April 2016 - openSUSE Commits - openSUSE Mailing Lists

commit efivar for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package efivar for openSUSE:Factory checked in at 2016-04-16 22:07:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/efivar (Old) and /work/SRC/openSUSE:Factory/.efivar.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "efivar" Changes: -------- --- /work/SRC/openSUSE:Factory/efivar/efivar.changes 2016-03-16 10:42:58.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.efivar.new/efivar.changes 2016-04-16 22:07:50.000000000 +0200 @@ -1,0 +2,10 @@ +Wed Apr 13 02:08:09 UTC 2016 - glin(a)suse.com + +- Add efivar-relicensing.patch to update the license in some files + +------------------------------------------------------------------- +Tue Apr 12 02:05:47 UTC 2016 - glin(a)suse.com + +- Add the missing COPYING + +------------------------------------------------------------------- New: ---- efivar-relicensing.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ efivar.spec ++++++ --- /var/tmp/diff_new_pack.ntcCPg/_old 2016-04-16 22:07:51.000000000 +0200 +++ /var/tmp/diff_new_pack.ntcCPg/_new 2016-04-16 22:07:51.000000000 +0200 @@ -28,6 +28,7 @@ Patch2: efivar-no-static.patch Patch3: efivar-nvme-rename.patch Patch4: efivar-nvme-no-kernel-header.patch +Patch5: efivar-relicensing.patch BuildRequires: fdupes BuildRequires: pkg-config BuildRequires: popt-devel @@ -57,6 +58,7 @@ %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build export CFLAGS="%{optflags} -Wno-nonnull" @@ -74,7 +76,7 @@ %files %defattr(-,root,root) -%doc +%doc COPYING %{_bindir}/efivar %{_mandir}/man1/* ++++++ efivar-relicensing.patch ++++++ ++++ 1147 lines (skipped)

1 0

commit giflib for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package giflib for openSUSE:Factory checked in at 2016-04-16 22:07:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/giflib (Old) and /work/SRC/openSUSE:Factory/.giflib.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "giflib" Changes: -------- --- /work/SRC/openSUSE:Factory/giflib/giflib.changes 2016-03-29 09:53:14.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.giflib.new/giflib.changes 2016-04-16 22:07:43.000000000 +0200 @@ -1,0 +2,16 @@ +Tue Apr 12 08:34:44 UTC 2016 - fstrba(a)suse.com + +- Update to version 5.1.4 + * Fix SF bug #94: giflib 5 loves to fail to load images... a LOT. + * Fix SF Bug #92: Fix buffer overread in gifbuild. + * Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path + * Fix SF Bug #89: Fix buffer overread in gifbuild. +- Removed patch: + * giflib-sf-88.patch + + Integrated upstream +- Added patch: + * giflib-CVE-2016-3977.patch + - Fix CVE-2016-3977: heap buffer overflow in gif2rgb + (bsc#974847) + +------------------------------------------------------------------- Old: ---- giflib-5.1.3.tar.bz2 giflib-sf-88.patch New: ---- giflib-5.1.4.tar.bz2 giflib-CVE-2016-3977.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ giflib.spec ++++++ --- /var/tmp/diff_new_pack.n9cqLo/_old 2016-04-16 22:07:44.000000000 +0200 +++ /var/tmp/diff_new_pack.n9cqLo/_new 2016-04-16 22:07:44.000000000 +0200 @@ -18,7 +18,7 @@ %define lname libgif7 Name: giflib -Version: 5.1.3 +Version: 5.1.4 Release: 0 Summary: A Library for Working with GIF Images License: MIT @@ -28,7 +28,7 @@ Source2: baselibs.conf Patch1: giflib-visibility.patch Patch2: giflib-automake-1_13.patch -Patch3: giflib-sf-88.patch +Patch3: giflib-CVE-2016-3977.patch BuildRequires: libtool >= 2 BuildRequires: xorg-x11-libICE-devel BuildRequires: xorg-x11-libSM-devel ++++++ giflib-5.1.3.tar.bz2 -> giflib-5.1.4.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/NEWS new/giflib-5.1.4/NEWS --- old/giflib-5.1.3/NEWS 2016-03-17 17:31:46.000000000 +0100 +++ new/giflib-5.1.4/NEWS 2016-04-02 17:35:30.000000000 +0200 @@ -1,5 +1,20 @@ GIFLIB NEWS + +Version 5.1.4 +============= + +Code Fixes +---------- + +* Fix SF bug #94: giflib 5 loves to fail to load images... a LOT. + +* Fix SF Bug #92: Fix buffer overread in gifbuild. + +* Fix SF Bug #93: Add bounds check in gifbuild netscape2.0 path + +* Fix SF Bug #89: Fix buffer overread in gifbuild. + Version 5.1.3 ============= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/configure new/giflib-5.1.4/configure --- old/giflib-5.1.3/configure 2016-03-17 17:31:57.000000000 +0100 +++ new/giflib-5.1.4/configure 2016-04-02 17:36:45.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for giflib 5.1.3. +# Generated by GNU Autoconf 2.69 for giflib 5.1.4. # # Report bugs to <esr(a)thyrsus.com>. # @@ -590,8 +590,8 @@ # Identity of this package. PACKAGE_NAME='giflib' PACKAGE_TARNAME='giflib' -PACKAGE_VERSION='5.1.3' -PACKAGE_STRING='giflib 5.1.3' +PACKAGE_VERSION='5.1.4' +PACKAGE_STRING='giflib 5.1.4' PACKAGE_BUGREPORT='esr(a)thyrsus.com' PACKAGE_URL='' @@ -1314,7 +1314,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures giflib 5.1.3 to adapt to many kinds of systems. +\`configure' configures giflib 5.1.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1384,7 +1384,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of giflib 5.1.3:";; + short | recursive ) echo "Configuration of giflib 5.1.4:";; esac cat <<\_ACEOF @@ -1489,7 +1489,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -giflib configure 5.1.3 +giflib configure 5.1.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1858,7 +1858,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by giflib $as_me 5.1.3, which was +It was created by giflib $as_me 5.1.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2723,7 +2723,7 @@ # Define the identity of the package. PACKAGE='giflib' - VERSION='5.1.3' + VERSION='5.1.4' cat >>confdefs.h <<_ACEOF @@ -13218,7 +13218,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by giflib $as_me 5.1.3, which was +This file was extended by giflib $as_me 5.1.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -13284,7 +13284,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -giflib config.status 5.1.3 +giflib config.status 5.1.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/configure.ac new/giflib-5.1.4/configure.ac --- old/giflib-5.1.3/configure.ac 2016-03-17 17:31:46.000000000 +0100 +++ new/giflib-5.1.4/configure.ac 2016-04-02 17:35:30.000000000 +0200 @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(giflib, [5.1.3], [esr(a)thyrsus.com] giflib) +AC_INIT(giflib, [5.1.4], [esr(a)thyrsus.com] giflib) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([lib/dgif_lib.c]) AM_INIT_AUTOMAKE([gnu dist-bzip2 -Wall]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/doc/gif2rgb.1 new/giflib-5.1.4/doc/gif2rgb.1 --- old/giflib-5.1.3/doc/gif2rgb.1 2016-03-17 17:29:39.000000000 +0100 +++ new/giflib-5.1.4/doc/gif2rgb.1 2016-04-02 17:34:45.000000000 +0200 @@ -66,7 +66,7 @@ .PP By default, convert a GIF input file to RGB triplets\&. If \-s is specified, convert RGB input to a GIF\&. .PP -If no input file is given, gif2rgb will try to read adata from stdin\&. +If no input file is given, gif2rgb will try to read data from stdin\&. .SH "AUTHOR" .PP Gershon Elber\&. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/doc/gif2rgb.xml new/giflib-5.1.4/doc/gif2rgb.xml --- old/giflib-5.1.3/doc/gif2rgb.xml 2014-05-16 12:46:53.000000000 +0200 +++ new/giflib-5.1.4/doc/gif2rgb.xml 2016-04-02 17:34:00.000000000 +0200 @@ -84,7 +84,7 @@ <para>By default, convert a GIF input file to RGB triplets. If -s is specified, convert RGB input to a GIF.</para> -<para>If no input file is given, gif2rgb will try to read adata +<para>If no input file is given, gif2rgb will try to read data from stdin.</para> </refsect1> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/lib/dgif_lib.c new/giflib-5.1.4/lib/dgif_lib.c --- old/giflib-5.1.3/lib/dgif_lib.c 2016-03-17 17:27:57.000000000 +0100 +++ new/giflib-5.1.4/lib/dgif_lib.c 2016-04-02 17:34:00.000000000 +0200 @@ -89,7 +89,7 @@ GifFile->SavedImages = NULL; GifFile->SColorMap = NULL; - Private = (GifFilePrivateType *)malloc(sizeof(GifFilePrivateType)); + Private = (GifFilePrivateType *)calloc(1, sizeof(GifFilePrivateType)); if (Private == NULL) { if (Error != NULL) *Error = D_GIF_ERR_NOT_ENOUGH_MEM; @@ -175,7 +175,7 @@ GifFile->SavedImages = NULL; GifFile->SColorMap = NULL; - Private = (GifFilePrivateType *)malloc(sizeof(GifFilePrivateType)); + Private = (GifFilePrivateType *)calloc(1, sizeof(GifFilePrivateType)); if (!Private) { if (Error != NULL) *Error = D_GIF_ERR_NOT_ENOUGH_MEM; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/lib/gif_lib.h new/giflib-5.1.4/lib/gif_lib.h --- old/giflib-5.1.3/lib/gif_lib.h 2016-03-17 17:31:46.000000000 +0100 +++ new/giflib-5.1.4/lib/gif_lib.h 2016-04-02 17:35:30.000000000 +0200 @@ -13,7 +13,7 @@ #define GIFLIB_MAJOR 5 #define GIFLIB_MINOR 1 -#define GIFLIB_RELEASE 3 +#define GIFLIB_RELEASE 4 #define GIF_ERROR 0 #define GIF_OK 1 Files old/giflib-5.1.3/tests/FOO and new/giflib-5.1.4/tests/FOO differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/giflib-5.1.3/util/gifbuild.c new/giflib-5.1.4/util/gifbuild.c --- old/giflib-5.1.3/util/gifbuild.c 2014-05-16 12:46:53.000000000 +0200 +++ new/giflib-5.1.4/util/gifbuild.c 2016-04-02 17:34:10.000000000 +0200 @@ -692,6 +692,7 @@ putchar('\n'); while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) { ++ep; + last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1)); VisibleDumpBuffer(ep->Bytes, ep->ByteCount); putchar('\n'); } @@ -703,6 +704,7 @@ putchar('\n'); while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) { ++ep; + last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1)); VisibleDumpBuffer(ep->Bytes, ep->ByteCount); putchar('\n'); } @@ -723,7 +725,10 @@ printf("\ttransparent index %d\n", gcb.TransparentColor); printf("end\n\n"); } - else if (ep->Function == APPLICATION_EXT_FUNC_CODE + else if (!last + && ep->Function == APPLICATION_EXT_FUNC_CODE + && ep->ByteCount >= 11 + && (ep+1)->ByteCount >= 3 && memcmp(ep->Bytes, "NETSCAPE2.0", 11) == 0) { unsigned char *params = (++ep)->Bytes; unsigned int loopcount = params[1] | (params[2] << 8); @@ -734,6 +739,7 @@ VisibleDumpBuffer(ep->Bytes, ep->ByteCount); while (!last && ep[1].Function == CONTINUE_EXT_FUNC_CODE) { ++ep; + last = (ep - ExtensionBlocks == (ExtensionBlockCount - 1)); VisibleDumpBuffer(ep->Bytes, ep->ByteCount); putchar('\n'); } ++++++ giflib-CVE-2016-3977.patch ++++++ --- giflib-5.1.4/util/gif2rgb.c 2016-03-17 17:24:17.000000000 +0100 +++ giflib-5.1.4/util/gif2rgb.c 2016-04-12 10:37:35.672174495 +0200 @@ -471,6 +471,12 @@ exit(EXIT_FAILURE); } + /* check that the background color isn't garbage (SF bug #87) */ + if (GifFile->SBackGroundColor < 0 || GifFile->SBackGroundColor >= ColorMap->ColorCount) { + fprintf(stderr, "Background color out of range for colormap\n"); + exit(EXIT_FAILURE); + } + DumpScreen2RGB(OutFileName, OneFileFlag, ColorMap, ScreenBuffer,

1 0

commit yast2-users for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package yast2-users for openSUSE:Factory checked in at 2016-04-16 22:07:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-users (Old) and /work/SRC/openSUSE:Factory/.yast2-users.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-users" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-users/yast2-users.changes 2016-03-20 11:48:12.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.yast2-users.new/yast2-users.changes 2016-04-16 22:07:33.000000000 +0200 @@ -1,0 +2,9 @@ +Thu Apr 7 08:49:13 UTC 2016 - igonzalezsosa(a)suse.com + +- Does not set empty passwords fields in /etc/shadow during + installation (CVE-2016-1601, bnc#973639, bnc#974220) +- Set root password correctly when using a minimal profile + (bnc#971804) +- 3.1.47 + +------------------------------------------------------------------- Old: ---- yast2-users-3.1.46.tar.bz2 New: ---- yast2-users-3.1.47.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-users.spec ++++++ --- /var/tmp/diff_new_pack.OUASOL/_old 2016-04-16 22:07:34.000000000 +0200 +++ /var/tmp/diff_new_pack.OUASOL/_new 2016-04-16 22:07:34.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-users -Version: 3.1.46 +Version: 3.1.47 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,7 +37,7 @@ BuildRequires: yast2-perl-bindings BuildRequires: yast2-security BuildRequires: yast2-testsuite -BuildRequires: rubygem(rspec) +BuildRequires: rubygem(%rb_default_ruby_abi:rspec) Requires: cracklib Requires: perl-Digest-SHA1 @@ -105,6 +105,10 @@ %dir %{yast_yncludedir}/users %dir %{yast_moduledir}/YaPI %{yast_clientdir}/*.rb +%dir %{yast_libdir}/users +%dir %{yast_libdir}/users/clients +%{yast_libdir}/users/* +%{yast_libdir}/users/clients/* %{yast_desktopdir}/*.desktop %{yast_moduledir}/*.pm %{yast_moduledir}/UsersUI.rb ++++++ yast2-users-3.1.46.tar.bz2 -> yast2-users-3.1.47.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/.travis.yml new/yast2-users-3.1.47/.travis.yml --- old/yast2-users-3.1.46/.travis.yml 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/.travis.yml 2016-04-12 14:01:29.000000000 +0200 @@ -5,7 +5,7 @@ # disable rvm, use system Ruby - rvm reset - wget https://raw.githubusercontent.com/yast/yast-devtools/master/travis-tools/tr… - - sh ./travis_setup.sh -p "rake yast2-devtools yast2-testsuite yast2 yast2-perl-bindings yast2-core-dev yast2-ldap yast2-perl-bindings yast2-security libcrack2-dev doxygen libdigest-sha1-perl" -g "yast-rake gettext" + - sh ./travis_setup.sh -p "rake yast2-devtools yast2-testsuite yast2 yast2-perl-bindings yast2-core-dev yast2-ldap yast2-perl-bindings yast2-security libcrack2-dev doxygen libdigest-sha1-perl" -g "rspec:3.3.0 yast-rake gettext" script: - rake check:syntax - rake check:pot diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/package/yast2-users.changes new/yast2-users-3.1.47/package/yast2-users.changes --- old/yast2-users-3.1.46/package/yast2-users.changes 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/package/yast2-users.changes 2016-04-12 14:01:29.000000000 +0200 @@ -1,4 +1,13 @@ ------------------------------------------------------------------- +Thu Apr 7 08:49:13 UTC 2016 - igonzalezsosa(a)suse.com + +- Does not set empty passwords fields in /etc/shadow during + installation (CVE-2016-1601, bnc#973639, bnc#974220) +- Set root password correctly when using a minimal profile + (bnc#971804) +- 3.1.47 + +------------------------------------------------------------------- Sat Mar 5 11:04:17 UTC 2016 - igonzalezsosa(a)suse.com - Do not include inst-sys users when cloning the configuration diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/package/yast2-users.spec new/yast2-users-3.1.47/package/yast2-users.spec --- old/yast2-users-3.1.46/package/yast2-users.spec 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/package/yast2-users.spec 2016-04-12 14:01:29.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-users -Version: 3.1.46 +Version: 3.1.47 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -37,7 +37,7 @@ BuildRequires: yast2-perl-bindings BuildRequires: yast2-security BuildRequires: yast2-testsuite -BuildRequires: rubygem(rspec) +BuildRequires: rubygem(%rb_default_ruby_abi:rspec) Requires: cracklib Requires: perl-Digest-SHA1 @@ -105,6 +105,10 @@ %dir %{yast_yncludedir}/users %dir %{yast_moduledir}/YaPI %{yast_clientdir}/*.rb +%dir %{yast_libdir}/users +%dir %{yast_libdir}/users/clients +%{yast_libdir}/users/* +%{yast_libdir}/users/clients/* %{yast_desktopdir}/*.desktop %{yast_moduledir}/*.pm %{yast_moduledir}/UsersUI.rb diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/Makefile.am new/yast2-users-3.1.47/src/Makefile.am --- old/yast2-users-3.1.46/src/Makefile.am 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/src/Makefile.am 2016-04-12 14:01:29.000000000 +0200 @@ -35,6 +35,10 @@ clients/inst_user_first.rb \ clients/users_encryption_method.rb +ylibclientdir = @ylibdir@/users/clients +ylibclient_DATA = \ + lib/users/clients/users_finish.rb + yncludedir = @yncludedir@/users ynclude_DATA = \ include/users/widgets.rb \ @@ -77,6 +81,6 @@ desktop_DATA = \ desktop/users.desktop -EXTRA_DIST = $(module_DATA) $(module1_DATA) $(client_DATA) $(ynclude_DATA) $(ylibdialog_DATA) $(ylib_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA) +EXTRA_DIST = $(module_DATA) $(module1_DATA) $(client_DATA) $(ynclude_DATA) $(ylibdialog_DATA) $(ylib_DATA) $(scrconf_DATA) $(agent_SCRIPTS) $(schemafiles_DATA) $(desktop_DATA) $(ylibclient_DATA) include $(top_srcdir)/Makefile.am.common diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/clients/users_finish.rb new/yast2-users-3.1.47/src/clients/users_finish.rb --- old/yast2-users-3.1.46/src/clients/users_finish.rb 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/src/clients/users_finish.rb 2016-04-12 14:01:29.000000000 +0200 @@ -27,75 +27,5 @@ # # $Id$ -module Yast - class UsersFinishClient < Client - def main - textdomain "users" - - Yast.import "Autologin" - Yast.import "Users" - Yast.import "UsersSimple" - - # create_users() - Yast.include self, "users/routines.rb" - - @func = "" - @param = {} - - # Check arguments - if Ops.greater_than(Builtins.size(WFM.Args), 0) && - Ops.is_string?(WFM.Args(0)) - @func = Convert.to_string(WFM.Args(0)) - if Ops.greater_than(Builtins.size(WFM.Args), 1) && - Ops.is_map?(WFM.Args(1)) - @param = Convert.to_map(WFM.Args(1)) - end - end - - Builtins.y2milestone("starting users_finish") - Builtins.y2debug("func=%1", @func) - Builtins.y2debug("param=%1", @param) - - if @func == "Info" - return { - "steps" => 1, - # progress step title - "title" => _("Writing Users Configuration..."), - "when" => [:installation, :live_installation, :autoinst] - } - elsif @func == "Write" - # Creating all users and their environment - - if Mode.autoinst - # Write imported users (during autoupgrade no changes are done) - - # During installation, some package could add a new user, so we - # need to read them again before writing. - Users.SetExportAll(true) - saved = Users.Export - Users.ReadLocal - Users.Import(saved) - - # Write users - Users.SetWriteOnly(true) - @progress_orig = Progress.set(false) - @ret = Users.Write == "" - Progress.set(@progress_orig) - else - # write the root password - UsersSimple.Write - - other_users = setup_all_users - Users.Write if other_users - end - else - Builtins.y2error("unknown function: %1", @func) - end - - Builtins.y2milestone("users_finish finished") - nil - end - end -end - -Yast::UsersFinishClient.new.main +require "users/clients/users_finish" +Yast::UsersFinishClient.new.run diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/include/users/routines.rb new/yast2-users-3.1.47/src/include/users/routines.rb --- old/yast2-users-3.1.46/src/include/users/routines.rb 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/src/include/users/routines.rb 2016-04-12 14:01:29.000000000 +0200 @@ -30,6 +30,7 @@ module UsersRoutinesInclude def initialize_users_routines(include_target) Yast.import "Mode" + Yast.import "Autologin" textdomain "users" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/lib/users/clients/users_finish.rb new/yast2-users-3.1.47/src/lib/users/clients/users_finish.rb --- old/yast2-users-3.1.46/src/lib/users/clients/users_finish.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/src/lib/users/clients/users_finish.rb 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,94 @@ +# encoding: utf-8 + +# ------------------------------------------------------------------------------ +# Copyright (c) 2016 SUSE LLC +# +# This program is free software; you can redistribute it and/or modify it under +# the terms of version 2 of the GNU General Public License as published by the +# Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS +# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# +# ------------------------------------------------------------------------------ + +require "installation/finish_client" + +module Yast + class UsersFinishClient < ::Installation::FinishClient + include Logger + + def initialize + textdomain "users" + + Yast.import "Users" + Yast.import "UsersSimple" + # setup_all_users() + Yast.include self, "users/routines.rb" + end + + # Write users + # + # It relies in different methods depending if it's running + # during autoinst or in a regular installation. + # + # @see write_autoinst + # @see write_install + def write + if Mode.autoinst + write_autoinst + else + write_install + end + end + + protected + + # @see Implements ::Installation::FinishClient#modes + def modes + [:installation, :live_installation, :autoinst] + end + + # @see Implements ::Installation::FinishClient#title + def title + _("Writing Users Configuration...") + end + + # Write imported users during autoinstallation + # + # During installation, some package could add a new user, so we + # need to read them again before writing. + # + # On the other hand, during autoupgrade no changes are performed. + def write_autoinst + # 1. Export users imported in inst_autosetup (and store them) + Users.SetExportAll(false) + saved = Users.Export + log.info("Users to import: #{saved}") + + # 2. Read users and settings from the installed system + # (bsc#965852, bsc#973639, bsc#974220 and bsc#971804) + Users.Read + + # 3. Merge users from the system with new users from + # AutoYaST profile (from step 1) + Users.Import(saved) + + # 4. Write users + Users.SetWriteOnly(true) + @progress_orig = Progress.set(false) + error = Users.Write + log.error(error) unless error.empty? + Progress.set(@progress_orig) + end + + # Write root password a new users during regular installation + def write_install + # write the root password + UsersSimple.Write + # write new users (if any) + Users.Write if setup_all_users + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/src/modules/Users.pm new/yast2-users-3.1.47/src/modules/Users.pm --- old/yast2-users-3.1.46/src/modules/Users.pm 2016-03-15 15:26:26.000000000 +0100 +++ new/yast2-users-3.1.47/src/modules/Users.pm 2016-04-12 14:01:29.000000000 +0200 @@ -6132,8 +6132,7 @@ # remove cache entries (#50265) UsersCache->ResetCache (); - # Avoid to read local users during 1st stage (bnc#965852) - my $error_msg = (Mode->test() || Stage->initial()) ? "" : $self->ReadLocal (); + my $error_msg = Mode->test() ? "" : $self->ReadLocal (); if ($error_msg) { return 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/Makefile.am new/yast2-users-3.1.47/test/Makefile.am --- old/yast2-users-3.1.46/test/Makefile.am 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/Makefile.am 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,8 @@ +# Tests for users +TESTS = \ + users_finish_test.rb + +TEST_EXTENSIONS = .rb +RB_LOG_COMPILER = rspec +VERBOSE = 1 +EXTRA_DIST = $(TESTS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/default/useradd new/yast2-users-3.1.47/test/fixtures/root/etc/default/useradd --- old/yast2-users-3.1.46/test/fixtures/root/etc/default/useradd 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/default/useradd 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,8 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=yes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/group new/yast2-users-3.1.47/test/fixtures/root/etc/group --- old/yast2-users-3.1.46/test/fixtures/root/etc/group 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/group 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,37 @@ +root:x:0: +bin:x:1:daemon +daemon:x:2: +sys:x:3: +tty:x:5: +disk:x:6: +lp:x:7: +www:x:8: +kmem:x:9: +wheel:x:10: +mail:x:12: +news:x:13: +uucp:x:14: +shadow:x:15: +dialout:x:16: +audio:x:17: +floppy:x:19: +cdrom:x:20: +console:x:21: +utmp:x:22: +public:x:32: +video:x:33: +games:x:40: +xok:x:41: +trusted:x:42: +modem:x:43: +ftp:x:49: +lock:x:54: +man:x:62: +users:x:100: +nobody:x:65533: +nogroup:x:65534:nobody +messagebus:x:499: +sshd:x:498: +tape:x:497: +polkitd:x:496: +nscd:x:495: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/login.defs new/yast2-users-3.1.47/test/fixtures/root/etc/login.defs --- old/yast2-users-3.1.46/test/fixtures/root/etc/login.defs 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/login.defs 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,287 @@ +# +# /etc/login.defs - Configuration control definitions for the shadow package. +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# Note: When PAM is used, some modules may enfore a minimal delay (e.g. +# pam_unix enforces a 2s delay) +# +FAIL_DELAY 3 + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, ":" delimited list of "message of the day" files to +# be displayed upon login. +# +MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd:/usr/lib/news/news-motd + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +#HUSHLOGIN_FILE .hushlogin +HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin + +# +# The default PATH settings for root (used by login): +# +ENV_ROOTPATH /sbin:/bin:/usr/sbin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0620 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 + +# Default initial "umask" value used by login on non-PAM enabled systems. +# Default "umask" value for pam_umask on PAM enabled systems. +# UMASK is also used by useradd and newusers to set the mode of new home +# directories. +# 022 is the default value, but 027, or even 077, could be considered +# better for privacy. There is no One True Answer here: each sysadmin +# must make up her mind. +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 365 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +# SYS_UID_MIN to SYS_UID_MAX inclusive is the range for +# UIDs for dynamically allocated administrative and system accounts. +# UID_MIN to UID_MAX inclusive is the range of UIDs of dynamically +# allocated user accounts. +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 100 +SYS_UID_MAX 499 + +# +# Min/max values for automatic gid selection in groupadd +# +# SYS_GID_MIN to SYS_GID_MAX inclusive is the range for +# GIDs for dynamically allocated administrative and system groups. +# GID_MIN to GID_MAX inclusive is the range of GIDs of dynamically +# allocated groups. +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 100 +SYS_GID_MAX 499 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 3 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: If you use PAM, it is recommended to use a value consistent with +# the PAM modules configuration. +# +ENCRYPT_METHOD SHA512 +ENCRYPT_METHOD_NIS DES + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +# See USERDEL_PRECMD/POSTCMD below. +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB no + +# +# If set to a non-nul number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permit to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 + +# +# If useradd should create home directories for users by default (non +# system users only) +# This option is overridden with the -M or -m flags on the useradd command +# line. +# +CREATE_HOME no + +# +# User/group names must match the following regex expression. +# The default is [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\?, +# but be aware that the result could depend on the locale settings. +# +#CHARACTER_CLASS [A-Za-z_][A-Za-z0-9_.-]*[A-Za-z0-9_.$-]\? +CHARACTER_CLASS [ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz_][ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.-]*[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_.$-]\? + +# +# If defined, this command is run when adding a group. +# It should rebuild any NIS database etc. to add the +# new created group. +# +GROUPADD_CMD /usr/sbin/groupadd.local + +# +# If defined, this command is run when adding a user. +# It should rebuild any NIS database etc. to add the +# new created account. +# +USERADD_CMD /usr/sbin/useradd.local + +# +# If defined, this command is run before removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed. +# +USERDEL_PRECMD /usr/sbin/userdel-pre.local + +# +# If defined, this command is run after removing a user. +# It should rebuild any NIS database etc. to remove the +# account from it. +# +USERDEL_POSTCMD /usr/sbin/userdel-post.local + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/passwd new/yast2-users-3.1.47/test/fixtures/root/etc/passwd --- old/yast2-users-3.1.46/test/fixtures/root/etc/passwd 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/passwd 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,18 @@ +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin:/bin/bash +daemon:x:2:2:Daemon:/sbin:/bin/bash +lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash +mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false +news:x:9:13:News system:/etc/news:/bin/bash +uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash +games:x:12:100:Games account:/var/games:/bin/bash +man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash +wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false +ftp:x:40:49:FTP account:/srv/ftp:/bin/bash +nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash +messagebus:x:499:499:User for D-Bus:/var/run/dbus:/bin/false +sshd:x:498:498:SSH daemon:/var/lib/sshd:/bin/false +polkitd:x:497:496:User for polkitd:/var/lib/polkit:/sbin/nologin +nscd:x:496:495:User for nscd:/run/nscd:/sbin/nologin +rpc:x:495:65534:user for rpcbind:/var/lib/empty:/sbin/nologin +openslp:x:494:2:openslp daemon:/var/lib/empty:/sbin/nologin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/shadow new/yast2-users-3.1.47/test/fixtures/root/etc/shadow --- old/yast2-users-3.1.46/test/fixtures/root/etc/shadow 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/shadow 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,18 @@ +root:$6$pLaWhcXR$gn1LrOlTEV9B.SBn.iITpknL6eg/n63am7rzp2fMsB8ap5cUWl3ZcnT7o5mTcrG85bz/NhaC1D/izwkJeL5gI.:16899:::::: +bin:*:16765:::::: +daemon:*:16765:::::: +lp:*:16765:::::: +mail:*:16765:::::: +news:*:16765:::::: +uucp:*:16765:::::: +games:*:16765:::::: +man:*:16765:::::: +wwwrun:*:16765:::::: +ftp:*:16765:::::: +nobody:*:16765:::::: +messagebus:!:16765:::::: +sshd:!:16765:::::: +polkitd:!:16765:::::: +nscd:!:16765:::::: +rpc:!:16765:::::: +openslp:!:16765:::::: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/root/etc/shells new/yast2-users-3.1.47/test/fixtures/root/etc/shells --- old/yast2-users-3.1.46/test/fixtures/root/etc/shells 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/root/etc/shells 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,23 @@ +/bin/ash +/bin/bash +/bin/csh +/bin/dash +/bin/false +/bin/ksh +/bin/ksh93 +/bin/mksh +/bin/pdksh +/bin/sh +/bin/tcsh +/bin/true +/bin/zsh +/usr/bin/csh +/usr/bin/dash +/usr/bin/ksh +/usr/bin/ksh93 +/usr/bin/mksh +/usr/bin/passwd +/usr/bin/pdksh +/usr/bin/bash +/usr/bin/tcsh +/usr/bin/zsh diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/fixtures/users.yml new/yast2-users-3.1.47/test/fixtures/users.yml --- old/yast2-users-3.1.46/test/fixtures/users.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/fixtures/users.yml 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,12 @@ +users: + - username: root + user_password: yast.password + fullname: Superuser + encrypted: true + - username: yast + user_password: suse + fullname: YaST team user + gid: 100 + uid: 1000 + shell: /usr/bin/zsh + encrypted: true \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/spec_helper.rb new/yast2-users-3.1.47/test/spec_helper.rb --- old/yast2-users-3.1.46/test/spec_helper.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/spec_helper.rb 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,40 @@ +ENV["Y2DIR"] = File.expand_path("../../src", __FILE__) + +require "yast" +require "pathname" +require "yast/rspec" + +if ENV["COVERAGE"] + require "simplecov" + + # use coveralls for on-line code coverage reporting at Travis CI + if ENV["TRAVIS"] + require "coveralls" + + SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ + SimpleCov::Formatter::HTMLFormatter, + Coveralls::SimpleCov::Formatter + ] + end + + SimpleCov.start do + add_filter "/test/" + end +end + +# configure RSpec +RSpec.configure do |config| + config.mock_with :rspec do |c| + # https://relishapp.com/rspec/rspec-mocks/v/3-0/docs/verifying-doubles/partia… + c.verify_partial_doubles = true + end +end + +libdir = File.expand_path("../../src/lib", __FILE__) +$LOAD_PATH.unshift(libdir) + +# force loading all files to report proper code coverage +# Dir.chdir(libdir) { Dir["**/*.rb"].each { |f| require f } } + +TESTS_PATH = Pathname.new(File.dirname(__FILE__)) +FIXTURES_PATH = TESTS_PATH.join("fixtures") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-users-3.1.46/test/users_finish_test.rb new/yast2-users-3.1.47/test/users_finish_test.rb --- old/yast2-users-3.1.46/test/users_finish_test.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/yast2-users-3.1.47/test/users_finish_test.rb 2016-04-12 14:01:29.000000000 +0200 @@ -0,0 +1,103 @@ +#!/usr/bin/env rspec + +require_relative "spec_helper" +require "fileutils" +require "yaml" +require "users/clients/users_finish" + +describe Yast::UsersFinishClient do + Yast.import "WFM" + Yast.import "UsersPasswd" + + describe "#run" do + before do + allow(Yast::WFM).to receive(:Args).with(no_args).and_return(args) + allow(Yast::WFM).to receive(:Args) { |n| n.nil? ? args : args[n] } + end + + context "Info" do + let(:args) { ["Info"] } + + it "returns a hash describing the client" do + expect(subject.run).to be_kind_of(Hash) + end + end + + context "Write" do + let(:args) { ["Write"] } + let(:users) { YAML.load_file(FIXTURES_PATH.join("users.yml")) } + + before { allow(Yast::Mode).to receive(:autoinst).and_return(autoinst) } + + around do |example| + change_scr_root(FIXTURES_PATH.join("root")) { example.run } + FileUtils.rm_rf(FIXTURES_PATH.join("root", "var")) + end + + context "in autoinst mode" do + let(:autoinst) { true } + + before do + # Writing users involves executing commands (cp, chmod, etc.) and those + # calls can't be mocked (Perl code). + allow(Yast::Users).to receive(:Write).and_return("") + Yast::Users.Import(users) + end + + it "add users specified in the profile" do + subject.run + + yast_user = Yast::Users.GetUsers("uid", "local").fetch("yast") + expect(yast_user).to_not be_nil + end + + it "updates root account" do + subject.run + + root_user = Yast::Users.GetUsers("uid", "system").fetch("root") + expect(root_user["userPassword"]).to_not be_empty + end + + it "preserves system accounts passwords" do + subject.run + + shadow = Yast::UsersPasswd.GetShadow("system") + passwords = shadow.values.map { |u| u["userPassword"] } + expect(passwords).to all(satisfy { |v| !v.empty? }) + end + end + + context "not in autoinst mode" do + let(:autoinst) { false } + + before do + allow(subject).to receive(:setup_all_users).and_return(user_added) + end + + context "when a new user is added" do + let(:user_added) { true } + + it "write root password and users" do + # write root password + expect(Yast::UsersSimple).to receive(:Write) + # write users + expect(Yast::Users).to receive(:Write) + subject.run + end + end + + context "when no new user is added" do + let(:user_added) { false } + + it "write root password" do + # write root password + expect(Yast::UsersSimple).to receive(:Write) + # do not write users + expect(Yast::Users).to_not receive(:Write) + subject.run + end + end + end + end + end +end

1 0

commit yast2-auth-server for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package yast2-auth-server for openSUSE:Factory checked in at 2016-04-16 22:07:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/yast2-auth-server (Old) and /work/SRC/openSUSE:Factory/.yast2-auth-server.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "yast2-auth-server" Changes: -------- --- /work/SRC/openSUSE:Factory/yast2-auth-server/yast2-auth-server.changes 2015-07-28 11:42:00.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.yast2-auth-server.new/yast2-auth-server.changes 2016-04-16 22:07:20.000000000 +0200 @@ -1,0 +2,8 @@ +Fri Apr 8 12:12:45 UTC 2016 - hguo(a)suse.com + +- The recent OpenLDAP upgrade in Tumbleweed no longer loads DB + drivers and essential modules by default, hence adapting to that + by explicitly loading them. Bump version to 3.1.16. + Address bsc#959760 bsc#964924. + +------------------------------------------------------------------- Old: ---- yast2-auth-server-3.1.15.tar.bz2 New: ---- yast2-auth-server-3.1.16.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-auth-server.spec ++++++ --- /var/tmp/diff_new_pack.w1wwyF/_old 2016-04-16 22:07:21.000000000 +0200 +++ /var/tmp/diff_new_pack.w1wwyF/_new 2016-04-16 22:07:21.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package yast2-auth-server # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: yast2-auth-server -Version: 3.1.15 +Version: 3.1.16 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ yast2-auth-server-3.1.15.tar.bz2 -> yast2-auth-server-3.1.16.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/agent/SlapdConfigAgent.cc new/yast2-auth-server-3.1.16/agent/SlapdConfigAgent.cc --- old/yast2-auth-server-3.1.15/agent/SlapdConfigAgent.cc 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/agent/SlapdConfigAgent.cc 2016-04-12 09:53:24.000000000 +0200 @@ -1,4 +1,6 @@ #include "SlapdConfigAgent.h" +#include <sys/types.h> +#include <sys/stat.h> #include <LDAPConnection.h> #include <LDAPException.h> #include <LdifReader.h> @@ -75,6 +77,46 @@ } } +// If system is tumbleweed, return /usr/lib(64)/openldap. Otherwise return empty string. +const std::string SlapdConfigAgent::getOlcModuleLoadPath() +{ + /* + * In late January 2016, OpenLDAP on Tumbleweed was updated to exclude + * DB and syncprov overlay drivers from the main executable. They will have + * to be dynamically loaded from modules' directory. + * This function helps to determine location of the directory, depending + * on /etc/os-release. + * SLES and Leap are not affected. + */ + ifstream osRelease("/etc/os-release"); + if (!osRelease.is_open()) + { + y2error("Failed to open /etc/os-release"); + throw std::runtime_error("Failed to open /etc/os-release"); + } + bool isTumbleweed; + string osrLine; + while (getline(osRelease, osrLine)) + { + if (osrLine.find("Tumbleweed") != std::string::npos) + { + isTumbleweed = true; + break; + } + } + osRelease.close(); + if (!isTumbleweed) + { + return ""; + } + struct stat testExistence; + if (stat("/usr/lib64/openldap", &testExistence) == 0) + { + return "/usr/lib64/openldap"; + } + return "/usr/lib/openldap"; +} + YCPValue SlapdConfigAgent::Read( const YCPPath &path, const YCPValue &arg, const YCPValue &opt) @@ -372,6 +414,17 @@ olc.updateEntry(**j); } deleteableSchema.clear(); + // If module should be loaded for database drivers, make sure that the module list covers all databases. + std::string moduleLoadPath = getOlcModuleLoadPath(); + if (moduleLoadPath != "") + { + OlcModuleListEntry moduleListEntry = olc.getModuleListEntry(); + moduleListEntry.setLoadPath(moduleLoadPath); + moduleListEntry.addEssentialModules(); + y2milestone("olcModuleList: %s", moduleListEntry.toLdif().c_str()); + olc.updateEntry(moduleListEntry); + } + // Continue adding new databases and modifying existing databases OlcDatabaseList::iterator i; for ( i = databases.begin(); i != databases.end() ; i++ ) { @@ -422,11 +475,38 @@ attrs.add("contextCSN"); LDAPSearchResults *sr = m_lc->search( "cn=config", LDAPConnection::SEARCH_SUB, "objectclass=*", attrs ); + std::vector<LDAPEntry> searchResult; + while (LDAPEntry *e = sr->getNext()) + { + searchResult.push_back(LDAPEntry(*e)); + } + OlcModuleListEntry moduleListEntry; + std::string moduleLoadPath = getOlcModuleLoadPath(); + if (moduleLoadPath != "") + { + // Modify olcModuleLoadPath to load DB drivers and syncprov.so + for (std::vector<LDAPEntry>::iterator it = searchResult.begin(); it < searchResult.end(); it++) + { + if ((*it).getDN() == OlcModuleListEntry::DN) + { + moduleListEntry = OlcModuleListEntry(*it); + it = searchResult.erase(it); + } + } + moduleListEntry.addEssentialModules(); + moduleListEntry.setLoadPath(moduleLoadPath); + } + // Convert LDAP entries into one LDIF string std::ostringstream ldifStream; - LdifWriter ldif(ldifStream); - while ( LDAPEntry *e = sr->getNext() ) + LdifWriter entryToLdif(ldifStream); + for (std::vector<LDAPEntry>::iterator it = searchResult.begin(); it < searchResult.end(); it++) { - ldif.writeRecord( *e ); + // Place OlcModuleList above config database, per OpenLDAP convention. + if (moduleLoadPath != "" && (*it).getDN() == "olcDatabase={0}config,cn=config") + { + ldifStream << std::endl << moduleListEntry.toLdif() << std::endl; + } + entryToLdif.writeRecord(*it); } return YCPString( ldifStream.str() ); } catch ( LDAPException e ) { @@ -2147,33 +2227,45 @@ YCPString SlapdConfigAgent::ConfigToLdif() const { y2milestone("ConfigToLdif"); - std::ostringstream ldif; + std::ostringstream allLdif, globalLdif, moduleLdif, dbLdif; if ( ! globals ) { throw std::runtime_error("Configuration not initialized. Can't create LDIF dump." ); } - ldif << globals->toLdif() << std::endl; + // Global LDIF consists of daemon/authorization settings and schema definitions + globalLdif << globals->toLdif() << std::endl; if ( schemaBase ) { - ldif << schemaBase->toLdif() << std::endl; + globalLdif << schemaBase->toLdif() << std::endl; OlcSchemaList::const_iterator j; for ( j = schema.begin(); j != schema.end() ; j++ ) { - ldif << (*j)->toLdif() << std::endl; + globalLdif << (*j)->toLdif() << std::endl; } } - OlcDatabaseList::const_iterator i = databases.begin(); + // Database LDIF consits of database type and index configuration + OlcDatabaseList::const_iterator i = databases.cbegin(); for ( ; i != databases.end(); i++ ) { - ldif << (*i)->toLdif() << std::endl; + dbLdif << (*i)->toLdif() << std::endl; OlcOverlayList overlays = (*i)->getOverlays(); OlcOverlayList::iterator k; for ( k = overlays.begin(); k != overlays.end(); k++ ) { - ldif << (*k)->toLdif() << std::endl; + dbLdif << (*k)->toLdif() << std::endl; } } - return YCPString(ldif.str()); + // Module LDIF loads database drivers in case they are not built into slapd executable + std::string moduleLoadPath = getOlcModuleLoadPath(); + if (moduleLoadPath != "") + { + OlcModuleListEntry moduleEntry; + moduleEntry.setLoadPath(moduleLoadPath); + moduleEntry.addEssentialModules(); + moduleLdif << moduleEntry.toLdif(); + } + allLdif << globalLdif.str() << std::endl << moduleLdif.str() << std::endl << dbLdif.str() << std::endl; + return YCPString(allLdif.str()); } static void initLdapParameters( const YCPValue &arg, std::string &targetUrl, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/agent/SlapdConfigAgent.h new/yast2-auth-server-3.1.16/agent/SlapdConfigAgent.h --- old/yast2-auth-server-3.1.15/agent/SlapdConfigAgent.h 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/agent/SlapdConfigAgent.h 2016-04-12 09:53:24.000000000 +0200 @@ -89,6 +89,7 @@ std::list<std::string> deleteableSchema; boost::shared_ptr<OlcGlobalConfig> globals; boost::shared_ptr<OlcSchemaConfig> schemaBase; + static const std::string getOlcModuleLoadPath(); }; #endif /* _SlapdConfigAgent_h */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/lib/slapd-config.cpp new/yast2-auth-server-3.1.16/lib/slapd-config.cpp --- old/yast2-auth-server-3.1.15/lib/slapd-config.cpp 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/lib/slapd-config.cpp 2016-04-12 09:53:24.000000000 +0200 @@ -140,6 +140,23 @@ } } +// Return the LDAP entry with index number stripped. +std::string OlcConfigEntry::stripIndexFromLdapValue(const std::string& ldapValue) +{ + size_t closingBracket = ldapValue.find_last_of('}'); + if (closingBracket == std::string::npos) + { + // The value does not contain index, return as-is. + return ldapValue; + } + else + { + // The value looks like {1234}mydb + // Strip index number from value + return ldapValue.substr(closingBracket + 1); + } +} + void OlcConfigEntry::setIndex( int index, bool origEntry ) { this->entryIndex = index; @@ -1651,6 +1668,15 @@ return false; } +/* + * Return the type (frontent, config, hdb, bdb, mdb) of this database. + */ +std::string OlcDatabase::getDatabaseType() +{ + std::string attr = getStringValue("olcDatabase"); + return stripIndexFromLdapValue(attr); +} + OlcDatabase* OlcDatabase::createFromLdapEntry( const LDAPEntry& e) { if ( OlcDatabase::isBdbDatabase( e ) ) @@ -2429,6 +2455,22 @@ return res; } +OlcModuleListEntry OlcConfig::getModuleListEntry() +{ + if ( ! m_lc ) + { + throw std::runtime_error("LDAP Connection not initialized"); + } + try { + LDAPSearchResults *sr = m_lc->search("cn=config", LDAPConnection::SEARCH_ONE, "objectclass=" + OlcModuleListEntry::OBJECT_CLASS); + LDAPEntry *moduleList = sr->getNext(); + return moduleList ? OlcModuleListEntry(*moduleList) : OlcModuleListEntry(); + } catch (LDAPException e) { + log_it(SLAPD_LOG_INFO, e.getResultMsg() + " " + e.getServerMsg() ); + throw; + } +} + OlcSchemaList OlcConfig::getSchemaNames() { OlcSchemaList res; @@ -2468,3 +2510,44 @@ SlapdConfigLogCallback *OlcConfig::logCallback = defaultLogCallback; +const std::string OlcModuleListEntry::DN = "cn=module{0},cn=config"; +const std::string OlcModuleListEntry::CN = "module{0}"; +const std::string OlcModuleListEntry::OBJECT_CLASS = "olcModuleList"; + +OlcModuleListEntry::OlcModuleListEntry() +{ + // olcModuleLoad entry has predefined CN + m_dbEntryChanged.setDN(DN); + m_dbEntryChanged.addAttribute(LDAPAttribute("objectClass", OBJECT_CLASS)); + m_dbEntryChanged.addAttribute(LDAPAttribute("cn", CN)); +} + +// Set the search path for modules. +void OlcModuleListEntry::setLoadPath(const std::string& absPath) +{ + setStringValue("olcModulePath", absPath); +} + +// Add an olcModuleLoad entry. Will not repeat an entry if it already exists. +void OlcModuleListEntry::addLoadModule(const std::string& moduleFileName) +{ + // Avoid adding a module if the file name is already present + StringList alreadyLoaded = getStringValues("olcModuleLoad"); + for (StringList::const_iterator fileName = alreadyLoaded.begin(); fileName != alreadyLoaded.end(); fileName++) + { + if (stripIndexFromLdapValue(*fileName) == moduleFileName) + { + return; + } + } + addStringValue("olcModuleLoad", moduleFileName); +} + +// Add hdb, mdb, bdb, and synproc into module list (for Tumbleweed since January 2016). +void OlcModuleListEntry::addEssentialModules() +{ + addLoadModule("back_bdb.so"); + addLoadModule("back_mdb.so"); + addLoadModule("back_hdb.so"); + addLoadModule("syncprov.so"); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/lib/slapd-config.h new/yast2-auth-server-3.1.16/lib/slapd-config.h --- old/yast2-auth-server-3.1.15/lib/slapd-config.h 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/lib/slapd-config.h 2016-04-12 09:53:24.000000000 +0200 @@ -38,6 +38,7 @@ static bool isScheamEntry( const LDAPEntry& le); static bool isOverlayEntry( const LDAPEntry& le); static bool isGlobalEntry( const LDAPEntry& le); + static std::string stripIndexFromLdapValue(const std::string& ldapValue); inline OlcConfigEntry() : m_dbEntry(), m_dbEntryChanged() {} inline OlcConfigEntry(const LDAPEntry& le) : m_dbEntry(le), m_dbEntryChanged(le) {} @@ -96,6 +97,18 @@ static const std::list<std::string> orderedAttrs; }; +// OpenLDAP's mechanism to implement dynamic module loading, useful for loading LDAP database drivers. +class OlcModuleListEntry: public OlcConfigEntry +{ +public: + static const std::string DN, CN, OBJECT_CLASS; + OlcModuleListEntry(); + OlcModuleListEntry(const LDAPEntry& le): OlcConfigEntry(le) {}; + void setLoadPath(const std::string& absPath); + void addEssentialModules(); + void addLoadModule(const std::string& moduleFileName); +}; + enum IndexType { Default, Present, @@ -398,6 +411,7 @@ void addOverlay(boost::shared_ptr<OlcOverlay> overlay); OlcOverlayList& getOverlays() ; + std::string getDatabaseType(); protected: virtual void resetMemberAttrs(); @@ -526,6 +540,7 @@ boost::shared_ptr<OlcGlobalConfig> getGlobals(); OlcDatabaseList getDatabases(); OlcSchemaList getSchemaNames(); + OlcModuleListEntry getModuleListEntry(); void setGlobals( OlcGlobalConfig &olcg); void updateEntry( OlcConfigEntry &oce ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/package/yast2-auth-server.changes new/yast2-auth-server-3.1.16/package/yast2-auth-server.changes --- old/yast2-auth-server-3.1.15/package/yast2-auth-server.changes 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/package/yast2-auth-server.changes 2016-04-12 09:53:24.000000000 +0200 @@ -1,4 +1,12 @@ ------------------------------------------------------------------- +Fri Apr 8 12:12:45 UTC 2016 - hguo(a)suse.com + +- The recent OpenLDAP upgrade in Tumbleweed no longer loads DB + drivers and essential modules by default, hence adapting to that + by explicitly loading them. Bump version to 3.1.16. + Address bsc#959760 bsc#964924. + +------------------------------------------------------------------- Tue Jun 30 05:46:47 UTC 2015 - mfilka(a)suse.com - bnc#923990 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/package/yast2-auth-server.spec new/yast2-auth-server-3.1.16/package/yast2-auth-server.spec --- old/yast2-auth-server-3.1.15/package/yast2-auth-server.spec 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/package/yast2-auth-server.spec 2016-04-12 09:53:24.000000000 +0200 @@ -17,7 +17,7 @@ Name: yast2-auth-server -Version: 3.1.15 +Version: 3.1.16 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/src/modules/AuthServer.pm new/yast2-auth-server-3.1.16/src/modules/AuthServer.pm --- old/yast2-auth-server-3.1.15/src/modules/AuthServer.pm 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/src/modules/AuthServer.pm 2016-04-12 09:53:24.000000000 +0200 @@ -1909,7 +1909,7 @@ Progress->set($progress_orig); Progress->NextStage(); - if( ! SCR->Execute('.ldapserver.commitChanges' ) ) + if( ! SCR->Execute('.ldapserver.commitChanges') ) { my $err = SCR->Error(".ldapserver"); y2error($err->{'summary'}." ".$err->{'description'}); @@ -2089,7 +2089,7 @@ $defaultIndexes = $defIdxBak; $defaultDbAcls = $defAclBak; - my $ldif = SCR->Read('.ldapserver.configAsLdif' ); + my $ldif = SCR->Read('.ldapserver.configAsLdif'); y2debug($ldif); return 1; } @@ -3863,7 +3863,7 @@ SCR->Write(".ldapserver.database.{".$i."}.mirrormode", YaST::YCP::Boolean(0) ); } } - SCR->Execute(".ldapserver.commitChanges" ); + SCR->Execute(".ldapserver.commitChanges"); return YaST::YCP::Boolean(1); } @@ -4707,8 +4707,8 @@ } } y2milestone("Updating remote configuration"); - SCR->Execute(".ldapserver.commitChanges" ); - $masterldif = SCR->Execute(".ldapserver.dumpConfDb" ); + SCR->Execute(".ldapserver.commitChanges"); + $masterldif = SCR->Execute(".ldapserver.dumpConfDb"); SCR->Execute(".ldapserver.reset" ); $globals_initialized = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/src/modules/LdapDatabase.rb new/yast2-auth-server-3.1.16/src/modules/LdapDatabase.rb --- old/yast2-auth-server-3.1.15/src/modules/LdapDatabase.rb 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/src/modules/LdapDatabase.rb 2016-04-12 09:53:24.000000000 +0200 @@ -615,12 +615,6 @@ if Ops.greater_than(Builtins.size(ppolicy), 0) ppolicyEntry = Ops.get_map(ppolicy, "ppolicy", {}) elsif Ops.greater_than(dbindex, 0) # try to read the ppolicy from the server - Ldap.Import( - { - "ldap_server" => "localhost", - "bind_dn" => Ops.get_string(db, "rootdn", "") - } - ) Ldap.LDAPInit pw = "" authinfo = AuthServer.ReadAuthInfo(Ops.get_string(db, "suffix", "")) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/yast2-auth-server-3.1.15/tools/ldap-server-ssl-check.cpp new/yast2-auth-server-3.1.16/tools/ldap-server-ssl-check.cpp --- old/yast2-auth-server-3.1.15/tools/ldap-server-ssl-check.cpp 2015-07-24 11:06:22.000000000 +0200 +++ new/yast2-auth-server-3.1.16/tools/ldap-server-ssl-check.cpp 2016-04-12 09:53:24.000000000 +0200 @@ -2,23 +2,31 @@ #include <stdlib.h> int main(int argc, char** argv) { - if ( argc != 3 ) - { - std::cerr << "usage: " << argv[0] << " <ldap-uri> <path-to-ca-cert>" << std::endl; - exit(-1); - } - std::string uri(argv[1]); - setenv("LDAPTLS_REQCERT", "hard", 1); - setenv("LDAPTLS_CACERT", argv[2], 1); - try - { - LDAPConnection lc( uri ); - lc.start_tls(); - } - catch ( LDAPException e ) - { - std::cerr << e << std::endl; - exit(-1); - } - exit(0); + if ( argc != 3 ) + { + std::cerr << "usage: " << argv[0] << " <ldap-uri> <path-to-ca-cert>" << std::endl; + exit(-1); + } + std::string uri(argv[1]); + setenv("LDAPTLS_REQCERT", "hard", 1); + setenv("LDAPTLS_CACERT", argv[2], 1); + try + { + LDAPConnection lc( uri ); + try { + lc.bind(); + exit(0); + } catch (LDAPException e) { + if (e.getResultCode() == 49) { + exit(0); + } + } + lc.start_tls(); + } + catch ( LDAPException e ) + { + std::cerr << e << std::endl; + exit(-1); + } + exit(0); }

1 0

commit python3-setuptools for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package python3-setuptools for openSUSE:Factory checked in at 2016-04-16 22:07:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python3-setuptools (Old) and /work/SRC/openSUSE:Factory/.python3-setuptools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "python3-setuptools" Changes: -------- --- /work/SRC/openSUSE:Factory/python3-setuptools/python3-setuptools.changes 2016-04-07 13:34:58.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python3-setuptools.new/python3-setuptools.changes 2016-04-16 22:07:13.000000000 +0200 @@ -1,0 +2,20 @@ +Tue Apr 12 04:34:27 UTC 2016 - arun(a)gmx.de + +- specfile: + * README.txt -> README.rst + * no more CHANGES.txt in tar-ball (removed from %doc) + +- update to version 20.7.0: + * Refactored extra enviroment marker processing in WorkingSet. + * Issue #533: Fixed intermittent test failures. + * Issue #536: In msvc9_support, trap additional exceptions that + might occur when importing distutils.msvc9compiler in mingw + environments. + * Issue #537: Provide better context when package metadata fails to + decode in UTF-8. + +- changes from version 20.6.8: + * Issue #523: Restored support for environment markers, now honoring + 'extra' environment markers. + +------------------------------------------------------------------- Old: ---- setuptools-20.6.7.tar.gz New: ---- setuptools-20.7.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python3-setuptools.spec ++++++ --- /var/tmp/diff_new_pack.KqoPvn/_old 2016-04-16 22:07:14.000000000 +0200 +++ /var/tmp/diff_new_pack.KqoPvn/_new 2016-04-16 22:07:14.000000000 +0200 @@ -17,7 +17,7 @@ Name: python3-setuptools -Version: 20.6.7 +Version: 20.7.0 Release: 0 Url: http://pypi.python.org/pypi/setuptools Summary: Easily download, build, install, upgrade, and uninstall Python packages @@ -73,7 +73,7 @@ %files %defattr(-,root,root,-) -%doc CHANGES.txt README.txt +%doc README.rst %{_bindir}/easy_install %{_bindir}/easy_install-%{py3_ver} %ghost %{_sysconfdir}/alternatives/easy_install ++++++ setuptools-20.6.7.tar.gz -> setuptools-20.7.0.tar.gz ++++++ ++++ 3326 lines of diff (skipped)

1 0

commit libinput for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package libinput for openSUSE:Factory checked in at 2016-04-16 22:07:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libinput (Old) and /work/SRC/openSUSE:Factory/.libinput.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libinput" Changes: -------- --- /work/SRC/openSUSE:Factory/libinput/libinput.changes 2016-04-11 09:14:25.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libinput.new/libinput.changes 2016-04-16 22:07:06.000000000 +0200 @@ -1,0 +2,18 @@ +Mon Apr 11 22:10:09 UTC 2016 - zaitor(a)opensuse.org + +- Update to version 1.2.3: + * The handling of the T450 jerky cursor motion had a bug, causing + libinput to complain about invalid states (fdo#94601). This is + fixed now. + * The top software buttons on the T440 generation touchpads had + their left-handed button mapping applied twice, effectively + cancelling it out (fdo#94733). Fixed now, the top buttons will + be mapped correctly in left-handed mode. + * The Wacom airbrush pen slider range now sends the correct + [-1, 1] normalized range. + * And finally, the config call to fetch the default profile + libinput_device_config_accel_get_default_profile() actually + returns the default profile now. +- Drop libinput-touchpad-fixes.patch: Fixed upstream. + +------------------------------------------------------------------- Old: ---- libinput-1.2.2.tar.xz libinput-1.2.2.tar.xz.sig libinput-touchpad-fixes.patch New: ---- libinput-1.2.3.tar.xz libinput-1.2.3.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libinput.spec ++++++ --- /var/tmp/diff_new_pack.KXwdyn/_old 2016-04-16 22:07:08.000000000 +0200 +++ /var/tmp/diff_new_pack.KXwdyn/_new 2016-04-16 22:07:08.000000000 +0200 @@ -18,8 +18,8 @@ Name: libinput %define lname libinput10 -%define rversion 1.2.2 -Version: 1.2.2 +%define rversion 1.2.3 +Version: 1.2.3 Release: 0 Summary: Input device and event processing library License: MIT @@ -33,8 +33,6 @@ Source2: http://freedesktop.org/software/libinput/%name-%rversion.tar.xz.sig Source3: baselibs.conf Source4: %name.keyring -# PATCH-FIX-UPSTREAM libinput-touchpad-fixes.patch fdo#94733 zaitor(a)opensuse.org -- Add 2 upstream touchpad fixes. -Patch: libinput-touchpad-fixes.patch #git#BuildRequires: autoconf >= 2.64 #git#BuildRequires: automake >= 1.11 #git#BuildRequires: libtool >= 2.2 @@ -102,7 +100,6 @@ %prep %setup -qn %name-%rversion -%patch -p1 %build if [ ! -e configure ]; then ++++++ libinput-1.2.2.tar.xz -> libinput-1.2.3.tar.xz ++++++ ++++ 4331 lines of diff (skipped)

1 0

commit gnutls for openSUSE:Factory
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2016-04-16 22:06:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gnutls" Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2016-02-24 14:25:16.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2016-04-16 22:07:01.000000000 +0200 @@ -1,0 +2,42 @@ +Mon Apr 11 09:18:26 UTC 2016 - meissner(a)suse.com + +- Updated to 3.4.11 + * Version 3.4.11 (released 2016-04-11) + ** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. + Reported by Fridolin Pokorny. + ** libgnutls: Fixes in DSA key generation under PKCS #11. Report and + patches by Jan Vcelak. + ** libgnutls: Corrected behavior of ALPN extension parsing during + session resumption. Report and patches by Yuriy M. Kaminskiy. + ** libgnutls: Corrected regression (since 3.4.0) in + gnutls_server_name_set() which caused it not to accept non-null- + terminated hostnames. Reported by Tim Ruehsen. + ** libgnutls: Corrected printing of the IP Adress name constraints. + ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers + serving chunk encoding which ocsptool doesn't support. Reported by + Thomas Klute. + ** certtool: do not require a CA for OCSP signing tag. This follows the + recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate + OCSP signing to another certificate without requiring it to be a CA. + Reported by Thomas Klute. + + * Version 3.4.10 (released 2016-03-03) + ** libgnutls: Eliminated issues preventing buffers more than 2^32 bytes + to be used with hashing functions. + ** libgnutls: Corrected leaks and other issues in + gnutls_x509_crt_list_import(). + ** libgnutls: Fixes in DSA key handling for PKCS #11. Report and + patches by Jan Vcelak. + ** libgnutls: Several fixes to prevent relying on undefined behavior + of C (found with libubsan). + + * Version 3.4.9 (released 2016-02-03) + ** libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would + negotiate the last commonly supported protocol, rather than the + first. Reported by Remi Denis-Courmont (#63). + ** libgnutls: Tolerate empty DN fields in informational output + functions. + ** libgnutls: Corrected regression causes by incorrect fix in + gnutls_x509_ext_export_key_usage() at 3.4.8 release. + +------------------------------------------------------------------- Old: ---- gnutls-3.4.8.tar.xz gnutls-3.4.8.tar.xz.sig New: ---- gnutls-3.4.11.tar.xz gnutls-3.4.11.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.i6hEPA/_old 2016-04-16 22:07:02.000000000 +0200 +++ /var/tmp/diff_new_pack.i6hEPA/_new 2016-04-16 22:07:02.000000000 +0200 @@ -29,7 +29,7 @@ %bcond_with tpm Name: gnutls -Version: 3.4.8 +Version: 3.4.11 Release: 0 Summary: The GNU Transport Layer Security Library License: LGPL-2.1+ and GPL-3.0+ ++++++ gnutls-3.4.8.tar.xz -> gnutls-3.4.11.tar.xz ++++++ /work/SRC/openSUSE:Factory/gnutls/gnutls-3.4.8.tar.xz /work/SRC/openSUSE:Factory/.gnutls.new/gnutls-3.4.11.tar.xz differ: char 27, line 1

1 0

commit chromium for openSUSE:13.1:Update
by root＠hilbert.suse.de 16 Apr '16

16 Apr '16

Hello community, here is the log from the commit of package chromium for openSUSE:13.1:Update checked in at 2016-04-16 10:03:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/chromium (Old) and /work/SRC/openSUSE:13.1:Update/.chromium.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "chromium" Changes: -------- New Changes file: NO CHANGES FILE!!! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _link ++++++ --- /var/tmp/diff_new_pack.zXLEok/_old 2016-04-16 10:03:54.000000000 +0200 +++ /var/tmp/diff_new_pack.zXLEok/_new 2016-04-16 10:03:54.000000000 +0200 @@ -1 +1 @@ -<link package='chromium.4616' cicount='copy' /> +<link package='chromium.4621' cicount='copy' />

1 0

commit R-base for openSUSE:Factory
by root＠hilbert.suse.de 15 Apr '16

15 Apr '16

Hello community, here is the log from the commit of package R-base for openSUSE:Factory checked in at 2016-04-15 19:12:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/R-base (Old) and /work/SRC/openSUSE:Factory/.R-base.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "R-base" Changes: -------- --- /work/SRC/openSUSE:Factory/R-base/R-base.changes 2016-03-29 09:56:24.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.R-base.new/R-base.changes 2016-04-15 19:12:21.000000000 +0200 @@ -1,0 +2,14 @@ +Fri Apr 15 08:40:10 UTC 2016 - detlef.steuer(a)gmx.de + +- CHANGES IN R 3.2.5: + + BUG FIXES: + + • format.POSIXlt() behaved incorrectly in R 3.2.4. E.g. the output + of format(as.POSIXlt(paste0(1940:2000,"-01-01"), tz = "CET"), + usetz = TRUE) ended in two "CEST" time formats. + + • A typo in the Makefile for src/extra/xz prevented builds of + liblzma.a. (Notice that this will become unbundled in 3.3.0.) + +------------------------------------------------------------------- Old: ---- R-3.2.4.1.tar.bz2 New: ---- R-3.2.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ R-base.spec ++++++ --- /var/tmp/diff_new_pack.W6ThcE/_old 2016-04-15 19:12:23.000000000 +0200 +++ /var/tmp/diff_new_pack.W6ThcE/_new 2016-04-15 19:12:23.000000000 +0200 @@ -19,7 +19,7 @@ %define release 1 Name: R-base -Version: 3.2.4.1 +Version: 3.2.5 Release: %release %define Rversion %{version} Source: R-%{version}.tar.bz2 ++++++ R-3.2.4.1.tar.bz2 -> R-3.2.5.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/R-base/R-3.2.4.1.tar.bz2 /work/SRC/openSUSE:Factory/.R-base.new/R-3.2.5.tar.bz2 differ: char 11, line 1

1 0

commit criu for openSUSE:Factory
by root＠hilbert.suse.de 15 Apr '16

15 Apr '16

Hello community, here is the log from the commit of package criu for openSUSE:Factory checked in at 2016-04-15 19:12:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/criu (Old) and /work/SRC/openSUSE:Factory/.criu.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "criu" Changes: -------- --- /work/SRC/openSUSE:Factory/criu/criu.changes 2016-03-16 10:34:47.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.criu.new/criu.changes 2016-04-15 19:12:17.000000000 +0200 @@ -1,0 +2,43 @@ +Tue Apr 12 16:35:06 CEST 2016 - tiwai(a)suse.de + +- Update to criu 2.1: + New features: + * Checking now classifies features to important/extra/experimental + * Ability to bring some disk files into images. + * C/R of Completed AIO requests and fallback gre and gretap net + devices + Optimizations/improvements: + * Code coverage collecting now works + * Use native rtnl library for netlink messages processing + * Using --output - now results in stdout as log, not a file with + the name "-" + * Signals are printed by names in logs + Fixes: + * Make tar generated tarbal with bad name + * CG restore code lacked rollback in some places + * Error code from raw syscalls was treated with errors resulting + in wrong criu check reports + * Dumping task with HUGE amount of file descriptors failed + * Task could be stopped after pre-dump if respective option was used + * A /proc/pid directory from dead process conflicting with a new + alive one could cause dump to fail + * Zombie from alien session/process group caused restore to fail + * CGroup fs was wrongly mounted in CGNS on restore + * Irmap scan was mis-checking devices numbers + * Use-after-free in irmap scan + * Btrfs bindmounts detection was mistaken due to 'subvol=' options + met + * Propagation of mountpoint's shared groups was lost for + propagated mounts + * Unaligned allocations of restore shared memory could result in + codedumps when used by futexes + * Temporary mountpoints could result in spurious propagations + * When aborting the dump criu could crash on use-after-free objects + * Locking the network could stuck doing the DNS resolve + * Several build fixes + Deprecated/removed + * The images from criu prior to 0.4 are deprecated + * The --namespaces option makes no sense and is also deprecated + * The --ms option for check action is deprecated + +------------------------------------------------------------------- Old: ---- criu-2.0.tar.bz2 New: ---- criu-2.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ criu.spec ++++++ --- /var/tmp/diff_new_pack.oSDJBe/_old 2016-04-15 19:12:18.000000000 +0200 +++ /var/tmp/diff_new_pack.oSDJBe/_new 2016-04-15 19:12:18.000000000 +0200 @@ -16,9 +16,9 @@ # -%define package_version 2.0 +%define package_version 2.1 Name: criu -Version: 2.0 +Version: 2.1 Release: 0 Summary: Checkpoint/Restore In Userspace Tools License: GPL-2.0 ++++++ criu-2.0.tar.bz2 -> criu-2.1.tar.bz2 ++++++ ++++ 7462 lines of diff (skipped)

1 0