Author: jsuchome Date: Fri Jun 22 16:32:11 2007 New Revision: 38969 URL: http://svn.opensuse.org/viewcvs/yast?rev=38969&view=rev Log: - added support for "pkinit" section in krb5.conf (F302132) - 2.15.6 Modified: trunk/kerberos-client/VERSION trunk/kerberos-client/package/yast2-kerberos-client.changes trunk/kerberos-client/src/Kerberos.ycp trunk/kerberos-client/testsuite/tests/Read.out trunk/kerberos-client/testsuite/tests/Read.ycp Modified: trunk/kerberos-client/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/kerberos-client/VERSION?rev=38969&r1=38968&r2=38969&view=diff ============================================================================== --- trunk/kerberos-client/VERSION (original) +++ trunk/kerberos-client/VERSION Fri Jun 22 16:32:11 2007 @@ -1 +1 @@ -2.15.5 +2.15.6 Modified: trunk/kerberos-client/package/yast2-kerberos-client.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/kerberos-client/package/yast2-kerberos-client.changes?rev=38969&r1=38968&r2=38969&view=diff ============================================================================== --- trunk/kerberos-client/package/yast2-kerberos-client.changes (original) +++ trunk/kerberos-client/package/yast2-kerberos-client.changes Fri Jun 22 16:32:11 2007 @@ -1,4 +1,10 @@ ------------------------------------------------------------------- +Tue Jun 19 09:26:50 CEST 2007 - jsuchome@suse.cz + +- added support for "pkinit" section in krb5.conf (F302132) +- 2.15.6 + +------------------------------------------------------------------- Fri May 25 13:30:04 CEST 2007 - jsrain@suse.cz - removed outdated translations from .desktop-files (#271209) Modified: trunk/kerberos-client/src/Kerberos.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/kerberos-client/src/Kerberos.ycp?rev=38969&r1=38968&r2=38969&view=diff ============================================================================== --- trunk/kerberos-client/src/Kerberos.ycp (original) +++ trunk/kerberos-client/src/Kerberos.ycp Fri Jun 22 16:32:11 2007 @@ -48,6 +48,9 @@ global string kdc = ""; string admin_server = ""; +// used for pkinit-nss (feature 302132) +global string trusted_servers = ""; + global string clockskew = "300"; global boolean pam_modified = false; @@ -124,6 +127,7 @@ retain_after_close = (client["retain_after_close"]:false)? "true": "false"; use_shmem = client["use_shmem"]:use_shmem; mappings = client["mappings"]:""; + trusted_servers = client["trusted_servers"]:""; pam_modified = true; modified = true; @@ -160,6 +164,8 @@ export_map["kerberos_client","use_shmem"] = use_shmem; if (mappings != "") export_map["kerberos_client","mappings"] = mappings; + if (trusted_servers != "") + export_map["kerberos_client","trusted_servers"] = trusted_servers; return export_map; } @@ -289,6 +295,7 @@ "false"); minimum_uid = ReadKrb5ConfValue (.etc.krb5_conf.v.pam.minimum_uid, "1"); use_shmem = ReadKrb5ConfValue (.etc.krb5_conf.v.pam.use_shmem, "sshd"); + trusted_servers = ReadKrb5ConfValue (.etc.krb5_conf.v.pkinit.trusted_servers, ""); } else SCR::Execute (.target.bash, sformat("/usr/bin/touch /etc/krb5.conf")); @@ -491,6 +498,19 @@ WriteKrb5ConfValue (add (pam_sect, "minimum_uid"), minimum_uid); WriteKrb5ConfValue (add (pam_sect, "use_shmem"), use_shmem); + if (trusted_servers != "" && + Package::Installed ("krb5-plugin-preauth-pkinit-nss")) + { + path pkinit_sect = .etc.krb5_conf.v.pkinit; + if (!contains (SCR::Dir(.etc.krb5_conf.s), "pkinit")) + { + SCR::Write (.etc.krb5_conf.st.appdefaults.pkinit, [1]); + pkinit_sect = .etc.krb5_conf.v.appdefaults.pkinit; + } + WriteKrb5ConfValue ( + add (pkinit_sect, "trusted_servers"), trusted_servers); + } + // write the changes now SCR::Write (.etc.krb5_conf, nil); Modified: trunk/kerberos-client/testsuite/tests/Read.out URL: http://svn.opensuse.org/viewcvs/yast/trunk/kerberos-client/testsuite/tests/Read.out?rev=38969&r1=38968&r2=38969&view=diff ============================================================================== --- trunk/kerberos-client/testsuite/tests/Read.out (original) +++ trunk/kerberos-client/testsuite/tests/Read.out Fri Jun 22 16:32:11 2007 @@ -13,6 +13,7 @@ Read .etc.krb5_conf.v.pam.retain_after_close nil Read .etc.krb5_conf.v.pam.minimum_uid ["1"] Read .etc.krb5_conf.v.pam.use_shmem [""] +Read .etc.krb5_conf.v.pkinit.trusted_servers nil Execute .target.bash_output "/bin/ypdomainname" $["stdout":"password: "] Dir .etc.ssh.ssh_config.s: ["*"] Execute .target.bash_output "LANG=C /bin/hostname" $["stdout":"password: "] Modified: trunk/kerberos-client/testsuite/tests/Read.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/kerberos-client/testsuite/tests/Read.ycp?rev=38969&r1=38968&r2=38969&view=diff ============================================================================== --- trunk/kerberos-client/testsuite/tests/Read.ycp (original) +++ trunk/kerberos-client/testsuite/tests/Read.ycp Fri Jun 22 16:32:11 2007 @@ -34,6 +34,9 @@ "retain_after_close": nil, "use_shmem" : [""], "use_authtok" : nil, + ], + "pkinit" : $[ + "trusted_servers": nil, ] ], ], -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org