Hello community, here is the log from the commit of package yast2-ldap-client checked in at Sat Aug 30 02:08:52 CEST 2008. -------- --- yast2-ldap-client/yast2-ldap-client.changes 2008-08-13 09:29:35.000000000 +0200 +++ yast2-ldap-client/yast2-ldap-client.changes 2008-08-29 13:03:42.531600000 +0200 @@ -1,0 +2,14 @@ +Fri Aug 29 12:58:03 CEST 2008 - jsuchome@suse.cz + +- added missing Read function to autoYaST client (bcn#421375) +- 2.17.5 + +------------------------------------------------------------------- +Fri Aug 29 11:20:24 CEST 2008 - jsuchome@suse.cz + +- pwdMustChange true by default (bnc#421327) +- fixed reading password policies (bnc#420010, bnc#419978) +- applied patch from mc@suse.de to work correctly with Kerberos +- 2.17.4 + +------------------------------------------------------------------- Old: ---- yast2-ldap-client-2.17.3.tar.bz2 New: ---- yast2-ldap-client-2.17.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ yast2-ldap-client.spec ++++++ --- /var/tmp/diff_new_pack.cuh872/_old 2008-08-30 02:05:38.000000000 +0200 +++ /var/tmp/diff_new_pack.cuh872/_new 2008-08-30 02:05:38.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package yast2-ldap-client (Version 2.17.3) +# spec file for package yast2-ldap-client (Version 2.17.5) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,12 +19,12 @@ Name: yast2-ldap-client -Version: 2.17.3 +Version: 2.17.5 Release: 1 License: GPL v2 or later Group: System/YaST BuildRoot: %{_tmppath}/%{name}-%{version}-build -Source0: yast2-ldap-client-2.17.3.tar.bz2 +Source0: yast2-ldap-client-2.17.5.tar.bz2 Prefix: /usr BuildRequires: doxygen perl-XML-Writer update-desktop-files yast2 yast2-devtools yast2-network yast2-pam yast2-testsuite PreReq: %fillup_prereq @@ -54,7 +54,7 @@ Jiri Suchomel <jsuchome@suse.cz> %prep -%setup -n yast2-ldap-client-2.17.3 +%setup -n yast2-ldap-client-2.17.5 %build %{prefix}/bin/y2tool y2autoconf @@ -94,6 +94,14 @@ %doc %{prefix}/share/doc/packages/yast2-ldap-client /var/adm/fillup-templates/sysconfig.ldap %changelog +* Fri Aug 29 2008 jsuchome@suse.cz +- added missing Read function to autoYaST client (bcn#421375) +- 2.17.5 +* Fri Aug 29 2008 jsuchome@suse.cz +- pwdMustChange true by default (bnc#421327) +- fixed reading password policies (bnc#420010, bnc#419978) +- applied patch from mc@suse.de to work correctly with Kerberos +- 2.17.4 * Wed Aug 13 2008 jsuchome@suse.cz - ask DNS for availability of LDAP server (fate#301340) - 2.17.3 ++++++ yast2-ldap-client-2.17.3.tar.bz2 -> yast2-ldap-client-2.17.5.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-ldap-client-2.17.3/src/ldap_auto.ycp new/yast2-ldap-client-2.17.5/src/ldap_auto.ycp --- old/yast2-ldap-client-2.17.3/src/ldap_auto.ycp 2006-07-26 14:58:48.000000000 +0200 +++ new/yast2-ldap-client-2.17.5/src/ldap_auto.ycp 2008-08-29 12:55:31.000000000 +0200 @@ -67,6 +67,9 @@ else if (func == "Export") { ret = Ldap::Export(); } +else if (func == "Read") { + ret = Ldap::Read (); +} /** * Return if configuration was changed * return boolean diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-ldap-client-2.17.3/src/LdapPopup.ycp new/yast2-ldap-client-2.17.5/src/LdapPopup.ycp --- old/yast2-ldap-client-2.17.3/src/LdapPopup.ycp 2008-07-21 15:40:07.000000000 +0200 +++ new/yast2-ldap-client-2.17.5/src/LdapPopup.ycp 2008-08-29 11:37:49.000000000 +0200 @@ -4,7 +4,7 @@ * Summary: Additional user interface functions: special edit popups * Authors: Jiri Suchomel <jsuchome@suse.cz> * - * $Id: LdapPopup.ycp 49288 2008-07-21 13:42:02Z jsuchome $ + * $Id: LdapPopup.ycp 50468 2008-08-29 09:37:48Z jsuchome $ * * Popups for editing the values of LDAP configuration tables. */ @@ -42,7 +42,6 @@ `HBox ( `HSpacing (), `ReplacePoint (`id (`reptree), `Tree (`id(`tree), root_dn, [])), - `ReplacePoint (`id (`repbuttons), `Empty ()), `HSpacing () ), `HBox ( @@ -64,7 +63,7 @@ list<term> items = []; list<string> out = (list<string>) SCR::Read (.ldap.search, $[ "base_dn" : root_dn, - "scope" : 1, + "scope" : root_dn != "" ? 0 : 1, "dn_only" : true, "not_found_ok" : true ] ); @@ -81,6 +80,8 @@ UI::ReplaceWidget (`id (`reptree), textmode ? `Tree (`id(`tree), root_dn, items) : `Tree (`id(`tree), `opt(`notify), root_dn, items)); + // no item is selected + UI::ChangeWidget (`tree, `CurrentItem, nil); } else if (root_dn == "") { @@ -674,7 +675,7 @@ `Left (`CheckBox (`id ("pwdMustChange"), // checkbox label _("U&ser Must Change Password after Reset"), - ppolicy["pwdMustChange"]:false)), + ppolicy["pwdMustChange"]:true)), `VSpacing (0.2), `Left (`CheckBox (`id ("pwdAllowUserChange"), // checkbox label @@ -754,7 +755,9 @@ `VSpacing (0.2), `IntField (`id ("pwdGraceAuthNLimit"), // IntField label - _("Allowed Uses of an Expired Password"), 0, max, 0) + _("Allowed Uses of an Expired Password"), 0, max, + tointeger (ppolicy["pwdGraceAuthNLimit"]:"0") + ) ), `HSpacing (0.5))); UI::ReplaceWidget (`tabContents, tab_cont); return; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-ldap-client-2.17.3/src/Ldap.ycp new/yast2-ldap-client-2.17.5/src/Ldap.ycp --- old/yast2-ldap-client-2.17.3/src/Ldap.ycp 2008-08-07 15:48:16.000000000 +0200 +++ new/yast2-ldap-client-2.17.5/src/Ldap.ycp 2008-08-26 12:56:23.000000000 +0200 @@ -5,7 +5,7 @@ * Authors: Thorsten Kukuk <kukuk@suse.de> * Anas Nashif <nashif@suse.de> * - * $Id: Ldap.ycp 49288 2008-07-21 13:42:02Z jsuchome $ + * $Id: Ldap.ycp 50368 2008-08-26 10:56:22Z jsuchome $ */ { @@ -2376,7 +2376,17 @@ if (!oes) { // pam settigs - Pam::Add ("ldap"); + if (Pam::Enabled("krb5")) + { + // If kerberos is used for authentication we configure + // pam_ldap in a way that we use only the account checking. + // Other configuration would mess up password changing + Pam::Add ("ldap-account_only"); + } + else + { + Pam::Add ("ldap"); + } // modify sources in /etc/nsswitch.conf Nsswitch::WriteDb ("passwd", ["compat"]); Nsswitch::WriteDb ("passwd_compat", (list<string>) @@ -2425,7 +2435,14 @@ Nsswitch::Write (); - Pam::Remove ("ldap"); + if (Pam::Enabled("ldap")) + { + Pam::Remove ("ldap"); + } + else if(Pam::Enabled("ldap-account_only")) + { + Pam::Remove ("ldap-account_only"); + } WriteLdapConfEntry ("tls_checkpeer", nil); } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-ldap-client-2.17.3/src/ui.ycp new/yast2-ldap-client-2.17.5/src/ui.ycp --- old/yast2-ldap-client-2.17.3/src/ui.ycp 2008-07-21 15:40:07.000000000 +0200 +++ new/yast2-ldap-client-2.17.5/src/ui.ycp 2008-08-29 11:37:49.000000000 +0200 @@ -5,7 +5,7 @@ * Authors: Thorsten Kukuk <kukuk@suse.de> * Anas Nashif <nashif@suse.de> * - * $Id: ui.ycp 49288 2008-07-21 13:42:02Z jsuchome $ + * $Id: ui.ycp 50468 2008-08-29 09:37:48Z jsuchome $ * * All user interface functions. */ @@ -637,6 +637,7 @@ list ppolicy_list = []; + boolean ppolicies_enabled = false; map<string,map> ppolicies = $[]; map<string,map> ppolicies_orig= $[]; list<string> ppolicies_deleted = []; // list of DN @@ -654,12 +655,17 @@ ]) ) { + ppolicies_enabled = (boolean) SCR::Execute (.ldap.ppolicy, $[ + "hostname" : Ldap::GetFirstServer (Ldap::server), + "bind_dn" : Ldap::GetBaseDN () + ]); + list schemas = (list)SCR::Read (.ldap.search, $[ "base_dn": "", - "attrs": [ "subschemasubentry" ], + "attrs": [ "subschemaSubentry" ], "scope": 0, ]); - string schema_dn = schemas[0,"subschemasubentry",0]:""; + string schema_dn = schemas[0,"subschemaSubentry",0]:""; if (schemas != nil && schema_dn != "" && SCR::Execute (.ldap.schema, $[ "schema_dn": schema_dn ])== true) { @@ -832,12 +838,9 @@ if (Mode::config ()) UI::ChangeWidget (`id(`configure), `Enabled, false); - if (size (ppolicies) < 1) - { - foreach (symbol s, [ `ppolicy_table, `add, `edit, `delete ], { - UI::ChangeWidget (`id (s), `Enabled, false); - }); - } + foreach (symbol s, [ `ppolicy_table, `add, `edit, `delete ], { + UI::ChangeWidget (`id (s), `Enabled, ppolicies_enabled); + }); } diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/yast2-ldap-client-2.17.3/VERSION new/yast2-ldap-client-2.17.5/VERSION --- old/yast2-ldap-client-2.17.3/VERSION 2008-08-13 09:23:10.000000000 +0200 +++ new/yast2-ldap-client-2.17.5/VERSION 2008-08-29 12:58:52.000000000 +0200 @@ -1 +1 @@ -2.17.3 +2.17.5 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org