diff options
Diffstat (limited to 'archlinux.patch')
-rw-r--r-- | archlinux.patch | 376 |
1 files changed, 0 insertions, 376 deletions
diff --git a/archlinux.patch b/archlinux.patch deleted file mode 100644 index 5035bf3a90c0..000000000000 --- a/archlinux.patch +++ /dev/null @@ -1,376 +0,0 @@ -From 4578e73df81f2edc0e2d1dc6799be54ae4ed6971 Mon Sep 17 00:00:00 2001 -From: Xiao-Long Chen <chenxiaolong@cxl.epac.to> -Date: Wed, 16 Apr 2014 19:31:08 -0400 -Subject: [PATCH] Add Arch Linux Platform - -This patch has been adapted from the patches and sss-auth-setup.py script -provided with freeipa in AUR. - -Signed-off-by: Jan Cholasta <jcholast@redhat.com> ---- - ipa-client/ipa-install/ipa-client-install | 32 ------------------------------- - ipa-client/ipaclient/ipa_certupdate.py | 12 ------------ - ipa-client/ipaclient/ntpconf.py | 6 +++--- - ipa-client/man/ipa-client-automount.1 | 4 ++-- - ipa-client/man/ipa-client-install.1 | 5 ++--- - ipaplatform/archlinux/__init__.py | 3 +++ - ipaplatform/archlinux/authconfig.py | 22 +++++++++++++++++++++ - ipaplatform/archlinux/constants.py | 12 ++++++++++++ - ipaplatform/archlinux/paths.py | 21 ++++++++++++++++++++ - ipaplatform/archlinux/services.py | 29 ++++++++++++++++++++++++++++ - ipaplatform/archlinux/tasks.py | 16 ++++++++++++++++ - ipaplatform/setup.py.in | 1 + - ipapython/certmonger.py | 12 +++--------- - 13 files changed, 114 insertions(+), 61 deletions(-) - create mode 100644 ipaplatform/archlinux/__init__.py - create mode 100644 ipaplatform/archlinux/authconfig.py - create mode 100644 ipaplatform/archlinux/constants.py - create mode 100644 ipaplatform/archlinux/paths.py - create mode 100644 ipaplatform/archlinux/services.py - create mode 100644 ipaplatform/archlinux/tasks.py - -diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install -index 789ff59..1d57245 100755 ---- a/ipa-client/ipa-install/ipa-client-install -+++ b/ipa-client/ipa-install/ipa-client-install -@@ -536,7 +536,6 @@ def uninstall(options, env): - hostname = socket.getfqdn() - - ipa_db = certdb.NSSDatabase(paths.IPA_NSSDB_DIR) -- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR) - - cmonger = services.knownservices.certmonger - if ipa_db.has_nickname('Local IPA host'): -@@ -547,15 +546,6 @@ def uninstall(options, env): - root_logger.error("%s failed to stop tracking certificate: %s", - cmonger.service_name, e) - -- client_nss_nickname = 'IPA Machine Certificate - %s' % hostname -- if sys_db.has_nickname(client_nss_nickname): -- try: -- certmonger.stop_tracking(paths.NSS_DB_DIR, -- nickname=client_nss_nickname) -- except RuntimeError, e: -- root_logger.error("%s failed to stop tracking certificate: %s", -- cmonger.service_name, e) -- - # Remove our host cert and CA cert - try: - ipa_certs = ipa_db.list_certs() -@@ -570,15 +560,6 @@ def uninstall(options, env): - os.path.join(ipa_db.secdir, 'pwdfile.txt')): - remove_file(filename) - -- for nickname, trust_flags in ipa_certs: -- while sys_db.has_nickname(nickname): -- try: -- sys_db.delete_cert(nickname) -- except Exception, e: -- root_logger.error("Failed to remove %s from %s: %s", -- nickname, sys_db.secdir, e) -- break -- - # Remove any special principal names we added to the IPA CA helper - certmonger.remove_principal_from_cas() - -@@ -2883,19 +2864,6 @@ def install(options, env, fstore, statestore): - # Add the CA certificates to the platform-dependant systemwide CA store - tasks.insert_ca_certs_into_systemwide_ca_store(ca_certs) - -- # Add the CA certificates to the default NSS database -- root_logger.debug( -- "Attempting to add CA certificates to the default NSS database.") -- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR) -- for cert, nickname, trust_flags in ca_certs_trust: -- try: -- sys_db.add_cert(cert, nickname, trust_flags) -- except CalledProcessError, e: -- root_logger.error( -- "Failed to add %s to the default NSS database.", nickname) -- return CLIENT_INSTALL_ERROR -- root_logger.info("Added CA certificates to the default NSS database.") -- - if not options.on_master: - client_dns(cli_server[0], hostname, options) - configure_certmonger(fstore, subject_base, cli_realm, hostname, -diff --git a/ipa-client/ipaclient/ipa_certupdate.py b/ipa-client/ipaclient/ipa_certupdate.py -index a953067..4cb8872 100644 ---- a/ipa-client/ipaclient/ipa_certupdate.py -+++ b/ipa-client/ipaclient/ipa_certupdate.py -@@ -94,17 +94,6 @@ class CertUpdate(admintool.AdminTool): - self.update_file(paths.IPA_CA_CRT, certs) - - ipa_db = certdb.NSSDatabase(paths.IPA_NSSDB_DIR) -- sys_db = certdb.NSSDatabase(paths.NSS_DB_DIR) -- -- # Remove IPA certs from /etc/pki/nssdb -- for nickname, trust_flags in ipa_db.list_certs(): -- while sys_db.has_nickname(nickname): -- try: -- sys_db.delete_cert(nickname) -- except ipautil.CalledProcessError, e: -- self.log.error("Failed to remove %s from %s: %s", -- nickname, sys_db.secdir, e) -- break - - # Remove old IPA certs from /etc/ipa/nssdb - for nickname in ('IPA CA', 'External CA cert'): -@@ -117,7 +106,6 @@ class CertUpdate(admintool.AdminTool): - break - - self.update_db(ipa_db.secdir, certs) -- self.update_db(sys_db.secdir, certs) - - tasks.remove_ca_certs_from_systemwide_ca_store() - tasks.insert_ca_certs_into_systemwide_ca_store(certs) -diff --git a/ipa-client/ipaclient/ntpconf.py b/ipa-client/ipaclient/ntpconf.py -index 9a7db65..3c26eef 100644 ---- a/ipa-client/ipaclient/ntpconf.py -+++ b/ipa-client/ipaclient/ntpconf.py -@@ -112,9 +112,9 @@ def config_ntp(ntp_servers, fstore = None, sysstore = None): - if os.path.exists(path_step_tickers): - config_step_tickers = True - ns = ipautil.template_str(ntp_step_tickers, sub_dict) -- __backup_config(path_step_tickers, fstore) -- __write_config(path_step_tickers, ns) -- tasks.restore_context(path_step_tickers) -+ #__backup_config(path_step_tickers, fstore) -+ #__write_config(path_step_tickers, ns) -+ #tasks.restore_context(path_step_tickers) - - if sysstore: - module = 'ntp' -diff --git a/ipa-client/man/ipa-client-automount.1 b/ipa-client/man/ipa-client-automount.1 -index 5b60503..16ccbea 100644 ---- a/ipa-client/man/ipa-client-automount.1 -+++ b/ipa-client/man/ipa-client-automount.1 -@@ -29,7 +29,7 @@ The automount configuration consists of three files: - .IP o - /etc/nsswitch.conf - .IP o --/etc/sysconfig/autofs -+/etc/conf.d/autofs - .IP o - /etc/autofs_ldap_auth.conf - -@@ -79,7 +79,7 @@ Files that will be configured when SSSD is the automount client (default): - .TP - Files that will be configured when using the ldap automount client: - --/etc/sysconfig/autofs -+/etc/conf.d/autofs - - /etc/autofs_ldap_auth.conf - -diff --git a/ipa-client/man/ipa-client-install.1 b/ipa-client/man/ipa-client-install.1 -index 0fafd8a..9ffcd05 100644 ---- a/ipa-client/man/ipa-client-install.1 -+++ b/ipa-client/man/ipa-client-install.1 -@@ -235,7 +235,7 @@ Files that will be replaced if they exist and SSSD is not configured (\-\-no\-ss - Files replaced if NTP is enabled: - - /etc/ntp.conf\p --/etc/sysconfig/ntpd\p -+/etc/conf.d/ntpd.conf\p - /etc/ntp/step\-tickers\p - .TP - Files always created (replacing existing content): -@@ -249,9 +249,8 @@ Files always created (replacing existing content): - Files updated, existing content is maintained: - - /etc/nsswitch.conf\p --/etc/pki/nssdb\p - /etc/krb5.keytab\p --/etc/sysconfig/network\p -+/etc/hostname\p - .SH "EXIT STATUS" - 0 if the installation was successful - -diff --git a/ipaplatform/archlinux/__init__.py b/ipaplatform/archlinux/__init__.py -new file mode 100644 -index 0000000..9da42e7 ---- /dev/null -+++ b/ipaplatform/archlinux/__init__.py -@@ -0,0 +1,3 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -diff --git a/ipaplatform/archlinux/authconfig.py b/ipaplatform/archlinux/authconfig.py -new file mode 100644 -index 0000000..620b057 ---- /dev/null -+++ b/ipaplatform/archlinux/authconfig.py -@@ -0,0 +1,22 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -+ -+from ipaplatform.base.authconfig import AuthConfig -+ -+ -+class ArchLinuxAuthConfig(AuthConfig): -+ """ -+ Arch Linux implementation of the AuthConfig class. -+ -+ The freeipa package includes a sss-auth-setup.py Python 2 script which -+ will set up both the NSS and PAM configuration. However, this script -+ modifies the PAM configuration files directly, so the changes need to -+ be undone before pacman updates anything in /etc/pam.d/ and if any new -+ configuration files are added. -+ -+ It's probably best to have this handled manually. -+ """ -+ -+ def execute(self): -+ raise NotImplementedError -diff --git a/ipaplatform/archlinux/constants.py b/ipaplatform/archlinux/constants.py -new file mode 100644 -index 0000000..459c22c ---- /dev/null -+++ b/ipaplatform/archlinux/constants.py -@@ -0,0 +1,12 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -+ -+from ipaplatform.base.constants import BaseConstantsNamespace -+ -+ -+class ArchLinuxConstantsNamespace(BaseConstantsNamespace): -+ pass -+ -+ -+constants = ArchLinuxConstantsNamespace() -diff --git a/ipaplatform/archlinux/paths.py b/ipaplatform/archlinux/paths.py -new file mode 100644 -index 0000000..d5b5da5 ---- /dev/null -+++ b/ipaplatform/archlinux/paths.py -@@ -0,0 +1,21 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -+ -+from ipaplatform.redhat.paths import RedHatPathNamespace -+ -+ -+class ArchLinuxPathNamespace(RedHatPathNamespace): -+ AUTOFS_LDAP_AUTH_CONF = "/etc/autofs/autofs_ldap_auth.conf" -+ SYSCONFIG_NFS = "/etc/conf.d/nfs-common.conf" -+ SYSCONFIG_NTPD = "/etc/conf.d/ntpd.conf" -+ SYSCONFIG_AUTOFS = "/etc/default/autofs" -+ DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = ( -+ "/usr/lib/certmonger/certmonger/dogtag-ipa-ca-renew-agent-submit") -+ DOGTAG_IPA_RENEW_AGENT_SUBMIT = ( -+ "/usr/lib/certmonger/certmonger/dogtag-ipa-renew-agent-submit") -+ IPA_SERVER_GUARD = "/usr/lib/certmonger/certmonger/ipa-server-guard" -+ LIB64_FIREFOX = "/usr/lib/firefox" -+ -+ -+paths = ArchLinuxPathNamespace() -diff --git a/ipaplatform/archlinux/services.py b/ipaplatform/archlinux/services.py -new file mode 100644 -index 0000000..4230e62 ---- /dev/null -+++ b/ipaplatform/archlinux/services.py -@@ -0,0 +1,29 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -+ -+from ipaplatform.redhat.services import ( -+ redhat_system_units, RedHatService, redhat_service_class_factory, -+ RedHatServices, timedate_services) -+ -+archlinux_system_units = dict(redhat_system_units) -+archlinux_system_units['messagebus'] = 'dbus.service' -+archlinux_system_units['rpcgssd'] = 'rpc-gssd.service' -+archlinux_system_units['rpcidmapd'] = 'rpc-idmapd.service' -+ -+ -+class ArchLinuxService(RedHatService): -+ system_units = archlinux_system_units -+ -+ -+def archlinux_service_class_factory(name): -+ return ArchLinuxService(name) -+ -+ -+class ArchLinuxServices(RedHatServices): -+ def service_class_factory(self, name): -+ return archlinux_service_class_factory(name) -+ -+ -+service = archlinux_service_class_factory -+knownservices = ArchLinuxServices() -diff --git a/ipaplatform/archlinux/tasks.py b/ipaplatform/archlinux/tasks.py -new file mode 100644 -index 0000000..654eb9a ---- /dev/null -+++ b/ipaplatform/archlinux/tasks.py -@@ -0,0 +1,16 @@ -+# -+# Copyright (C) 2015 FreeIPA Contributors see COPYING for license -+# -+ -+from ipaplatform.archlinux.paths import paths -+from ipaplatform.base.tasks import BaseTaskNamespace -+ -+ -+class ArchLinuxTaskNamespace(BaseTaskNamespace): -+ def restore_network_configuration(self, fstore, statestore): -+ filepath = paths.ETC_HOSTNAME -+ if fstore.has_file(filepath): -+ fstore.restore_file(filepath) -+ -+ -+tasks = ArchLinuxTaskNamespace() -diff --git a/ipaplatform/setup.py.in b/ipaplatform/setup.py.in -index 944e686..1fcaab0 100644 ---- a/ipaplatform/setup.py.in -+++ b/ipaplatform/setup.py.in -@@ -66,6 +66,7 @@ def setup_package(): - classifiers=filter(None, CLASSIFIERS.split('\n')), - package_dir = {'ipaplatform': ''}, - packages = ["ipaplatform", -+ "ipaplatform.archlinux", - "ipaplatform.base", - "ipaplatform.fedora", - "ipaplatform.redhat", -diff --git a/ipapython/certmonger.py b/ipapython/certmonger.py -index b376768..b22ce24 100644 ---- a/ipapython/certmonger.py -+++ b/ipapython/certmonger.py -@@ -418,7 +418,7 @@ def add_principal_to_cas(principal): - If the hostname we were passed to use in ipa-client-install doesn't - match the value of gethostname() then we need to append - -k host/HOSTNAME@REALM to the ca helper defined for -- /usr/libexec/certmonger/ipa-submit. -+ /usr/lib/certmonger/certmonger/ipa-submit. - - We also need to restore this on uninstall. - """ -@@ -493,18 +493,12 @@ def dogtag_start_tracking(ca, nickname, pin, pinfile, secdir, pre_command, - params['KEY_PIN_FILE'] = os.path.abspath(pinfile) - if pre_command: - if not os.path.isabs(pre_command): -- if sys.maxsize > 2**32L: -- libpath = 'lib64' -- else: -- libpath = 'lib' -+ libpath = 'lib' - pre_command = certmonger_cmd_template % (libpath, pre_command) - params['cert-presave-command'] = pre_command - if post_command: - if not os.path.isabs(post_command): -- if sys.maxsize > 2**32L: -- libpath = 'lib64' -- else: -- libpath = 'lib' -+ libpath = 'lib' - post_command = certmonger_cmd_template % (libpath, post_command) - params['cert-postsave-command'] = post_command - if profile: --- -2.6.4 - |