7
+%define srcRoot krb5-1.8
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@@ -27,8 +27,8 @@
Url: http://web.mit.edu/kerberos/www/
BuildRequires: bison libcom_err-devel ncurses-devel
BuildRequires: keyutils keyutils-devel
-Version: 1.7
-Release: 7
+Version: 1.8
+Release: 1
%if ! 0%{?build_mini}
BuildRequires: libopenssl-devel openldap2-devel
# bug437293
@@ -42,25 +42,19 @@
Summary: MIT Kerberos5 Implementation--Libraries
Group: Productivity/Networking/Security
%endif
-Source: krb5-1.7.tar.bz2
+Source: krb5-1.8.tar.bz2
Source1: vendor-files.tar.bz2
-Source2: README.Source
-Source3: spx.c
-Source4: baselibs.conf
+Source2: baselibs.conf
Source5: krb5-%{version}-rpmlintrc
Source10: krb5-1.7-manpaths.txt
Patch2: krb5-1.6.1-compile_pie.dif
Patch20: krb5-1.6.3-kprop-use-mkstemp.dif
-Patch21: krb5-1.5.1-fix-var-used-before-value-set.dif
-Patch22: krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
Patch30: krb5-1.7-manpaths.dif
Patch32: krb5-1.4.3-enospc.dif
Patch34: krb5-1.6.3-gssapi_improve_errormessages.dif
Patch41: krb5-1.6.3-kpasswd_tcp.patch
Patch44: krb5-1.6.3-ktutil-manpage.dif
Patch46: krb5-1.6.3-fix-ipv6-query.dif
-Patch47: krb5-1.7-MITKRB5-SA-2009-003.dif
-Patch48: krb5-1.7-MITKRB5-SA-2009-004.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@@ -124,46 +118,6 @@
Ken Raeburn
Tom Yu
-%package apps-servers
-License: MIT License (or similar)
-Summary: MIT Kerberos5 server applications
-Group: Productivity/Networking/Security
-
-%description apps-servers
-Kerberos V5 is a trusted-third-party network authentication system,
-which can improve your network's security by eliminating the insecure
-practice of cleartext passwords. This package includes some kerberos
-compatible server applications like ftpd, klogind, telnetd, ...
-
-
-
-Authors:
---------
- The MIT Kerberos Team
- Sam Hartman
- Ken Raeburn
- Tom Yu
-
-%package apps-clients
-License: MIT License (or similar)
-Summary: MIT Kerberos5 client applications
-Group: Productivity/Networking/Security
-
-%description apps-clients
-Kerberos V5 is a trusted-third-party network authentication system,
-which can improve your network's security by eliminating the insecure
-practice of cleartext passwords. This package includes some kerberos
-compatible client applications like ftp, rpc, rlogin, telnet, ...
-
-
-
-Authors:
---------
- The MIT Kerberos Team
- Sam Hartman
- Ken Raeburn
- Tom Yu
-
%package plugin-kdb-ldap
License: MIT License (or similar)
Summary: MIT Kerberos5 Implementation--LDAP Database Plugin
@@ -240,25 +194,14 @@
%prep
%setup -q -n %{srcRoot}
%setup -a 1 -T -D -n %{srcRoot}
-if [ -e %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c ]
-then
- echo "spx.c contains potential legal risks."
- exit 1;
-else
- cp %{SOURCE3} %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c
-fi
%patch2
%patch20
-%patch21
-%patch22
%patch30 -p1
%patch32 -p1
%patch34 -p1
%patch41
%patch44 -p1
%patch46 -p1
-%patch47 -p1
-%patch48 -p1
# Rename the man pages so that they'll get generated correctly.
pushd src
cat %{SOURCE10} | while read manpage ; do
@@ -319,12 +262,6 @@
install -m 644 %{vendorFiles}/krb5.sh.profile %{buildroot}/etc/profile.d/krb5.sh
install -m 644 %{vendorFiles}/SuSEFirewall.kdc %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kdc
install -m 644 %{vendorFiles}/SuSEFirewall.kadmind %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kadmind
-for n in ftpd.8 telnetd.8; do
- mv %{buildroot}%{_mandir}/man8/${n} %{buildroot}%{_mandir}/man8/k${n}
-done
-for n in ftp.1 rlogin.1 rcp.1 rsh.1 telnet.1; do
- mv %{buildroot}%{_mandir}/man1/${n} %{buildroot}%{_mandir}/man1/k${n}
-done
# all libs must have permissions 0755
for lib in `find %{buildroot}/%{_libdir}/ -type f -name "*.so*"`
do
@@ -337,12 +274,6 @@
install -m 755 %{vendorFiles}/kadmind.init %{buildroot}%{_sysconfdir}/init.d/kadmind
install -m 755 %{vendorFiles}/krb5kdc.init %{buildroot}%{_sysconfdir}/init.d/krb5kdc
install -m 755 %{vendorFiles}/kpropd.init %{buildroot}%{_sysconfdir}/init.d/kpropd
-# install xinetd files
-mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d
-install -m 644 %{vendorFiles}/klogin.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/klogin
-install -m 644 %{vendorFiles}/eklogin.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/eklogin
-install -m 644 %{vendorFiles}/krb5-telnet.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/ktelnet
-install -m 644 %{vendorFiles}/kshell.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/kshell
# install logrotate files
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 %{vendorFiles}/krb5-server.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/krb5-server
@@ -421,7 +352,9 @@
%dir /usr/lib/mit/sbin
%{_libdir}/libgssrpc.so
%{_libdir}/libk5crypto.so
+%{_libdir}/libkadm5clnt_mit.so
%{_libdir}/libkadm5clnt.so
+%{_libdir}/libkadm5srv_mit.so
%{_libdir}/libkadm5srv.so
%{_libdir}/libkdb5.so
%{_libdir}/libkrb5.so
@@ -455,17 +388,13 @@
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kdc.conf
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.acl
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.dict
-%config(noreplace) %{_sysconfdir}/xinetd.d/klogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/eklogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/kshell
-%config(noreplace) %{_sysconfdir}/xinetd.d/ktelnet
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/k*
%{_sysconfdir}/init.d/*
%{_libdir}/libgssapi_krb5.*
%{_libdir}/libgssrpc.so.*
%{_libdir}/libk5crypto.so.*
-%{_libdir}/libkadm5clnt.so.*
-%{_libdir}/libkadm5srv.so.*
+%{_libdir}/libkadm5clnt_mit.so.*
+%{_libdir}/libkadm5srv_mit.so.*
%{_libdir}/libkdb5.so.*
%{_libdir}/libkrb5.so.*
%{_libdir}/libkrb5support.so.*
@@ -479,15 +408,10 @@
/usr/lib/mit/sbin/kprop
/usr/lib/mit/sbin/kdb5_util
/usr/lib/mit/sbin/krb5kdc
-/usr/lib/mit/sbin/ftpd
-/usr/lib/mit/sbin/klogind
-/usr/lib/mit/sbin/kshd
-/usr/lib/mit/sbin/telnetd
/usr/lib/mit/sbin/uuserver
/usr/lib/mit/sbin/sserver
/usr/lib/mit/sbin/gss-server
/usr/lib/mit/sbin/sim_server
-/usr/lib/mit/sbin/login.krb5
/usr/lib/mit/bin/k5srvutil
/usr/lib/mit/bin/kvno
/usr/lib/mit/bin/kinit
@@ -497,16 +421,10 @@
/usr/lib/mit/bin/kadmin
/usr/lib/mit/bin/ktutil
%attr(0755,root,root) /usr/lib/mit/bin/ksu
-/usr/lib/mit/bin/rcp
-/usr/lib/mit/bin/rsh
-/usr/lib/mit/bin/telnet
/usr/lib/mit/bin/uuclient
/usr/lib/mit/bin/sclient
/usr/lib/mit/bin/gss-client
/usr/lib/mit/bin/sim_client
-/usr/lib/mit/bin/ftp
-/usr/lib/mit/bin/rlogin
-#/usr/lib/mit/bin/*
/usr/bin/kinit
/usr/bin/klist
/usr/bin/rc*
@@ -517,12 +435,7 @@
%{_mandir}/man1/kpasswd.1*
%{_mandir}/man1/klist.1*
%{_mandir}/man1/kerberos.1*
-%{_mandir}/man1/kftp.1*
-%{_mandir}/man1/krlogin.1*
-%{_mandir}/man1/krsh.1*
-%{_mandir}/man1/ktelnet.1*
%{_mandir}/man1/ksu.1*
-%{_mandir}/man1/krcp.1*
%{_mandir}/man1/sclient.1*
%{_mandir}/man1/kadmin.1*
%{_mandir}/man1/ktutil.1*
@@ -549,8 +462,8 @@
%{_libdir}/libgssapi_krb5.*
%{_libdir}/libgssrpc.so.*
%{_libdir}/libk5crypto.so.*
-%{_libdir}/libkadm5clnt.so.*
-%{_libdir}/libkadm5srv.so.*
+%{_libdir}/libkadm5clnt_mit.so.*
+%{_libdir}/libkadm5srv_mit.so.*
%{_libdir}/libkdb5.so.*
%{_libdir}/libkrb5.so.*
%{_libdir}/libkrb5support.so.*
@@ -582,6 +495,10 @@
/usr/lib/mit/sbin/kprop
/usr/lib/mit/sbin/kdb5_util
/usr/lib/mit/sbin/krb5kdc
+/usr/lib/mit/sbin/gss-server
+/usr/lib/mit/sbin/sim_server
+/usr/lib/mit/sbin/sserver
+/usr/lib/mit/sbin/uuserver
%{_libdir}/krb5/plugins/kdb/db2.so
%{_mandir}/man5/kdc.conf.5*
%{_mandir}/man8/kadmind.8*
@@ -591,6 +508,7 @@
%{_mandir}/man8/kproplog.8.gz
%{_mandir}/man8/kdb5_util.8*
%{_mandir}/man8/krb5kdc.8*
+%{_mandir}/man8/sserver.8*
%files client
%defattr(-,root,root)
@@ -605,6 +523,11 @@
/usr/lib/mit/bin/kadmin
/usr/lib/mit/bin/ktutil
/usr/lib/mit/bin/k5srvutil
+/usr/lib/mit/bin/gss-client
+/usr/lib/mit/bin/ksu
+/usr/lib/mit/bin/sclient
+/usr/lib/mit/bin/sim_client
+/usr/lib/mit/bin/uuclient
/usr/bin/kinit
/usr/bin/klist
%{_mandir}/man1/kvno.1*
@@ -618,53 +541,8 @@
%{_mandir}/man1/k5srvutil.1*
%{_mandir}/man5/krb5.conf.5*
%{_mandir}/man5/.k5login.5*
-
-%files apps-servers
-%defattr(-,root,root)
-%config(noreplace) %{_sysconfdir}/xinetd.d/klogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/eklogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/kshell
-%config(noreplace) %{_sysconfdir}/xinetd.d/ktelnet
-%dir /usr/lib/mit
-%dir /usr/lib/mit/sbin
-/usr/lib/mit/sbin/ftpd
-/usr/lib/mit/sbin/klogind
-/usr/lib/mit/sbin/kshd
-/usr/lib/mit/sbin/telnetd
-/usr/lib/mit/sbin/uuserver
-/usr/lib/mit/sbin/sserver
-/usr/lib/mit/sbin/gss-server
-/usr/lib/mit/sbin/sim_server
-/usr/lib/mit/sbin/login.krb5
-%{_mandir}/man8/kftpd.8*
-%{_mandir}/man8/klogind.8*
-%{_mandir}/man8/kshd.8*
-%{_mandir}/man8/ktelnetd.8*
-%{_mandir}/man8/sserver.8*
-%{_mandir}/man8/login.krb5.8*
-
-%files apps-clients
-%defattr(-,root,root)
-%dir /usr/lib/mit
-%dir /usr/lib/mit/bin
-/usr/lib/mit/bin/ftp
-/usr/lib/mit/bin/rlogin
-# removed SUID bit, we will rely on su + pam_krb
-%attr(0755,root,root) /usr/lib/mit/bin/ksu
-/usr/lib/mit/bin/rcp
-/usr/lib/mit/bin/rsh
-/usr/lib/mit/bin/telnet
-/usr/lib/mit/bin/uuclient
-/usr/lib/mit/bin/sclient
-/usr/lib/mit/bin/gss-client
-/usr/lib/mit/bin/sim_client
-%{_mandir}/man1/kftp.1*
-%{_mandir}/man1/krlogin.1*
-%{_mandir}/man1/krsh.1*
-%{_mandir}/man1/ktelnet.1*
-%{_mandir}/man1/ksu.1*
-%{_mandir}/man1/krcp.1*
-%{_mandir}/man1/sclient.1*
+%{_mandir}/man1/ksu.1.gz
+%{_mandir}/man1/sclient.1.gz
%files plugin-kdb-ldap
%defattr(-,root,root)
++++++ krb5.spec ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package krb5 (Version 1.7)
+# spec file for package krb5 (Version 1.8)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -18,7 +18,7 @@
# norootforbuild
%define build_mini 0
-%define srcRoot krb5-1.7
+%define srcRoot krb5-1.8
%define vendorFiles %{_builddir}/%{srcRoot}/vendor-files/
%define krb5docdir %{_defaultdocdir}/krb5
@@ -27,8 +27,8 @@
Url: http://web.mit.edu/kerberos/www/
BuildRequires: bison libcom_err-devel ncurses-devel
BuildRequires: keyutils keyutils-devel
-Version: 1.7
-Release: 7
+Version: 1.8
+Release: 1
%if ! 0%{?build_mini}
BuildRequires: libopenssl-devel openldap2-devel
# bug437293
@@ -42,25 +42,19 @@
Summary: MIT Kerberos5 Implementation--Libraries
Group: Productivity/Networking/Security
%endif
-Source: krb5-1.7.tar.bz2
+Source: krb5-1.8.tar.bz2
Source1: vendor-files.tar.bz2
-Source2: README.Source
-Source3: spx.c
-Source4: baselibs.conf
+Source2: baselibs.conf
Source5: krb5-%{version}-rpmlintrc
Source10: krb5-1.7-manpaths.txt
Patch2: krb5-1.6.1-compile_pie.dif
Patch20: krb5-1.6.3-kprop-use-mkstemp.dif
-Patch21: krb5-1.5.1-fix-var-used-before-value-set.dif
-Patch22: krb5-1.5.1-fix-ftp-var-used-uninitialized.dif
Patch30: krb5-1.7-manpaths.dif
Patch32: krb5-1.4.3-enospc.dif
Patch34: krb5-1.6.3-gssapi_improve_errormessages.dif
Patch41: krb5-1.6.3-kpasswd_tcp.patch
Patch44: krb5-1.6.3-ktutil-manpage.dif
Patch46: krb5-1.6.3-fix-ipv6-query.dif
-Patch47: krb5-1.7-MITKRB5-SA-2009-003.dif
-Patch48: krb5-1.7-MITKRB5-SA-2009-004.dif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: mktemp, grep, /bin/touch, coreutils
PreReq: %insserv_prereq %fillup_prereq
@@ -124,46 +118,6 @@
Ken Raeburn
Tom Yu
-%package apps-servers
-License: MIT License (or similar)
-Summary: MIT Kerberos5 server applications
-Group: Productivity/Networking/Security
-
-%description apps-servers
-Kerberos V5 is a trusted-third-party network authentication system,
-which can improve your network's security by eliminating the insecure
-practice of cleartext passwords. This package includes some kerberos
-compatible server applications like ftpd, klogind, telnetd, ...
-
-
-
-Authors:
---------
- The MIT Kerberos Team
- Sam Hartman
- Ken Raeburn
- Tom Yu
-
-%package apps-clients
-License: MIT License (or similar)
-Summary: MIT Kerberos5 client applications
-Group: Productivity/Networking/Security
-
-%description apps-clients
-Kerberos V5 is a trusted-third-party network authentication system,
-which can improve your network's security by eliminating the insecure
-practice of cleartext passwords. This package includes some kerberos
-compatible client applications like ftp, rpc, rlogin, telnet, ...
-
-
-
-Authors:
---------
- The MIT Kerberos Team
- Sam Hartman
- Ken Raeburn
- Tom Yu
-
%package plugin-kdb-ldap
License: MIT License (or similar)
Summary: MIT Kerberos5 Implementation--LDAP Database Plugin
@@ -240,25 +194,14 @@
%prep
%setup -q -n %{srcRoot}
%setup -a 1 -T -D -n %{srcRoot}
-if [ -e %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c ]
-then
- echo "spx.c contains potential legal risks."
- exit 1;
-else
- cp %{SOURCE3} %{_builddir}/%{srcRoot}/src/appl/telnet/libtelnet/spx.c
-fi
%patch2
%patch20
-%patch21
-%patch22
%patch30 -p1
%patch32 -p1
%patch34 -p1
%patch41
%patch44 -p1
%patch46 -p1
-%patch47 -p1
-%patch48 -p1
# Rename the man pages so that they'll get generated correctly.
pushd src
cat %{SOURCE10} | while read manpage ; do
@@ -319,12 +262,6 @@
install -m 644 %{vendorFiles}/krb5.sh.profile %{buildroot}/etc/profile.d/krb5.sh
install -m 644 %{vendorFiles}/SuSEFirewall.kdc %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kdc
install -m 644 %{vendorFiles}/SuSEFirewall.kadmind %{buildroot}/etc/sysconfig/SuSEfirewall2.d/services/kadmind
-for n in ftpd.8 telnetd.8; do
- mv %{buildroot}%{_mandir}/man8/${n} %{buildroot}%{_mandir}/man8/k${n}
-done
-for n in ftp.1 rlogin.1 rcp.1 rsh.1 telnet.1; do
- mv %{buildroot}%{_mandir}/man1/${n} %{buildroot}%{_mandir}/man1/k${n}
-done
# all libs must have permissions 0755
for lib in `find %{buildroot}/%{_libdir}/ -type f -name "*.so*"`
do
@@ -337,12 +274,6 @@
install -m 755 %{vendorFiles}/kadmind.init %{buildroot}%{_sysconfdir}/init.d/kadmind
install -m 755 %{vendorFiles}/krb5kdc.init %{buildroot}%{_sysconfdir}/init.d/krb5kdc
install -m 755 %{vendorFiles}/kpropd.init %{buildroot}%{_sysconfdir}/init.d/kpropd
-# install xinetd files
-mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d
-install -m 644 %{vendorFiles}/klogin.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/klogin
-install -m 644 %{vendorFiles}/eklogin.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/eklogin
-install -m 644 %{vendorFiles}/krb5-telnet.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/ktelnet
-install -m 644 %{vendorFiles}/kshell.xinetd %{buildroot}%{_sysconfdir}/xinetd.d/kshell
# install logrotate files
mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
install -m 644 %{vendorFiles}/krb5-server.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/krb5-server
@@ -421,7 +352,9 @@
%dir /usr/lib/mit/sbin
%{_libdir}/libgssrpc.so
%{_libdir}/libk5crypto.so
+%{_libdir}/libkadm5clnt_mit.so
%{_libdir}/libkadm5clnt.so
+%{_libdir}/libkadm5srv_mit.so
%{_libdir}/libkadm5srv.so
%{_libdir}/libkdb5.so
%{_libdir}/libkrb5.so
@@ -455,17 +388,13 @@
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kdc.conf
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.acl
%attr(0600,root,root) %config(noreplace) %{_localstatedir}/lib/kerberos/krb5kdc/kadm5.dict
-%config(noreplace) %{_sysconfdir}/xinetd.d/klogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/eklogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/kshell
-%config(noreplace) %{_sysconfdir}/xinetd.d/ktelnet
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/k*
%{_sysconfdir}/init.d/*
%{_libdir}/libgssapi_krb5.*
%{_libdir}/libgssrpc.so.*
%{_libdir}/libk5crypto.so.*
-%{_libdir}/libkadm5clnt.so.*
-%{_libdir}/libkadm5srv.so.*
+%{_libdir}/libkadm5clnt_mit.so.*
+%{_libdir}/libkadm5srv_mit.so.*
%{_libdir}/libkdb5.so.*
%{_libdir}/libkrb5.so.*
%{_libdir}/libkrb5support.so.*
@@ -479,15 +408,10 @@
/usr/lib/mit/sbin/kprop
/usr/lib/mit/sbin/kdb5_util
/usr/lib/mit/sbin/krb5kdc
-/usr/lib/mit/sbin/ftpd
-/usr/lib/mit/sbin/klogind
-/usr/lib/mit/sbin/kshd
-/usr/lib/mit/sbin/telnetd
/usr/lib/mit/sbin/uuserver
/usr/lib/mit/sbin/sserver
/usr/lib/mit/sbin/gss-server
/usr/lib/mit/sbin/sim_server
-/usr/lib/mit/sbin/login.krb5
/usr/lib/mit/bin/k5srvutil
/usr/lib/mit/bin/kvno
/usr/lib/mit/bin/kinit
@@ -497,16 +421,10 @@
/usr/lib/mit/bin/kadmin
/usr/lib/mit/bin/ktutil
%attr(0755,root,root) /usr/lib/mit/bin/ksu
-/usr/lib/mit/bin/rcp
-/usr/lib/mit/bin/rsh
-/usr/lib/mit/bin/telnet
/usr/lib/mit/bin/uuclient
/usr/lib/mit/bin/sclient
/usr/lib/mit/bin/gss-client
/usr/lib/mit/bin/sim_client
-/usr/lib/mit/bin/ftp
-/usr/lib/mit/bin/rlogin
-#/usr/lib/mit/bin/*
/usr/bin/kinit
/usr/bin/klist
/usr/bin/rc*
@@ -517,12 +435,7 @@
%{_mandir}/man1/kpasswd.1*
%{_mandir}/man1/klist.1*
%{_mandir}/man1/kerberos.1*
-%{_mandir}/man1/kftp.1*
-%{_mandir}/man1/krlogin.1*
-%{_mandir}/man1/krsh.1*
-%{_mandir}/man1/ktelnet.1*
%{_mandir}/man1/ksu.1*
-%{_mandir}/man1/krcp.1*
%{_mandir}/man1/sclient.1*
%{_mandir}/man1/kadmin.1*
%{_mandir}/man1/ktutil.1*
@@ -549,8 +462,8 @@
%{_libdir}/libgssapi_krb5.*
%{_libdir}/libgssrpc.so.*
%{_libdir}/libk5crypto.so.*
-%{_libdir}/libkadm5clnt.so.*
-%{_libdir}/libkadm5srv.so.*
+%{_libdir}/libkadm5clnt_mit.so.*
+%{_libdir}/libkadm5srv_mit.so.*
%{_libdir}/libkdb5.so.*
%{_libdir}/libkrb5.so.*
%{_libdir}/libkrb5support.so.*
@@ -582,6 +495,10 @@
/usr/lib/mit/sbin/kprop
/usr/lib/mit/sbin/kdb5_util
/usr/lib/mit/sbin/krb5kdc
+/usr/lib/mit/sbin/gss-server
+/usr/lib/mit/sbin/sim_server
+/usr/lib/mit/sbin/sserver
+/usr/lib/mit/sbin/uuserver
%{_libdir}/krb5/plugins/kdb/db2.so
%{_mandir}/man5/kdc.conf.5*
%{_mandir}/man8/kadmind.8*
@@ -591,6 +508,7 @@
%{_mandir}/man8/kproplog.8.gz
%{_mandir}/man8/kdb5_util.8*
%{_mandir}/man8/krb5kdc.8*
+%{_mandir}/man8/sserver.8*
%files client
%defattr(-,root,root)
@@ -605,6 +523,11 @@
/usr/lib/mit/bin/kadmin
/usr/lib/mit/bin/ktutil
/usr/lib/mit/bin/k5srvutil
+/usr/lib/mit/bin/gss-client
+/usr/lib/mit/bin/ksu
+/usr/lib/mit/bin/sclient
+/usr/lib/mit/bin/sim_client
+/usr/lib/mit/bin/uuclient
/usr/bin/kinit
/usr/bin/klist
%{_mandir}/man1/kvno.1*
@@ -618,53 +541,8 @@
%{_mandir}/man1/k5srvutil.1*
%{_mandir}/man5/krb5.conf.5*
%{_mandir}/man5/.k5login.5*
-
-%files apps-servers
-%defattr(-,root,root)
-%config(noreplace) %{_sysconfdir}/xinetd.d/klogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/eklogin
-%config(noreplace) %{_sysconfdir}/xinetd.d/kshell
-%config(noreplace) %{_sysconfdir}/xinetd.d/ktelnet
-%dir /usr/lib/mit
-%dir /usr/lib/mit/sbin
-/usr/lib/mit/sbin/ftpd
-/usr/lib/mit/sbin/klogind
-/usr/lib/mit/sbin/kshd
-/usr/lib/mit/sbin/telnetd
-/usr/lib/mit/sbin/uuserver
-/usr/lib/mit/sbin/sserver
-/usr/lib/mit/sbin/gss-server
-/usr/lib/mit/sbin/sim_server
-/usr/lib/mit/sbin/login.krb5
-%{_mandir}/man8/kftpd.8*
-%{_mandir}/man8/klogind.8*
-%{_mandir}/man8/kshd.8*
-%{_mandir}/man8/ktelnetd.8*
-%{_mandir}/man8/sserver.8*
-%{_mandir}/man8/login.krb5.8*
-
-%files apps-clients
-%defattr(-,root,root)
-%dir /usr/lib/mit
-%dir /usr/lib/mit/bin
-/usr/lib/mit/bin/ftp
-/usr/lib/mit/bin/rlogin
-# removed SUID bit, we will rely on su + pam_krb
-%attr(0755,root,root) /usr/lib/mit/bin/ksu
-/usr/lib/mit/bin/rcp
-/usr/lib/mit/bin/rsh
-/usr/lib/mit/bin/telnet
-/usr/lib/mit/bin/uuclient
-/usr/lib/mit/bin/sclient
-/usr/lib/mit/bin/gss-client
-/usr/lib/mit/bin/sim_client
-%{_mandir}/man1/kftp.1*
-%{_mandir}/man1/krlogin.1*
-%{_mandir}/man1/krsh.1*
-%{_mandir}/man1/ktelnet.1*
-%{_mandir}/man1/ksu.1*
-%{_mandir}/man1/krcp.1*
-%{_mandir}/man1/sclient.1*
+%{_mandir}/man1/ksu.1.gz
+%{_mandir}/man1/sclient.1.gz
%files plugin-kdb-ldap
%defattr(-,root,root)
++++++ krb5-1.4.3-enospc.dif ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,24 +1,24 @@
If the error message is going to be ambiguous, try to give the user some clue
by returning the last error reported by the OS.
-Index: krb5-1.7/src/clients/kinit/kinit.c
+Index: krb5-1.8-alpha1/src/clients/kinit/kinit.c
===================================================================
---- krb5-1.7.orig/src/clients/kinit/kinit.c
-+++ krb5-1.7/src/clients/kinit/kinit.c
-@@ -670,8 +670,14 @@ k5_kinit(opts, k5)
- code = krb5_cc_initialize(k5->ctx, k5->cc,
- opts->canonicalize ? my_creds.client : k5->me);
- if (code) {
-- com_err(progname, code, "when initializing cache %s",
-- opts->k5_cache_name?opts->k5_cache_name:"");
-+ if ((code == KRB5_CC_IO) && (errno != 0)) {
-+ com_err(progname, code, "when initializing cache %s: %s",
-+ opts->k5_cache_name?opts->k5_cache_name:"",
-+ strerror(errno));
-+ } else {
-+ com_err(progname, code, "when initializing cache %s",
-+ opts->k5_cache_name?opts->k5_cache_name:"");
-+ }
- goto cleanup;
- }
+--- krb5-1.8-alpha1.orig/src/clients/kinit/kinit.c
++++ krb5-1.8-alpha1/src/clients/kinit/kinit.c
+@@ -712,8 +712,14 @@ k5_kinit(opts, k5)
+ code = krb5_cc_initialize(k5->ctx, k5->cc, opts->canonicalize ?
+ my_creds.client : k5->me);
+ if (code) {
+- com_err(progname, code, "when initializing cache %s",
+- opts->k5_cache_name?opts->k5_cache_name:"");
++ if ((code == KRB5_CC_IO) && (errno != 0)) {
++ com_err(progname, code, "when initializing cache %s: %s",
++ opts->k5_cache_name?opts->k5_cache_name:"",
++ strerror(errno));
++ } else {
++ com_err(progname, code, "when initializing cache %s",
++ opts->k5_cache_name?opts->k5_cache_name:"");
++ }
+ goto cleanup;
+ }
++++++ krb5-1.6.1-compile_pie.dif ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -15,7 +15,7 @@
===================================================================
--- src/config/shlib.conf.orig
+++ src/config/shlib.conf
-@@ -420,7 +420,8 @@ mips-*-netbsd*)
+@@ -419,7 +419,8 @@ mips-*-netbsd*)
PROFFLAGS=-pg
RPATH_FLAG='-Wl,-rpath -Wl,'
PROG_RPATH_FLAGS='$(RPATH_FLAG)$(PROG_RPATH)'
++++++ krb5-1.6.3-fix-ipv6-query.dif ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,9 +1,9 @@
-Index: trunk/src/lib/krb5/os/hostaddr.c
+Index: krb5-1.8-alpha1/src/lib/krb5/os/hostaddr.c
===================================================================
---- trunk.orig/src/lib/krb5/os/hostaddr.c
-+++ trunk/src/lib/krb5/os/hostaddr.c
-@@ -43,7 +43,7 @@ krb5_os_hostaddr(krb5_context context, c
- return KRB5_ERR_BAD_HOSTNAME;
+--- krb5-1.8-alpha1.orig/src/lib/krb5/os/hostaddr.c
++++ krb5-1.8-alpha1/src/lib/krb5/os/hostaddr.c
+@@ -44,7 +44,7 @@ krb5_os_hostaddr(krb5_context context, c
+ return KRB5_ERR_BAD_HOSTNAME;
memset (&hints, 0, sizeof (hints));
- hints.ai_flags = AI_NUMERICHOST;
@@ -11,11 +11,11 @@
/* We don't care what kind at this point, really, but without
this, we can get back multiple sockaddrs per address, for
SOCK_DGRAM, SOCK_STREAM, and SOCK_RAW. I haven't checked if
-Index: trunk/src/lib/krb5/os/hst_realm.c
+Index: krb5-1.8-alpha1/src/lib/krb5/os/hst_realm.c
===================================================================
---- trunk.orig/src/lib/krb5/os/hst_realm.c
-+++ trunk/src/lib/krb5/os/hst_realm.c
-@@ -171,7 +171,7 @@ krb5int_get_fq_hostname (char *buf, size
+--- krb5-1.8-alpha1.orig/src/lib/krb5/os/hst_realm.c
++++ krb5-1.8-alpha1/src/lib/krb5/os/hst_realm.c
+@@ -103,7 +103,7 @@ get_fq_hostname(char *buf, size_t bufsiz
int err;
memset (&hints, 0, sizeof (hints));
@@ -23,12 +23,12 @@
+ hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
err = getaddrinfo (name, 0, &hints, &ai);
if (err)
- return krb5int_translate_gai_error (err);
-Index: trunk/src/lib/krb5/os/locate_kdc.c
+ return krb5int_translate_gai_error (err);
+Index: krb5-1.8-alpha1/src/lib/krb5/os/locate_kdc.c
===================================================================
---- trunk.orig/src/lib/krb5/os/locate_kdc.c
-+++ trunk/src/lib/krb5/os/locate_kdc.c
-@@ -254,8 +254,9 @@ krb5int_add_host_to_list (struct addrlis
+--- krb5-1.8-alpha1.orig/src/lib/krb5/os/locate_kdc.c
++++ krb5-1.8-alpha1/src/lib/krb5/os/locate_kdc.c
+@@ -259,8 +259,9 @@ krb5int_add_host_to_list (struct addrlis
memset(&hint, 0, sizeof(hint));
hint.ai_family = family;
hint.ai_socktype = socktype;
@@ -37,18 +37,18 @@
- hint.ai_flags = AI_NUMERICSERV;
+ hint.ai_flags |= AI_NUMERICSERV;
#endif
- if (snprintf(portbuf, sizeof(portbuf), "%d", ntohs(port)) >= sizeof(portbuf))
- /* XXX */
-Index: trunk/src/lib/krb5/os/sn2princ.c
+ result = snprintf(portbuf, sizeof(portbuf), "%d", ntohs(port));
+ if (SNPRINTF_OVERFLOW(result, sizeof(portbuf)))
+Index: krb5-1.8-alpha1/src/lib/krb5/os/sn2princ.c
===================================================================
---- trunk.orig/src/lib/krb5/os/sn2princ.c
-+++ trunk/src/lib/krb5/os/sn2princ.c
-@@ -107,7 +107,7 @@ krb5_sname_to_principal(krb5_context con
+--- krb5-1.8-alpha1.orig/src/lib/krb5/os/sn2princ.c
++++ krb5-1.8-alpha1/src/lib/krb5/os/sn2princ.c
+@@ -108,7 +108,7 @@ krb5_sname_to_principal(krb5_context con
- memset(&hints, 0, sizeof(hints));
- hints.ai_family = AF_INET;
-- hints.ai_flags = AI_CANONNAME;
-+ hints.ai_flags = AI_CANONNAME|AI_ADDRCONFIG;
- try_getaddrinfo_again:
- err = getaddrinfo(hostname, 0, &hints, &ai);
- if (err) {
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = AF_INET;
+- hints.ai_flags = AI_CANONNAME;
++ hints.ai_flags = AI_CANONNAME|AI_ADDRCONFIG;
+ try_getaddrinfo_again:
+ err = getaddrinfo(hostname, 0, &hints, &ai);
+ if (err) {
++++++ krb5-1.6.3-kpasswd_tcp.patch ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -5,31 +5,30 @@
===================================================================
--- src/lib/krb5/os/changepw.c.orig
+++ src/lib/krb5/os/changepw.c
-@@ -261,11 +261,22 @@ krb5_change_set_password(krb5_context co
- NULL,
- NULL
- ))) {
--
-- /*
-- * Here we may want to switch to TCP on some errors.
-- * right?
-- */
-+ /* if we're not using a stream socket, and it's an error which
-+ * might reasonably be specific to a datagram "connection", try
-+ * again with a stream socket */
-+ if (!useTcp) {
-+ switch (code) {
-+ case KRB5_KDC_UNREACH:
-+ case KRB5_REALM_CANT_RESOLVE:
-+ case KRB5KRB_ERR_RESPONSE_TOO_BIG:
-+ /* should we do this for more result codes than these? */
-+ krb5int_free_addrlist (&al);
-+ useTcp = 1;
-+ continue;
-+ default:
-+ break;
-+ }
-+ }
- break;
- }
+@@ -271,10 +271,22 @@ change_set_password(krb5_context context
+ NULL
+ ))) {
+
+- /*
+- * Here we may want to switch to TCP on some errors.
+- * right?
+- */
++ /* if we're not using a stream socket, and it's an error which
++ * might reasonably be specific to a datagram "connection", try
++ * again with a stream socket */
++ if (!useTcp) {
++ switch (code) {
++ case KRB5_KDC_UNREACH:
++ case KRB5_REALM_CANT_RESOLVE:
++ case KRB5KRB_ERR_RESPONSE_TOO_BIG:
++ /* should we do this for more result codes than these? */
++ krb5int_free_addrlist (&al);
++ useTcp = 1;
++ continue;
++ default:
++ break;
++ }
++ }
+ break;
+ }
++++++ krb5-1.6.3-kprop-use-mkstemp.dif ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -2,18 +2,18 @@
===================================================================
--- src/slave/kprop.c.orig
+++ src/slave/kprop.c
-@@ -215,6 +215,7 @@ void get_tickets(context)
- krb5_error_code retval;
- static char tkstring[] = "/tmp/kproptktXXXXXX";
- krb5_keytab keytab = NULL;
-+ int ret = 0;
+@@ -206,6 +206,7 @@ void get_tickets(context)
+ krb5_error_code retval;
+ static char tkstring[] = "/tmp/kproptktXXXXXX";
+ krb5_keytab keytab = NULL;
++ int ret = 0;
- /*
- * Figure out what tickets we'll be using to send stuff
-@@ -240,7 +241,15 @@ void get_tickets(context)
- /*
- * Initialize cache file which we're going to be using
- */
+ /*
+ * Figure out what tickets we'll be using to send stuff
+@@ -231,7 +232,15 @@ void get_tickets(context)
+ /*
+ * Initialize cache file which we're going to be using
+ */
+#ifdef HAVE_MKSTEMP
+ ret = mkstemp(tkstring);
+ if (ret == -1) {
@@ -21,8 +21,8 @@
+ exit(1);
+ } else close(ret);
+#else
- (void) mktemp(tkstring);
+ (void) mktemp(tkstring);
+#endif
- snprintf(buf, sizeof(buf), "FILE:%s", tkstring);
+ snprintf(buf, sizeof(buf), "FILE:%s", tkstring);
- retval = krb5_cc_resolve(context, buf, &ccache);
+ retval = krb5_cc_resolve(context, buf, &ccache);
++++++ krb5-1.7-manpaths.dif ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,43 +1,9 @@
-Index: krb5-1.7/src/appl/bsd/klogind.M
-===================================================================
---- krb5-1.7.orig/src/appl/bsd/klogind.M
-+++ krb5-1.7/src/appl/bsd/klogind.M
-@@ -27,7 +27,7 @@ server is invoked by \fIinetd(8)\fP when
- the port indicated in /etc/inetd.conf. A typical /etc/inetd.conf
- configuration line for \fIklogind\fP might be:
-
--klogin stream tcp nowait root /usr/cygnus/sbin/klogind klogind -e5c
-+klogin stream tcp nowait root @mansbindir@/klogind klogind -e5c
-
- When a service request is received, the following protocol is initiated:
-
-Index: krb5-1.7/src/appl/bsd/kshd.M
-===================================================================
---- krb5-1.7.orig/src/appl/bsd/kshd.M
-+++ krb5-1.7/src/appl/bsd/kshd.M
-@@ -8,7 +8,7 @@
- .SH NAME
- kshd \- kerberized remote shell server
- .SH SYNOPSIS
--.B /usr/local/sbin/kshd
-+.B @mansbindir@/kshd
- [
- .B \-kr45ec
- ]
-@@ -30,7 +30,7 @@ server is invoked by \fIinetd(8c)\fP whe
- on the port indicated in /etc/inetd.conf. A typical /etc/inetd.conf
- configuration line for \fIkrshd\fP might be:
-
--kshell stream tcp nowait root /usr/local/sbin/kshd kshd -5c
-+kshell stream tcp nowait root @mansbindir@/kshd kshd -5c
-
- When a service request is received, the following protocol is initiated:
-
-Index: krb5-1.7/src/appl/sample/sserver/sserver.M
+
+Index: krb5-1.8-alpha1/src/appl/sample/sserver/sserver.M
===================================================================
---- krb5-1.7.orig/src/appl/sample/sserver/sserver.M
-+++ krb5-1.7/src/appl/sample/sserver/sserver.M
+--- krb5-1.8-alpha1.orig/src/appl/sample/sserver/sserver.M
++++ krb5-1.8-alpha1/src/appl/sample/sserver/sserver.M
@@ -59,7 +59,7 @@ option allows for a different keytab tha
using a line in
/etc/inetd.conf that looks like this:
@@ -47,23 +13,10 @@
.PP
Since \fBsample\fP is normally not a port defined in /etc/services, you will
usually have to add a line to /etc/services which looks like this:
-Index: krb5-1.7/src/appl/telnet/telnetd/telnetd.8
-===================================================================
---- krb5-1.7.orig/src/appl/telnet/telnetd/telnetd.8
-+++ krb5-1.7/src/appl/telnet/telnetd/telnetd.8
-@@ -37,7 +37,7 @@ telnetd \-
- .SM DARPA TELNET
- protocol server
- .SH SYNOPSIS
--.B /usr/libexec/telnetd
-+.B @manlibexecdir@/telnetd
- [\fB\-a\fP \fIauthmode\fP] [\fB\-B\fP] [\fB\-D\fP] [\fIdebugmode\fP]
- [\fB\-e\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP]
- [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP]
-Index: krb5-1.7/src/config-files/kdc.conf.M
+Index: krb5-1.8-alpha1/src/config-files/kdc.conf.M
===================================================================
---- krb5-1.7.orig/src/config-files/kdc.conf.M
-+++ krb5-1.7/src/config-files/kdc.conf.M
+--- krb5-1.8-alpha1.orig/src/config-files/kdc.conf.M
++++ krb5-1.8-alpha1/src/config-files/kdc.conf.M
@@ -82,14 +82,14 @@ This
.B string
specifies the location of the access control list (acl) file that
@@ -81,7 +34,7 @@
.IP database_name
This
-@@ -257,7 +257,7 @@ tickets should be checked against the tr
+@@ -254,7 +254,7 @@ tickets should be checked against the tr
realm names and the [capaths] section of its krb5.conf file
.SH FILES
@@ -90,12 +43,12 @@
.SH SEE ALSO
krb5.conf(5), krb5kdc(8)
-Index: krb5-1.7/src/configure.in
+Index: krb5-1.8-alpha1/src/configure.in
===================================================================
---- krb5-1.7.orig/src/configure.in
-+++ krb5-1.7/src/configure.in
-@@ -1041,6 +1041,69 @@ dnl
- AC_CONFIG_SUBDIRS(appl/libpty appl/bsd appl/gssftp appl/telnet)
+--- krb5-1.8-alpha1.orig/src/configure.in
++++ krb5-1.8-alpha1/src/configure.in
+@@ -1052,6 +1052,58 @@ if test "$ac_cv_lib_socket" = "yes" -a "
+ fi
AC_CONFIG_FILES(krb5-config, [chmod +x krb5-config])
+
@@ -118,18 +71,8 @@
+AC_SUBST(manlocalstatedir)
+AC_SUBST(manlibexecdir)
+AC_OUTPUT([
-+ appl/bsd/klogind.M
-+ appl/bsd/kshd.M
-+ appl/bsd/login.M
-+ appl/bsd/rcp.M
-+ appl/bsd/rlogin.M
-+ appl/bsd/rsh.M
-+ appl/gssftp/ftpd/ftpd.M
-+ appl/gssftp/ftp/ftp.M
+ appl/sample/sclient/sclient.M
+ appl/sample/sserver/sserver.M
-+ appl/telnet/telnetd/telnetd.8
-+ appl/telnet/telnet/telnet.1
+ clients/kcpytkt/kcpytkt.M
+ clients/kdeltkt/kdeltkt.M
+ clients/kdestroy/kdestroy.M
@@ -147,7 +90,6 @@
+ kadmin/cli/kadmin.M
+ kadmin/dbutil/kdb5_util.M
+ kadmin/ktutil/ktutil.M
-+ kadmin/passwd/kpasswd.M
+ kadmin/server/kadmind.M
+ kdc/krb5kdc.M
+ krb5-config.M
@@ -164,11 +106,11 @@
V5_AC_OUTPUT_MAKEFILE(.
util util/support util/profile util/send-pr
-Index: krb5-1.7/src/kadmin/cli/kadmin.M
+Index: krb5-1.8-alpha1/src/kadmin/cli/kadmin.M
===================================================================
---- krb5-1.7.orig/src/kadmin/cli/kadmin.M
-+++ krb5-1.7/src/kadmin/cli/kadmin.M
-@@ -850,9 +850,9 @@ option is specified, less verbose status
+--- krb5-1.8-alpha1.orig/src/kadmin/cli/kadmin.M
++++ krb5-1.8-alpha1/src/kadmin/cli/kadmin.M
+@@ -869,9 +869,9 @@ option is specified, less verbose status
.RS
.TP
EXAMPLE:
@@ -180,7 +122,7 @@
kadmin:
.RE
.fi
-@@ -894,7 +894,7 @@ passwords.
+@@ -913,7 +913,7 @@ passwords.
.SH HISTORY
The
.B kadmin
@@ -189,10 +131,10 @@
OpenVision Kerberos administration program.
.SH SEE ALSO
.IR kerberos (1),
-Index: krb5-1.7/src/slave/kprop.M
+Index: krb5-1.8-alpha1/src/slave/kprop.M
===================================================================
---- krb5-1.7.orig/src/slave/kprop.M
-+++ krb5-1.7/src/slave/kprop.M
+--- krb5-1.8-alpha1.orig/src/slave/kprop.M
++++ krb5-1.8-alpha1/src/slave/kprop.M
@@ -39,7 +39,7 @@ Kerberos server to a slave Kerberos serv
This is done by transmitting the dumped database file to the slave
server over an encrypted, secure channel. The dump file must be created
@@ -211,10 +153,10 @@
.TP
\fB\-P\fP \fIport\fP
specifies the port to use to contact the
-Index: krb5-1.7/src/slave/kpropd.M
+Index: krb5-1.8-alpha1/src/slave/kpropd.M
===================================================================
---- krb5-1.7.orig/src/slave/kpropd.M
-+++ krb5-1.7/src/slave/kpropd.M
+--- krb5-1.8-alpha1.orig/src/slave/kpropd.M
++++ krb5-1.8-alpha1/src/slave/kpropd.M
@@ -74,7 +74,7 @@ Normally, kpropd is invoked out of
This is done by adding a line to the inetd.conf file which looks like
this:
@@ -222,7 +164,7 @@
-kprop stream tcp nowait root /usr/local/sbin/kpropd kpropd
+kprop stream tcp nowait root @mansbindir@/kpropd kpropd
- However, kpropd can also run as a standalone deamon, if the
+ However, kpropd can also run as a standalone daemon, if the
.B \-S
@@ -111,13 +111,13 @@ is used.
\fB\-f\fP \fIfile\fP
++++++ krb5-1.7-manpaths.txt ++++++
--- /var/tmp/diff_new_pack.VhBzZj/_old 2010-03-05 02:09:04.000000000 +0100
+++ /var/tmp/diff_new_pack.VhBzZj/_new 2010-03-05 02:09:04.000000000 +0100
@@ -1,15 +1,5 @@
-appl/bsd/klogind.M
-appl/bsd/kshd.M
-appl/bsd/login.M
-appl/bsd/rcp.M
-appl/bsd/rlogin.M
-appl/bsd/rsh.M
-appl/gssftp/ftpd/ftpd.M
-appl/gssftp/ftp/ftp.M
appl/sample/sclient/sclient.M
appl/sample/sserver/sserver.M
-appl/telnet/telnetd/telnetd.8
-appl/telnet/telnet/telnet.1
clients/kcpytkt/kcpytkt.M
clients/kdeltkt/kdeltkt.M
clients/kdestroy/kdestroy.M
@@ -27,7 +17,6 @@
kadmin/cli/kadmin.M
kadmin/dbutil/kdb5_util.M
kadmin/ktutil/ktutil.M
-kadmin/passwd/kpasswd.M
kadmin/server/kadmind.M
kdc/krb5kdc.M
krb5-config.M
++++++ krb5-1.7-rpmlintrc -> krb5-1.8-rpmlintrc ++++++
++++++ krb5-1.7.tar.bz2 -> krb5-1.8.tar.bz2 ++++++
krb5/krb5-1.7.tar.bz2 /mounts/work_src_done/STABLE/krb5/krb5-1.8.tar.bz2 differ: char 11, line 1
++++++ krb5-doc-1.7-rpmlintrc -> krb5-doc-1.8-rpmlintrc ++++++
++++++ vendor-files.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/eklogin.xinetd new/vendor-files/eklogin.xinetd
--- old/vendor-files/eklogin.xinetd 2007-10-18 14:57:34.000000000 +0200
+++ new/vendor-files/eklogin.xinetd 1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
-# default: off
-# description: The encrypting kerberized rlogin server accepts BSD-style rlogin sessions, \
-# but uses Kerberos 5 authentication.
-service eklogin
-{
- disable = yes
- flags = REUSE
- socket_type = stream
- wait = no
- user = root
- server = /usr/lib/mit/sbin/klogind
- server_args = -e -5 -c
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/klogin.xinetd new/vendor-files/klogin.xinetd
--- old/vendor-files/klogin.xinetd 2006-01-13 12:04:10.000000000 +0100
+++ new/vendor-files/klogin.xinetd 1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
-# default: off
-# description: The kerberized rlogin server accepts BSD-style rlogin sessions, \
-# but uses Kerberos 5 authentication.
-service klogin
-{
- disable = yes
- flags = REUSE
- socket_type = stream
- wait = no
- user = root
- server = /usr/lib/mit/sbin/klogind
- server_args = -5
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/krb5-telnet.xinetd new/vendor-files/krb5-telnet.xinetd
--- old/vendor-files/krb5-telnet.xinetd 2006-01-13 12:04:10.000000000 +0100
+++ new/vendor-files/krb5-telnet.xinetd 1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
-# default: off
-# description: The kerberized telnet server accepts normal telnet sessions, \
-# but can also use Kerberos 5 authentication.
-service telnet
-{
- disable = yes
- flags = REUSE
- socket_type = stream
- wait = no
- user = root
- server = /usr/lib/mit/sbin/telnetd
- log_on_failure += USERID
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/vendor-files/kshell.xinetd new/vendor-files/kshell.xinetd
--- old/vendor-files/kshell.xinetd 2006-01-13 12:04:10.000000000 +0100
+++ new/vendor-files/kshell.xinetd 1970-01-01 01:00:00.000000000 +0100
@@ -1,13 +0,0 @@
-# default: off
-# description: The kerberized rshell server accepts rshell commands \
-# authenticated and encrypted with Kerberos 5.
-service kshell
-{
- disable = yes
- flags = REUSE
- socket_type = stream
- wait = no
- user = root
- server = /usr/lib/mit/sbin/kshd
- server_args = -e -5
-}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org