diff --git a/.cvsignore b/.cvsignore index 0c6cf62..6c3a7f8 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -authconfig-5.3.13.tar.bz2 +authconfig-5.3.14.tar.bz2 diff --git a/authconfig-5.3.13-locauthorize-default.patch b/authconfig-5.3.13-locauthorize-default.patch deleted file mode 100644 index 89c7993..0000000 --- a/authconfig-5.3.13-locauthorize-default.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- authconfig-5.3.13/authconfig.py.locauthorize 2006-10-20 20:09:34.000000000 +0200 -+++ authconfig-5.3.13/authconfig.py 2007-05-04 15:25:06.000000000 +0200 -@@ -253,6 +253,8 @@ - self.info = authinfo.read(self.printError) - # FIXME: what about printing critical errors reading individual configs? - self.pristineinfo = self.info.copy() -+ if self.info.enableLocAuthorize == None: -+ self.info.enableLocAuthorize = True # ON by default - - def testAvailableSubsys(self): - self.nis_avail = (os.access(authinfo.PATH_YPBIND, os.X_OK) and ---- authconfig-5.3.13/authconfig-gtk.py.locauthorize 2006-08-24 21:22:17.000000000 +0200 -+++ authconfig-5.3.13/authconfig-gtk.py 2007-05-04 15:27:45.000000000 +0200 -@@ -177,6 +177,8 @@ - } - self.info = authinfo.read(self.message_callback) - self.pristineinfo = self.info.copy() -+ if self.info.enableLocAuthorize == None: -+ self.info.enableLocAuthorize = True # ON by default - return - - def destroy_widget(self, button, widget): diff --git a/authconfig-5.3.13-nisdomain.patch b/authconfig-5.3.13-nisdomain.patch deleted file mode 100644 index e355bcf..0000000 --- a/authconfig-5.3.13-nisdomain.patch +++ /dev/null @@ -1,34 +0,0 @@ ---- authconfig-5.3.13/authinfo.py.nisdomain 2007-03-19 20:32:42.000000000 +0100 -+++ authconfig-5.3.13/authinfo.py 2007-04-11 09:40:48.000000000 +0200 -@@ -834,9 +834,8 @@ - value = value.split(None, 1) - if len(value) < 1: - continue -- if self.nisLocalDomain and value[0] != self.nisLocalDomain: -+ if value[0] != self.nisLocalDomain: - continue -- self.nisDomain = value[0] - if len(value) < 2: - continue - value = value[1] -@@ -847,10 +846,6 @@ - self.nisServer = commaAppend(self.nisServer, value) - - f.close() -- if self.nisLocalDomain and not self.nisDomain: -- self.nisDomain = self.nisLocalDomain -- if self.nisDomain and not self.nisLocalDomain: -- self.nisLocalDomain = self.nisDomain - return True - - def ldapHostsToURIs(self, s): -@@ -1380,6 +1375,9 @@ - - shv.close() - -+ if self.nisLocalDomain: -+ self.nisDomain = self.nisLocalDomain -+ - return True - - # Compare two authInfoType structures and return True if they have any diff --git a/authconfig-5.3.13-nssldap-path.patch b/authconfig-5.3.13-nssldap-path.patch deleted file mode 100644 index 231e0d3..0000000 --- a/authconfig-5.3.13-nssldap-path.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- authconfig-5.3.13/authinfo.py.nssldap-path 2006-12-12 21:13:51.000000000 +0100 -+++ authconfig-5.3.13/authinfo.py 2007-03-19 20:27:39.000000000 +0100 -@@ -69,7 +69,7 @@ - PATH_SCSETUP = "/usr/bin/pkcs11_setup" - - PATH_LIBNSS_DB = LIBDIR + "/libnss_db.so.2" --PATH_LIBNSS_LDAP = LIBDIR + "/libnss_ldap.so.2" -+PATH_LIBNSS_LDAP = "/usr" + LIBDIR + "/libnss_ldap.so.2" - PATH_LIBNSS_NIS = LIBDIR + "/libnss_nis.so.2" - PATH_LIBNSS_HESIOD = LIBDIR + "/libnss_hesiod.so.2" - PATH_LIBNSS_ODBCBIND = LIBDIR + "/libnss_odbcbind.so.2" diff --git a/authconfig.spec b/authconfig.spec index be16f00..f2225e3 100644 --- a/authconfig.spec +++ b/authconfig.spec @@ -1,9 +1,9 @@ Summary: Command line tool for setting up authentication from network services Name: authconfig -Version: 5.3.13 +Version: 5.3.14 # Don't change release in elvis CVS, up version after merging all patches # from dist CVS instead. -Release: 4%{?dist} +Release: 1%{?dist} License: GPL ExclusiveOS: Linux Group: System Environment/Base @@ -12,17 +12,12 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) URL: http://rhlinux.redhat.com/ # The project doesn't have http site with downloadable tarballs yet. Source: %{name}-%{version}.tar.bz2 -Requires: rhpl, newt, pam >= 0.99.6.2, usermode -Requires: python >= %(%{__python} -c "import sys; print sys.version[:3]" || echo 2.3) +Requires: rhpl, newt, pam >= 0.99.6.2, usermode, python Conflicts: pam_krb5 < 1.49, samba-common < 3.0, samba-client < 3.0 Conflicts: nss_ldap < 254 BuildRequires: glib2-devel, python, python-devel BuildRequires: desktop-file-utils, intltool, gettext, perl-XML-Parser -Patch1: authconfig-5.3.13-nssldap-path.patch -Patch2: authconfig-5.3.13-nisdomain.patch -Patch3: authconfig-5.3.13-locauthorize-default.patch - %description Authconfig is a command line utility which can configure a workstation to use shadow (more secure) passwords. Authconfig can also configure a @@ -43,9 +38,6 @@ authentication schemes. %prep %setup -q -n %{name}-%{version} -%patch1 -p1 -b .nssldap-path -%patch2 -p1 -b .nisdomain -%patch3 -p1 -b .locauthorize %build CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS @@ -106,6 +98,14 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/pixmaps/* %changelog +* Tue Jun 12 2007 Tomas Mraz - 5.3.14-1 +- authconfig.8 synopsis fixed (patch by Eric Raymond) (#220574) +- drop explicit requirement on python version as it is now + generated automatically +- improve writing /etc/samba/smb.conf (based on patch by + Simo Sorce) +- merge changes upstream + * Fri May 4 2007 Tomas Mraz - 5.3.13-4 - local nis domain is obtained from sysconfig/network (#235927) - set "local authorization is sufficient" on by default @@ -568,314 +568,3 @@ rm -rf $RPM_BUILD_ROOT - move post code to the back-end - add a libglade GUI in a -gtk subpackage - set up to use userhelper - -* Tue Nov 27 2001 Nalin Dahyabhai -- remove pam_winbind from the list of session modules, because it doesn't - provide a session-management interface - -* Mon Sep 24 2001 Nalin Dahyabhai 4.1.20-1 -- make pam_localuser sufficient after pam_unix in account management, to allow - local users in even if network connections to the LDAP directory are down (the - network users should fail when pam_ldap returns a system error) - -* Thu Sep 6 2001 Nalin Dahyabhai 4.1.19-1 -- translation refresh - -* Tue Aug 28 2001 Nalin Dahyabhai -- fix assertion error hitting glib (#51798) -- allow multiple ldap servers to be specified (#49864) - -* Fri Aug 24 2001 Nalin Dahyabhai 4.1.18-1 -- pam_ldap shouldn't be a mandatory module (#52531) -- refresh translations - -* Thu Aug 23 2001 Nalin Dahyabhai 4.1.17-1 -- make pam_ldap required for account management when ldapauth is enabled - (this requires pam_ldap 114 or later, but simplifies things) -- more translation updates - -* Wed Aug 22 2001 Nalin Dahyabhai 4.1.16-1 -- warn about nscd the same way we do about nss_ldap and pam_krb5 -- reorder some internal code so that it's easier to maintain -- change help string about the --probe option to make it clearer that using - it doesn't actually set any options -- update translations from CVS - -* Tue Aug 21 2001 Nalin Dahyabhai 4.1.15-1 -- set "pam_password md5" instead of "pam_password crypt" in ldap.conf if MD5 - is enabled - -* Mon Aug 20 2001 Nalin Dahyabhai 4.1.14-1 -- right justify labels, and remove padding - -* Fri Aug 17 2001 Nalin Dahyabhai -- update translations from CVS, fixing #51873 - -* Thu Aug 16 2001 Nalin Dahyabhai -- set "pam_password crypt" in ldap.conf if not previously set -- update translations - -* Mon Aug 6 2001 Nalin Dahyabhai -- don't mess with krb4 config files if we have no realm -- update translations - -* Mon Jul 30 2001 Nalin Dahyabhai -- use USESHADOW, USENIS, USEHESIOD, and USESMBAUTH variables to - /etc/sysconfig/authconfig -- update translations - -* Mon Jul 9 2001 Nalin Dahyabhai -- add "type=" to the list of arguments set up for pam_cracklib -- also modify /etc/krb.conf when configuring Kerberos (for compatibility) -- add --enablecache and --disablecache, which duplicates some of ntsysv's - functionality, but it belongs here, too -- bravely try to carry on if bad options are passed in during kickstart - -* Mon Jun 25 2001 Nalin Dahyabhai -- fix man page reference to file (/etc/sysconfig/authconfig, not auth) (#43344) -- own /etc/sysconfig/authconfig (#43344) -- fix spelling errors in Japanese message files (#15984) - -* Tue Jun 12 2001 Nalin Dahyabhai -- rename --{enable,disable}smb to --{enable,disable}smbauth - -* Thu May 31 2001 Nalin Dahyabhai -- add --probe option to guess at LDAP and Kerberos configuration using DNS -- add preliminary support for SMB authentication - -* Wed Feb 14 2001 Preston Brown -- final translation update. -- langify - -* Mon Feb 12 2001 Nalin Dahyabhai -- errors connecting to LDAP also trigger service_err returns, so ignore on - those as well - -* Fri Feb 9 2001 Nalin Dahyabhai -- handle the case where the user doesn't specify a Kerberos realm, but - enables it anyway -- update translations - -* Wed Feb 7 2001 Nalin Dahyabhai -- remove pam_access from the default configuration -- swat, pop, imap, etc. - don't define a tty and pam_access bails if one isn't set - -* Tue Feb 6 2001 Nalin Dahyabhai -- ignore on errors connecting to LDAP servers when doing LDAP account mgmt - (probably less secure, but it allows root to log in when a wrong server - name has been specified or the server is down) - -* Mon Feb 5 2001 Nalin Dahyabhai -- make account management in system-auth be an AND operation, but ignore - user_unknown status for pam_ldap account management so that local root - can log in (#26029) -- add pam_access and pam_env (#16170) to default configuration - -* Tue Jan 24 2001 Preston Brown -- final translation update before Beta - -* Tue Jan 24 2001 Nalin Dahyabhai -- update translations -- make the entry fields on the second screen just a *little* bit smaller - -* Fri Jan 12 2001 Nalin Dahyabhai -- really fix #23016 this time -- add buildprereqs on pam-devel, newt-devel, and glib-devel - -* Wed Jan 10 2001 Nalin Dahyabhai -- match nss_ldap change of flag definitions for "ssl" flag ("on"=>"start_tls") -- change the "nothing-enabled" default so that we don't mistakenly think that - NIS is enabled later on when it isn't supposed to be (#23327) -- only enable LDAP-related entry stuff on the appropriate screens (#23328) - -* Sat Dec 30 2000 Nalin Dahyabhai -- make the copyright message translateable (#23016) - -* Fri Dec 29 2000 Nalin Dahyabhai -- split the one big help message into multiple help messages (#23017) - -* Wed Dec 12 2000 Nalin Dahyabhai -- don't write out configuration files for NIS, LDAP, Kerberos, Hesiod unless - they're enabled when the user quits (we always write NSS, PAM, network) - -* Fri Dec 8 2000 Nalin Dahyabhai -- make the internal code reflect the external use of "tls" instead of "ssl" - -* Thu Dec 7 2000 Nalin Dahyabhai -- add support for toggling TLS on and off in /etc/ldap.conf - -* Wed Nov 29 2000 Nalin Dahyabhai -- don't bother with USESHADOW; testing for /etc/shadow is sufficient -- use newtGrids to make NLS text fit (mostly) -- also edit "hosts:" to make sure it's there if nsswitch.conf is gone or broken -- preserve use of "db" and "nisplus" sources, even though we don't set them up - -* Mon Nov 27 2000 Nalin Dahyabhai -- add the "nis" flag to pam_unix when NIS is enabled - -* Wed Oct 4 2000 Nalin Dahyabhai -- read/write to /etc/syconfig/authconfig for PAM setup information - -* Tue Aug 29 2000 Nalin Dahyabhai -- don't set "shadow" or "md5" for authentication with pam_unix, they're - not needed (remove for clarity) -- add an authInfoCopy() routine to authinfo.c - -* Mon Aug 28 2000 Nalin Dahyabhai -- edit /etc/openldap/ldap.conf in addition to /etc/ldap.conf - -* Thu Aug 24 2000 Erik Troan -- updated it and es translations - -* Sun Aug 20 2000 Matt Wilson -- new translations - -* Wed Aug 9 2000 Nalin Dahyabhai -- merge in new translations - -* Tue Aug 8 2000 Nalin Dahyabhai -- add better error reporting for when Bill runs this on a read-only filesystem - -* Fri Aug 4 2000 Nalin Dahyabhai -- change nss order from (hesiod,ldap,nis) to (nis,ldap,hesiod) in case shadow - is in use -- kick nscd when we quit if it's running (and obey --nostart) - -* Mon Jul 31 2000 Nalin Dahyabhai -- silently support the broken_shadow and bigcrypt flags for pam_unix -- only shut down ypbind if /var/run/ypbind exists - -* Thu Jul 27 2000 Nalin Dahyabhai -- break some translations again - -* Wed Jul 26 2000 Matt Wilson -- new translations for de fr it es - -* Fri Jul 21 2000 Nalin Dahyabhai -- fix bug parsing NIS server names when there aren't any - -* Thu Jul 13 2000 Nalin Dahyabhai -- also modify the services, protocols, and automount in nsswitch.conf -- add netgroups, too (#13824) - -* Tue Jun 27 2000 Nalin Dahyabhai -- add --disable options -- try to not mess with ypbind if it isn't installed - -* Tue Jun 20 2000 Nalin Dahyabhai -- tweak chkconfig magic for ypbind to work better -- turn on portmap when ypbind is enabled - -* Mon Jun 19 2000 Nalin Dahyabhai -- only do chkconfig magic on ypbind if the ypbind init script exists - -* Tue Jun 13 2000 Nalin Dahyabhai -- fix multiple-blank-line problem -- verify that NISDOMAIN is recorded properly in /etc/sysconfig/network - -* Sat Jun 10 2000 Nalin Dahyabhai -- add calls to pam_limits in shared session stack - -* Wed Jun 7 2000 Nalin Dahyabhai -- fix multiple realms section bug -- close all files we open -- bail on errors, even when we can see the file -- use RPM_OPT_FLAGS -- support multiple NIS servers -- warn if needed files aren't there - -* Mon Jun 5 2000 Nalin Dahyabhai -- fix for false-matching beginnings of realm subsections -- FHS fixes - -* Thu Jun 1 2000 Nalin Dahyabhai -- move default system-auth configuration to pam package - -* Wed May 31 2000 Nalin Dahyabhai -- add default system-auth configuration - -* Tue May 30 2000 Nalin Dahyabhai -- fix the uncommented comment problem -- pam_krb5 doesn't provide account management -- base DN can have spaces in it -- use pam_krb5afs for krb5 if /afs is readable -- add the tokens flag to pam_krb5afs -- break (user info and auth setup) into two screens - -* Fri May 26 2000 Nalin Dahyabhai -- finish LDAP support -- add Kerberos 5 support -- add Hesiod support -- migrate PAM config file logic to new method - -* Wed Mar 08 2000 Cristian Gafton -- rebuild for release - -* Wed Feb 16 2000 Preston Brown -- disable LDAP, update man page. - -* Thu Feb 03 2000 Preston Brown -- beginning of /etc/pam.d writing, better man page, broadcast on by default. -- strip man page. - -* Tue Jan 11 2000 Preston Brown -- support for LDAP authentication added. - -* Tue Sep 21 1999 Matt Wilson -- updated man page - -* Mon Sep 20 1999 Matt Wilson -- set up shadowed /etc/group - -* Mon Aug 2 1999 Matt Wilson -- rebuilt against newt 0.50 - -* Mon Apr 19 1999 Cristian Gafton -- release for Red Hat Linux 6.0 - -* Thu Apr 01 1999 Preston Brown -- don't report errors about NIS fields not being filled in if not enabled - -* Fri Mar 26 1999 Preston Brown -- fix typo -- change domainname at nis start and stop - -* Tue Mar 23 1999 Preston Brown -- fixed man page - -* Wed Mar 17 1999 Matt Wilson -- fixed rewriting /etc/yp.conf -- restarts ypbind so that new changes take effect - -* Mon Mar 15 1999 Matt Wilson -- just make the NIS part of configuration grayed out if NIS is not installed - -* Tue Mar 09 1999 Preston Brown -- static buffer sizes increased. - -* Tue Mar 9 1999 Matt Wilson -- removed build opts because of problems on alpha - -* Mon Feb 8 1999 Matt Wilson -- Don't rewrite ypbind.conf if you're not configuring NIS - -* Mon Feb 8 1999 Matt Wilson -- Don't configure NIS if /etc/ypbind.conf does not exist. - -* Sat Feb 6 1999 Matt Wilson -- changed "/sbin/chkconfig --add ypbind" to - "/sbin/chkconfig --level 345 ypbind on" -- added checks for null nis domains and servers if nis is enabled or if - not using broadcast. -- added newt entry filter for spaces in domains - -* Sat Feb 6 1999 Matt Wilson -- changed command line options to match user interface -- added --help - -* Thu Feb 4 1999 Matt Wilson -- Rewrote UI to handle geometry management properly -- MD5 passwords do not require shadow passwords, so made them independent - -* Wed Feb 03 1999 Preston Brown -- initial spec file diff --git a/sources b/sources index 6256d1c..4d429e6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d2f98f924f76df14d69d3b2cd973d60e authconfig-5.3.13.tar.bz2 +8c9db597eb3cf639b431a0bf3d078ddd authconfig-5.3.14.tar.bz2