summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Cholasta2015-12-11 23:58:11 +0100
committerJan Cholasta2016-08-03 06:58:39 +0200
commit616b23b51bcbdb4a87be61397014d072cbc638f6 (patch)
tree92e38cb5e186077f94b608a31df18611b98a3d4a
parent090d2aac3e33f10f0039bf3b950e149523ccb9a2 (diff)
downloadaur-616b23b51bcbdb4a87be61397014d072cbc638f6.tar.gz
Update to 4.2.3
-rw-r--r--.SRCINFO130
-rw-r--r--.gitignore4
-rw-r--r--0001-Use-Arch-Linux-Paths.patch454
-rw-r--r--0002-Add-Arch-Linux-Platform.patch151
-rw-r--r--0003-Use-Python-2.patch657
-rw-r--r--0004-NTP-Fixes.patch38
-rw-r--r--0005-Fix-nss-includes.patch40
-rw-r--r--0006-Disable-make-testcert.patch24
-rw-r--r--0007-Fix-nosetests-path.patch25
-rw-r--r--PKGBUILD509
-rw-r--r--archlinux.patch376
-rw-r--r--freeipa-client.install60
-rw-r--r--install.freeipa47
-rw-r--r--install.freeipa-server34
-rwxr-xr-xsss-auth-setup.py2
15 files changed, 691 insertions, 1860 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 6bc1dd085b5..de610b774ce 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,85 +1,89 @@
pkgbase = freeipa
- pkgdesc = The Identity, Policy, and Audit system
- pkgver = 3.3.5
+ pkgdesc = The Identity, Policy and Audit system
+ pkgver = 4.2.3
pkgrel = 1
url = http://www.freeipa.org/
arch = i686
arch = x86_64
- license = GPL
- checkdepends = check
- checkdepends = python2-nose
- makedepends = curl
- makedepends = java-runtime>=7
- makedepends = krb5
- makedepends = libunistring
+ license = GPL3
makedepends = nspr
makedepends = nss
makedepends = openssl
makedepends = openldap
+ makedepends = krb5>=1.13
+ makedepends = libutil-linux
+ makedepends = curl>7.21.7
+ makedepends = xmlrpc-c>=1.27.4
makedepends = popt
makedepends = python2
- makedepends = python2-distribute
- makedepends = python2-dnspython
- makedepends = python2-kerberos
- makedepends = python2-krbv
makedepends = python2-ldap
- makedepends = python2-lxml
- makedepends = python2-memcached
- makedepends = python2-m2crypto
- makedepends = python2-netaddr
+ makedepends = python2-setuptools
+ makedepends = python2-krbv
makedepends = python2-nss
- makedepends = python2-polib
- makedepends = python2-pyasn1
- makedepends = python2-pylint
- makedepends = python2-pyopenssl
- makedepends = sssd
- makedepends = xmlrpc-c
- options = !libtool
- source = http://www.freeipa.org/downloads/src/freeipa-3.3.5.tar.gz
+ makedepends = python2-cryptography
+ makedepends = python2-netaddr
+ makedepends = python2-kerberos>=1.1
+ makedepends = sssd>=1.13.1
+ makedepends = python2-memcached
+ makedepends = python2-lxml
+ makedepends = python2-pyasn1>=0.0.9a
+ makedepends = python2-qrcode
+ makedepends = python2-dnspython>=1.11.1
+ makedepends = systemd
+ makedepends = libunistring
+ makedepends = python2-yubico>=1.2.3
+ source = http://freeipa.org/downloads/src/freeipa-4.2.3.tar.gz
source = sss-auth-setup.py
- source = 0001-Use-Arch-Linux-Paths.patch
- source = 0002-Add-Arch-Linux-Platform.patch
- source = 0003-Use-Python-2.patch
- source = 0004-NTP-Fixes.patch
- source = 0005-Fix-nss-includes.patch
- source = 0006-Disable-make-testcert.patch
- source = 0007-Fix-nosetests-path.patch
- sha512sums = 58325e7a619eeb0170dd32a648f22e50c0df2d7bc0a7609b6f0be3b8328890e5e027ba094fd4970ac063544b4d163f4e07ac62c1b358dba5246e148c2fd830b6
- sha512sums = 5f101692e311205b3706642c6f329459646aaa693683ab2d4847bd8a7f464ef99ec617b0422df8e25ec2a0dc3a68cd9bf54db4bb3013b84844df15160716adc8
- sha512sums = 604927b05f248c6ee8a42c87198a3ab05aa2a98b3a8f4b9ee0352e049d9e59195eac2292b609a9f84b176875cd6640d118f7e5c35f74b042f7e03561aafd2c04
- sha512sums = 7bd0dba218626f27f918b9cf15cf25183a90421ee2c792648f36e6cd75cf09f2ff04e30a9419f6033aa4d640fc1f7dcfa973fec9fc2c74354bb1e609621d449b
- sha512sums = 872a172451c436fc916b72bc48733905b4f9298ece39ad737f60790e9fe2da896dfd2255f58d7aeb301c9c19a2bb2078684ca8449f9dec5dcb45fc1f5bda7b30
- sha512sums = a70bcc98ea71e8154e7600d6bf7ed8de6bbb73d31b5ccb0b556a538e9cce78fbd71698e3be6cfa33487226e0e79d6fb8ee78d926259a4543fe4300a6b90b9a09
- sha512sums = 294a6e3a09cada150dd0f21c712f312840a882acb067520b70ebd058cd4ee88863a2a828df63efc190c5608ffb0d71d60253883baddeb7487aec7b3d905abb04
- sha512sums = 5bc0afc21a9a178ace728f902422683502b6cf579585bc8feab42d1f7701e8609468e92265b22c7f1f958f0f175f3287ea011e8f149fb30b231708e15b6eefd2
- sha512sums = 0a79540e0df4e7b0fed8fd378411799fc5b2152795e1938df2ee6935e944517cd8c780740e8aec2f718476f3b5bd0a36113b85add04d4bdb180da5ba80c37c50
+ source = archlinux.patch
+ sha256sums = 7b0e5cb834c6ca36bfe464ec4c6a226e44ce1948edd74b7c4344f43e75d9a133
+ sha256sums = 012a11cdc42e0eb072eec3dd988fa910964f355ec2ae6b67ead373ad69e84e3e
+ sha256sums = 3e237f89fe2d806cdc2e4694233d0e01e01996aa41036dd520b99cb6dae71eed
-pkgname = freeipa
- install = install.freeipa
- depends = autofs
- depends = bind
- depends = certmonger
- depends = curl
- depends = cyrus-sasl-gssapi
+pkgname = freeipa-python
+ pkgdesc = Python libraries used by IPA
+ depends = python2-kerberos>=1.1
depends = gnupg
depends = iproute2
- depends = nfs-utils
- depends = nfsidmap
- depends = nss
- depends = ntp
- depends = oddjob
- depends = pam-krb5
- depends = python2-dnspython
- depends = python2-kerberos
- depends = python2-krbv
- depends = python2-ldap
+ depends = keyutils
+ depends = python2-nss>=0.16
+ depends = python2-cryptography
depends = python2-lxml
depends = python2-netaddr
- depends = python2-nss
- depends = python2-pyopenssl
depends = sssd
+ depends = python2-qrcode>=5.0.0
+ depends = python2-pyasn1
+ depends = python2-dateutil
+ depends = python2-yubico>=1.2.3
depends = wget
- depends = xmlrpc-c
- backup = etc/ipa/default.conf
- backup = etc/ipa/ca.crt
+ depends = python2-dbus
+ depends = python2-setuptools
+
+pkgname = freeipa-client
+ pkgdesc = IPA authentication for use on clients
+ install = freeipa-client.install
+ depends = freeipa-python=4.2.3-1
+ depends = python2-ldap
+ depends = cyrus-sasl-gssapi
+ depends = ntp
+ depends = krb5
+ depends = pam-krb5
+ depends = curl>=7.21.7
+ depends = xmlrpc-c>=1.27.4
+ depends = sssd>=1.13.1
+ depends = certmonger>=0.78
+ depends = nss
+ depends = bind-tools
+ depends = oddjob
+ depends = python2-krbv
+ depends = python2-dnspython>=1.11.1
+ depends = autofs
+ depends = nfsidmap
+ depends = nfs-utils
+
+pkgname = freeipa-admintools
+ pkgdesc = IPA administrative tools
+ depends = freeipa-python=4.2.3-1
+ depends = freeipa-client=4.2.3-1
+ depends = python2-krbv
+ depends = python2-ldap
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000000..c1a848b39cb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/*.tar.gz
+/*.tar.xz
+/pkg/
+/src/
diff --git a/0001-Use-Arch-Linux-Paths.patch b/0001-Use-Arch-Linux-Paths.patch
deleted file mode 100644
index c519500596d..00000000000
--- a/0001-Use-Arch-Linux-Paths.patch
+++ /dev/null
@@ -1,454 +0,0 @@
-From ba36f963a8eac68990459b1e5fc54413584b4fd1 Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:31:08 -0400
-Subject: [PATCH 1/7] Use Arch Linux Paths
-
----
- init/systemd/ipa_memcached.service | 2 +-
- install/conf/ca_renewal | 2 +-
- install/conf/ipa.conf | 2 +-
- install/tools/ipa-upgradeconfig | 10 +++++-----
- install/tools/man/ipa-upgradeconfig.8 | 2 +-
- ipa-client/ipa-install/ipa-client-automount | 4 ++--
- ipa-client/ipa-install/ipa-client-install | 2 +-
- ipa-client/ipaclient/ntpconf.py | 2 +-
- ipa-client/man/ipa-client-automount.1 | 4 ++--
- ipa-client/man/ipa-client-install.1 | 2 +-
- ipapython/certmonger.py | 2 +-
- ipapython/platform/base/systemd.py | 22 +++++++++++-----------
- ipaserver/install/cainstance.py | 2 +-
- ipaserver/install/httpinstance.py | 26 +++++++++++++-------------
- ipaserver/install/ipa_backup.py | 10 +++++-----
- ipaserver/install/ntpinstance.py | 6 +++---
- 16 files changed, 50 insertions(+), 50 deletions(-)
-
-diff --git a/init/systemd/ipa_memcached.service b/init/systemd/ipa_memcached.service
-index a4857cd..2f73f39 100644
---- a/init/systemd/ipa_memcached.service
-+++ b/init/systemd/ipa_memcached.service
-@@ -4,7 +4,7 @@ After=network.target
-
- [Service]
- Type=forking
--EnvironmentFile=/etc/sysconfig/ipa_memcached
-+EnvironmentFile=/etc/conf.d/ipa_memcached.conf
- PIDFile=/var/run/ipa_memcached/ipa_memcached.pid
- ExecStart=/usr/bin/memcached -d -s $SOCKET_PATH -u $USER -m $CACHESIZE -c $MAXCONN -P /var/run/ipa_memcached/ipa_memcached.pid $OPTIONS
-
-diff --git a/install/conf/ca_renewal b/install/conf/ca_renewal
-index 57a9e9c..449e2de 100644
---- a/install/conf/ca_renewal
-+++ b/install/conf/ca_renewal
-@@ -3,4 +3,4 @@
- id=dogtag-ipa-retrieve-agent-submit
- ca_is_default=0
- ca_type=EXTERNAL
--ca_external_helper=/usr/libexec/certmonger/dogtag-ipa-retrieve-agent-submit
-+ca_external_helper=/usr/lib/certmonger/certmonger/dogtag-ipa-retrieve-agent-submit
-diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf
-index 1a33f62..8184f8a 100644
---- a/install/conf/ipa.conf
-+++ b/install/conf/ipa.conf
-@@ -36,7 +36,7 @@ Header unset ETag
- FileETag None
-
- # FIXME: WSGISocketPrefix is a server-scope directive. The mod_wsgi package
--# should really be fixed by adding this its /etc/httpd/conf.d/wsgi.conf:
-+# should really be fixed by adding this its /etc/httpd/conf/extra/wsgi.conf:
- WSGISocketPrefix /run/httpd/wsgi
-
-
-diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
-index 41c5126..c565d27 100644
---- a/install/tools/ipa-upgradeconfig
-+++ b/install/tools/ipa-upgradeconfig
-@@ -112,7 +112,7 @@ def update_conf(sub_dict, filename, template_filename):
-
- def find_hostname():
- """Find the hostname currently configured in ipa-rewrite.conf"""
-- filename="/etc/httpd/conf.d/ipa-rewrite.conf"
-+ filename="/etc/httpd/conf/extra/ipa-rewrite.conf"
-
- if not ipautil.file_exists(filename):
- return None
-@@ -135,7 +135,7 @@ def find_autoredirect(fqdn):
-
- Returns True if autoredirect is enabled, False otherwise
- """
-- filename = '/etc/httpd/conf.d/ipa-rewrite.conf'
-+ filename = '/etc/httpd/conf/extra/ipa-rewrite.conf'
- if os.path.exists(filename):
- pattern = "^RewriteRule \^/\$ https://%s/ipa/ui \[L,NC,R=301\]" % fqdn
- p = re.compile(pattern)
-@@ -1030,9 +1030,9 @@ def main():
- certmap_dir = dsinstance.config_dirname(
- dsinstance.realm_to_serverid(api.env.realm))
-
-- upgrade(sub_dict, "/etc/httpd/conf.d/ipa.conf", ipautil.SHARE_DIR + "ipa.conf")
-- upgrade(sub_dict, "/etc/httpd/conf.d/ipa-rewrite.conf", ipautil.SHARE_DIR + "ipa-rewrite.conf")
-- upgrade(sub_dict, "/etc/httpd/conf.d/ipa-pki-proxy.conf", ipautil.SHARE_DIR + "ipa-pki-proxy.conf", add=True)
-+ upgrade(sub_dict, "/etc/httpd/conf/extra/ipa.conf", ipautil.SHARE_DIR + "ipa.conf")
-+ upgrade(sub_dict, "/etc/httpd/conf/extra/ipa-rewrite.conf", ipautil.SHARE_DIR + "ipa-rewrite.conf")
-+ upgrade(sub_dict, "/etc/httpd/conf/extra/ipa-pki-proxy.conf", ipautil.SHARE_DIR + "ipa-pki-proxy.conf", add=True)
- if subject_base:
- upgrade(
- sub_dict,
-diff --git a/install/tools/man/ipa-upgradeconfig.8 b/install/tools/man/ipa-upgradeconfig.8
-index 43e2ab9..48bc1b6 100644
---- a/install/tools/man/ipa-upgradeconfig.8
-+++ b/install/tools/man/ipa-upgradeconfig.8
-@@ -24,7 +24,7 @@ ipa\-upgradeconfig
- .SH "DESCRIPTION"
- A tool to update the IPA Apache configuration during an upgrade.
-
--It examines the VERSION value in the head of \fI/etc/httpd/conf.d/ipa.conf\fR and \fI/etc/httpd/conf.d/ipa\-rewrite.conf\fR and compares this with the templates. If an update is needed then new files are written.
-+It examines the VERSION value in the head of \fI/etc/httpd/conf/extra/ipa.conf\fR and \fI/etc/httpd/conf/extra/ipa\-rewrite.conf\fR and compares this with the templates. If an update is needed then new files are written.
-
- It also will convert a CA configured to be accessible via ports 9443, 9444, 9445 and 9446 to be proxied by the IPA web server on ports 80 and 443.
-
-diff --git a/ipa-client/ipa-install/ipa-client-automount b/ipa-client/ipa-install/ipa-client-automount
-index 62531bf..000de4e 100755
---- a/ipa-client/ipa-install/ipa-client-automount
-+++ b/ipa-client/ipa-install/ipa-client-automount
-@@ -39,10 +39,10 @@ from ipapython.ipa_log_manager import *
- from ipapython.dn import DN
- from ipapython import services as ipaservices
-
--AUTOFS_CONF = '/etc/sysconfig/autofs'
-+AUTOFS_CONF = '/etc/conf.d/autofs'
- NSSWITCH_CONF = '/etc/nsswitch.conf'
- AUTOFS_LDAP_AUTH = '/etc/autofs_ldap_auth.conf'
--NFS_CONF = '/etc/sysconfig/nfs'
-+NFS_CONF = '/etc/conf.d/nfs'
- IDMAPD_CONF = '/etc/idmapd.conf'
-
- def parse_options():
-diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
-index afed54e..0f42e4b 100755
---- a/ipa-client/ipa-install/ipa-client-install
-+++ b/ipa-client/ipa-install/ipa-client-install
-@@ -603,7 +603,7 @@ def uninstall(options, env):
- # to this version but not unenrolled/enrolled again
- # In such case it is OK to fail
- restored = fstore.restore_file("/etc/ntp.conf")
-- restored |= fstore.restore_file("/etc/sysconfig/ntpd")
-+ restored |= fstore.restore_file("/etc/conf.d/ntpd.conf")
- if ntp_step_tickers:
- restored |= fstore.restore_file("/etc/ntp/step-tickers")
- except Exception:
-diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
-index 8c4c653..7c95a46 100644
---- a/ipa-client/ipaclient/ntpconf.py
-+++ b/ipa-client/ipaclient/ntpconf.py
-@@ -98,7 +98,7 @@ def __write_config(path, content):
- def config_ntp(server_fqdn, fstore = None, sysstore = None):
- path_step_tickers = "/etc/ntp/step-tickers"
- path_ntp_conf = "/etc/ntp.conf"
-- path_ntp_sysconfig = "/etc/sysconfig/ntpd"
-+ path_ntp_sysconfig = "/etc/conf.d/ntpd.conf"
- sub_dict = { }
- sub_dict["SERVER"] = server_fqdn
-
-diff --git a/ipa-client/man/ipa-client-automount.1 b/ipa-client/man/ipa-client-automount.1
-index 5b60503..16ccbea 100644
---- a/ipa-client/man/ipa-client-automount.1
-+++ b/ipa-client/man/ipa-client-automount.1
-@@ -29,7 +29,7 @@ The automount configuration consists of three files:
- .IP o
- /etc/nsswitch.conf
- .IP o
--/etc/sysconfig/autofs
-+/etc/conf.d/autofs
- .IP o
- /etc/autofs_ldap_auth.conf
-
-@@ -79,7 +79,7 @@ Files that will be configured when SSSD is the automount client (default):
- .TP
- Files that will be configured when using the ldap automount client:
-
--/etc/sysconfig/autofs
-+/etc/conf.d/autofs
-
- /etc/autofs_ldap_auth.conf
-
-diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1
-index 3496ee3..38df29f 100644
---- a/ipa-client/man/ipa-client-install.1
-+++ b/ipa-client/man/ipa-client-install.1
-@@ -202,7 +202,7 @@ Files that will be replaced if they exist and SSSD is not configured (\-\-no\-ss
- Files replaced if NTP is enabled:
-
- /etc/ntp.conf\p
--/etc/sysconfig/ntpd\p
-+/etc/conf.d/ntpd.conf\p
- /etc/ntp/step\-tickers\p
- .TP
- Files always created (replacing existing content):
-diff --git a/ipapython/certmonger.py b/ipapython/certmonger.py
-index 03f4b23..7401ae0 100644
---- a/ipapython/certmonger.py
-+++ b/ipapython/certmonger.py
-@@ -298,7 +298,7 @@ def add_principal_to_cas(principal):
- If the hostname we were passed to use in ipa-client-install doesn't
- match the value of gethostname() then we need to append
- -k host/HOSTNAME@REALM to the ca helper defined for
-- /usr/libexec/certmonger/ipa-submit.
-+ /usr/lib/certmonger/certmonger/ipa-submit.
-
- We also need to restore this on uninstall.
-
-diff --git a/ipapython/platform/base/systemd.py b/ipapython/platform/base/systemd.py
-index f122018..6f4f6d7 100644
---- a/ipapython/platform/base/systemd.py
-+++ b/ipapython/platform/base/systemd.py
-@@ -25,7 +25,7 @@ from ipalib import api
-
- class SystemdService(base.PlatformService):
- SYSTEMD_ETC_PATH = "/etc/systemd/system/"
-- SYSTEMD_LIB_PATH = "/lib/systemd/system/"
-+ SYSTEMD_LIB_PATH = "/usr/lib/systemd/system/"
- SYSTEMD_SRV_TARGET = "%s.target.wants"
-
- def __init__(self, service_name, systemd_name):
-@@ -98,7 +98,7 @@ class SystemdService(base.PlatformService):
-
- def stop(self, instance_name="", capture_output=True):
- instance = self.service_instance(instance_name)
-- args = ["/bin/systemctl", "stop", instance]
-+ args = ["/usr/bin/systemctl", "stop", instance]
-
- # The --ignore-dependencies switch is used to avoid possible
- # deadlock during the shutdown transaction. For more details, see
-@@ -116,7 +116,7 @@ class SystemdService(base.PlatformService):
- super(SystemdService, self).stop(instance_name,update_service_list=update_service_list)
-
- def start(self, instance_name="", capture_output=True, wait=True):
-- ipautil.run(["/bin/systemctl", "start", self.service_instance(instance_name)], capture_output=capture_output)
-+ ipautil.run(["/usr/bin/systemctl", "start", self.service_instance(instance_name)], capture_output=capture_output)
- if 'context' in api.env and api.env.context in ['ipactl', 'installer']:
- update_service_list = True
- else:
-@@ -128,7 +128,7 @@ class SystemdService(base.PlatformService):
- def restart(self, instance_name="", capture_output=True, wait=True):
- # Restart command is broken before systemd-36-3.fc16
- # If you have older systemd version, restart of dependent services will hang systemd indefinetly
-- ipautil.run(["/bin/systemctl", "restart", self.service_instance(instance_name)], capture_output=capture_output)
-+ ipautil.run(["/usr/bin/systemctl", "restart", self.service_instance(instance_name)], capture_output=capture_output)
- if wait and self.is_running(instance_name):
- self.__wait_for_open_ports(self.service_instance(instance_name))
-
-@@ -138,7 +138,7 @@ class SystemdService(base.PlatformService):
- while True:
- try:
- (sout, serr, rcode) = ipautil.run(
-- ["/bin/systemctl", "is-active", instance],
-+ ["/usr/bin/systemctl", "is-active", instance],
- capture_output=True
- )
- except ipautil.CalledProcessError as e:
-@@ -158,7 +158,7 @@ class SystemdService(base.PlatformService):
- def is_installed(self):
- installed = True
- try:
-- (sout,serr,rcode) = ipautil.run(["/bin/systemctl", "list-unit-files", "--full"])
-+ (sout,serr,rcode) = ipautil.run(["/usr/bin/systemctl", "list-unit-files", "--full"])
- if rcode != 0:
- installed = False
- else:
-@@ -173,7 +173,7 @@ class SystemdService(base.PlatformService):
- def is_enabled(self, instance_name=""):
- enabled = True
- try:
-- (sout,serr,rcode) = ipautil.run(["/bin/systemctl", "is-enabled", self.service_instance(instance_name)])
-+ (sout,serr,rcode) = ipautil.run(["/usr/bin/systemctl", "is-enabled", self.service_instance(instance_name)])
- if rcode != 0:
- enabled = False
- except ipautil.CalledProcessError, e:
-@@ -218,7 +218,7 @@ class SystemdService(base.PlatformService):
- # Link exists and it is broken, make new one
- os.unlink(srv_lnk)
- os.symlink(self.lib_path, srv_lnk)
-- ipautil.run(["/bin/systemctl", "--system", "daemon-reload"])
-+ ipautil.run(["/usr/bin/systemctl", "--system", "daemon-reload"])
- except:
- pass
- else:
-@@ -236,7 +236,7 @@ class SystemdService(base.PlatformService):
- if ipautil.dir_exists(srv_tgt):
- if os.path.islink(srv_lnk):
- os.unlink(srv_lnk)
-- ipautil.run(["/bin/systemctl", "--system", "daemon-reload"])
-+ ipautil.run(["/usr/bin/systemctl", "--system", "daemon-reload"])
- except:
- pass
- else:
-@@ -244,13 +244,13 @@ class SystemdService(base.PlatformService):
-
- def __enable(self, instance_name=""):
- try:
-- ipautil.run(["/bin/systemctl", "enable", self.service_instance(instance_name)])
-+ ipautil.run(["/usr/bin/systemctl", "enable", self.service_instance(instance_name)])
- except ipautil.CalledProcessError, e:
- pass
-
- def __disable(self, instance_name=""):
- try:
-- ipautil.run(["/bin/systemctl", "disable", self.service_instance(instance_name)])
-+ ipautil.run(["/usr/bin/systemctl", "disable", self.service_instance(instance_name)])
- except ipautil.CalledProcessError, e:
- pass
-
-diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
-index 126bbae..a1f729e 100644
---- a/ipaserver/install/cainstance.py
-+++ b/ipaserver/install/cainstance.py
-@@ -57,7 +57,7 @@ from ipaserver.install.installutils import stopped_service
- from ipaserver.plugins import ldap2
- from ipapython.ipa_log_manager import *
-
--HTTPD_CONFD = "/etc/httpd/conf.d/"
-+HTTPD_CONFD = "/etc/httpd/conf/extra/"
- DEFAULT_DSPORT = dogtag.install_constants.DS_PORT
-
- PKI_USER = "pkiuser"
-diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
-index 689e657..d4a3252 100644
---- a/ipaserver/install/httpinstance.py
-+++ b/ipaserver/install/httpinstance.py
-@@ -37,8 +37,8 @@ from ipaserver.install import sysupgrade
- from ipalib import api
-
- HTTPD_DIR = "/etc/httpd"
--SSL_CONF = HTTPD_DIR + "/conf.d/ssl.conf"
--NSS_CONF = HTTPD_DIR + "/conf.d/nss.conf"
-+SSL_CONF = HTTPD_DIR + "/conf/extra/ssl.conf"
-+NSS_CONF = HTTPD_DIR + "/conf/extra/nss.conf"
-
- selinux_warning = """
- WARNING: could not set selinux boolean(s) %(var)s to true. The web
-@@ -223,7 +223,7 @@ class HTTPInstance(service.Service):
- def configure_httpd_ccache(self):
- pent = pwd.getpwnam("apache")
- ccache = '/tmp/krb5cc_%d' % pent.pw_uid
-- filepath = '/etc/sysconfig/httpd'
-+ filepath = '/etc/conf.d/apache'
- if not os.path.exists(filepath):
- # file doesn't exist; create it with correct ownership & mode
- open(filepath, 'a').close()
-@@ -237,17 +237,17 @@ class HTTPInstance(service.Service):
- ipaservices.restore_context(filepath)
-
- def __configure_http(self):
-- target_fname = '/etc/httpd/conf.d/ipa.conf'
-+ target_fname = '/etc/httpd/conf/extra/ipa.conf'
- http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa.conf", self.sub_dict)
-- self.fstore.backup_file("/etc/httpd/conf.d/ipa.conf")
-+ self.fstore.backup_file("/etc/httpd/conf/extra/ipa.conf")
- http_fd = open(target_fname, "w")
- http_fd.write(http_txt)
- http_fd.close()
- os.chmod(target_fname, 0644)
-
-- target_fname = '/etc/httpd/conf.d/ipa-rewrite.conf'
-+ target_fname = '/etc/httpd/conf/extra/ipa-rewrite.conf'
- http_txt = ipautil.template_file(ipautil.SHARE_DIR + "ipa-rewrite.conf", self.sub_dict)
-- self.fstore.backup_file("/etc/httpd/conf.d/ipa-rewrite.conf")
-+ self.fstore.backup_file("/etc/httpd/conf/extra/ipa-rewrite.conf")
- http_fd = open(target_fname, "w")
- http_fd.write(http_txt)
- http_fd.close()
-@@ -285,8 +285,8 @@ class HTTPInstance(service.Service):
-
- def __add_include(self):
- """This should run after __set_mod_nss_port so is already backed up"""
-- if installutils.update_file(NSS_CONF, '</VirtualHost>', 'Include conf.d/ipa-rewrite.conf\n</VirtualHost>') != 0:
-- print "Adding Include conf.d/ipa-rewrite to %s failed." % NSS_CONF
-+ if installutils.update_file(NSS_CONF, '</VirtualHost>', 'Include conf/extra/ipa-rewrite.conf\n</VirtualHost>') != 0:
-+ print "Adding Include conf/extra/ipa-rewrite to %s failed." % NSS_CONF
-
- def __setup_ssl(self):
- fqdn = self.fqdn
-@@ -425,7 +425,7 @@ class HTTPInstance(service.Service):
- if not enabled is None and not enabled:
- self.disable()
-
-- for f in ["/etc/httpd/conf.d/ipa.conf", SSL_CONF, NSS_CONF]:
-+ for f in ["/etc/httpd/conf/extra/ipa.conf", SSL_CONF, NSS_CONF]:
- try:
- self.fstore.restore_file(f)
- except ValueError, error:
-@@ -433,9 +433,9 @@ class HTTPInstance(service.Service):
- pass
-
- # Remove the configuration files we create
-- installutils.remove_file("/etc/httpd/conf.d/ipa-rewrite.conf")
-- installutils.remove_file("/etc/httpd/conf.d/ipa.conf")
-- installutils.remove_file("/etc/httpd/conf.d/ipa-pki-proxy.conf")
-+ installutils.remove_file("/etc/httpd/conf/extra/ipa-rewrite.conf")
-+ installutils.remove_file("/etc/httpd/conf/extra/ipa.conf")
-+ installutils.remove_file("/etc/httpd/conf/extra/ipa-pki-proxy.conf")
-
- for var in ["httpd_can_network_connect", "httpd_manage_ipa"]:
- sebool_state = self.restore_state(var)
-diff --git a/ipaserver/install/ipa_backup.py b/ipaserver/install/ipa_backup.py
-index 12c6215..1fb8334 100644
---- a/ipaserver/install/ipa_backup.py
-+++ b/ipaserver/install/ipa_backup.py
-@@ -126,7 +126,7 @@ class Backup(admintool.AdminTool):
- '/etc/sysconfig/pki-ca',
- '/etc/sysconfig/pki-tomcat',
- '/etc/sysconfig/dirsrv',
-- '/etc/sysconfig/ntpd',
-+ '/etc/conf.d/ntpd.conf',
- '/etc/sysconfig/krb5kdc',
- '/etc/sysconfig/pki/ca/pki-ca',
- '/etc/sysconfig/authconfig',
-@@ -140,10 +140,10 @@ class Backup(admintool.AdminTool):
- '/etc/security/limits.conf',
- '/etc/httpd/conf/password.conf',
- '/etc/httpd/conf/ipa.keytab',
-- '/etc/httpd/conf.d/ipa-pki-proxy.conf',
-- '/etc/httpd/conf.d/ipa-rewrite.conf',
-- '/etc/httpd/conf.d/nss.conf',
-- '/etc/httpd/conf.d/ipa.conf',
-+ '/etc/httpd/conf/extra/ipa-pki-proxy.conf',
-+ '/etc/httpd/conf/extra/ipa-rewrite.conf',
-+ '/etc/httpd/conf/extra/nss.conf',
-+ '/etc/httpd/conf/extra/ipa.conf',
- '/etc/ssh/sshd_config',
- '/etc/ssh/ssh_config',
- '/etc/krb5.conf',
-diff --git a/ipaserver/install/ntpinstance.py b/ipaserver/install/ntpinstance.py
-index f2e8ffe..00615b9 100644
---- a/ipaserver/install/ntpinstance.py
-+++ b/ipaserver/install/ntpinstance.py
-@@ -35,7 +35,7 @@ class NTPInstance(service.Service):
- def __write_config(self):
-
- self.fstore.backup_file("/etc/ntp.conf")
-- self.fstore.backup_file("/etc/sysconfig/ntpd")
-+ self.fstore.backup_file("/etc/conf.d/ntpd.conf")
-
- # We use the OS variable to point it towards either the rhel
- # or fedora pools. Other distros should be added in the future
-@@ -99,7 +99,7 @@ class NTPInstance(service.Service):
- #read in memory, find OPTIONS, check/change it, then overwrite file
- needopts = [ {'val':'-x', 'need':True},
- {'val':'-g', 'need':True} ]
-- fd = open("/etc/sysconfig/ntpd", "r")
-+ fd = open("/etc/conf.d/ntpd.conf", "r")
- lines = fd.readlines()
- fd.close()
- for line in lines:
-@@ -118,7 +118,7 @@ class NTPInstance(service.Service):
-
- done = False
- if newopts:
-- fd = open("/etc/sysconfig/ntpd", "w")
-+ fd = open("/etc/conf.d/ntpd.conf", "w")
- for line in lines:
- if not done:
- sline = line.strip()
---
-1.9.2
-
diff --git a/0002-Add-Arch-Linux-Platform.patch b/0002-Add-Arch-Linux-Platform.patch
deleted file mode 100644
index 01c43d44b59..00000000000
--- a/0002-Add-Arch-Linux-Platform.patch
+++ /dev/null
@@ -1,151 +0,0 @@
-From 5d78b9364c98435b5f3ee54a27c6c9294366c476 Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:32:33 -0400
-Subject: [PATCH 2/7] Add Arch Linux Platform
-
----
- ipapython/platform/archlinux/__init__.py | 40 ++++++++++++++++++++++++++++++++
- ipapython/platform/archlinux/auth.py | 17 ++++++++++++++
- ipapython/platform/fedora16/service.py | 8 +++----
- ipapython/platform/fedora18/__init__.py | 2 +-
- ipapython/setup.py | 1 +
- ipapython/setup.py.in | 1 +
- 6 files changed, 64 insertions(+), 5 deletions(-)
- create mode 100644 ipapython/platform/archlinux/__init__.py
- create mode 100644 ipapython/platform/archlinux/auth.py
-
-diff --git a/ipapython/platform/archlinux/__init__.py b/ipapython/platform/archlinux/__init__.py
-new file mode 100644
-index 0000000..2b77bcc
---- /dev/null
-+++ b/ipapython/platform/archlinux/__init__.py
-@@ -0,0 +1,40 @@
-+import os
-+
-+from ipapython.platform import fedora18, base
-+from ipapython.platform.archlinux.auth import ArchLinuxAuthConfig
-+
-+# All what we allow exporting directly from this module
-+# Everything else is made available through these symbols when they are
-+# directly imported into ipapython.services:
-+# authconfig -- class reference for platform-specific implementation of
-+# authconfig(8)
-+# service -- class reference for platform-specific implementation of a
-+# PlatformService class
-+# knownservices -- factory instance to access named services IPA cares about,
-+# names are ipapython.services.wellknownservices
-+# backup_and_replace_hostname -- platform-specific way to set hostname and
-+# make it persistent over reboots
-+# restore_network_configuration -- platform-specific way of restoring network
-+# configuration (e.g. static hostname)
-+# restore_context -- platform-sepcific way to restore security context, if
-+# applicable
-+# check_selinux_status -- platform-specific way to see if SELinux is enabled
-+# and restorecon is installed.
-+__all__ = ['authconfig', 'service', 'knownservices',
-+ 'backup_and_replace_hostname', 'restore_context', 'check_selinux_status',
-+ 'restore_network_configuration', 'timedate_services']
-+
-+# Just copy a referential list of timedate services
-+timedate_services = list(base.timedate_services)
-+
-+def restore_network_configuration(fstore, statestore):
-+ filepath = '/etc/hostname'
-+ if fstore.has_file(filepath):
-+ fstore.restore_file(filepath)
-+
-+authconfig = ArchLinuxAuthConfig
-+service = fedora18.service
-+knownservices = fedora18.knownservices
-+backup_and_replace_hostname = fedora18.backup_and_replace_hostname
-+restore_context = fedora18.restore_context
-+check_selinux_status = fedora18.check_selinux_status
-diff --git a/ipapython/platform/archlinux/auth.py b/ipapython/platform/archlinux/auth.py
-new file mode 100644
-index 0000000..67ee063
---- /dev/null
-+++ b/ipapython/platform/archlinux/auth.py
-@@ -0,0 +1,17 @@
-+from ipapython.platform import base
-+
-+class ArchLinuxAuthConfig(base.AuthConfig):
-+ """
-+ Arch Linux implementation of the AuthConfig class.
-+
-+ The freeipa package includes a sss-auth-setup.py Python 3 script which will
-+ set up both the NSS and PAM configuration. However, this script modifies the
-+ PAM configuration files directly, so the changes need to be undone before
-+ pacman updates anything in /etc/pam.d/ and if any new configuration files
-+ are added.
-+
-+ It's probably best to have this handled manually.
-+ """
-+
-+ def execute(self):
-+ raise NotImplementedError
-diff --git a/ipapython/platform/fedora16/service.py b/ipapython/platform/fedora16/service.py
-index edf2d7f..7523761 100644
---- a/ipapython/platform/fedora16/service.py
-+++ b/ipapython/platform/fedora16/service.py
-@@ -32,8 +32,8 @@ from ipalib import api
- # mapping will be kept in this dictionary
- system_units = dict(map(lambda x: (x, "%s.service" % (x)), base.wellknownservices))
-
--system_units['rpcgssd'] = 'nfs-secure.service'
--system_units['rpcidmapd'] = 'nfs-idmap.service'
-+system_units['rpcgssd'] = 'rpc-gssd.service'
-+system_units['rpcidmapd'] = 'rpc-idmapd.service'
-
- # Rewrite dirsrv and pki-tomcatd services as they support instances via separate
- # service generator. To make this working, one needs to have both foo@.servic
-@@ -144,8 +144,8 @@ class Fedora16CAService(Fedora16Service):
- # false positives, so check for existence of our configuration file.
- # TODO: Use a cleaner solution
- use_proxy = True
-- if not (os.path.exists('/etc/httpd/conf.d/ipa.conf') and
-- os.path.exists('/etc/httpd/conf.d/ipa-pki-proxy.conf')):
-+ if not (os.path.exists('/etc/httpd/conf/extra/ipa.conf') and
-+ os.path.exists('/etc/httpd/conf/extra/ipa-pki-proxy.conf')):
- root_logger.debug(
- 'The httpd proxy is not installed, wait on local port')
- use_proxy = False
-diff --git a/ipapython/platform/fedora18/__init__.py b/ipapython/platform/fedora18/__init__.py
-index d12bdca..2ac882c 100644
---- a/ipapython/platform/fedora18/__init__.py
-+++ b/ipapython/platform/fedora18/__init__.py
-@@ -52,7 +52,7 @@ timedate_services = list(base.timedate_services)
- def backup_and_replace_hostname(fstore, statestore, hostname):
- old_hostname = socket.gethostname()
- try:
-- ipautil.run(['/bin/hostname', hostname])
-+ ipautil.run(['/usr/bin/hostname', hostname])
- except ipautil.CalledProcessError, e:
- print >>sys.stderr, "Failed to set this machine hostname to %s (%s)." % (hostname, str(e))
-
-diff --git a/ipapython/setup.py b/ipapython/setup.py
-index cb24eee..cffbf6e 100644
---- a/ipapython/setup.py
-+++ b/ipapython/setup.py
-@@ -68,6 +68,7 @@ def setup_package():
- packages = [ "ipapython",
- "ipapython.platform",
- "ipapython.platform.base",
-+ "ipapython.platform.archlinux",
- "ipapython.platform.fedora16",
- "ipapython.platform.fedora18",
- "ipapython.platform.redhat" ],
-diff --git a/ipapython/setup.py.in b/ipapython/setup.py.in
-index d3bbcaf..c7c6845 100644
---- a/ipapython/setup.py.in
-+++ b/ipapython/setup.py.in
-@@ -68,6 +68,7 @@ def setup_package():
- packages = [ "ipapython",
- "ipapython.platform",
- "ipapython.platform.base",
-+ "ipapython.platform.archlinux",
- "ipapython.platform.fedora16",
- "ipapython.platform.fedora18",
- "ipapython.platform.redhat" ],
---
-1.9.2
-
diff --git a/0003-Use-Python-2.patch b/0003-Use-Python-2.patch
deleted file mode 100644
index f948ee2973c..00000000000
--- a/0003-Use-Python-2.patch
+++ /dev/null
@@ -1,657 +0,0 @@
-From df24bf0bad4a41262217e6864c76eae7e09d7bc8 Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:32:58 -0400
-Subject: [PATCH 3/7] Use Python 2
-
----
- checks/check-ra.py | 2 +-
- contrib/RHEL4/ipa-client-setup | 2 +-
- contrib/RHEL4/setup.py | 2 +-
- daemons/ipa-otpd/test.py | 2 +-
- doc/examples/python-api.py | 2 +-
- install/certmonger/dogtag-ipa-retrieve-agent-submit | 2 +-
- install/po/pygettext.py | 2 +-
- install/restart_scripts/renew_ca_cert | 2 +-
- install/restart_scripts/renew_ra_cert | 2 +-
- install/restart_scripts/restart_dirsrv | 2 +-
- install/restart_scripts/restart_httpd | 2 +-
- install/restart_scripts/restart_pkicad | 2 +-
- install/restart_scripts/stop_pkicad | 2 +-
- install/share/copy-schema-to-ca.py | 2 +-
- install/tools/ipa-adtrust-install | 2 +-
- install/tools/ipa-advise | 2 +-
- install/tools/ipa-backup | 2 +-
- install/tools/ipa-ca-install | 2 +-
- install/tools/ipa-compat-manage | 2 +-
- install/tools/ipa-csreplica-manage | 2 +-
- install/tools/ipa-dns-install | 2 +-
- install/tools/ipa-ldap-updater | 2 +-
- install/tools/ipa-managed-entries | 2 +-
- install/tools/ipa-nis-manage | 2 +-
- install/tools/ipa-replica-conncheck | 2 +-
- install/tools/ipa-replica-install | 2 +-
- install/tools/ipa-replica-manage | 2 +-
- install/tools/ipa-replica-prepare | 2 +-
- install/tools/ipa-restore | 2 +-
- install/tools/ipa-server-certinstall | 2 +-
- install/tools/ipa-server-install | 2 +-
- install/tools/ipa-upgradeconfig | 2 +-
- install/tools/ipactl | 2 +-
- ipa | 2 +-
- ipa-client/ipa-install/ipa-client-automount | 2 +-
- ipa-client/ipa-install/ipa-client-install | 2 +-
- ipapython/Makefile | 8 ++++----
- ipapython/py_default_encoding/Makefile | 8 ++++----
- ipapython/setup.py.in | 2 +-
- ipapython/test/test_ipautil.py | 2 +-
- ipapython/test/test_ipavalidate.py | 2 +-
- ipaserver/install/ipa_server_certinstall.py | 2 +-
- ipatests/i18n.py | 2 +-
- ipatests/ipa-run-tests | 2 +-
- ipatests/ipa-test-config | 2 +-
- ipatests/ipa-test-task | 2 +-
- ipatests/setup.py.in | 2 +-
- ipatests/test_ipapython/test_dn.py | 2 +-
- lite-server.py | 2 +-
- make-lint | 4 ++--
- make-test | 2 +-
- make-testcert | 2 +-
- makeapi | 2 +-
- setup-client.py | 2 +-
- setup.py | 2 +-
- 55 files changed, 62 insertions(+), 62 deletions(-)
-
-diff --git a/checks/check-ra.py b/checks/check-ra.py
-index 13a4126..a1df50b 100755
---- a/checks/check-ra.py
-+++ b/checks/check-ra.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
- # John Dennis <jdennis@redhat.com>
-diff --git a/contrib/RHEL4/ipa-client-setup b/contrib/RHEL4/ipa-client-setup
-index 4d1fead..d8f78c1 100644
---- a/contrib/RHEL4/ipa-client-setup
-+++ b/contrib/RHEL4/ipa-client-setup
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Simo Sorce <ssorce@redhat.com>
- # Karl MacMillan <kmacmillan@mentalrootkit.com>
- #
-diff --git a/contrib/RHEL4/setup.py b/contrib/RHEL4/setup.py
-index f535875..5d34930 100644
---- a/contrib/RHEL4/setup.py
-+++ b/contrib/RHEL4/setup.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Copyright (C) 2007 Red Hat
- # see file 'COPYING' for use and warranty information
- #
-diff --git a/daemons/ipa-otpd/test.py b/daemons/ipa-otpd/test.py
-index d748c82..824f8a2 100644
---- a/daemons/ipa-otpd/test.py
-+++ b/daemons/ipa-otpd/test.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- #
- # FreeIPA 2FA companion daemon
- #
-diff --git a/doc/examples/python-api.py b/doc/examples/python-api.py
-index 60578e8..9f315fc 100755
---- a/doc/examples/python-api.py
-+++ b/doc/examples/python-api.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
- #
-diff --git a/install/certmonger/dogtag-ipa-retrieve-agent-submit b/install/certmonger/dogtag-ipa-retrieve-agent-submit
-index 70cbd82..973af26 100644
---- a/install/certmonger/dogtag-ipa-retrieve-agent-submit
-+++ b/install/certmonger/dogtag-ipa-retrieve-agent-submit
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/po/pygettext.py b/install/po/pygettext.py
-index 5293ebf..4e4212e 100755
---- a/install/po/pygettext.py
-+++ b/install/po/pygettext.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
- # -*- coding: iso-8859-1 -*-
- # Originally written by Barry Warsaw <barry@zope.com>
- #
-diff --git a/install/restart_scripts/renew_ca_cert b/install/restart_scripts/renew_ca_cert
-index b10e4b8..da2253b 100644
---- a/install/restart_scripts/renew_ca_cert
-+++ b/install/restart_scripts/renew_ca_cert
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/restart_scripts/renew_ra_cert b/install/restart_scripts/renew_ra_cert
-index e541e4b..919f8fc 100644
---- a/install/restart_scripts/renew_ra_cert
-+++ b/install/restart_scripts/renew_ra_cert
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/restart_scripts/restart_dirsrv b/install/restart_scripts/restart_dirsrv
-index a9bb897..9b22d08 100644
---- a/install/restart_scripts/restart_dirsrv
-+++ b/install/restart_scripts/restart_dirsrv
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/restart_scripts/restart_httpd b/install/restart_scripts/restart_httpd
-index 96f80bd..16a41ee 100644
---- a/install/restart_scripts/restart_httpd
-+++ b/install/restart_scripts/restart_httpd
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/restart_scripts/restart_pkicad b/install/restart_scripts/restart_pkicad
-index f840aeb..9a3d480 100644
---- a/install/restart_scripts/restart_pkicad
-+++ b/install/restart_scripts/restart_pkicad
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/restart_scripts/stop_pkicad b/install/restart_scripts/stop_pkicad
-index bbaf889..c275eae 100644
---- a/install/restart_scripts/stop_pkicad
-+++ b/install/restart_scripts/stop_pkicad
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/share/copy-schema-to-ca.py b/install/share/copy-schema-to-ca.py
-index 1888f12..a5646cd 100755
---- a/install/share/copy-schema-to-ca.py
-+++ b/install/share/copy-schema-to-ca.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
-
- """Copy the IPA schema to the CA directory server instance
-
-diff --git a/install/tools/ipa-adtrust-install b/install/tools/ipa-adtrust-install
-index fe86a94..e81d0ec 100755
---- a/install/tools/ipa-adtrust-install
-+++ b/install/tools/ipa-adtrust-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
- #
- # Authors: Sumit Bose <sbose@redhat.com>
- # Based on ipa-server-install by Karl MacMillan <kmacmillan@mentalrootkit.com>
-diff --git a/install/tools/ipa-advise b/install/tools/ipa-advise
-index 4ec3c48..6d0d9b9 100755
---- a/install/tools/ipa-advise
-+++ b/install/tools/ipa-advise
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Tomas Babej <tbabej@redhat.com>
- #
- # Copyright (C) 2013 Red Hat
-diff --git a/install/tools/ipa-backup b/install/tools/ipa-backup
-index 5bcaa1d..bcdcb30 100755
---- a/install/tools/ipa-backup
-+++ b/install/tools/ipa-backup
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Rob Crittenden <rcritten@redhat.com>
- #
- # Copyright (C) 2013 Red Hat
-diff --git a/install/tools/ipa-ca-install b/install/tools/ipa-ca-install
-index bb3e595..26f6993 100755
---- a/install/tools/ipa-ca-install
-+++ b/install/tools/ipa-ca-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Rob Crittenden <rcritten@redhat.com>
- #
- # Copyright (C) 2011 Red Hat
-diff --git a/install/tools/ipa-compat-manage b/install/tools/ipa-compat-manage
-index 7061a3e..bdfb718 100755
---- a/install/tools/ipa-compat-manage
-+++ b/install/tools/ipa-compat-manage
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors: Rob Crittenden <rcritten@redhat.com>
- # Authors: Simo Sorce <ssorce@redhat.com>
- #
-diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage
-index ce027be..f2490b9 100755
---- a/install/tools/ipa-csreplica-manage
-+++ b/install/tools/ipa-csreplica-manage
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Rob Crittenden <rcritten@redhat.com>
- #
- # Based on ipa-replica-manage by Karl MacMillan <kmacmillan@mentalrootkit.com>
-diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install
-index 37a07f8..d87007d 100755
---- a/install/tools/ipa-dns-install
-+++ b/install/tools/ipa-dns-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Martin Nagy <mnagy@redhat.com>
- # Based on ipa-server-install by Karl MacMillan <kmacmillan@mentalrootkit.com>
- #
-diff --git a/install/tools/ipa-ldap-updater b/install/tools/ipa-ldap-updater
-index 0fc5a5b..98081d7 100755
---- a/install/tools/ipa-ldap-updater
-+++ b/install/tools/ipa-ldap-updater
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors: Rob Crittenden <rcritten@redhat.com>
- #
- # Copyright (C) 2008 Red Hat
-diff --git a/install/tools/ipa-managed-entries b/install/tools/ipa-managed-entries
-index 2cf37e2..6baae74 100755
---- a/install/tools/ipa-managed-entries
-+++ b/install/tools/ipa-managed-entries
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors: Jr Aquino <jr.aquino@citrix.com>
- #
- # Copyright (C) 2011 Red Hat
-diff --git a/install/tools/ipa-nis-manage b/install/tools/ipa-nis-manage
-index 71c0761..3320be7 100755
---- a/install/tools/ipa-nis-manage
-+++ b/install/tools/ipa-nis-manage
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors: Rob Crittenden <rcritten@redhat.com>
- # Authors: Simo Sorce <ssorce@redhat.com>
- #
-diff --git a/install/tools/ipa-replica-conncheck b/install/tools/ipa-replica-conncheck
-index c861e30..2c92eb9 100755
---- a/install/tools/ipa-replica-conncheck
-+++ b/install/tools/ipa-replica-conncheck
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Martin Kosek <mkosek@redhat.com>
- #
- # Copyright (C) 2011 Red Hat
-diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
-index 4418b41..512a4fb 100755
---- a/install/tools/ipa-replica-install
-+++ b/install/tools/ipa-replica-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
- #
- # Copyright (C) 2007 Red Hat
-diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
-index 8e0948e..b768ea4 100755
---- a/install/tools/ipa-replica-manage
-+++ b/install/tools/ipa-replica-manage
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
- #
- # Copyright (C) 2007 Red Hat
-diff --git a/install/tools/ipa-replica-prepare b/install/tools/ipa-replica-prepare
-index 21df341..4f37b4b 100755
---- a/install/tools/ipa-replica-prepare
-+++ b/install/tools/ipa-replica-prepare
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Petr Viktorin <pviktori@redhat.com>
- #
- # Copyright (C) 2012 Red Hat
-diff --git a/install/tools/ipa-restore b/install/tools/ipa-restore
-index 604175b..f2572d5 100755
---- a/install/tools/ipa-restore
-+++ b/install/tools/ipa-restore
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Rob Crittenden <rcritten@redhat.com>
- #
- # Copyright (C) 2013 Red Hat
-diff --git a/install/tools/ipa-server-certinstall b/install/tools/ipa-server-certinstall
-index 9bb0ef8..a0013f6 100755
---- a/install/tools/ipa-server-certinstall
-+++ b/install/tools/ipa-server-certinstall
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Jan Cholasta <jcholast@redhat.com>
- #
- # Copyright (C) 2013 Red Hat
-diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
-index dfbbb91..753c7f0 100755
---- a/install/tools/ipa-server-install
-+++ b/install/tools/ipa-server-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
- # Simo Sorce <ssorce@redhat.com>
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/tools/ipa-upgradeconfig b/install/tools/ipa-upgradeconfig
-index c565d27..174ab1b 100644
---- a/install/tools/ipa-upgradeconfig
-+++ b/install/tools/ipa-upgradeconfig
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/install/tools/ipactl b/install/tools/ipactl
-index df0d6f5..48bbab5 100755
---- a/install/tools/ipactl
-+++ b/install/tools/ipactl
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors: Simo Sorce <ssorce@redhat.com>
- #
- # Copyright (C) 2008-2010 Red Hat
-diff --git a/ipa b/ipa
-index c9b7338..64ceea4 100755
---- a/ipa
-+++ b/ipa
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
-diff --git a/ipa-client/ipa-install/ipa-client-automount b/ipa-client/ipa-install/ipa-client-automount
-index 000de4e..050bbf3 100755
---- a/ipa-client/ipa-install/ipa-client-automount
-+++ b/ipa-client/ipa-install/ipa-client-automount
-@@ -1,4 +1,4 @@
--#!/usr/bin/python -E
-+#!/usr/bin/python2 -E
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
-index 0f42e4b..19bfe9c 100755
---- a/ipa-client/ipa-install/ipa-client-install
-+++ b/ipa-client/ipa-install/ipa-client-install
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- # Authors: Simo Sorce <ssorce@redhat.com>
- # Karl MacMillan <kmacmillan@mentalrootkit.com>
- #
-diff --git a/ipapython/Makefile b/ipapython/Makefile
-index a09ffd1..d1a3ff5 100644
---- a/ipapython/Makefile
-+++ b/ipapython/Makefile
-@@ -1,4 +1,4 @@
--PYTHONLIBDIR ?= $(shell python -c "from distutils.sysconfig import *; print get_python_lib()")
-+PYTHONLIBDIR ?= $(shell python2 -c "from distutils.sysconfig import *; print get_python_lib()")
- PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)/ipa
- CONFIGDIR ?= $(DESTDIR)/etc/ipa
- TESTS = $(wildcard test/*.py)
-@@ -12,9 +12,9 @@ all:
-
- install:
- if [ "$(DESTDIR)" = "" ]; then \
-- python setup.py install; \
-+ python2 setup.py install; \
- else \
-- python setup.py install --root $(DESTDIR); \
-+ python2 setup.py install --root $(DESTDIR); \
- fi
- @for subdir in $(SUBDIRS); do \
- (cd $$subdir && $(MAKE) $@) || exit 1; \
-@@ -42,4 +42,4 @@ maintainer-clean: distclean
- test: $(subst .py,.tst,$(TESTS))
-
- %.tst: %.py
-- python $<
-+ python2 $<
-diff --git a/ipapython/py_default_encoding/Makefile b/ipapython/py_default_encoding/Makefile
-index 7cd1f6c..88f17f7 100644
---- a/ipapython/py_default_encoding/Makefile
-+++ b/ipapython/py_default_encoding/Makefile
-@@ -1,15 +1,15 @@
--PYTHONLIBDIR ?= $(shell python -c "from distutils.sysconfig import *; print get_python_lib()")
-+PYTHONLIBDIR ?= $(shell python2 -c "from distutils.sysconfig import *; print get_python_lib()")
- PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)/ipa
- CONFIGDIR ?= $(DESTDIR)/etc/ipa
-
- all:
-- python setup.py build
-+ python2 setup.py build
-
- install:
- if [ "$(DESTDIR)" = "" ]; then \
-- python setup.py install; \
-+ python2 setup.py install; \
- else \
-- python setup.py install --root $(DESTDIR); \
-+ python2 setup.py install --root $(DESTDIR); \
- fi
-
- clean:
-diff --git a/ipapython/setup.py.in b/ipapython/setup.py.in
-index c7c6845..2860daf 100644
---- a/ipapython/setup.py.in
-+++ b/ipapython/setup.py.in
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Copyright (C) 2007 Red Hat
- # see file 'COPYING' for use and warranty information
- #
-diff --git a/ipapython/test/test_ipautil.py b/ipapython/test/test_ipautil.py
-index ff9f282..abc19b3 100644
---- a/ipapython/test/test_ipautil.py
-+++ b/ipapython/test/test_ipautil.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- #
- # Copyright (C) 2007 Red Hat
- # see file 'COPYING' for use and warranty information
-diff --git a/ipapython/test/test_ipavalidate.py b/ipapython/test/test_ipavalidate.py
-index 12b1577..3393de0 100644
---- a/ipapython/test/test_ipavalidate.py
-+++ b/ipapython/test/test_ipavalidate.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/python -E
-+#! /usr/bin/python2 -E
- #
- # Copyright (C) 2007 Red Hat
- # see file 'COPYING' for use and warranty information
-diff --git a/ipaserver/install/ipa_server_certinstall.py b/ipaserver/install/ipa_server_certinstall.py
-index 87c4eaf..09d8fba 100644
---- a/ipaserver/install/ipa_server_certinstall.py
-+++ b/ipaserver/install/ipa_server_certinstall.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
- # Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
- # Jan Cholasta <jcholast@redhat.com>
- #
-diff --git a/ipatests/i18n.py b/ipatests/i18n.py
-index 9c8479b..e0ddfda 100755
---- a/ipatests/i18n.py
-+++ b/ipatests/i18n.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors:
- # John Dennis <jdennis@redhat.com>
- #
-diff --git a/ipatests/ipa-run-tests b/ipatests/ipa-run-tests
-index 2b61d3c..7e3270b 100755
---- a/ipatests/ipa-run-tests
-+++ b/ipatests/ipa-run-tests
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- # Authors:
- # Petr Viktorin <pviktori@redhat.com>
-diff --git a/ipatests/ipa-test-config b/ipatests/ipa-test-config
-index ea6d2ce..dc94b8a 100755
---- a/ipatests/ipa-test-config
-+++ b/ipatests/ipa-test-config
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
-
- # Authors:
- # Petr Viktorin <pviktori@redhat.com>
-diff --git a/ipatests/ipa-test-task b/ipatests/ipa-test-task
-index 9daad1c..91bc868 100755
---- a/ipatests/ipa-test-task
-+++ b/ipatests/ipa-test-task
-@@ -1,4 +1,4 @@
--#! /usr/bin/python
-+#! /usr/bin/python2
-
- # Authors:
- # Petr Viktorin <pviktori@redhat.com>
-diff --git a/ipatests/setup.py.in b/ipatests/setup.py.in
-index afbe9ab..dabf6d9 100644
---- a/ipatests/setup.py.in
-+++ b/ipatests/setup.py.in
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Copyright (C) 2007 Red Hat
- # see file 'COPYING' for use and warranty information
- #
-diff --git a/ipatests/test_ipapython/test_dn.py b/ipatests/test_ipapython/test_dn.py
-index cdeab93..60802b7 100644
---- a/ipatests/test_ipapython/test_dn.py
-+++ b/ipatests/test_ipapython/test_dn.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- import unittest
- from ipapython.dn import *
-diff --git a/lite-server.py b/lite-server.py
-index e065357..99089b0 100755
---- a/lite-server.py
-+++ b/lite-server.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
-diff --git a/make-lint b/make-lint
-index d9c66a8..21d7b53 100755
---- a/make-lint
-+++ b/make-lint
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- #
- # Authors:
- # Jakub Hrozek <jhrozek@redhat.com>
-@@ -198,7 +198,7 @@ def find_files(path, basepath):
- line = file.readline(128)
- file.close()
-
-- if line[:2] == '#!' and line.find('python') >= 0:
-+ if line[:2] == '#!' and line.find('python2') >= 0:
- result.append(filepath)
-
- return result
-diff --git a/make-test b/make-test
-index b39e4db..1cf5bb3 100755
---- a/make-test
-+++ b/make-test
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- """
- Run IPA unit tests under multiple versions of Python (if present).
-diff --git a/make-testcert b/make-testcert
-index 19c188a..ff25b39 100755
---- a/make-testcert
-+++ b/make-testcert
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- #
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
-diff --git a/makeapi b/makeapi
-index 86907bd..df8497c 100755
---- a/makeapi
-+++ b/makeapi
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
- # Authors:
- # Rob Crittenden <rcritten@redhat.com>
- # John Dennis <jdennis@redhat.com>
-diff --git a/setup-client.py b/setup-client.py
-index 332d292..a424440 100755
---- a/setup-client.py
-+++ b/setup-client.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
-diff --git a/setup.py b/setup.py
-index 4a01b1e..af7964d 100755
---- a/setup.py
-+++ b/setup.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/python
-+#!/usr/bin/python2
-
- # Authors:
- # Jason Gerard DeRose <jderose@redhat.com>
---
-1.9.2
-
diff --git a/0004-NTP-Fixes.patch b/0004-NTP-Fixes.patch
deleted file mode 100644
index 3cbf2a21f3c..00000000000
--- a/0004-NTP-Fixes.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 2b3e1e8cf40dd1ea203da3f50625277c5f9c253b Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:33:44 -0400
-Subject: [PATCH 4/7] NTP Fixes
-
----
- ipa-client/ipaclient/ntpconf.py | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
-index 7c95a46..4a39200 100644
---- a/ipa-client/ipaclient/ntpconf.py
-+++ b/ipa-client/ipaclient/ntpconf.py
-@@ -109,9 +109,9 @@ def config_ntp(server_fqdn, fstore = None, sysstore = None):
- if os.path.exists(path_step_tickers):
- config_step_tickers = True
- ns = ipautil.template_str(ntp_step_tickers, sub_dict)
-- __backup_config(path_step_tickers, fstore)
-- __write_config(path_step_tickers, ns)
-- ipaservices.restore_context(path_step_tickers)
-+ #__backup_config(path_step_tickers, fstore)
-+ #__write_config(path_step_tickers, ns)
-+ #ipaservices.restore_context(path_step_tickers)
-
- if sysstore:
- module = 'ntp'
-@@ -146,7 +146,7 @@ def synconce_ntp(server_fqdn):
- if os.path.exists(ntpdate):
- # retry several times -- logic follows /etc/init.d/ntpdate
- # implementation
-- cmd = [ntpdate, "-U", "ntp", "-s", "-b", "-v", server_fqdn]
-+ cmd = [ntpdate, "-s", "-b", "-v", server_fqdn]
- for retry in range(0, 3):
- try:
- ipautil.run(cmd)
---
-1.9.2
-
diff --git a/0005-Fix-nss-includes.patch b/0005-Fix-nss-includes.patch
deleted file mode 100644
index 9291e511bae..00000000000
--- a/0005-Fix-nss-includes.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From e4a871010d86affbf1a3e9d29bf3ec366056f55a Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:34:03 -0400
-Subject: [PATCH 5/7] Fix nss includes
-
----
- util/ipa_pwd.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/util/ipa_pwd.c b/util/ipa_pwd.c
-index 761d1ef..4363706 100644
---- a/util/ipa_pwd.c
-+++ b/util/ipa_pwd.c
-@@ -27,10 +27,10 @@
- #include <stdio.h>
- #include <time.h>
- #include <ctype.h>
--#include <nss3/nss.h>
--#include <nss3/nssb64.h>
--#include <nss3/hasht.h>
--#include <nss3/pk11pub.h>
-+#include <nss/nss.h>
-+#include <nss/nssb64.h>
-+#include <nss/hasht.h>
-+#include <nss/pk11pub.h>
- #include <errno.h>
- #include "ipa_pwd.h"
-
-@@ -159,7 +159,7 @@ static int ipapwd_gentime_cmp(const void *p1, const void *p2)
-
- #define SHA_SALT_LENGTH 8
-
--/* SHA*_LENGTH leghts come from nss3/hasht.h */
-+/* SHA*_LENGTH leghts come from nss/hasht.h */
- #define SHA_HASH_MAX_LENGTH SHA512_LENGTH
-
- static int ipapwd_hash_type_to_alg(char *hash_type,
---
-1.9.2
-
diff --git a/0006-Disable-make-testcert.patch b/0006-Disable-make-testcert.patch
deleted file mode 100644
index 120e30f8f2f..00000000000
--- a/0006-Disable-make-testcert.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From e4288e533f9dc3111d4b552b51b9e236459c7415 Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:34:24 -0400
-Subject: [PATCH 6/7] Disable make testcert
-
----
- Makefile | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index eeeb605..c80ff33 100644
---- a/Makefile
-+++ b/Makefile
-@@ -110,7 +110,6 @@ lint: bootstrap-autogen
-
-
- test:
-- ./make-testcert
- ./make-test
-
- release-update:
---
-1.9.2
-
diff --git a/0007-Fix-nosetests-path.patch b/0007-Fix-nosetests-path.patch
deleted file mode 100644
index fe90c757f91..00000000000
--- a/0007-Fix-nosetests-path.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 9a3ed6203f651568f2f02debbaa223cb3e95fcfc Mon Sep 17 00:00:00 2001
-From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-Date: Wed, 16 Apr 2014 19:34:55 -0400
-Subject: [PATCH 7/7] Fix nosetests path
-
----
- make-test | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/make-test b/make-test
-index 1cf5bb3..23a5790 100755
---- a/make-test
-+++ b/make-test
-@@ -12,7 +12,7 @@ from subprocess import call
-
- versions = ('2.4', '2.5', '2.6', '2.7')
- python = '/usr/bin/python'
--nose = '/usr/bin/nosetests'
-+nose = '/usr/bin/nosetests2'
- ran = []
- fail = []
-
---
-1.9.2
-
diff --git a/PKGBUILD b/PKGBUILD
index 934eb4705be..3b14b1422f3 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,348 +1,205 @@
# Maintainer: Jan Cholasta <grubber at grubber cz>
# Contributor: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
-# Based on commit b9a15de92091334a6ff3fc9074655f6e5d9f24dd from the fedpkg
-# master branch for freeipa.
-
-# NOTE: ntp, autofs, and ntp support is currently broken because the formats of
-# the /etc/conf.d/ configuration files in Arch Linux differ from the formats of
-# Fedora's /etc/sysconfig/ configuration files.
-
-# Active directory trusts will not (probably never) work in Arch. It requires a
-# heavily patched version of Samba 4, which uses MIT Kerberos instead of
-# Heimdal. (Fedora went through 174 releases to get this working O_O)
-
-# Client only, for now
-build_server=false
-
-# AUR workaround
-pkgname=freeipa
-
pkgbase=freeipa
-: && pkgname=('freeipa')
-
-if [ "x${build_server}" == "xtrue" ]; then
- pkgname+=('freeipa-server')
-fi
-
-pkgver=3.3.5
+pkgname=(freeipa-python freeipa-client freeipa-admintools)
+pkgver=4.2.3
pkgrel=1
-pkgdesc="The Identity, Policy, and Audit system"
+pkgdesc='The Identity, Policy and Audit system'
arch=('i686' 'x86_64')
-url="http://www.freeipa.org/"
-license=('GPL')
-
-# Client dependencies
-makedepends=()
-
-# FreeIPA server dependencies
-if [ "x${build_server}" == "xtrue" ]; then
- makedepends+=('389-ds-base'
- #'libwbclient'
- 'samba'
- 'svrcore'
- 'talloc'
- 'tevent')
-
- # SELinux dependencies
- #makedepends+=('selinux-refpolicy-arch'
- # 'selinux-usr-checkpolicy'
- # 'selinux-usr-policycoreutils')
-fi
-
-# Other dependencies
-makedepends+=('curl'
- 'java-runtime>=7'
- 'krb5'
- 'libunistring'
- 'nspr'
- 'nss'
- 'openssl'
- 'openldap'
- 'popt'
- 'python2'
- 'python2-distribute'
- 'python2-dnspython'
- 'python2-kerberos'
- 'python2-krbv'
- 'python2-ldap'
- 'python2-lxml'
- 'python2-memcached'
- 'python2-m2crypto'
- 'python2-netaddr'
- 'python2-nss'
- 'python2-polib'
- 'python2-pyasn1'
- 'python2-pylint'
- 'python2-pyopenssl'
- # Red Hat specific
- #'python2-rhsm'
- 'sssd'
- 'xmlrpc-c')
-
-# Dependencies for "make check"
-checkdepends=('check' 'python2-nose')
-
-options=('!libtool')
-source=("http://www.freeipa.org/downloads/src/freeipa-${pkgver}.tar.gz"
- 'sss-auth-setup.py'
- '0001-Use-Arch-Linux-Paths.patch'
- '0002-Add-Arch-Linux-Platform.patch'
- '0003-Use-Python-2.patch'
- '0004-NTP-Fixes.patch'
- '0005-Fix-nss-includes.patch'
- '0006-Disable-make-testcert.patch'
- '0007-Fix-nosetests-path.patch')
-sha512sums=('58325e7a619eeb0170dd32a648f22e50c0df2d7bc0a7609b6f0be3b8328890e5e027ba094fd4970ac063544b4d163f4e07ac62c1b358dba5246e148c2fd830b6'
- '5f101692e311205b3706642c6f329459646aaa693683ab2d4847bd8a7f464ef99ec617b0422df8e25ec2a0dc3a68cd9bf54db4bb3013b84844df15160716adc8'
- '604927b05f248c6ee8a42c87198a3ab05aa2a98b3a8f4b9ee0352e049d9e59195eac2292b609a9f84b176875cd6640d118f7e5c35f74b042f7e03561aafd2c04'
- '7bd0dba218626f27f918b9cf15cf25183a90421ee2c792648f36e6cd75cf09f2ff04e30a9419f6033aa4d640fc1f7dcfa973fec9fc2c74354bb1e609621d449b'
- '872a172451c436fc916b72bc48733905b4f9298ece39ad737f60790e9fe2da896dfd2255f58d7aeb301c9c19a2bb2078684ca8449f9dec5dcb45fc1f5bda7b30'
- 'a70bcc98ea71e8154e7600d6bf7ed8de6bbb73d31b5ccb0b556a538e9cce78fbd71698e3be6cfa33487226e0e79d6fb8ee78d926259a4543fe4300a6b90b9a09'
- '294a6e3a09cada150dd0f21c712f312840a882acb067520b70ebd058cd4ee88863a2a828df63efc190c5608ffb0d71d60253883baddeb7487aec7b3d905abb04'
- '5bc0afc21a9a178ace728f902422683502b6cf579585bc8feab42d1f7701e8609468e92265b22c7f1f958f0f175f3287ea011e8f149fb30b231708e15b6eefd2'
- '0a79540e0df4e7b0fed8fd378411799fc5b2152795e1938df2ee6935e944517cd8c780740e8aec2f718476f3b5bd0a36113b85add04d4bdb180da5ba80c37c50')
+url='http://www.freeipa.org/'
+license=('GPL3')
+makedepends=('nspr'
+ 'nss'
+ 'openssl'
+ 'openldap'
+ 'krb5>=1.13'
+ 'libutil-linux'
+ 'curl>7.21.7'
+ 'xmlrpc-c>=1.27.4'
+ 'popt'
+ 'python2'
+ 'python2-ldap'
+ 'python2-setuptools'
+ 'python2-krbv'
+ 'python2-nss'
+ 'python2-cryptography'
+ 'python2-netaddr'
+ 'python2-kerberos>=1.1'
+ 'sssd>=1.13.1'
+ 'python2-memcached'
+ 'python2-lxml'
+ 'python2-pyasn1>=0.0.9a'
+ 'python2-qrcode'
+ 'python2-dnspython>=1.11.1'
+ 'systemd'
+ 'libunistring'
+ 'python2-yubico>=1.2.3')
+source=("http://freeipa.org/downloads/src/freeipa-$pkgver.tar.gz"
+ sss-auth-setup.py
+ archlinux.patch)
+sha256sums=('7b0e5cb834c6ca36bfe464ec4c6a226e44ce1948edd74b7c4344f43e75d9a133'
+ '012a11cdc42e0eb072eec3dd988fa910964f355ec2ae6b67ead373ad69e84e3e'
+ '3e237f89fe2d806cdc2e4694233d0e01e01996aa41036dd520b99cb6dae71eed')
+
+prepare() {
+ cd "${pkgbase}-${pkgver}"
+
+ rm -rf ipaplatform/archlinux
+
+ patch -p1 <"$srcdir"/archlinux.patch
+}
build() {
- cd "${srcdir}/${pkgbase}-${pkgver}"
-
- # Change Fedora's paths to the equivalents in Arch Linux
- patch -p1 -i "${srcdir}/0001-Use-Arch-Linux-Paths.patch"
- # Make slight changes to Fedora 18's platform code (systemd service names,
- # /bin/ -> /usr/bin/, etc) and add a minimal Arch Linux platform that
- # calls most of Fedora 18's platform, except for AuthConfig
- patch -p1 -i "${srcdir}/0002-Add-Arch-Linux-Platform.patch"
- # FreeIPA hasn't been ported to Python 3, so the code must be modified to
- # run /usr/bin/python2
- patch -p1 -i "${srcdir}/0003-Use-Python-2.patch"
- # Arch Linux's ntp does not accept the '-U' parameter and does not have a
- # /etc/sysconfig/ configuration files, so the relevant code must be removed
- patch -p1 -i "${srcdir}/0004-NTP-Fixes.patch"
- # Arch Linux's nss package installs the header files to /usr/include/nss/
- # instead of /usr/include/nss3/
- patch -p1 -i "${srcdir}/0005-Fix-nss-includes.patch"
- # make-testcert requires a running certificate server to work properly
- patch -p1 -i "${srcdir}/0006-Disable-make-testcert.patch"
- # Arch Linux's python2-nose package installs nosetests as
- # /usr/bin/nosetests2
- patch -p1 -i "${srcdir}/0007-Fix-nosetests-path.patch"
+ cd "${pkgbase}-${pkgver}"
- export SUPPORTED_PLATFORM=archlinux
- export PYTHON=python2
+ # Arch specific
+ export PYTHON=/usr/bin/python2
+ mkdir -p _install
- # Force regeneration of platform support
- rm ipapython/services.py
+ export SUPPORTED_PLATFORM=archlinux
- make version-update
+ # Force re-generate of platform support
+ export IPA_VENDOR_VERSION_SUFFIX=-$pkgrel
+ rm -f ipapython/version.py
+ rm -f ipaplatform/services.py
+ rm -f ipaplatform/tasks.py
+ rm -f ipaplatform/paths.py
+ rm -f ipaplatform/constants.py
+ make version-update
+ cd ipa-client; ../autogen.sh --prefix=/usr --sysconfdir=/etc --sbindir=/usr/bin; cd ..
- pushd ipa-client
- ../autogen.sh --prefix=/usr --sysconfdir=/etc --sbindir=/usr/bin
- popd
+ make IPA_VERSION_IS_GIT_SNAPSHOT=no client
- if [ "x${build_server}" == "xtrue" ]; then
- pushd daemons
- ../autogen.sh --prefix=/usr --sysconfdir=/etc --sbindir=/usr/bin --with-openldap
- popd
+ make client-install DESTDIR="$PWD"/_install
- pushd install
- ../autogen.sh --prefix=/usr --sysconfdir=/etc --sbindir=/usr/bin
- popd
+ mkdir -p _install/usr/share/ipa
- make IPA_VERSION_IS_GIT_SNAPSHOT=no all
- else
- make IPA_VERSION_IS_GIT_SNAPSHOT=no client
- fi
+ mkdir -p _install/etc/ipa/
+ mkdir -p _install/etc/ipa/nssdb
+ mkdir -p _install/etc/ipa/dnssec
+ mkdir -p _install/var/lib/ipa-client/sysrestore
+ mkdir -p _install/etc/bash_completion.d
+ install -pm 644 contrib/completion/ipa.bash_completion _install/etc/bash_completion.d/ipa
}
-check() {
- cd "${srcdir}/${pkgbase}-${pkgver}"
- # Tests require FreeIPA to be installed and set up
- #make test
+package_freeipa-python() {
+ pkgdesc='Python libraries used by IPA'
+ depends=('python2-kerberos>=1.1'
+ 'gnupg'
+ 'iproute2'
+ 'keyutils'
+ 'python2-nss>=0.16'
+ 'python2-cryptography'
+ 'python2-lxml'
+ 'python2-netaddr'
+ 'sssd'
+ 'python2-qrcode>=5.0.0'
+ 'python2-pyasn1'
+ 'python2-dateutil'
+ 'python2-yubico>=1.2.3'
+ 'wget'
+ 'python2-dbus'
+ 'python2-setuptools')
+
+ cd "${pkgbase}-${pkgver}"
+
+ install -D -m644 -t"$pkgdir"/usr/share/doc/$pkgname README \
+ Contributors.txt
+
+ local _file
+ for _file in _install/usr/share/locale/*/*/ipa.mo \
+ _install/usr/lib/python2.*/site-packages/ipapython \
+ _install/usr/lib/python2.*/site-packages/ipalib \
+ _install/usr/lib/python2.*/site-packages/ipaplatform \
+ _install/usr/lib/python2.*/site-packages/default_encoding_utf8.so \
+ _install/usr/lib/python2.*/site-packages/_ipap11helper.so \
+ _install/usr/lib/python2.*/site-packages/ipapython-*.egg-info \
+ _install/usr/lib/python2.*/site-packages/freeipa-*.egg-info \
+ _install/usr/lib/python2.*/site-packages/ipaplatform-*.egg-info \
+ _install/usr/lib/python2.*/site-packages/python_default_encoding-*.egg-info \
+ _install/usr/lib/python2.*/site-packages/_ipap11helper-*.egg-info \
+ _install/etc/ipa/nssdb \
+ _install/etc/ipa/dnssec
+ do
+ _file="${_file#_install/}"
+ mkdir -p "$pkgdir"/"${_file%/*}"
+ mv _install/"$_file" "$pkgdir"/"$_file"
+ done
}
-# All files are in freeipa package. This one is here only for the dependencies.
-package_freeipa-server() {
- : && pkgdesc="The IPA authentication server"
- depends=("freeipa=${pkgver}-${pkgrel}"
- '389-ds-base'
- 'acl'
- 'apache'
- 'cyrus-sasl-gssapi'
- 'keyutils'
- 'krb5'
- 'memcached'
- 'mod_auth_kerb'
- 'mod_nss'
- 'mod_wsgi'
- 'nss'
- 'ntp'
- 'openldap'
- 'python2-dnspython'
- 'python2-krbv'
- 'python2-ldap'
- 'python2-memcached'
- 'python2-pyasn1'
- 'slapi-nis'
- 'systemd'
- 'tomcat7'
- 'zip')
- optdepends=('python2-m2crypto: For Microsoft Active Directory trusts'
- 'samba: For Microsoft Active Directory trusts'
- 'sssd: For Microsoft Active Directory trusts')
- backup=('etc/ipa/html/browserconfig.html'
- 'etc/ipa/html/ffconfig.js'
- 'etc/ipa/html/ffconfig_page.js'
- 'etc/ipa/html/ipa_error.css'
- 'etc/ipa/html/ssbrowser.html'
- 'etc/ipa/html/unauthorized.html')
- # Backup files created by this package
- backup+=('etc/httpd/conf/extra/ipa-rewrite.conf'
- 'etc/httpd/conf/extra/ipa.conf'
- 'etc/httpd/conf/extra/ipa-pki-proxy.conf'
- 'usr/share/ipa/html/ca.crt')
- install=install.freeipa-server
-
- # SELinux dependencies
- #depends+=("freeipa-server-selinux=${pkgver}-${pkgrel}"
- # 'selinux-refpolicy-arch'
- # 'selinux-usr-policycoreutils')
-
- # Conflicts with mod_ssl, but that is a part of the apache package
- #conflicts=('mod_ssl')
+package_freeipa-client() {
+ pkgdesc='IPA authentication for use on clients'
+ depends=("freeipa-python=$pkgver-$pkgrel"
+ 'python2-ldap'
+ 'cyrus-sasl-gssapi'
+ 'ntp'
+ 'krb5'
+ 'pam-krb5'
+ 'curl>=7.21.7'
+ 'xmlrpc-c>=1.27.4'
+ 'sssd>=1.13.1'
+ 'certmonger>=0.78'
+ 'nss'
+ 'bind-tools'
+ 'oddjob'
+ 'python2-krbv'
+ 'python2-dnspython>=1.11.1'
+ 'autofs'
+ 'nfsidmap'
+ 'nfs-utils')
+ install=freeipa-client.install
+
+ cd "${pkgbase}-${pkgver}"
+
+ install -D -m644 -t"$pkgdir"/usr/share/doc/$pkgname README \
+ Contributors.txt
+
+ local _file
+ for _file in _install/usr/bin/ipa-client-install \
+ _install/usr/bin/ipa-client-automount \
+ _install/usr/bin/ipa-certupdate \
+ _install/usr/bin/ipa-getkeytab \
+ _install/usr/bin/ipa-rmkeytab \
+ _install/usr/bin/ipa-join \
+ _install/usr/share/ipa \
+ _install/var/lib/ipa-client/sysrestore \
+ _install/usr/lib/python2.*/site-packages/ipaclient \
+ _install/usr/share/man/man1/ipa-getkeytab.1.gz \
+ _install/usr/share/man/man1/ipa-rmkeytab.1.gz \
+ _install/usr/share/man/man1/ipa-client-install.1.gz \
+ _install/usr/share/man/man1/ipa-client-automount.1.gz \
+ _install/usr/share/man/man1/ipa-certupdate.1.gz \
+ _install/usr/share/man/man1/ipa-join.1.gz \
+ _install/usr/share/man/man5/default.conf.5.gz
+ do
+ _file="${_file#_install/}"
+ mkdir -p "$pkgdir"/"${_file%/*}"
+ mv _install/"$_file" "$pkgdir"/"$_file"
+ done
+
+ install -Dm755 "$srcdir"/sss-auth-setup.py "$pkgdir"/usr/bin/sss-auth-setup
}
-package_freeipa() {
- : && pkgdesc="IPA authentication for use on clients"
- depends=('autofs'
- 'bind'
- 'certmonger'
- 'curl'
- 'cyrus-sasl-gssapi'
- 'gnupg'
- 'iproute2'
- 'nfs-utils'
- 'nfsidmap'
- 'nss'
- 'ntp'
- 'oddjob'
- 'pam-krb5'
- 'python2-dnspython'
- 'python2-kerberos'
- 'python2-krbv'
- 'python2-ldap'
- 'python2-lxml'
- 'python2-netaddr'
- 'python2-nss'
- 'python2-pyopenssl'
- 'sssd'
- 'wget'
- 'xmlrpc-c')
- backup=('etc/ipa/default.conf'
- 'etc/ipa/ca.crt')
- install=install.freeipa
-
- # authconfig is Fedora specific
- #depends+=('authconfig')
-
- install -dm755 "${pkgdir}/usr/bin/"
- install -m755 "${srcdir}/sss-auth-setup.py" \
- "${pkgdir}/usr/bin/sss-auth-setup"
-
- cd "${srcdir}/${pkgbase}-${pkgver}"
-
- export SUPPORTED_PLATFORM=archlinux
- export PYTHON=python2
-
- # Force regeneration of platform support
- rm ipapython/services.py
-
- if [ "x${build_server}" == "xtrue" ]; then
- make install DESTDIR="${pkgdir}"
- else
- make client-install DESTDIR="${pkgdir}"
- fi
-
- if [ "x${build_server}" == "xtrue" ]; then
- # Some user-modifiable HTML files are provided. Move these to /etc and link
- # back.
- install -dm755 "${pkgdir}/etc/ipa/html/"
- install -dm755 "${pkgdir}/var/cache/ipa/sysrestore/"
- install -dm755 "${pkgdir}/var/cache/ipa/sysupgrade/"
- install -dm755 "${pkgdir}/usr/share/ipa/html/"
- ln -s ../../../../etc/ipa/html/ffconfig.js \
- "${pkgdir}/usr/share/ipa/html/ffconfig.js"
- ln -s ../../../../etc/ipa/html/ffconfig_page.js \
- "${pkgdir}/usr/share/ipa/html/ffconfig_page.js"
- ln -s ../../../../etc/ipa/html/ssbrowser.html \
- "${pkgdir}/usr/share/ipa/html/ssbrowser.html"
- ln -s ../../../../etc/ipa/html/unauthorized.html \
- "${pkgdir}/usr/share/ipa/html/unauthorized.html"
- ln -s ../../../../etc/ipa/html/browserconfig.html \
- "${pkgdir}/usr/share/ipa/html/browserconfig.html"
- ln -s ../../../../etc/ipa/html/ipa_error.css \
- "${pkgdir}/usr/share/ipa/html/ipa_error.css"
-
- # So we can own our Apache configuration
- install -dm755 "${pkgdir}/etc/httpd/conf/extra/"
- touch "${pkgdir}/etc/httpd/conf/extra/ipa.conf"
- touch "${pkgdir}/etc/httpd/conf/extra/ipa-pki-proxy.conf"
- touch "${pkgdir}/etc/httpd/conf/extra/ipa-rewrite.conf"
- install -dm755 "${pkgdir}/usr/share/ipa/html/"
- touch "${pkgdir}/usr/share/ipa/html/ca.crt"
- touch "${pkgdir}/usr/share/ipa/html/configure.jar"
- touch "${pkgdir}/usr/share/ipa/html/kerberosauth.xpi"
- touch "${pkgdir}/usr/share/ipa/html/krb.con"
- touch "${pkgdir}/usr/share/ipa/html/krb.js"
- touch "${pkgdir}/usr/share/ipa/html/krb5.ini"
- touch "${pkgdir}/usr/share/ipa/html/krbrealm.con"
- touch "${pkgdir}/usr/share/ipa/html/preferences.html"
-
- # systemd service
- install -dm755 "${pkgdir}/usr/lib/systemd/system/"
- install -m644 \
- init/systemd/ipa.service \
- init/systemd/ipa_memcached.service \
- "${pkgdir}/usr/lib/systemd/system/"
-
- # Configuration files
- install -dm755 "${pkgdir}/etc/conf.d/"
- install -m644 init/ipa_memcached.conf \
- "${pkgdir}/etc/conf.d/"
-
- # /run
- install -dm755 "${pkgdir}/run/"
- install -dm700 "${pkgdir}/run/ipa/"
- install -dm700 "${pkgdir}/run/ipa_memcached/"
-
- # systemd tmpfiles.d configuration
- install -dm755 "${pkgdir}/usr/lib/tmpfiles.d/"
- install -m644 init/systemd/ipa.conf.tmpfiles \
- "${pkgdir}/usr/lib/tmpfiles.d/ipa.conf"
-
- # bash completion configuration files
- install -dm755 "${pkgdir}/etc/bash_completion.d/"
- install -m644 contrib/completion/ipa.bash_completion \
- "${pkgdir}/etc/bash_completion.d/ipa"
-
- # Web UI plugin dir
- install -dm755 "${pkgdir}/usr/share/ipa/ui/js/plugins/"
-
- # Backup directory
- install -dm755 "${pkgdir}/var/lib/ipa/backup/"
- fi
-
- install -dm755 "${pkgdir}/var/lib/ipa-client/sysrestore/"
-
- # /etc/ipa/ is needed for ipa-client-install
- install -dm755 "${pkgdir}/etc/ipa/"
-
- # Fix filenames
- pushd "${pkgdir}/usr/lib/python2.7/site-packages/"
- mv ipapython-${pkgver}*-py2.7.egg-info ipapython-${pkgver}-py2.7.egg-info
- popd
-
- find "${pkgdir}/" \( -name '*.pyc' -o -name '*.pyo' \) -delete
-
- # Not packaging the tests for now
- find "${pkgdir}/" -type f | grep '\.py' | grep ipatests | xargs rm -f
+package_freeipa-admintools() {
+ pkgdesc="IPA administrative tools"
+ depends=("freeipa-python=$pkgver-$pkgrel"
+ "freeipa-client=$pkgver-$pkgrel"
+ 'python2-krbv'
+ 'python2-ldap')
+
+ cd "${pkgbase}-${pkgver}"
+
+ install -D -m644 -t"$pkgdir"/usr/share/doc/$pkgname README \
+ Contributors.txt
+
+ local _file
+ for _file in _install/usr/bin/ipa \
+ _install/etc/bash_completion.d \
+ _install/usr/share/man/man1/ipa.1
+ do
+ _file="${_file#_install/}"
+ mkdir -p "$pkgdir"/"${_file%/*}"
+ mv _install/"$_file" "$pkgdir"/"$_file"
+ done
}
diff --git a/archlinux.patch b/archlinux.patch
new file mode 100644
index 00000000000..5035bf3a90c
--- /dev/null
+++ b/archlinux.patch
@@ -0,0 +1,376 @@
+From 4578e73df81f2edc0e2d1dc6799be54ae4ed6971 Mon Sep 17 00:00:00 2001
+From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
+Date: Wed, 16 Apr 2014 19:31:08 -0400
+Subject: [PATCH] Add Arch Linux Platform
+
+This patch has been adapted from the patches and sss-auth-setup.py script
+provided with freeipa in AUR.
+
+Signed-off-by: Jan Cholasta <jcholast@redhat.com>
+---
+ ipa-client/ipa-install/ipa-client-install | 32 -------------------------------
+ ipa-client/ipaclient/ipa_certupdate.py | 12 ------------
+ ipa-client/ipaclient/ntpconf.py | 6 +++---
+ ipa-client/man/ipa-client-automount.1 | 4 ++--
+ ipa-client/man/ipa-client-install.1 | 5 ++---
+ ipaplatform/archlinux/__init__.py | 3 +++
+ ipaplatform/archlinux/authconfig.py | 22 +++++++++++++++++++++
+ ipaplatform/archlinux/constants.py | 12 ++++++++++++
+ ipaplatform/archlinux/paths.py | 21 ++++++++++++++++++++
+ ipaplatform/archlinux/services.py | 29 ++++++++++++++++++++++++++++
+ ipaplatform/archlinux/tasks.py | 16 ++++++++++++++++
+ ipaplatform/setup.py.in | 1 +
+ ipapython/certmonger.py | 12 +++---------
+ 13 files changed, 114 insertions(+), 61 deletions(-)
+ create mode 100644 ipaplatform/archlinux/__init__.py
+ create mode 100644 ipaplatform/archlinux/authconfig.py
+ create mode 100644 ipaplatform/archlinux/constants.py
+ create mode 100644 ipaplatform/archlinux/paths.py
+ create mode 100644 ipaplatform/archlinux/services.py
+ create mode 100644 ipaplatform/archlinux/tasks.py
+
+diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
+index 789ff59..1d57245 100755
+--- a/ipa-client/ipa-install/ipa-client-install
++++ b/ipa-client/ipa-install/ipa-client-install
+@@ -536,7 +536,6 @@ def uninstall(options, env):
+ hostname = socket.getfqdn()
+
+ ipa_db = certdb.NSSDatabase(paths.IPA_NSSDB_DIR)
+- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR)
+
+ cmonger = services.knownservices.certmonger
+ if ipa_db.has_nickname('Local IPA host'):
+@@ -547,15 +546,6 @@ def uninstall(options, env):
+ root_logger.error("%s failed to stop tracking certificate: %s",
+ cmonger.service_name, e)
+
+- client_nss_nickname = 'IPA Machine Certificate - %s' % hostname
+- if sys_db.has_nickname(client_nss_nickname):
+- try:
+- certmonger.stop_tracking(paths.NSS_DB_DIR,
+- nickname=client_nss_nickname)
+- except RuntimeError, e:
+- root_logger.error("%s failed to stop tracking certificate: %s",
+- cmonger.service_name, e)
+-
+ # Remove our host cert and CA cert
+ try:
+ ipa_certs = ipa_db.list_certs()
+@@ -570,15 +560,6 @@ def uninstall(options, env):
+ os.path.join(ipa_db.secdir, 'pwdfile.txt')):
+ remove_file(filename)
+
+- for nickname, trust_flags in ipa_certs:
+- while sys_db.has_nickname(nickname):
+- try:
+- sys_db.delete_cert(nickname)
+- except Exception, e:
+- root_logger.error("Failed to remove %s from %s: %s",
+- nickname, sys_db.secdir, e)
+- break
+-
+ # Remove any special principal names we added to the IPA CA helper
+ certmonger.remove_principal_from_cas()
+
+@@ -2883,19 +2864,6 @@ def install(options, env, fstore, statestore):
+ # Add the CA certificates to the platform-dependant systemwide CA store
+ tasks.insert_ca_certs_into_systemwide_ca_store(ca_certs)
+
+- # Add the CA certificates to the default NSS database
+- root_logger.debug(
+- "Attempting to add CA certificates to the default NSS database.")
+- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR)
+- for cert, nickname, trust_flags in ca_certs_trust:
+- try:
+- sys_db.add_cert(cert, nickname, trust_flags)
+- except CalledProcessError, e:
+- root_logger.error(
+- "Failed to add %s to the default NSS database.", nickname)
+- return CLIENT_INSTALL_ERROR
+- root_logger.info("Added CA certificates to the default NSS database.")
+-
+ if not options.on_master:
+ client_dns(cli_server[0], hostname, options)
+ configure_certmonger(fstore, subject_base, cli_realm, hostname,
+diff --git a/ipa-client/ipaclient/ipa_certupdate.py b/ipa-client/ipaclient/ipa_certupdate.py
+index a953067..4cb8872 100644
+--- a/ipa-client/ipaclient/ipa_certupdate.py
++++ b/ipa-client/ipaclient/ipa_certupdate.py
+@@ -94,17 +94,6 @@ class CertUpdate(admintool.AdminTool):
+ self.update_file(paths.IPA_CA_CRT, certs)
+
+ ipa_db = certdb.NSSDatabase(paths.IPA_NSSDB_DIR)
+- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR)
+-
+- # Remove IPA certs from /etc/pki/nssdb
+- for nickname, trust_flags in ipa_db.list_certs():
+- while sys_db.has_nickname(nickname):
+- try:
+- sys_db.delete_cert(nickname)
+- except ipautil.CalledProcessError, e:
+- self.log.error("Failed to remove %s from %s: %s",
+- nickname, sys_db.secdir, e)
+- break
+
+ # Remove old IPA certs from /etc/ipa/nssdb
+ for nickname in ('IPA CA', 'External CA cert'):
+@@ -117,7 +106,6 @@ class CertUpdate(admintool.AdminTool):
+ break
+
+ self.update_db(ipa_db.secdir, certs)
+- self.update_db(sys_db.secdir, certs)
+
+ tasks.remove_ca_certs_from_systemwide_ca_store()
+ tasks.insert_ca_certs_into_systemwide_ca_store(certs)
+diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py
+index 9a7db65..3c26eef 100644
+--- a/ipa-client/ipaclient/ntpconf.py
++++ b/ipa-client/ipaclient/ntpconf.py
+@@ -112,9 +112,9 @@ def config_ntp(ntp_servers, fstore = None, sysstore = None):
+ if os.path.exists(path_step_tickers):
+ config_step_tickers = True
+ ns = ipautil.template_str(ntp_step_tickers, sub_dict)
+- __backup_config(path_step_tickers, fstore)
+- __write_config(path_step_tickers, ns)
+- tasks.restore_context(path_step_tickers)
++ #__backup_config(path_step_tickers, fstore)
++ #__write_config(path_step_tickers, ns)
++ #tasks.restore_context(path_step_tickers)
+
+ if sysstore:
+ module = 'ntp'
+diff --git a/ipa-client/man/ipa-client-automount.1 b/ipa-client/man/ipa-client-automount.1
+index 5b60503..16ccbea 100644
+--- a/ipa-client/man/ipa-client-automount.1
++++ b/ipa-client/man/ipa-client-automount.1
+@@ -29,7 +29,7 @@ The automount configuration consists of three files:
+ .IP o
+ /etc/nsswitch.conf
+ .IP o
+-/etc/sysconfig/autofs
++/etc/conf.d/autofs
+ .IP o
+ /etc/autofs_ldap_auth.conf
+
+@@ -79,7 +79,7 @@ Files that will be configured when SSSD is the automount client (default):
+ .TP
+ Files that will be configured when using the ldap automount client:
+
+-/etc/sysconfig/autofs
++/etc/conf.d/autofs
+
+ /etc/autofs_ldap_auth.conf
+
+diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1
+index 0fafd8a..9ffcd05 100644
+--- a/ipa-client/man/ipa-client-install.1
++++ b/ipa-client/man/ipa-client-install.1
+@@ -235,7 +235,7 @@ Files that will be replaced if they exist and SSSD is not configured (\-\-no\-ss
+ Files replaced if NTP is enabled:
+
+ /etc/ntp.conf\p
+-/etc/sysconfig/ntpd\p
++/etc/conf.d/ntpd.conf\p
+ /etc/ntp/step\-tickers\p
+ .TP
+ Files always created (replacing existing content):
+@@ -249,9 +249,8 @@ Files always created (replacing existing content):
+ Files updated, existing content is maintained:
+
+ /etc/nsswitch.conf\p
+-/etc/pki/nssdb\p
+ /etc/krb5.keytab\p
+-/etc/sysconfig/network\p
++/etc/hostname\p
+ .SH "EXIT STATUS"
+ 0 if the installation was successful
+
+diff --git a/ipaplatform/archlinux/__init__.py b/ipaplatform/archlinux/__init__.py
+new file mode 100644
+index 0000000..9da42e7
+--- /dev/null
++++ b/ipaplatform/archlinux/__init__.py
+@@ -0,0 +1,3 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
+diff --git a/ipaplatform/archlinux/authconfig.py b/ipaplatform/archlinux/authconfig.py
+new file mode 100644
+index 0000000..620b057
+--- /dev/null
++++ b/ipaplatform/archlinux/authconfig.py
+@@ -0,0 +1,22 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
++
++from ipaplatform.base.authconfig import AuthConfig
++
++
++class ArchLinuxAuthConfig(AuthConfig):
++ """
++ Arch Linux implementation of the AuthConfig class.
++
++ The freeipa package includes a sss-auth-setup.py Python 2 script which
++ will set up both the NSS and PAM configuration. However, this script
++ modifies the PAM configuration files directly, so the changes need to
++ be undone before pacman updates anything in /etc/pam.d/ and if any new
++ configuration files are added.
++
++ It's probably best to have this handled manually.
++ """
++
++ def execute(self):
++ raise NotImplementedError
+diff --git a/ipaplatform/archlinux/constants.py b/ipaplatform/archlinux/constants.py
+new file mode 100644
+index 0000000..459c22c
+--- /dev/null
++++ b/ipaplatform/archlinux/constants.py
+@@ -0,0 +1,12 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
++
++from ipaplatform.base.constants import BaseConstantsNamespace
++
++
++class ArchLinuxConstantsNamespace(BaseConstantsNamespace):
++ pass
++
++
++constants = ArchLinuxConstantsNamespace()
+diff --git a/ipaplatform/archlinux/paths.py b/ipaplatform/archlinux/paths.py
+new file mode 100644
+index 0000000..d5b5da5
+--- /dev/null
++++ b/ipaplatform/archlinux/paths.py
+@@ -0,0 +1,21 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
++
++from ipaplatform.redhat.paths import RedHatPathNamespace
++
++
++class ArchLinuxPathNamespace(RedHatPathNamespace):
++ AUTOFS_LDAP_AUTH_CONF = "/etc/autofs/autofs_ldap_auth.conf"
++ SYSCONFIG_NFS = "/etc/conf.d/nfs-common.conf"
++ SYSCONFIG_NTPD = "/etc/conf.d/ntpd.conf"
++ SYSCONFIG_AUTOFS = "/etc/default/autofs"
++ DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = (
++ "/usr/lib/certmonger/certmonger/dogtag-ipa-ca-renew-agent-submit")
++ DOGTAG_IPA_RENEW_AGENT_SUBMIT = (
++ "/usr/lib/certmonger/certmonger/dogtag-ipa-renew-agent-submit")
++ IPA_SERVER_GUARD = "/usr/lib/certmonger/certmonger/ipa-server-guard"
++ LIB64_FIREFOX = "/usr/lib/firefox"
++
++
++paths = ArchLinuxPathNamespace()
+diff --git a/ipaplatform/archlinux/services.py b/ipaplatform/archlinux/services.py
+new file mode 100644
+index 0000000..4230e62
+--- /dev/null
++++ b/ipaplatform/archlinux/services.py
+@@ -0,0 +1,29 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
++
++from ipaplatform.redhat.services import (
++ redhat_system_units, RedHatService, redhat_service_class_factory,
++ RedHatServices, timedate_services)
++
++archlinux_system_units = dict(redhat_system_units)
++archlinux_system_units['messagebus'] = 'dbus.service'
++archlinux_system_units['rpcgssd'] = 'rpc-gssd.service'
++archlinux_system_units['rpcidmapd'] = 'rpc-idmapd.service'
++
++
++class ArchLinuxService(RedHatService):
++ system_units = archlinux_system_units
++
++
++def archlinux_service_class_factory(name):
++ return ArchLinuxService(name)
++
++
++class ArchLinuxServices(RedHatServices):
++ def service_class_factory(self, name):
++ return archlinux_service_class_factory(name)
++
++
++service = archlinux_service_class_factory
++knownservices = ArchLinuxServices()
+diff --git a/ipaplatform/archlinux/tasks.py b/ipaplatform/archlinux/tasks.py
+new file mode 100644
+index 0000000..654eb9a
+--- /dev/null
++++ b/ipaplatform/archlinux/tasks.py
+@@ -0,0 +1,16 @@
++#
++# Copyright (C) 2015 FreeIPA Contributors see COPYING for license
++#
++
++from ipaplatform.archlinux.paths import paths
++from ipaplatform.base.tasks import BaseTaskNamespace
++
++
++class ArchLinuxTaskNamespace(BaseTaskNamespace):
++ def restore_network_configuration(self, fstore, statestore):
++ filepath = paths.ETC_HOSTNAME
++ if fstore.has_file(filepath):
++ fstore.restore_file(filepath)
++
++
++tasks = ArchLinuxTaskNamespace()
+diff --git a/ipaplatform/setup.py.in b/ipaplatform/setup.py.in
+index 944e686..1fcaab0 100644
+--- a/ipaplatform/setup.py.in
++++ b/ipaplatform/setup.py.in
+@@ -66,6 +66,7 @@ def setup_package():
+ classifiers=filter(None, CLASSIFIERS.split('\n')),
+ package_dir = {'ipaplatform': ''},
+ packages = ["ipaplatform",
++ "ipaplatform.archlinux",
+ "ipaplatform.base",
+ "ipaplatform.fedora",
+ "ipaplatform.redhat",
+diff --git a/ipapython/certmonger.py b/ipapython/certmonger.py
+index b376768..b22ce24 100644
+--- a/ipapython/certmonger.py
++++ b/ipapython/certmonger.py
+@@ -418,7 +418,7 @@ def add_principal_to_cas(principal):
+ If the hostname we were passed to use in ipa-client-install doesn't
+ match the value of gethostname() then we need to append
+ -k host/HOSTNAME@REALM to the ca helper defined for
+- /usr/libexec/certmonger/ipa-submit.
++ /usr/lib/certmonger/certmonger/ipa-submit.
+
+ We also need to restore this on uninstall.
+ """
+@@ -493,18 +493,12 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command,
+ params['KEY_PIN_FILE'] = os.path.abspath(pinfile)
+ if pre_command:
+ if not os.path.isabs(pre_command):
+- if sys.maxsize > 2**32L:
+- libpath = 'lib64'
+- else:
+- libpath = 'lib'
++ libpath = 'lib'
+ pre_command = certmonger_cmd_template % (libpath, pre_command)
+ params['cert-presave-command'] = pre_command
+ if post_command:
+ if not os.path.isabs(post_command):
+- if sys.maxsize > 2**32L:
+- libpath = 'lib64'
+- else:
+- libpath = 'lib'
++ libpath = 'lib'
+ post_command = certmonger_cmd_template % (libpath, post_command)
+ params['cert-postsave-command'] = post_command
+ if profile:
+--
+2.6.4
+
diff --git a/freeipa-client.install b/freeipa-client.install
new file mode 100644
index 00000000000..07a72603e78
--- /dev/null
+++ b/freeipa-client.install
@@ -0,0 +1,60 @@
+post_upgrade() {
+ # Has the client been configured?
+ restore=0
+ test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
+
+ if [ -f '/etc/sssd/sssd.conf' -a $restore -ge 2 ]; then
+ if ! grep -E -q '/var/lib/sss/pubconf/krb5.include.d/' /etc/krb5.conf 2>/dev/null ; then
+ echo "includedir /var/lib/sss/pubconf/krb5.include.d/" > /etc/krb5.conf.ipanew
+ cat /etc/krb5.conf >> /etc/krb5.conf.ipanew
+ mv -Z /etc/krb5.conf.ipanew /etc/krb5.conf
+ fi
+ fi
+
+ if [ -f '/etc/sysconfig/ntpd' -a $restore -ge 2 ]; then
+ if grep -E -q 'OPTIONS=.*-u ntp:ntp' /etc/sysconfig/ntpd 2>/dev/null; then
+ sed -r '/OPTIONS=/ { s/\s+-u ntp:ntp\s+/ /; s/\s*-u ntp:ntp\s*// }' /etc/sysconfig/ntpd >/etc/sysconfig/ntpd.ipanew
+ mv -Z /etc/sysconfig/ntpd.ipanew /etc/sysconfig/ntpd
+
+ /bin/systemctl condrestart ntpd.service 2>&1 || :
+ fi
+ fi
+
+ if [ ! -f '/etc/ipa/nssdb/cert8.db' -a $restore -ge 2 ]; then
+ python2 -c 'from ipapython.certdb import create_ipa_nssdb; create_ipa_nssdb()' >/dev/null 2>&1
+ fi
+
+ # Has the client been configured?
+ restore=0
+ test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
+
+ if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then
+ if grep -E -q '^(AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys|PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u)$' /etc/ssh/sshd_config 2>/dev/null; then
+ sed -r '
+ /^(AuthorizedKeysCommand(User|RunAs)|PubKeyAgentRunAs)[ \t]/ d
+ ' /etc/ssh/sshd_config >/etc/ssh/sshd_config.ipanew
+
+ if /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandUser=nobody'; then
+ sed -ri '
+ s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
+ s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandUser nobody/
+ ' /etc/ssh/sshd_config.ipanew
+ elif /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandRunAs=nobody'; then
+ sed -ri '
+ s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
+ s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandRunAs nobody/
+ ' /etc/ssh/sshd_config.ipanew
+ elif /usr/sbin/sshd -t -f /dev/null -o 'PubKeyAgent=/usr/bin/sss_ssh_authorizedkeys %u' -o 'PubKeyAgentRunAs=nobody'; then
+ sed -ri '
+ s/^AuthorizedKeysCommand (.+)$/PubKeyAgent \1 %u/
+ s/^PubKeyAgent .*$/\0\nPubKeyAgentRunAs nobody/
+ ' /etc/ssh/sshd_config.ipanew
+ fi
+
+ mv -Z /etc/ssh/sshd_config.ipanew /etc/ssh/sshd_config
+ chmod 600 /etc/ssh/sshd_config
+
+ /bin/systemctl condrestart sshd.service 2>&1 || :
+ fi
+ fi
+}
diff --git a/install.freeipa b/install.freeipa
deleted file mode 100644
index 4d2bd0e9788..00000000000
--- a/install.freeipa
+++ /dev/null
@@ -1,47 +0,0 @@
-post_upgrade() {
- # Has the client been configured?
- restore=0
- test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' | awk '{print $1}')
-
- if [ -f '/etc/sssd/sssd.conf' -a $restore -ge 2 ]; then
- if ! grep -Eq '/var/lib/sss/pubconf/krb5.include.d/' /etc/krb5.conf 2>/dev/null; then
- echo "includedir /var/lib/sss/pubconf/krb5.include.d/" > /etc/krb5.conf.ipanew
- cat /etc/krb5.conf >> /etc/krb5.conf.ipanew
- mv /etc/krb5.conf.ipanew /etc/krb5.conf
- fi
- fi
-
- # Has the client been configured?
- restore=0
- test -f '/var/lib/ipa-client/sysrestore/sysrestore.index' \
- && restore=$(wc -l '/var/lib/ipa-client/sysrestore/sysrestore.index' \
- | awk '{print $1}')
-
- if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then
- if grep -Eq '^(AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys|PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u)$' /etc/ssh/sshd_config 2>/dev/null; then
- sed -r '
- /^(AuthorizedKeysCommand(User|RunAs)|PubKeyAgentRunAs)[ \t]/ d
- ' /etc/ssh/sshd_config >/etc/ssh/sshd_config.ipanew
-
- if /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandUser=nobody'; then
- sed -ri '
- s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
- s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandUser nobody/
- ' /etc/ssh/sshd_config.ipanew
- elif /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandRunAs=nobody'; then
- sed -ri '
- s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
- s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandRunAs nobody/
- ' /etc/ssh/sshd_config.ipanew
- elif /usr/sbin/sshd -t -f /dev/null -o 'PubKeyAgent=/usr/bin/sss_ssh_authorizedkeys %u' -o 'PubKeyAgentRunAs=nobody'; then
- sed -ri '
- s/^AuthorizedKeysCommand (.+)$/PubKeyAgent \1 %u/
- s/^PubKeyAgent .*$/\0\nPubKeyAgentRunAs nobody/
- ' /etc/ssh/sshd_config.ipanew
- fi
-
- mv /etc/ssh/sshd_config.ipanew /etc/ssh/sshd_config
- chmod 600 /etc/ssh/sshd_config
- fi
- fi
-}
diff --git a/install.freeipa-server b/install.freeipa-server
deleted file mode 100644
index 08aa85b15e7..00000000000
--- a/install.freeipa-server
+++ /dev/null
@@ -1,34 +0,0 @@
-post_install() {
- # Fedora updates systemd and attempts to restart the service, but Arch usually
- # does not do this.
- #systemctl --system daemon-reload
-
- echo "Please install the optional dependencies to set up trusts for Microsoft's"
- echo "Active Directory. The winbind_krb5_locator.so plugin in the samba package"
- echo "will also have to be removed."
- echo
- echo "IMPORTANT: You MUST include the following files in /etc/httpd/httpd.conf after"
- echo "running ipa-server-install if you want web access to the administration GUI:"
- echo " /etc/httpd/conf/extra/ipa-rewrite.conf"
- echo " /etc/httpd/conf/extra/ipa.conf"
- echo " /etc/httpd/conf/extra/ipa-pki-proxy.conf"
-}
-
-post_upgrade() {
- # Update FreeIPA's configuration. It is safe to run even when the
- # configuration files do not need to be updated.
- ipa-upgradeconfig
- ipa-ldap-updater --upgrade
-}
-
-post_remove() {
- # Remove %ghost'ed (from Fedora's spec) files
- rm -vf \
- /usr/share/ipa/html/configure.jar \
- /usr/share/ipa/html/kerberosauth.xpi \
- /usr/share/ipa/html/krb.con \
- /usr/share/ipa/html/krb.js \
- /usr/share/ipa/html/krb5.ini \
- /usr/share/ipa/html/krbrealm.con \
- /usr/share/ipa/html/preferences.html
-}
diff --git a/sss-auth-setup.py b/sss-auth-setup.py
index efc6eadcd62..38a0d435b54 100755
--- a/sss-auth-setup.py
+++ b/sss-auth-setup.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/env python2
# Written by: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
# License: GPLv3