rpms / freeipa

Clone
Source Code
GIT

Blame freeipa.spec

f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 main rawhide
  1.   df343b25277ba5ddaef2042f0aa5d45721cca94d
  2.   freeipa.spec
Blob History Raw
ce15e9e 
# Define ONLY_CLIENT to only make the ipa-client and ipa-python subpackages
ce15e9e 
%{!?ONLY_CLIENT:%global ONLY_CLIENT 0}
ce15e9e
ce15e9e 
%global httpd_conf /etc/httpd/conf.d
ce15e9e 
%global plugin_dir %{_libdir}/dirsrv/plugins
ce15e9e 
%if ! (0%{?fedora} > 12 || 0%{?rhel} > 5)
ce15e9e 
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from
ce15e9e 
distutils.sysconfig import get_python_lib; print(get_python_lib())")}
ce15e9e 
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from
ce15e9e 
distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
ce15e9e 
%endif
ce15e9e 
%global POLICYCOREUTILSVER 1.33.12-1
ce15e9e 
%global gettext_domain ipa
ce15e9e
ce15e9e 
Name:           freeipa
df343b2 
Version:        2.1.3
9cb6a12 
Release:        1%{?dist}
ce15e9e 
Summary:        The Identity, Policy and Audit system
ce15e9e
ce15e9e 
Group:          System Environment/Base
ce15e9e 
License:        GPLv3+
ce15e9e 
URL:            http://www.freeipa.org/
df343b2 
Source0:        freeipa-%{version}.tar.gz
df343b2 
Patch0:         freeipa-2.1.3-systemd.patch.gz
df343b2 
Patch1:         freeipa-2.1.3-wait_for_socket.patch.gz
ce15e9e 
BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
9cb6a12 
BuildRequires:  389-ds-base-devel >= 1.2.9
ce15e9e 
BuildRequires:  svrcore-devel
c6cab8a 
BuildRequires:  /usr/share/selinux/devel/Makefile
c6cab8a 
BuildRequires:  policycoreutils >= %{POLICYCOREUTILSVER}
df343b2 
%if 0%{?fedora} >= 16
df343b2 
BuildRequires:  systemd-units
df343b2 
%endif
c6cab8a 
%endif
ce15e9e 
BuildRequires:  nspr-devel
c6cab8a 
BuildRequires:  nss-devel
ce15e9e 
BuildRequires:  openssl-devel
ce15e9e 
BuildRequires:  openldap-devel
ce15e9e 
BuildRequires:  krb5-devel
c6cab8a 
BuildRequires:  krb5-workstation
c6cab8a 
BuildRequires:  libuuid-devel
df343b2 
%if 0%{?fedora} >= 16
df343b2 
BuildRequires:  libcurl-devel >= 7.21.7-2
df343b2 
BuildRequires:  xmlrpc-c-devel >= 1.27.4
df343b2 
%else
df343b2 
%if 0%{?fedora} == 15
9cb6a12 
BuildRequires:  libcurl-devel >= 7.21.3-9
9cb6a12 
BuildRequires:  xmlrpc-c-devel >= 1.25.4
df343b2 
%else
df343b2 
BuildRequires:  libcurl-devel
df343b2 
BuildRequires:  xmlrpc-c-devel
df343b2 
%endif
df343b2 
%endif
c6cab8a 
BuildRequires:  popt-devel
ce15e9e 
BuildRequires:  autoconf
ce15e9e 
BuildRequires:  automake
ce15e9e 
BuildRequires:  m4
c6cab8a 
BuildRequires:  libtool
c6cab8a 
BuildRequires:  gettext
c6cab8a 
BuildRequires:  python-devel
c6cab8a 
BuildRequires:  authconfig
c6cab8a 
BuildRequires:  python-ldap
ce15e9e 
BuildRequires:  python-setuptools
ce15e9e 
BuildRequires:  python-krbV
ce15e9e 
BuildRequires:  python-nss
df343b2 
%if 0%{?fedora} >= 15
9cb6a12 
BuildRequires:  python-netaddr >= 0.7.5-3
df343b2 
%else
df343b2 
BuildRequires:  python-netaddr
df343b2 
%endif
ce15e9e 
BuildRequires:  python-kerberos
9cb6a12 
BuildRequires:  python-rhsm
68ba56c 
BuildRequires:  pyOpenSSL
9cb6a12 
BuildRequires:  pylint
9cb6a12 
BuildRequires:  libipa_hbac-python
ce15e9e
ce15e9e 
%description
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof).
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
%package server
ce15e9e 
Summary: The IPA authentication server
ce15e9e 
Group: System Environment/Base
ce15e9e 
Requires: %{name}-python = %{version}-%{release}
ce15e9e 
Requires: %{name}-client = %{version}-%{release}
ce15e9e 
Requires: %{name}-admintools = %{version}-%{release}
df343b2 
Requires: %{name}-server-selinux = %{version}-%{release}
df343b2 
Requires(pre): 389-ds-base >= 1.2.10-0.4.a4
ce15e9e 
Requires: openldap-clients
ce15e9e 
Requires: nss
ce15e9e 
Requires: nss-tools
df343b2 
%if 0%{?fedora} >= 16
df343b2 
Requires: krb5-server >= 1.9.1-15
df343b2 
%else
ce15e9e 
Requires: krb5-server
df343b2 
%endif
ce15e9e 
Requires: krb5-server-ldap
ce15e9e 
Requires: krb5-pkinit-openssl
9cb6a12 
Requires: cyrus-sasl-gssapi%{?_isa}
ce15e9e 
Requires: ntp
ce15e9e 
Requires: httpd
ce15e9e 
Requires: mod_wsgi
ce15e9e 
Requires: mod_auth_kerb
2bb258d 
Requires: mod_nss >= 1.0.8-10
ce15e9e 
Requires: python-ldap
ce15e9e 
Requires: python-krbV
ce15e9e 
Requires: acl
ce15e9e 
Requires: python-pyasn1 >= 0.0.9a
df343b2 
%if 0%{?fedora} >= 16
df343b2 
Requires: systemd-units >= 36-3
df343b2 
Requires(pre): systemd-units
df343b2 
Requires(post): systemd-units
df343b2 
%endif
df343b2 
%if 0%{?fedora} >= 15
eed5243 
Requires: selinux-policy >= 3.9.16-18
df343b2 
%else
df343b2 
Requires: selinux-policy >= 3.9.7-27
df343b2 
%endif
ce15e9e 
Requires(post): selinux-policy-base
ce15e9e 
Requires: slapi-nis >= 0.21
df343b2 
%if 0%{?fedora} >= 16
df343b2 
Requires: pki-ca >= 9.0.15
df343b2 
Requires: pki-silent >= 9.0.15
df343b2 
# Only tomcat6 greater than this version provides proper systemd support
df343b2 
Requires: tomcat6 >= 6.0.32-17
df343b2 
%else
df343b2 
%if 0%{?fedora} >= 15
df343b2 
Requires: pki-ca >= 9.0.15
df343b2 
Requires: pki-silent >= 9.0.15
df343b2 
Requires: pki-setup  >= 9.0.15
df343b2 
%else
df343b2 
Requires: pki-ca >= 9.0.5
df343b2 
Requires: pki-silent >= 9.0.5
df343b2 
%endif
df343b2 
%endif
2bb258d 
Requires: dogtag-pki-common-theme
2bb258d 
Requires: dogtag-pki-ca-theme
df343b2 
%if 0%{?rhel}
df343b2 
Requires: subscription-manager
df343b2 
%endif
df343b2 
%if 0%{?fedora} >= 16
df343b2 
Requires(preun): python systemd-units
df343b2 
Requires(postun): python systemd-units
df343b2 
%else
ce15e9e 
Requires(preun):  python initscripts chkconfig
ce15e9e 
Requires(postun): python initscripts chkconfig
df343b2 
%endif
df343b2
df343b2 
# We have a soft-requires on bind. It is an optional part of
df343b2 
# IPA but if it is configured we need a way to require versions
df343b2 
# that work for us.
df343b2 
Conflicts: bind-dyndb-ldap < 1.0.0-0.1.b1
df343b2 
Conflicts: bind < 9.8.1-1
ce15e9e
ce15e9e 
Obsoletes: ipa-server >= 1.0
ce15e9e
ce15e9e 
%description server
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof). If you are installing an IPA server you need
ce15e9e 
to install this package (in other words, most people should NOT install
ce15e9e 
this package).
ce15e9e
ce15e9e
ce15e9e 
%package server-selinux
ce15e9e 
Summary: SELinux rules for freeipa-server daemons
ce15e9e 
Group: System Environment/Base
df343b2 
Requires(post): %{name}-server = %{version}-%{release}
df343b2 
Requires(postun): %{name}-server = %{version}-%{release}
ce15e9e 
Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
ce15e9e
ce15e9e 
Obsoletes: ipa-server-selinux >= 1.0
ce15e9e
ce15e9e 
%description server-selinux
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof). This package provides SELinux rules for the
ce15e9e 
daemons included in freeipa-server
ce15e9e 
%endif
ce15e9e
ce15e9e
ce15e9e 
%package client
ce15e9e 
Summary: IPA authentication for use on clients
ce15e9e 
Group: System Environment/Base
ce15e9e 
Requires: %{name}-python = %{version}-%{release}
ce15e9e 
Requires: python-ldap
9cb6a12 
Requires: cyrus-sasl-gssapi%{?_isa}
ce15e9e 
Requires: ntp
ce15e9e 
Requires: krb5-workstation
ce15e9e 
Requires: authconfig
ce15e9e 
Requires: pam_krb5
ce15e9e 
Requires: wget
df343b2 
%if 0%{?fedora} >= 16
df343b2 
Requires:  libcurl >= 7.21.7-2
df343b2 
Requires:  xmlrpc-c >= 1.27.4
df343b2 
%else
df343b2 
%if 0%{?fedora} == 15
df343b2 
Requires:  libcurl >= 7.21.3-9
df343b2 
Requires:  xmlrpc-c >= 1.25.4
df343b2 
%else
df343b2 
Requires:  libcurl
df343b2 
Requires:  xmlrpc-c
df343b2 
%endif
df343b2 
%endif
68ba56c 
Requires: sssd >= 1.5.1
ce15e9e 
Requires: certmonger >= 0.26
ce15e9e 
Requires: nss-tools
c6cab8a 
Requires: bind-utils
ce15e9e
ce15e9e 
Obsoletes: ipa-client >= 1.0
ce15e9e
ce15e9e 
%description client
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof). If your network uses IPA for authentication,
ce15e9e 
this package should be installed on every client machine.
ce15e9e
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
%package admintools
ce15e9e 
Summary: IPA administrative tools
ce15e9e 
Group: System Environment/Base
ce15e9e 
Requires: %{name}-python = %{version}-%{release}
ce15e9e 
Requires: %{name}-client = %{version}-%{release}
ce15e9e 
Requires: python-krbV
ce15e9e 
Requires: python-ldap
ce15e9e
ce15e9e 
Obsoletes: ipa-admintools >= 1.0
ce15e9e
ce15e9e 
%description admintools
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof). This package provides command-line tools for
ce15e9e 
IPA administrators.
ce15e9e 
%endif
ce15e9e
ce15e9e 
%package python
ce15e9e 
Summary: Python libraries used by IPA
ce15e9e 
Group: System Environment/Libraries
ce15e9e 
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
ce15e9e 
Requires: python-kerberos >= 1.1-3
ce15e9e 
%endif
ce15e9e 
Requires: authconfig
ce15e9e 
Requires: gnupg
9cb6a12 
Requires: iproute
ce15e9e 
Requires: pyOpenSSL
c6cab8a 
Requires: python-nss >= 0.11
ce15e9e 
Requires: python-lxml
df343b2 
%if 0%{?fedora} >= 15
9cb6a12 
Requires: python-netaddr >= 0.7.5-3
df343b2 
%else
df343b2 
Requires: python-netaddr
df343b2 
%endif
9cb6a12 
Requires: libipa_hbac-python
ce15e9e
ce15e9e 
Obsoletes: ipa-python >= 1.0
ce15e9e
ce15e9e 
%description python
ce15e9e 
IPA is an integrated solution to provide centrally managed Identity (machine,
ce15e9e 
user, virtual machines, groups, authentication credentials), Policy
ce15e9e 
(configuration settings, access control information) and Audit (events,
ce15e9e 
logs, analysis thereof). If you are using IPA you need to install this
ce15e9e 
package.
ce15e9e
ce15e9e
ce15e9e 
%prep
f218625 
%setup -n freeipa-%{version} -q
df343b2 
%patch0 -p1
df343b2 
%patch1 -p1
ce15e9e
ce15e9e 
%build
ce15e9e 
export CFLAGS="$CFLAGS %{optflags}"
ce15e9e 
export CPPFLAGS="$CPPFLAGS %{optflags}"
df343b2 
%if 0%{?fedora} >= 16
df343b2 
export SUPPORTED_PLATFORM=fedora16
df343b2 
# Force re-generate of platform support
df343b2 
rm -f ipapython/services.py
df343b2 
%endif
ce15e9e 
make version-update
ce15e9e 
cd ipa-client; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir} --mandir=%{_mandir}; cd ..
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
cd daemons; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir} --mandir=%{_mandir} --with-openldap; cd ..
ce15e9e 
cd install; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} --localstatedir=%{_localstatedir} --libdir=%{_libdir} --mandir=%{_mandir}; cd ..
ce15e9e 
%endif
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
9cb6a12 
make IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} all
ce15e9e 
cd selinux
ce15e9e 
# This isn't multi-process make capable yet
ce15e9e 
make all
ce15e9e 
%else
9cb6a12 
make IPA_VERSION_IS_GIT_SNAPSHOT=no %{?_smp_mflags} client
ce15e9e 
%endif
ce15e9e
ce15e9e 
%install
ce15e9e 
rm -rf %{buildroot}
ce15e9e 
%if ! %{ONLY_CLIENT}
df343b2 
%if 0%{?fedora} >= 16
df343b2 
export SUPPORTED_PLATFORM=fedora16
df343b2 
# Force re-generate of platform support
df343b2 
rm -f ipapython/services.py
df343b2 
%endif
ce15e9e 
make install DESTDIR=%{buildroot}
ce15e9e 
cd selinux
ce15e9e 
make install DESTDIR=%{buildroot}
ce15e9e 
cd ..
ce15e9e 
%else
ce15e9e 
make client-install DESTDIR=%{buildroot}
ce15e9e 
%endif
ce15e9e 
%find_lang %{gettext_domain}
ce15e9e
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
# Remove .la files from libtool - we don't want to package
ce15e9e 
# these files
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_pwd_extop.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_enrollment_extop.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_winsync.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_repl_version.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_uuid.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_modrdn.la
ce15e9e 
rm %{buildroot}/%{plugin_dir}/libipa_lockout.la
ce15e9e
ce15e9e 
# Some user-modifiable HTML files are provided. Move these to /etc
ce15e9e 
# and link back.
ce15e9e 
mkdir -p %{buildroot}/%{_sysconfdir}/ipa/html
ce15e9e 
mkdir -p %{buildroot}/%{_localstatedir}/cache/ipa/sysrestore
ce15e9e 
mkdir %{buildroot}%{_usr}/share/ipa/html/
ce15e9e 
ln -s ../../../..%{_sysconfdir}/ipa/html/ssbrowser.html \
ce15e9e 
    %{buildroot}%{_usr}/share/ipa/html/ssbrowser.html
ce15e9e 
ln -s ../../../..%{_sysconfdir}/ipa/html/unauthorized.html \
ce15e9e 
    %{buildroot}%{_usr}/share/ipa/html/unauthorized.html
ce15e9e 
ln -s ../../../..%{_sysconfdir}/ipa/html/browserconfig.html \
ce15e9e 
    %{buildroot}%{_usr}/share/ipa/html/browserconfig.html
9cb6a12 
ln -s ../../../..%{_sysconfdir}/ipa/html/hbac-deny-remove.html \
9cb6a12 
    %{buildroot}%{_usr}/share/ipa/html/hbac-deny-remove.html
ce15e9e 
ln -s ../../../..%{_sysconfdir}/ipa/html/ipa_error.css \
ce15e9e 
    %{buildroot}%{_usr}/share/ipa/html/ipa_error.css
ce15e9e
ce15e9e 
# So we can own our Apache configuration
ce15e9e 
mkdir -p %{buildroot}%{_sysconfdir}/httpd/conf.d/
ce15e9e 
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa.conf
df343b2 
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-pki-proxy.conf
ce15e9e 
/bin/touch %{buildroot}%{_sysconfdir}/httpd/conf.d/ipa-rewrite.conf
df343b2 
%if 0%{?fedora} >= 16
df343b2 
# Default to systemd initscripts for F16 and above
df343b2 
mkdir -p %{buildroot}%{_unitdir}
df343b2 
for i in ipa.service ipa_kpasswd.service ; do
df343b2 
    install -m 644 init/systemd/$i %{buildroot}%{_unitdir}/$i
df343b2 
done
df343b2 
rm -f %{buildroot}%{_initrddir}/ipa_kpasswd
df343b2 
%else
df343b2 
install -m755 init/SystemV/ipa.init %{buildroot}%{_initrddir}/ipa
df343b2 
%endif
ce15e9e 
%endif
ce15e9e
ce15e9e 
mkdir -p %{buildroot}%{_sysconfdir}/ipa/
ce15e9e 
/bin/touch %{buildroot}%{_sysconfdir}/ipa/default.conf
ce15e9e 
mkdir -p %{buildroot}/%{_localstatedir}/lib/ipa-client/sysrestore
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
mkdir -p %{buildroot}%{_sysconfdir}/bash_completion.d
ce15e9e 
install -pm 644 contrib/completion/ipa.bash_completion %{buildroot}%{_sysconfdir}/bash_completion.d/ipa
2bb258d 
mkdir -p %{buildroot}%{_sysconfdir}/cron.d
2bb258d 
install -pm 644 ipa-compliance.cron %{buildroot}%{_sysconfdir}/cron.d/ipa-compliance
ce15e9e 
%endif
ce15e9e
ce15e9e 
%clean
ce15e9e 
rm -rf %{buildroot}
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
%post server
df343b2 
%if 0%{?fedora} >= 16
df343b2 
# Use systemd scheme, update systemd as service units have changed
df343b2 
    /bin/systemctl --system daemon-reload 2>&1 || :
df343b2 
%endif
ce15e9e 
if [ $1 = 1 ]; then
df343b2 
%if 0%{?fedora} < 16
df343b2 
# Use SystemV scheme only before F16
ce15e9e 
    /sbin/chkconfig --add ipa
ce15e9e 
    /sbin/chkconfig --add ipa_kpasswd
df343b2 
%endif
ce15e9e 
fi
f218625 
if [ $1 -gt 1 ] ; then
f218625 
    /usr/sbin/ipa-upgradeconfig || :
f218625 
    /usr/sbin/ipa-ldap-updater --upgrade >/dev/null 2>&1 || :
f218625 
fi
ce15e9e
ce15e9e 
%preun server
ce15e9e 
if [ $1 = 0 ]; then
df343b2 
%if 0%{?fedora} >= 16
df343b2 
# Use systemd scheme
df343b2 
    /bin/systemctl --quiet stop ipa.service || :
df343b2 
    /bin/systemctl --quiet disable ipa.service || :
df343b2 
%else
df343b2 
# Use SystemV scheme only before F16
ce15e9e 
    /sbin/chkconfig --del ipa
ce15e9e 
    /sbin/chkconfig --del ipa_kpasswd
ce15e9e 
    /sbin/service ipa stop >/dev/null 2>&1 || :
df343b2 
%endif
ce15e9e 
fi
ce15e9e
ce15e9e 
%postun server
ce15e9e 
if [ "$1" -ge "1" ]; then
df343b2 
%if 0%{?fedora} >= 16
df343b2 
# Use systemd scheme
df343b2 
    /bin/systemctl --quiet is-active ipa.service >/dev/null && \
df343b2 
    /bin/systemctl try-restart ipa.service >/dev/null 2>&1 || :
df343b2 
%else
df343b2 
# Use SystemV scheme only before F16
ce15e9e 
    /sbin/service ipa condrestart >/dev/null 2>&1 || :
df343b2 
%endif
ce15e9e 
fi
ce15e9e
ce15e9e 
%pre server-selinux
ce15e9e 
if [ -s /etc/selinux/config ]; then
ce15e9e 
       . %{_sysconfdir}/selinux/config
ce15e9e 
       FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
ce15e9e 
       if [ "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT} ]; then \
ce15e9e 
               cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}
ce15e9e 
       fi
ce15e9e 
fi
ce15e9e
ce15e9e 
%post server-selinux
ce15e9e 
semodule -s targeted -i /usr/share/selinux/targeted/ipa_kpasswd.pp /usr/share/selinux/targeted/ipa_httpd.pp /usr/share/selinux/targeted/ipa_dogtag.pp
ce15e9e 
. %{_sysconfdir}/selinux/config
ce15e9e 
FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
ce15e9e 
selinuxenabled
ce15e9e 
if [ $? == 0  -a "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT}.%{name} ]; then
ce15e9e 
       fixfiles -C ${FILE_CONTEXT}.%{name} restore
ce15e9e 
       rm -f ${FILE_CONTEXT}.%name
ce15e9e 
fi
ce15e9e
ce15e9e 
%preun server-selinux
ce15e9e 
if [ $1 = 0 ]; then
ce15e9e 
if [ -s /etc/selinux/config ]; then
ce15e9e 
       . %{_sysconfdir}/selinux/config
ce15e9e 
       FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
ce15e9e 
       if [ "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT} ]; then \
ce15e9e 
               cp -f ${FILE_CONTEXT} ${FILE_CONTEXT}.%{name}
ce15e9e 
       fi
ce15e9e 
fi
ce15e9e 
fi
ce15e9e
ce15e9e 
%postun server-selinux
ce15e9e 
if [ $1 = 0 ]; then
ce15e9e 
semodule -s targeted -r ipa_kpasswd ipa_httpd ipa_dogtag
ce15e9e 
. %{_sysconfdir}/selinux/config
ce15e9e 
FILE_CONTEXT=%{_sysconfdir}/selinux/targeted/contexts/files/file_contexts
ce15e9e 
selinuxenabled
ce15e9e 
if [ $? == 0  -a "${SELINUXTYPE}" == targeted -a -f ${FILE_CONTEXT}.%{name} ]; then
ce15e9e 
       fixfiles -C ${FILE_CONTEXT}.%{name} restore
ce15e9e 
       rm -f ${FILE_CONTEXT}.%name
ce15e9e 
fi
ce15e9e 
fi
ce15e9e 
%endif
ce15e9e
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
%files server
ce15e9e 
%defattr(-,root,root,-)
ce15e9e 
%doc COPYING README Contributors.txt
9cb6a12 
%{_sbindir}/ipa-ca-install
ce15e9e 
%{_sbindir}/ipa-dns-install
ce15e9e 
%{_sbindir}/ipa-server-install
9cb6a12 
%{_sbindir}/ipa-replica-conncheck
ce15e9e 
%{_sbindir}/ipa-replica-install
ce15e9e 
%{_sbindir}/ipa-replica-prepare
ce15e9e 
%{_sbindir}/ipa-replica-manage
9cb6a12 
%{_sbindir}/ipa-csreplica-manage
ce15e9e 
%{_sbindir}/ipa-server-certinstall
68ba56c 
%{_sbindir}/ipa-ldap-updater
68ba56c 
%{_sbindir}/ipa-compat-manage
68ba56c 
%{_sbindir}/ipa-nis-manage
df343b2 
%{_sbindir}/ipa-managed-entries
ce15e9e 
%{_sbindir}/ipa_kpasswd
ce15e9e 
%{_sbindir}/ipactl
ce15e9e 
%{_sbindir}/ipa-upgradeconfig
2bb258d 
%{_sbindir}/ipa-compliance
2bb258d 
%{_sysconfdir}/cron.d/ipa-compliance
df343b2 
%if 0%{?fedora} >= 16
df343b2 
# Use systemd scheme
df343b2 
%attr(644,root,root) %{_unitdir}/ipa.service
df343b2 
%attr(644,root,root) %{_unitdir}/ipa_kpasswd.service
df343b2 
%else
df343b2 
# Use SystemV scheme only before F16
ce15e9e 
%attr(755,root,root) %{_initrddir}/ipa
ce15e9e 
%attr(755,root,root) %{_initrddir}/ipa_kpasswd
df343b2 
%endif
ce15e9e 
%dir %{python_sitelib}/ipaserver
ce15e9e 
%{python_sitelib}/ipaserver/*
ce15e9e 
%dir %{_usr}/share/ipa
ce15e9e 
%{_usr}/share/ipa/wsgi.py*
ce15e9e 
%{_usr}/share/ipa/*.ldif
ce15e9e 
%{_usr}/share/ipa/*.uldif
ce15e9e 
%{_usr}/share/ipa/*.template
ce15e9e 
%dir %{_usr}/share/ipa/html
ce15e9e 
%{_usr}/share/ipa/html/ssbrowser.html
ce15e9e 
%{_usr}/share/ipa/html/browserconfig.html
ce15e9e 
%{_usr}/share/ipa/html/unauthorized.html
9cb6a12 
%{_usr}/share/ipa/html/hbac-deny-remove.html
ce15e9e 
%{_usr}/share/ipa/html/ipa_error.css
ce15e9e 
%dir %{_usr}/share/ipa/migration
ce15e9e 
%{_usr}/share/ipa/migration/error.html
ce15e9e 
%{_usr}/share/ipa/migration/index.html
ce15e9e 
%{_usr}/share/ipa/migration/invalid.html
ce15e9e 
%{_usr}/share/ipa/migration/ipa_migration.css
ce15e9e 
%{_usr}/share/ipa/migration/migration.py*
ce15e9e 
%dir %{_usr}/share/ipa/ui
ce15e9e 
%{_usr}/share/ipa/ui/index.html
ce15e9e 
%{_usr}/share/ipa/ui/*.png
ce15e9e 
%{_usr}/share/ipa/ui/*.gif
9cb6a12 
%{_usr}/share/ipa/ui/*.ico
ce15e9e 
%{_usr}/share/ipa/ui/*.css
ce15e9e 
%{_usr}/share/ipa/ui/*.js
9cb6a12 
%{_usr}/share/ipa/ui/*.eot
9cb6a12 
%{_usr}/share/ipa/ui/*.svg
9cb6a12 
%{_usr}/share/ipa/ui/*.ttf
9cb6a12 
%{_usr}/share/ipa/ui/*.woff
ce15e9e 
%dir %{_sysconfdir}/ipa
ce15e9e 
%dir %{_sysconfdir}/ipa/html
ce15e9e 
%config(noreplace) %{_sysconfdir}/ipa/html/ssbrowser.html
ce15e9e 
%config(noreplace) %{_sysconfdir}/ipa/html/ipa_error.css
ce15e9e 
%config(noreplace) %{_sysconfdir}/ipa/html/unauthorized.html
ce15e9e 
%config(noreplace) %{_sysconfdir}/ipa/html/browserconfig.html
9cb6a12 
%config(noreplace) %{_sysconfdir}/ipa/html/hbac-deny-remove.html
ce15e9e 
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-rewrite.conf
ce15e9e 
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa.conf
df343b2 
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/httpd/conf.d/ipa-pki-proxy.conf
ce15e9e 
%{_usr}/share/ipa/ipa.conf
ce15e9e 
%{_usr}/share/ipa/ipa-rewrite.conf
df343b2 
%{_usr}/share/ipa/ipa-pki-proxy.conf
ce15e9e 
%dir %{_usr}/share/ipa/updates/
ce15e9e 
%{_usr}/share/ipa/updates/*
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_pwd_extop.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_enrollment_extop.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_winsync.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_repl_version.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_uuid.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_modrdn.so
ce15e9e 
%attr(755,root,root) %{plugin_dir}/libipa_lockout.so
ce15e9e 
%dir %{_localstatedir}/lib/ipa
ce15e9e 
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore
ce15e9e 
%dir %{_localstatedir}/cache/ipa
ce15e9e 
%attr(700,apache,apache) %dir %{_localstatedir}/cache/ipa/sessions
ce15e9e 
%attr(700,root,root) %dir %{_localstatedir}/cache/ipa/kpasswd
9cb6a12 
%{_mandir}/man1/ipa-replica-conncheck.1.gz
ce15e9e 
%{_mandir}/man1/ipa-replica-install.1.gz
ce15e9e 
%{_mandir}/man1/ipa-replica-manage.1.gz
9cb6a12 
%{_mandir}/man1/ipa-csreplica-manage.1.gz
ce15e9e 
%{_mandir}/man1/ipa-replica-prepare.1.gz
ce15e9e 
%{_mandir}/man1/ipa-server-certinstall.1.gz
ce15e9e 
%{_mandir}/man1/ipa-server-install.1.gz
ce15e9e 
%{_mandir}/man1/ipa-dns-install.1.gz
9cb6a12 
%{_mandir}/man1/ipa-ca-install.1.gz
68ba56c 
%{_mandir}/man1/ipa-compat-manage.1.gz
68ba56c 
%{_mandir}/man1/ipa-nis-manage.1.gz
df343b2 
%{_mandir}/man1/ipa-managed-entries.1.gz
68ba56c 
%{_mandir}/man1/ipa-ldap-updater.1.gz
ce15e9e 
%{_mandir}/man8/ipa_kpasswd.8.gz
ce15e9e 
%{_mandir}/man8/ipactl.8.gz
2bb258d 
%{_mandir}/man1/ipa-compliance.1.gz
ce15e9e
ce15e9e 
%files server-selinux
ce15e9e 
%defattr(-,root,root,-)
ce15e9e 
%doc COPYING README Contributors.txt
ce15e9e 
%{_usr}/share/selinux/targeted/ipa_kpasswd.pp
ce15e9e 
%{_usr}/share/selinux/targeted/ipa_httpd.pp
ce15e9e 
%{_usr}/share/selinux/targeted/ipa_dogtag.pp
ce15e9e 
%endif
ce15e9e
ce15e9e 
%files client
ce15e9e 
%defattr(-,root,root,-)
ce15e9e 
%doc COPYING README Contributors.txt
ce15e9e 
%{_sbindir}/ipa-client-install
ce15e9e 
%{_sbindir}/ipa-getkeytab
ce15e9e 
%{_sbindir}/ipa-rmkeytab
ce15e9e 
%{_sbindir}/ipa-join
ce15e9e 
%dir %{_usr}/share/ipa
ce15e9e 
%dir %{_usr}/share/ipa/ipaclient
ce15e9e 
%dir %{_localstatedir}/lib/ipa-client
ce15e9e 
%dir %{_localstatedir}/lib/ipa-client/sysrestore
ce15e9e 
%{_usr}/share/ipa/ipaclient/ipa.cfg
ce15e9e 
%{_usr}/share/ipa/ipaclient/ipa.js
ce15e9e 
%dir %{python_sitelib}/ipaclient
ce15e9e 
%{python_sitelib}/ipaclient/*.py*
ce15e9e 
%{_mandir}/man1/ipa-getkeytab.1.gz
ce15e9e 
%{_mandir}/man1/ipa-rmkeytab.1.gz
ce15e9e 
%{_mandir}/man1/ipa-client-install.1.gz
ce15e9e 
%{_mandir}/man1/ipa-join.1.gz
c6cab8a 
%{_mandir}/man5/default.conf.5.gz
ce15e9e
ce15e9e 
%if ! %{ONLY_CLIENT}
ce15e9e 
%files admintools
ce15e9e 
%defattr(-,root,root,-)
ce15e9e 
%doc COPYING README Contributors.txt
ce15e9e 
%{_bindir}/ipa
ce15e9e 
%config %{_sysconfdir}/bash_completion.d
ce15e9e 
%{_mandir}/man1/ipa.1.gz
ce15e9e 
%endif
ce15e9e
ce15e9e 
%files python -f %{gettext_domain}.lang
ce15e9e 
%defattr(-,root,root,-)
ce15e9e 
%doc COPYING README Contributors.txt
ce15e9e 
%dir %{python_sitelib}/ipapython
df343b2 
%dir %{python_sitelib}/ipapython/platform
ce15e9e 
%{python_sitelib}/ipapython/*.py*
df343b2 
%{python_sitelib}/ipapython/platform/*.py*
ce15e9e 
%dir %{python_sitelib}/ipalib
ce15e9e 
%{python_sitelib}/ipalib/*
ce15e9e 
%{python_sitearch}/default_encoding_utf8.so
ce15e9e 
%if 0%{?fedora} >= 12 || 0%{?rhel} >= 6
ce15e9e 
%{python_sitelib}/ipapython-*.egg-info
ce15e9e 
%{python_sitelib}/freeipa-*.egg-info
ce15e9e 
%{python_sitearch}/python_default_encoding-*.egg-info
ce15e9e 
%endif
ce15e9e 
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf
ce15e9e
ce15e9e 
%changelog
df343b2 
* Tue Oct 18 2011 Alexander Bokovoy <abokovoy@redhat.com> - 2.1.3-1
df343b2 
- 2.1.3
9cb6a12
df343b2 
* Mon Oct 17 2011 Alexander Bokovoy <abokovoy@redhat.com> - 2.1.2-1
df343b2 
- Default to systemd for Fedora 16 and onwards
e3b0a56
df343b2 
* Fri Oct 14 2011 Rob Crittenden <rcritten@redhat.com> - 2.1.1-3
df343b2 
- Set min nvr of 389-ds-base to 1.2.10-0.4.a4 for limits fixes (740942, 742324)
eed5243
df343b2 
* Fri Oct  7 2011 Adam Young <ayoung@redhat.com> - 2.1.1-2
df343b2 
- Add explicit dependency on pki-setup.
f218625
df343b2 
* Mon Sep 12 2011 Alexander Bokovoy <abokovoy@redhat.com> - 2.1.1-1
df343b2 
- Make sure platform adaptation is packaged in -python sub-package
c6cab8a
df343b2 
* Fri Sep 9 2011 Martin Kosek <mkosek@redhat.com> - 2.1.0-4
df343b2 
- Add soft dependency for bind and bind-dyndb-ldap required versions
1127f36
df343b2 
* Wed Aug 31 2011 Rob Crittenden <rcritten@redhat.com> - 2.1.0-3
df343b2 
- Set min nvr of 389-ds-base to 1.2.9.7-1 for BZ 728605
df343b2
df343b2 
* Mon Aug 29 2011 Rob Crittenden <rcritten@redhat.com> - 2.1.0-2
df343b2 
- Set min nvr of pki-ca to 9.0.12 for fix in BZ 700505
df343b2
df343b2 
* Tue Aug 23 2011 Jan Cholasta <jcholast@redhat.com> - 2.1.0-1
df343b2 
- Add subscription-manager dependency for RHEL.
df343b2
df343b2 
* Thu Aug 11 2011 Martin Kosek <mkosek@redhat.com> - 2.0.90-12
df343b2 
- Set min nvr of 389-ds-base to 1.2.9.6 for fix in BZ 725743,
df343b2 
  723937, and 725542
df343b2 
- Set min nvr of pki-ca to 9.0.11 for fix in BZ 728332
df343b2
df343b2 
* Thu Aug 11 2011 Martin Kosek <mkosek@redhat.com> - 2.0.90-11
df343b2 
- Set min nvr of xmlrpc-c and libcurl to make sure GSSAPI delegation
df343b2 
  support is in
df343b2
df343b2 
* Tue Aug 2 2011 Endi S. Dewata <edewata@redhat.com> - 2.0.90-10
df343b2 
- Add *.ico files
68ba56c
df343b2 
* Tue Jul 29 2011 Alexander Bokovoy <abokovoy@redhat.com> - 2.0.90-9
df343b2 
- Add libipa_hbac-python dependency for hbactest plugin
34c9a74
df343b2 
* Thu Jul 28 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-8
df343b2 
- Set min nvr of pki-ca to 9.0.10 on F-15+ to pick up updated
df343b2 
  caIPAserviceCert.cfg profile
df343b2
df343b2 
* Wed Jul 20 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-7
df343b2 
- Make cyrus-sasl-gssapi requires arch-specific
df343b2
df343b2 
* Thu Jul 14 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-6
df343b2 
- Add ipa-csreplica-manage tool.
df343b2
df343b2 
* Wed Jul  6 2011 Adam Young <ayoung@redhat.com> - 2.0.90-5
df343b2 
- Add HTML file describing issues with HBAC deny rules
df343b2
df343b2 
* Fri Jun 17 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-4
df343b2 
- Ship ipa-ca-install utility
df343b2
df343b2 
* Thu May 12 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-3
df343b2 
- Set min nvr of selinux-policy to 3.9.16-18 on F-15+
df343b2 
- Set min nvr of pki-ca to 9.0.7 on F-15+
df343b2
df343b2 
* Thu May  5 2011 Martin Kosek <mkosek@redhat.com> - 2.0.90-2
df343b2 
- Add BuildRequires on pylint, python-rhsm to enable a build with enforced
df343b2 
  pylint check
df343b2
df343b2 
* Tue May  3 2011 Rob Crittenden <rcritten@redhat.com> - 2.0.90-1
df343b2 
- Bump version to 2.0.90
df343b2
df343b2 
* Tue Apr  5 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-47
df343b2 
- Set min version of 389-ds-base to 1.2.8.0-1 for fix in BZ 693466.
df343b2
df343b2 
* Thu Mar 17 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-46
df343b2 
- Automatically apply updates when the package is upgraded.
df343b2
df343b2 
* Thu Feb 17 2011 Jakub Hrozek <jhrozek@redhat.com> - 1.99-45
df343b2 
- Set minimum version of python-nss to 0.11 to make sure IPv6 support is in
df343b2
df343b2 
* Wed Feb  9 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-44
df343b2 
- Set minimum version of sssd to 1.5.1
df343b2
df343b2 
* Thu Feb  2 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-43
2bb258d 
- Set min version of 389-ds-base to 1.2.8
2bb258d 
- Set min version of mod_nss 1.0.8-10
2bb258d 
- Set min version of selinux-policy to 3.9.7-27
ce15e9e
df343b2 
* Thu Jan 27 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-42
df343b2 
- Apply changes discovered in Fedora package review process (#672986)
ce15e9e
ce15e9e 
* Tue Jan 25 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-41
ce15e9e 
- Re-arrange doc and defattr to clean up rpmlint warnings
ce15e9e 
- Remove conditionals on older releases
ce15e9e 
- Move some man pages into admintools subpackage
ce15e9e 
- Remove some explicit Requires in client that aren't needed
ce15e9e 
- Consistent use of buildroot vs RPM_BUILD_ROOT
ce15e9e
ce15e9e 
* Thu Jan 19 2011 Adam Young <ayoung@redhat.com> - 1.99-40
ce15e9e 
- Moved directory install/static to install/ui
ce15e9e
ce15e9e 
* Thu Jan 13 2011 Simo Sorce <ssorce@redhat.com> - 1.99-39
ce15e9e 
- Remove dependency on nss_ldap/nss-pam-ldapd
ce15e9e 
- The official client is sssd and that's what we use by default.
ce15e9e
ce15e9e 
* Thu Jan 13 2011 Simo Sorce <ssorce@redhat.com> - 1.99-38
ce15e9e 
- Remove radius subpackages
ce15e9e
ce15e9e 
* Thu Jan 13 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-37
ce15e9e 
- Set minimum pki-ca and pki-silent versions to 9.0.0
ce15e9e
ce15e9e 
* Wed Jan 12 2011 Rob Crittenden <rcritten@redhat.com> - 1.99-36
ce15e9e 
- Drop BuildRequires on mozldap-devel
ce15e9e
ce15e9e 
* Mon Dec 13 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-35
ce15e9e 
- Add Requires on krb5-pkinit-openssl
ce15e9e
ce15e9e 
* Fri Dec 10 2010 Jr Aquino <jr.aquino@citrix.com> - 1.99-34
ce15e9e 
- Add ipa-host-net-manage script
ce15e9e
ce15e9e 
* Tue Dec  7 2010 Simo Sorce <ssorce@redhat.com> - 1.99-33
ce15e9e 
- Add ipa init script
ce15e9e
ce15e9e 
* Fri Nov 19 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-32
ce15e9e 
- Set minimum level of 389-ds-base to 1.2.7 for enhanced memberof plugin
ce15e9e
ce15e9e 
* Wed Nov  3 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-31
ce15e9e 
- remove ipa-fix-CVE-2008-3274
ce15e9e
ce15e9e 
* Wed Oct  6 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-30
ce15e9e 
- Remove duplicate %%files entries on share/ipa/static
ce15e9e 
- Add python default encoding shared library
ce15e9e
ce15e9e 
* Mon Sep 20 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-29
ce15e9e 
- Drop requires on python-configobj (not used any more)
ce15e9e 
- Drop ipa-ldap-updater message, upgrades are done differently now
ce15e9e
ce15e9e 
* Wed Sep  8 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-28
ce15e9e 
- Drop conflicts on mod_nss
ce15e9e 
- Require nss-pam-ldapd on F-14 or higher instead of nss_ldap (#606847)
ce15e9e 
- Drop a slew of conditionals on older Fedora releases (< 12)
ce15e9e 
- Add a few conditionals against RHEL 6
ce15e9e 
- Add Requires of nss-tools on ipa-client
ce15e9e
ce15e9e 
* Fri Aug 13 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-27
ce15e9e 
- Set minimum version of certmonger to 0.26 (to pck up #621670)
ce15e9e 
- Set minimum version of pki-silent to 1.3.4 (adds -key_algorithm)
ce15e9e 
- Set minimum version of pki-ca to 1.3.6
ce15e9e 
- Set minimum version of sssd to 1.2.1
ce15e9e
ce15e9e 
* Tue Aug 10 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-26
ce15e9e 
- Add BuildRequires for authconfig
ce15e9e
ce15e9e 
* Mon Jul 19 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-25
ce15e9e 
- Bump up minimum version of python-nss to pick up nss_is_initialize() API
ce15e9e
ce15e9e 
* Thu Jun 24 2010 Adam Young <ayoung@redhat.com> - 1.99-24
ce15e9e 
- Removed python-asset based webui
ce15e9e
ce15e9e 
* Thu Jun 24 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-23
ce15e9e 
- Change Requires from fedora-ds-base to 389-ds-base
ce15e9e 
- Set minimum level of 389-ds-base to 1.2.6 for the replication
ce15e9e 
  version plugin.
ce15e9e
ce15e9e 
* Tue Jun  1 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-22
ce15e9e 
- Drop Requires of python-krbV on ipa-client
ce15e9e
ce15e9e 
* Mon May 17 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-21
ce15e9e 
- Load ipa_dogtag.pp in post install
ce15e9e
ce15e9e 
* Mon Apr 26 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-20
ce15e9e 
- Set minimum level of sssd to 1.1.1 to pull in required hbac fixes.
ce15e9e
ce15e9e 
* Thu Mar  4 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-19
ce15e9e 
- No need to create /var/log/ipa_error.log since we aren't using
ce15e9e 
  TurboGears any more.
ce15e9e
ce15e9e 
* Mon Mar 1 2010 Jason Gerard DeRose <jderose@redhat.com> - 1.99-18
ce15e9e 
- Fixed share/ipa/wsgi.py so .pyc, .pyo files are included
ce15e9e
ce15e9e 
* Wed Feb 24 2010 Jason Gerard DeRose <jderose@redhat.com> - 1.99-17
ce15e9e 
- Added Require mod_wsgi, added share/ipa/wsgi.py
ce15e9e
ce15e9e 
* Thu Feb 11 2010 Jason Gerard DeRose <jderose@redhat.com> - 1.99-16
ce15e9e 
- Require python-wehjit >= 0.2.2
ce15e9e
ce15e9e 
* Wed Feb  3 2010 Rob Crittenden <rcritten@redhat.com> - 1.99-15
ce15e9e 
- Add sssd and certmonger as a Requires on ipa-client
ce15e9e
ce15e9e 
* Wed Jan 27 2010 Jason Gerard DeRose <jderose@redhat.com> - 1.99-14
ce15e9e 
- Require python-wehjit >= 0.2.0
ce15e9e
ce15e9e 
* Fri Dec  4 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-13
ce15e9e 
- Add ipa-rmkeytab tool
ce15e9e
ce15e9e 
* Tue Dec  1 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-12
ce15e9e 
- Set minimum of python-pyasn1 to 0.0.9a so we have support for the ASN.1
ce15e9e 
  Any type
ce15e9e
ce15e9e 
* Wed Nov 25 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-11
ce15e9e 
- Remove v1-style /etc/ipa/ipa.conf, replacing with /etc/ipa/default.conf
ce15e9e
ce15e9e 
* Fri Nov 13 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-10
ce15e9e 
- Add bash completion script and own /etc/bash_completion.d in case it
ce15e9e 
  doesn't already exist
ce15e9e
ce15e9e 
* Tue Nov  3 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-9
ce15e9e 
- Remove ipa_webgui, its functions rolled into ipa_httpd
ce15e9e
ce15e9e 
* Mon Oct 12 2009 Jason Gerard DeRose <jderose@redhat.com> - 1.99-8
ce15e9e 
- Removed python-cherrypy from BuildRequires and Requires
ce15e9e 
- Added Requires python-assets, python-wehjit
ce15e9e
ce15e9e 
* Mon Aug 24 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-7
ce15e9e 
- Added httpd SELinux policy so CRLs can be read
ce15e9e
ce15e9e 
* Thu May 21 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-6
ce15e9e 
- Move ipalib to ipa-python subpackage
ce15e9e 
- Bump minimum version of slapi-nis to 0.15
ce15e9e
ce15e9e 
* Thu May  6 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-5
ce15e9e 
- Set 0.14 as minimum version for slapi-nis
ce15e9e
ce15e9e 
* Wed Apr 22 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-4
ce15e9e 
- Add Requires: python-nss to ipa-python sub-package
ce15e9e
ce15e9e 
* Thu Mar  5 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-3
ce15e9e 
- Remove the IPA DNA plugin, use the DS one
ce15e9e
ce15e9e 
* Wed Mar  4 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-2
ce15e9e 
- Build radius separately
ce15e9e 
- Fix a few minor issues
ce15e9e
ce15e9e 
* Tue Feb  3 2009 Rob Crittenden <rcritten@redhat.com> - 1.99-1
ce15e9e 
- Replace TurboGears requirement with python-cherrypy
ce15e9e
ce15e9e 
* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 1.2.1-3
ce15e9e 
- rebuild with new openssl
ce15e9e
ce15e9e 
* Fri Dec 19 2008 Dan Walsh <dwalsh@redhat.com> - 1.2.1-2
ce15e9e 
- Fix SELinux code
ce15e9e
ce15e9e 
* Mon Dec 15 2008 Simo Sorce <ssorce@redhat.com> - 1.2.1-1
ce15e9e 
- Fix breakage caused by python-kerberos update to 1.1
ce15e9e
ce15e9e 
* Fri Dec 5 2008 Simo Sorce <ssorce@redhat.com> - 1.2.1-0
ce15e9e 
- New upstream release 1.2.1
ce15e9e
ce15e9e 
* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 1.2.0-4
ce15e9e 
- Rebuild for Python 2.6
ce15e9e
ce15e9e 
* Fri Nov 14 2008 Simo Sorce <ssorce@redhat.com> - 1.2.0-3
ce15e9e 
- Respin after the tarball has been re-released upstream
ce15e9e 
  New hash is 506c9c92dcaf9f227cba5030e999f177
ce15e9e
ce15e9e 
* Thu Nov 13 2008 Simo Sorce <ssorce@redhat.com> - 1.2.0-2
ce15e9e 
- Conditionally restart also dirsrv and httpd when upgrading
ce15e9e
ce15e9e 
* Wed Oct 29 2008 Rob Crittenden <rcritten@redhat.com> - 1.2.0-1
ce15e9e 
- Update to upstream version 1.2.0
ce15e9e 
- Set fedora-ds-base minimum version to 1.1.3 for winsync header
ce15e9e 
- Set the minimum version for SELinux policy
ce15e9e 
- Remove references to Fedora 7
ce15e9e
ce15e9e 
* Wed Jul 23 2008 Simo Sorce <ssorce@redhat.com> - 1.1.0-3
ce15e9e 
- Fix for CVE-2008-3274
ce15e9e 
- Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface
ce15e9e 
- Add fix for bug #453185
ce15e9e 
- Rebuild against openldap libraries, mozldap ones do not work properly
ce15e9e 
- TurboGears is currently broken in rawhide. Added patch to not build
ce15e9e 
  the UI locales and removed them from the ipa-server files section.
ce15e9e
ce15e9e 
* Wed Jun 18 2008 Rob Crittenden <rcritten@redhat.com> - 1.1.0-2
ce15e9e 
- Add call to /usr/sbin/upgradeconfig to post install
ce15e9e
ce15e9e 
* Wed Jun 11 2008 Rob Crittenden <rcritten@redhat.com> - 1.1.0-1
ce15e9e 
- Update to upstream version 1.1.0
ce15e9e 
- Patch for indexing memberof attribute
ce15e9e 
- Patch for indexing uidnumber and gidnumber
ce15e9e 
- Patch to change DNA default values for replicas
ce15e9e 
- Patch to fix uninitialized variable in ipa-getkeytab
ce15e9e
ce15e9e 
* Fri May 16 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-5
ce15e9e 
- Set fedora-ds-base minimum version to 1.1.0.1-4 and mod_nss minimum
ce15e9e 
  version to 1.0.7-4 so we pick up the NSS fixes.
ce15e9e 
- Add selinux-policy-base(post) to Requires (446496)
ce15e9e
ce15e9e 
* Tue Apr 29 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-4
ce15e9e 
- Add missing entry for /var/cache/ipa/kpasswd (444624)
ce15e9e 
- Added patch to fix permissions problems with the Apache NSS database.
ce15e9e 
- Added patch to fix problem with DNS querying where the query could be
ce15e9e 
  returned as the answer.
ce15e9e 
- Fix spec error where patch1 was in the wrong section
ce15e9e
ce15e9e 
* Fri Apr 25 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-3
ce15e9e 
- Added patch to fix problem reported by ldapmodify
ce15e9e
ce15e9e 
* Fri Apr 25 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-2
ce15e9e 
- Fix Requires for krb5-server that was missing for Fedora versions > 9
ce15e9e 
- Remove quotes around test for fedora version to package egg-info
ce15e9e
ce15e9e 
* Fri Apr 18 2008 Rob Crittenden <rcritten@redhat.com> - 1.0.0-1
ce15e9e 
- Update to upstream version 1.0.0
ce15e9e
ce15e9e 
* Tue Mar 18 2008 Rob Crittenden <rcritten@redhat.com> 0.99-12
ce15e9e 
- Pull upstream changelog 722
ce15e9e 
- Add Conflicts mod_ssl (435360)
ce15e9e
ce15e9e 
* Thu Feb 29 2008 Rob Crittenden <rcritten@redhat.com> 0.99-11
ce15e9e 
- Pull upstream changelog 698
ce15e9e 
- Fix ownership of /var/log/ipa_error.log during install (435119)
ce15e9e 
- Add pwpolicy command and man page
ce15e9e
ce15e9e 
* Thu Feb 21 2008 Rob Crittenden <rcritten@redhat.com> 0.99-10
ce15e9e 
- Pull upstream changelog 678
ce15e9e 
- Add new subpackage, ipa-server-selinux
ce15e9e 
- Add Requires: authconfig to ipa-python (bz #433747)
ce15e9e 
- Package i18n files
ce15e9e
ce15e9e 
* Mon Feb 18 2008 Rob Crittenden <rcritten@redhat.com> 0.99-9
ce15e9e 
- Pull upstream changelog 641
ce15e9e 
- Require minimum version of krb5-server on F-7 and F-8
ce15e9e 
- Package some new files
ce15e9e
ce15e9e 
* Thu Jan 31 2008 Rob Crittenden <rcritten@redhat.com> 0.99-8
ce15e9e 
- Marked with wrong license. IPA is GPLv2.
ce15e9e
ce15e9e 
* Tue Jan 29 2008 Rob Crittenden <rcritten@redhat.com> 0.99-7
ce15e9e 
- Ensure that /etc/ipa exists before moving user-modifiable html files there
ce15e9e 
- Put html files into /etc/ipa/html instead of /etc/ipa
ce15e9e
ce15e9e 
* Tue Jan 29 2008 Rob Crittenden <rcritten@redhat.com> 0.99-6
ce15e9e 
- Pull upstream changelog 608 which renamed several files
ce15e9e
ce15e9e 
* Thu Jan 24 2008 Rob Crittenden <rcritten@redhat.com> 0.99-5
ce15e9e 
- package the sessions dir /var/cache/ipa/sessions
ce15e9e 
- Pull upstream changelog 597
ce15e9e
ce15e9e 
* Thu Jan 24 2008 Rob Crittenden <rcritten@redhat.com> 0.99-4
ce15e9e 
- Updated upstream pull (596) to fix bug in ipa_webgui that was causing the
ce15e9e 
  UI to not start.
ce15e9e
ce15e9e 
* Thu Jan 24 2008 Rob Crittenden <rcritten@redhat.com> 0.99-3
ce15e9e 
- Included LICENSE and README in all packages for documentation
ce15e9e 
- Move user-modifiable content to /etc/ipa and linked back to
ce15e9e 
  /usr/share/ipa/html
ce15e9e 
- Changed some references to /usr to the {_usr} macro and /etc
ce15e9e 
  to {_sysconfdir}
ce15e9e 
- Added popt-devel to BuildRequires for Fedora 8 and higher and
ce15e9e 
  popt for Fedora 7
ce15e9e 
- Package the egg-info for Fedora 9 and higher for ipa-python
ce15e9e
ce15e9e 
* Tue Jan 22 2008 Rob Crittenden <rcritten@redhat.com> 0.99-2
ce15e9e 
- Added auto* BuildRequires
ce15e9e
ce15e9e 
* Mon Jan 21 2008 Rob Crittenden <rcritten@redhat.com> 0.99-1
ce15e9e 
- Unified spec file
ce15e9e
ce15e9e 
* Thu Jan 17 2008 Rob Crittenden <rcritten@redhat.com> - 0.6.0-2
ce15e9e 
- Fixed License in specfile
ce15e9e 
- Include files from /usr/lib/python*/site-packages/ipaserver
ce15e9e
ce15e9e 
* Fri Dec 21 2007 Karl MacMillan <kmacmill@redhat.com> - 0.6.0-1
ce15e9e 
- Version bump for release
ce15e9e
ce15e9e 
* Wed Nov 21 2007 Karl MacMillan <kmacmill@mentalrootkit.com> - 0.5.0-1
ce15e9e 
- Preverse mode on ipa-keytab-util
ce15e9e 
- Version bump for relase and rpm name change
ce15e9e
ce15e9e 
* Thu Nov 15 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.1-2
ce15e9e 
- Broke invididual Requires and BuildRequires onto separate lines and
ce15e9e 
  reordered them
ce15e9e 
- Added python-tgexpandingformwidget as a dependency
ce15e9e 
- Require at least fedora-ds-base 1.1
ce15e9e
ce15e9e 
* Thu Nov  1 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.1-1
ce15e9e 
- Version bump for release
ce15e9e
ce15e9e 
* Wed Oct 31 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-6
ce15e9e 
- Add dep for freeipa-admintools and acl
ce15e9e
ce15e9e 
* Wed Oct 24 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-5
ce15e9e 
- Add dependency for python-krbV
ce15e9e
ce15e9e 
* Fri Oct 19 2007 Rob Crittenden <rcritten@redhat.com> - 0.4.0-4
ce15e9e 
- Require mod_nss-1.0.7-2 for mod_proxy fixes
ce15e9e
ce15e9e 
* Thu Oct 18 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-3
ce15e9e 
- Convert to autotools-based build
ce15e9e
ce15e9e 
* Tue Sep 25 2007 Karl MacMillan <kmacmill@redhat.com> - 0.4.0-2
ce15e9e
ce15e9e 
* Fri Sep 7 2007 Karl MacMillan <kmacmill@redhat.com> - 0.3.0-1
ce15e9e 
- Added support for libipa-dna-plugin
ce15e9e
ce15e9e 
* Fri Aug 10 2007 Karl MacMillan <kmacmill@redhat.com> - 0.2.0-1
ce15e9e 
- Added support for ipa_kpasswd and ipa_pwd_extop
ce15e9e
ce15e9e 
* Mon Aug  5 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-3
ce15e9e 
- Abstracted client class to work directly or over RPC
ce15e9e
ce15e9e 
* Wed Aug  1 2007 Rob Crittenden <rcritten@redhat.com> - 0.1.0-2
ce15e9e 
- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires
ce15e9e 
- Remove references to admin server in ipa-server-setupssl
ce15e9e 
- Generate a client certificate for the XML-RPC server to connect to LDAP with
ce15e9e 
- Create a keytab for Apache
ce15e9e 
- Create an ldif with a test user
ce15e9e 
- Provide a certmap.conf for doing SSL client authentication
ce15e9e
ce15e9e 
* Fri Jul 27 2007 Karl MacMillan <kmacmill@redhat.com> - 0.1.0-1
ce15e9e 
- Initial rpm version
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.