Hello community,
here is the log from the commit of package yast2-ldap-client for openSUSE:Factory
checked in at Mon Jan 24 16:30:19 CET 2011.
--------
--- yast2-ldap-client/yast2-ldap-client.changes 2011-01-13 11:40:59.000000000 +0100
+++ /mounts/work_src_done/STABLE/yast2-ldap-client/yast2-ldap-client.changes 2011-01-24 15:14:18.000000000 +0100
@@ -1,0 +2,36 @@
+Mon Jan 24 15:12:08 CET 2011 - jsuchome@suse.cz
+
+- look for 'sss' in nsswitch.conf, not for 'sssd' (bnc#666184)
+- 2.20.11
+
+-------------------------------------------------------------------
+Fri Jan 21 17:01:21 CET 2011 - jsuchome@suse.cz
+
+- explicitely ask for kerberos+sssd enablement
+- 2.20.10
+
+-------------------------------------------------------------------
+Fri Jan 21 14:40:48 CET 2011 - jsuchome@suse.cz
+
+- if sssd is active, ask for basic Kerberos settings (fate#308902)
+- 2.20.9
+
+-------------------------------------------------------------------
+Fri Jan 21 12:27:22 CET 2011 - jsuchome@suse.cz
+
+- agent for sssd.conf moved to yast2-pam to be accessible for
+ kerberos-client
+
+-------------------------------------------------------------------
+Thu Jan 20 16:41:00 CET 2011 - jsuchome@suse.cz
+
+- write default_realm as realm
+- 2.20.8
+
+-------------------------------------------------------------------
+Thu Jan 20 16:18:04 CET 2011 - jsuchome@suse.cz
+
+- remove pam_krb5 when sssd is configured (fate#308902)
+- 2.20.7
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
yast2-ldap-client-2.20.6.tar.bz2
New:
----
yast2-ldap-client-2.20.11.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-ldap-client.spec ++++++
--- /var/tmp/diff_new_pack.F5jKae/_old 2011-01-24 16:30:09.000000000 +0100
+++ /var/tmp/diff_new_pack.F5jKae/_new 2011-01-24 16:30:09.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package yast2-ldap-client (Version 2.20.6)
+# spec file for package yast2-ldap-client
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,11 +19,11 @@
Name: yast2-ldap-client
-Version: 2.20.6
+Version: 2.20.11
Release: 1
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0: yast2-ldap-client-2.20.6.tar.bz2
+Source0: yast2-ldap-client-2.20.11.tar.bz2
Prefix: /usr
@@ -41,8 +41,9 @@
# removed lowercasing of LDAP object names
Requires: yast2-ldap >= 2.17.1
-# new API of Pam.ycp
-Requires: yast2-pam >= 2.14.0
+# etc_sssd_conf.scr
+Requires: yast2-pam >= 2.20.0
+
Provides: yast2-config-ldap_client
Obsoletes: yast2-config-ldap_client
Provides: yast2-trans-ldap_client
@@ -57,7 +58,7 @@
OpenLDAP server will be used for user authentication.
%prep
-%setup -n yast2-ldap-client-2.20.6
+%setup -n yast2-ldap-client-2.20.11
%build
%{prefix}/bin/y2tool y2autoconf
@@ -101,4 +102,5 @@
%doc %{prefix}/share/doc/packages/yast2-ldap-client
/var/adm/fillup-templates/sysconfig.ldap
+
%changelog
++++++ yast2-ldap-client-2.20.6.tar.bz2 -> yast2-ldap-client-2.20.11.tar.bz2 ++++++
++++ 2123 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/VERSION new/yast2-ldap-client-2.20.11/VERSION
--- old/yast2-ldap-client-2.20.6/VERSION 2011-01-13 11:38:24.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/VERSION 2011-01-24 15:12:43.000000000 +0100
@@ -1 +1 @@
-2.20.6
+2.20.11
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/agents/Makefile.am new/yast2-ldap-client-2.20.11/agents/Makefile.am
--- old/yast2-ldap-client-2.20.6/agents/Makefile.am 2010-12-07 16:45:15.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/agents/Makefile.am 2011-01-21 16:23:43.000000000 +0100
@@ -1,12 +1,11 @@
#
# Makefile.am for y2c_ldap_client/agents
#
-# $Id: Makefile.am 62970 2010-12-07 15:45:14Z jsuchome $
+# $Id: Makefile.am 63255 2011-01-21 15:23:42Z jsuchome $
#
scrconf_DATA = ldap_conf.scr \
- cfg_ldap.scr \
- etc_sssd_conf.scr
+ cfg_ldap.scr
fillup_DATA = sysconfig.ldap
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/agents/etc_sssd_conf.scr new/yast2-ldap-client-2.20.11/agents/etc_sssd_conf.scr
--- old/yast2-ldap-client-2.20.6/agents/etc_sssd_conf.scr 2011-01-06 14:06:15.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/agents/etc_sssd_conf.scr 1970-01-01 01:00:00.000000000 +0100
@@ -1,25 +0,0 @@
-#
-
-.etc.sssd_conf
-
-`ag_ini(
- `IniAgent("/etc/sssd/sssd.conf", $[
- "options" : [ "ignore_case_regexps", "line_can_continue"],
- "comments": [
- "^[ \t]*$", // empty line
- "^[ \t]*[;#].*"
- ],
- "sections" : [
- $[
- "begin" : [ "^[ \t]*\\[[ \t]*(.*[^ \t])[ \t]*\\][ \t]*", "[%s]" ],
- ]
- ],
- "params" : [
- $[
- "match" : [ "^[ \t]*([a-z0-9:_ ]*[a-z])[ \t]*=[ \t]*(.*[^ \t])[ \t]*$" , "%s = %s"],
- ]
- ]
- ]
- )
-)
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/configure.in new/yast2-ldap-client-2.20.11/configure.in
--- old/yast2-ldap-client-2.20.6/configure.in 2010-11-24 15:57:58.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/configure.in 2011-01-21 14:41:38.000000000 +0100
@@ -3,7 +3,7 @@
dnl -- This file is generated by y2autoconf 2.18.11 - DO NOT EDIT! --
dnl (edit configure.in.in instead)
-AC_INIT(yast2-ldap-client, 2.20.0, http://bugs.opensuse.org/, yast2-ldap-client)
+AC_INIT(yast2-ldap-client, 2.20.9, http://bugs.opensuse.org/, yast2-ldap-client)
dnl Check for presence of file 'RPMNAME'
AC_CONFIG_SRCDIR([RPMNAME])
@@ -18,7 +18,7 @@
AM_INIT_AUTOMAKE(tar-ustar -Wno-portability)
dnl Important YaST2 variables
-VERSION="2.20.0"
+VERSION="2.20.9"
RPMNAME="yast2-ldap-client"
MAINTAINER="Jiri Suchomel "
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/src/Ldap.ycp new/yast2-ldap-client-2.20.11/src/Ldap.ycp
--- old/yast2-ldap-client-2.20.6/src/Ldap.ycp 2011-01-13 11:36:42.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/src/Ldap.ycp 2011-01-24 15:13:49.000000000 +0100
@@ -5,7 +5,7 @@
* Authors: Thorsten Kukuk
* Anas Nashif
*
- * $Id: Ldap.ycp 63166 2011-01-12 12:19:05Z jsuchome $
+ * $Id: Ldap.ycp 63259 2011-01-24 14:13:48Z jsuchome $
*/
{
@@ -300,12 +300,24 @@
// packages needed for sssd configuration
global list<string> sssd_packages = [ "sssd" ];
+ // packages needed for sssd + kerberos configuration
+ global list<string> kerberos_packages = [ "kerberos-client" ];
+
// if sssd is used instead of pam_ldap/nss_ldap (fate#308902)
global boolean sssd = true;
// enable/disable offline authentication ('cache_credentials' key)
global boolean sssd_cache_credentials = false;
+ // if kerberos should be set up for sssd
+ global boolean sssd_with_krb = false;
+
+ // Kerberos default realm (for sssd)
+ global string krb5_realm = "";
+
+ // adress of KDC (key distribution centre) server for default realm
+ global string krb5_kdcip = "";
+
//----------------------------------------------------------------
/**
@@ -380,8 +392,12 @@
global define map AutoPackages() ``{
if (start)
+ {
required_packages = (list<string>)
union (required_packages, sssd ? sssd_packages : pam_nss_packages);
+ if (sssd_with_krb)
+ required_packages = (list<string>) union (required_packages, kerberos_packages);
+ }
return ($["install": required_packages, "remove": []]);
}
@@ -415,6 +431,8 @@
tls_checkpeer = settings ["tls_checkpeer"]:"yes";
mkhomedir = settings ["mkhomedir"]:mkhomedir;
sssd = settings ["sssd"]:sssd;
+ krb5_realm = settings ["krb5_realm"]:krb5_realm;
+ krb5_kdcip = settings ["krb5_kdcip"]:krb5_kdcip;
if (_start_autofs)
required_packages = (list<string>) union (required_packages, ["autofs"]);
@@ -457,7 +475,7 @@
"create_ldap" : create_ldap,
"login_enabled" : login_enabled,
"mkhomedir" : mkhomedir,
- "sssd" : sssd
+ "sssd" : sssd,
];
if (tls_checkpeer != "yes")
e["tls_checkpeer"] = tls_checkpeer;
@@ -473,6 +491,10 @@
e["nss_base_group"] = nss_base_group;
if (_autofs_allowed)
e["start_autofs"] = _start_autofs;
+ if (krb5_realm != "")
+ e["krb5_realm"] = krb5_realm;
+ if (krb5_kdcip != "")
+ e["krb5_kdcip"] = krb5_kdcip;
return e;
}
@@ -543,6 +565,26 @@
/* ------------- read/write functions ------------------------------- */
/**
+ * For sssd, some kerberos values are needed
+ */
+ global boolean ReadKrb5Conf ()
+ {
+
+ list<string> realm = (list<string>) SCR::Read (.etc.krb5_conf.v.libdefaults.default_realm);
+ if (realm == nil)
+ realm = [];
+ krb5_realm = realm[0]:"";
+
+ list<string> kdcs = (list<string>) SCR::Read (add (add (.etc.krb5_conf.v, krb5_realm), "kdc"));
+ if (kdcs == nil)
+ kdcs = [];
+ krb5_kdcip = mergestring (kdcs, " ");
+
+ return true;
+ }
+
+
+ /**
* Read single entry from /etc/ldap.conf file
* @param entry entry name
* @param defvalue default value if entry is not present
@@ -702,7 +744,7 @@
else
{
// ... or as 'sssd'
- start = contains (nsswitch["passwd"]:[], "sssd");
+ start = contains (nsswitch["passwd"]:[], "sss");
}
// nothing is configured, but some packages are installed
@@ -844,6 +886,25 @@
Autologin::Read ();
+ if (Pam::Enabled ("krb5"))
+ {
+ ReadKrb5Conf ();
+ }
+ if (FileUtils::Exists ("/etc/sssd/sssd.conf"))
+ {
+ // read realm and kdc from sssd.conf if available
+ path domain = add (.etc.sssd_conf.v, "domain/default");
+ string realm = (string) SCR::Read (add (domain, "krb5_realm"));
+ if (realm != nil)
+ krb5_realm = realm;
+ string kdc = (string) SCR::Read (add (domain, "krb5_kdcip"));
+ if (kdc != nil)
+ krb5_kdcip = kdc;
+ }
+ if (krb5_realm != "" && krb5_kdcip != "")
+ {
+ sssd_with_krb = true;
+ }
// Now check if previous configuration of LDAP server didn't proposed
// some better values:
@@ -2047,31 +2108,13 @@
}
// In a mixed Kerberos/LDAP setup the following changes are needed in the [domain/default] section:
- if (Pam::Enabled("krb5"))
+ if (sssd_with_krb)
{
SCR::Write (add (domain, "auth_provider"), "krb5");
SCR::Write (add (domain, "chpass_provider"), "krb5");
- /*
- FIXME how to read krb settings:
- a) use agent directly (moved out from yast2-kerberos-client)
- b) use Read + Export of Kerberos.ycp
-
- * Set "krb5_kdcip" to the hostname of the kerberos kdc
- * Set "krb5_realm" to kerberos realm
- */
- if (Package::Installed ("yast2-kerberos-client"))
- {
- WFM::CallFunction ("kerberos-client_auto", ["Read"]);
- any e = WFM::CallFunction ("kerberos-client_auto",["Export"]);
- if (is (e,map) && e != $[])
- {
- map kerberos = (map) e;
-y2internal ("kerberos export map: %1", kerberos);
- SCR::Write (add (domain, "krb5_realm"), kerberos["kerberos_client","default_domain"]:nil);
- SCR::Write (add (domain, "krb5_kdcip"), kerberos["kerberos_client","kdc_server"]:nil);
- }
- }
+ SCR::Write (add (domain, "krb5_realm"), krb5_realm);
+ SCR::Write (add (domain, "krb5_kdcip"), krb5_kdcip);
}
else
{
@@ -2581,6 +2624,11 @@
union (nsswitch["passwd"]:[], ["sss"]));
Nsswitch::WriteDb ("group", (list<string>)
union (nsswitch["group"]:[], ["sss"]));
+ if (Pam::Enabled("krb5"))
+ {
+ y2milestone ("configuring 'sss', so 'krb5' will be removed");
+ Pam::Remove ("krb5");
+ }
}
else
{
@@ -2846,6 +2894,8 @@
block<boolean> abort = ``{ return false; };
list<string> needed_packages = sssd ? sssd_packages : pam_nss_packages;
+ if (sssd_with_krb)
+ needed_packages = (list<string>) union (needed_packages, kerberos_packages);
if (_start_autofs && !Package::Installed("autofs"))
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/src/LdapPopup.ycp new/yast2-ldap-client-2.20.11/src/LdapPopup.ycp
--- old/yast2-ldap-client-2.20.6/src/LdapPopup.ycp 2011-01-13 11:36:57.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/src/LdapPopup.ycp 2011-01-13 11:52:00.000000000 +0100
@@ -4,7 +4,7 @@
* Summary: Additional user interface functions: special edit popups
* Authors: Jiri Suchomel
*
- * $Id: LdapPopup.ycp 51747 2008-10-01 13:35:55Z jsuchome $
+ * $Id: LdapPopup.ycp 63176 2011-01-13 10:51:59Z jsuchome $
*
* Popups for editing the values of LDAP configuration tables.
*/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/src/ui.ycp new/yast2-ldap-client-2.20.11/src/ui.ycp
--- old/yast2-ldap-client-2.20.6/src/ui.ycp 2011-01-13 11:34:05.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/src/ui.ycp 2011-01-21 17:02:06.000000000 +0100
@@ -5,7 +5,7 @@
* Authors: Thorsten Kukuk
* Anas Nashif
*
- * $Id: ui.ycp 63173 2011-01-12 15:57:26Z jsuchome $
+ * $Id: ui.ycp 63257 2011-01-21 16:02:05Z jsuchome $
*
* All user interface functions.
*/
@@ -516,6 +516,8 @@
}
list<string> needed_packages = Ldap::sssd ? Ldap::sssd_packages : Ldap::pam_nss_packages;
+ if (Ldap::sssd_with_krb)
+ needed_packages = (list<string>) union (needed_packages, Ldap::kerberos_packages);
if (start && !Package::InstalledAll (needed_packages))
{
@@ -715,6 +717,9 @@
string tls_cacertdir = Ldap::tls_cacertdir;
string tls_cacertfile = Ldap::tls_cacertfile;
boolean sssd = Ldap::sssd;
+ string krb5_realm = Ldap::krb5_realm;
+ string krb5_kdcip = Ldap::krb5_kdcip;
+ boolean sssd_with_krb = Ldap::sssd_with_krb;
list<term>member_attributes = [
`item (`id("member"), "member", member_attribute == "member"),
@@ -833,12 +838,8 @@
);
}
- define void set_client_term () {
-
- term cont = `Top (`HBox(`HSpacing (5), `VBox(
- `VSpacing(0.4),
- `Left (`CheckBox (`id (`sssd), `opt (`notify), _("Use S&ystem Security Services Daemon (SSSD)"), sssd)),
- `VSpacing(0.4),
+ term get_frame_nss () {
+ return
// frame label
`Frame (_("Naming Contexts"), `HBox(
`HSpacing (1), `VBox(
@@ -876,7 +877,31 @@
`VSpacing(0.4)
),
`HSpacing (1)
- )),
+ ));
+ }
+
+ term get_frame_krb () {
+ return
+ // frame label
+ `Frame (_("Basic Kerberos Settings"), `HBox (`HSpacing (1), `VBox (
+ // checkbox label
+ `Left (`CheckBox (`id (`sssd_with_krb), `opt (`notify), _("&Use Kerberos"), sssd_with_krb)),
+ `VSpacing(0.4),
+ // textentry label
+ `TextEntry (`id (`krb5_realm), _("Default Real&m"), krb5_realm),
+ // textentry label
+ `TextEntry (`id (`krb5_kdcip), _("&KDC Server Address"), krb5_kdcip),
+ `VSpacing (0.4)
+ ), `HSpacing (1)));
+ }
+
+ define void set_client_term () {
+
+ term cont = `Top (`HBox(`HSpacing (5), `VBox(
+ `VSpacing(0.4),
+ `Left (`CheckBox (`id (`sssd), `opt (`notify), _("Use S&ystem Security Services Daemon (SSSD)"), sssd)),
+ `VSpacing(0.4),
+ `ReplacePoint (`id (`rp_frame), `VBox (sssd ? get_frame_krb () : get_frame_nss ())),
`VSpacing (0.4),
`ComboBox (`id (`pam_password), `opt(`notify,`hstretch,`editable),
// combobox label
@@ -915,10 +940,11 @@
UI::ReplaceWidget (`tabContents, cont);
if (has_tabs)
UI::ChangeWidget (`id (`tabs), `CurrentItem, `client);
-
- foreach (symbol ui, [ `nss_base_passwd, `nss_base_group, `nss_base_shadow, `br_passwd, `br_shadow, `br_group ], {
- UI::ChangeWidget (`id (ui), `Enabled, UI::QueryWidget (`id (`sssd), `Value) == false);
- });
+ if (sssd)
+ {
+ UI::ChangeWidget (`id (`krb5_realm), `Enabled, sssd_with_krb);
+ UI::ChangeWidget (`id (`krb5_kdcip), `Enabled, sssd_with_krb);
+ }
}
define void set_admin_term () {
@@ -1014,12 +1040,23 @@
if (current == `client)
{
member_attribute =(string)UI::QueryWidget(`id(`group_style),`Value);
- nss_base_passwd = (string)
- UI::QueryWidget(`id(`nss_base_passwd),`Value);
- nss_base_shadow = (string)
- UI::QueryWidget(`id(`nss_base_shadow),`Value);
- nss_base_group = (string)
- UI::QueryWidget(`id(`nss_base_group),`Value);
+
+ if (sssd)
+ {
+ krb5_realm = (string)
+ UI::QueryWidget (`id (`krb5_realm), `Value);
+ krb5_kdcip = (string)
+ UI::QueryWidget (`id (`krb5_kdcip), `Value);
+ }
+ else
+ {
+ nss_base_passwd = (string)
+ UI::QueryWidget(`id(`nss_base_passwd),`Value);
+ nss_base_shadow = (string)
+ UI::QueryWidget(`id(`nss_base_shadow),`Value);
+ nss_base_group = (string)
+ UI::QueryWidget(`id(`nss_base_group),`Value);
+ }
pam_password = (string) UI::QueryWidget(`id(`pam_password), `Value);
tls_cacertfile = (string) UI::QueryWidget(`id(`tls_cacertfile), `Value);
@@ -1079,9 +1116,13 @@
if (result == `sssd)
{
sssd = (boolean) UI::QueryWidget (`id (`sssd), `Value);
- foreach (symbol ui, [ `nss_base_passwd, `nss_base_group, `nss_base_shadow, `br_passwd, `br_shadow, `br_group ], {
- UI::ChangeWidget (`id (ui), `Enabled, !sssd);
- });
+ UI::ReplaceWidget (`id (`rp_frame), sssd ? get_frame_krb () : get_frame_nss ());
+ }
+ if (result == `sssd_with_krb)
+ {
+ sssd_with_krb = (boolean) UI::QueryWidget (`id (`sssd_with_krb), `Value);
+ UI::ChangeWidget (`id (`krb5_realm), `Enabled, sssd_with_krb);
+ UI::ChangeWidget (`id (`krb5_kdcip), `Enabled, sssd_with_krb);
}
if (result == `br_tls_cacertdir)
{
@@ -1257,6 +1298,8 @@
Ldap::ppolicies[dn] = pp;
}
});
+ if (krb5_realm == "" || krb5_kdcip == "" || !sssd)
+ sssd_with_krb = false;
if (Ldap::GetMainConfigDN() != base_config_dn ||
Ldap::bind_dn != bind_dn ||
@@ -1270,7 +1313,9 @@
Ldap::ldap_v2 != ldap_v2 ||
Ldap::tls_cacertdir != tls_cacertdir ||
Ldap::tls_cacertfile != tls_cacertfile ||
- Ldap::sssd != sssd
+ Ldap::sssd != sssd ||
+ Ldap::krb5_realm != krb5_realm ||
+ Ldap::krb5_kdcip != krb5_kdcip
)
{
Ldap::bind_dn = bind_dn;
@@ -1286,6 +1331,9 @@
Ldap::tls_cacertdir = tls_cacertdir;
Ldap::tls_cacertfile = tls_cacertfile;
Ldap::sssd = sssd;
+ Ldap::krb5_realm = krb5_realm;
+ Ldap::krb5_kdcip = krb5_kdcip;
+ Ldap::sssd_with_krb = sssd_with_krb;
Ldap::modified = true;
}
break;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/testsuite/tests/Export.out new/yast2-ldap-client-2.20.11/testsuite/tests/Export.out
--- old/yast2-ldap-client-2.20.6/testsuite/tests/Export.out 2011-01-12 13:01:52.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/testsuite/tests/Export.out 2011-01-21 14:19:25.000000000 +0100
@@ -17,6 +17,8 @@
Read .etc.ldap_conf.v."/etc/ldap.conf"."nss_map_attribute" 0
Execute .passwd.init $["base_directory":"/etc"] true
Read .passwd.passwd.pluslines ["+"]
+Read .etc.krb5_conf.v.libdefaults.default_realm ["SUSE.CZ"]
+Read .etc.krb5_conf.v."SUSE.CZ"."kdc" ["kdc.suse.cz"]
Return true
Dump ============================================
-Return $["base_config_dn":"", "bind_dn":"uid=manager,dc=suse,dc=cz", "create_ldap":false, "file_server":false, "ldap_domain":"dc=suse,dc=cz", "ldap_server":"localhost", "ldap_tls":false, "ldap_v2":false, "login_enabled":true, "member_attribute":"member", "mkhomedir":true, "nss_base_group":"ou=group,dc=suse,dc=cz", "pam_password":"crypt", "sssd":false, "start_autofs":false, "start_ldap":true, "tls_cacertdir":"/etc/openldap/cacerts/"]
+Return $["base_config_dn":"", "bind_dn":"uid=manager,dc=suse,dc=cz", "create_ldap":false, "file_server":false, "krb5_kdcip":"kdc.suse.cz", "krb5_realm":"SUSE.CZ", "ldap_domain":"dc=suse,dc=cz", "ldap_server":"localhost", "ldap_tls":false, "ldap_v2":false, "login_enabled":true, "member_attribute":"member", "mkhomedir":true, "nss_base_group":"ou=group,dc=suse,dc=cz", "pam_password":"crypt", "sssd":false, "start_autofs":false, "start_ldap":true, "tls_cacertdir":"/etc/openldap/cacerts/"]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/testsuite/tests/Export.ycp new/yast2-ldap-client-2.20.11/testsuite/tests/Export.ycp
--- old/yast2-ldap-client-2.20.6/testsuite/tests/Export.ycp 2011-01-12 13:19:06.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/testsuite/tests/Export.ycp 2011-01-21 16:23:43.000000000 +0100
@@ -2,7 +2,7 @@
* Read.ycp
* Test of Ldap:Read function
* Author: Jiri Suchomel
- * $Id: Export.ycp 63166 2011-01-12 12:19:05Z jsuchome $
+ * $Id: Export.ycp 63255 2011-01-21 15:23:42Z jsuchome $
*/
{
@@ -36,6 +36,16 @@
]
]
],
+ "krb5_conf" : $[
+ "v" : $[
+ "libdefaults": $[
+ "default_realm": ["SUSE.CZ"],
+ ],
+ "SUSE.CZ": $[
+ "kdc": ["kdc.suse.cz"],
+ ],
+ ],
+ ],
// /etc/security/pam_*
"security": $[
"section": $[
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/testsuite/tests/LDAPInit.ycp new/yast2-ldap-client-2.20.11/testsuite/tests/LDAPInit.ycp
--- old/yast2-ldap-client-2.20.6/testsuite/tests/LDAPInit.ycp 2011-01-13 11:39:40.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/testsuite/tests/LDAPInit.ycp 2011-01-13 11:52:00.000000000 +0100
@@ -2,7 +2,7 @@
* LDAPInit.ycp
* Test of Ldap:LDAPInit, LDAPError, GetFirstServer, GetFirstPort functions
* Author: Jiri Suchomel
- * $Id: LDAPInit.ycp 51164 2008-09-15 15:12:00Z jsrain $
+ * $Id: LDAPInit.ycp 63176 2011-01-13 10:51:59Z jsuchome $
*/
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/yast2-ldap-client-2.20.6/testsuite/tests/Read.ycp new/yast2-ldap-client-2.20.11/testsuite/tests/Read.ycp
--- old/yast2-ldap-client-2.20.6/testsuite/tests/Read.ycp 2011-01-12 13:19:06.000000000 +0100
+++ new/yast2-ldap-client-2.20.11/testsuite/tests/Read.ycp 2011-01-21 16:23:43.000000000 +0100
@@ -2,7 +2,7 @@
* Read.ycp
* Test of Ldap:Read function
* Author: Jiri Suchomel
- * $Id: Read.ycp 63166 2011-01-12 12:19:05Z jsuchome $
+ * $Id: Read.ycp 63255 2011-01-21 15:23:42Z jsuchome $
*/
{
@@ -36,6 +36,16 @@
]
]
],
+ "krb5_conf" : $[
+ "v" : $[
+ "libdefaults": $[
+ "default_realm": ["SUSE.CZ"],
+ ],
+ "SUSE.CZ": $[
+ "kdc": ["kdc.suse.cz"],
+ ],
+ ],
+ ],
// /etc/security/pam_*
"security": $[
"section": $[
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org