AUR (en) - freeipa

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: python-ipalib 4.12.4-1

Package Actions

Git Clone URL:	https://aur.archlinux.org/freeipa.git (read-only, click to copy)
Package Base:	freeipa
Description:	Python libraries used by IPA
Upstream URL:	http://www.freeipa.org/
Keywords:	freeipa identity management policy trusts
Licenses:	GPL-3.0-only
Provides:	python-ipaplatform, python-ipapython
Submitter:	chenxiaolong
Maintainer:	patlefort
Last Packager:	patlefort
Votes:	24
Popularity:	0.001166
First Submitted:	2012-11-15 23:50 (UTC)
Last Updated:	2025-06-19 22:01 (UTC)

Dependencies (43)

freeipa-common^AUR
gnupg (gnupg-git^AUR, gnupg-largekeys^AUR)
keyutils (keyutils-git^AUR)
python-argcomplete
python-cryptography
python-dateutil (python-dateutil-git^AUR)
python-dbus
python-dnspython (python-dnspython-git^AUR)
python-gssapi
python-ifaddr
python-jwcrypto
python-ldap
python-lxml
python-netaddr
python-netifaces (python-netifaces-plus^AUR)
python-pillow (python-pillow-simd-git^AUR)
python-pyasn1
python-pyasn1-modules
python-pyusb (python-pyusb-git^AUR)
python-qrcode
Show 23 more dependencies...

Required by (1)

python-ipaclient

Sources (6)

Pinned Comments

patlefort commented on 2024-07-23 11:37 (UTC)

Keys are in keys/pgp of this package.

Latest Comments

1 2 3 4 5 6 .. 10 Next › Last »

patlefort commented on 2025-09-12 09:20 (UTC)

Looks like it's fixed upstream: https://pagure.io/freeipa/c/ac791f7372d32d25c75eb61f949f1db38fe2f0d6?branch=master

Seem harmless for now.

Kevdog commented on 2025-09-12 03:42 (UTC) (edited on 2025-09-12 03:43 (UTC) by Kevdog)

I'm getting this as an error using the ipa executable:

/usr/lib/python3.13/site-packages/ipapython/version.py:20: UserWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html. The pkg_resources package is slated for removal as early as 2025-11-30. Refrain from using this package or pin to Setuptools<81.

patlefort commented on 2025-01-09 00:09 (UTC)

I applied the PyCA 44.0 patches. Tell me if it's working.

derzahl commented on 2025-01-08 23:10 (UTC)

patlefort, TripleDES messages are gone but still get error

TypeError: type 'cryptography.hazmat.bindings._rust.x509.Certificate' is not an acceptable base type

Looks like applying the full PyCA 44 compatibility patch fixes it. See below for my working PKGBUILD diff you are free to use.

--- old/PKGBUILD    2025-01-08 17:02:37.707860718 -0600
+++ new/PKGBUILD    2025-01-08 17:02:11.441514733 -0600
@@ -12,7 +12,7 @@
          freeipa-client-common
          freeipa-client)
 pkgver=4.12.2
-pkgrel=2
+pkgrel=3
 pkgdesc='The Identity, Policy and Audit system'
 arch=('i686' 'x86_64')
 url='http://www.freeipa.org/'
@@ -38,19 +38,21 @@
    'D756764D4D7E297C6DAD117269876F72A6E2D34F'
    '0E63D716D76AC080A4A33513F40800B6298EB963')
 source=("https://releases.pagure.org/freeipa/freeipa-${pkgver}.tar.gz"{,.asc}
-        "${pkgbase}-tripledes.patch::https://pagure.io/freeipa/c/bc31c2700c3779cfad688eb098042060bf09df3c.patch"
+        "${pkgbase}-PyCA44-support.patch::https://github.com/freeipa/freeipa/pull/7614.patch"
         nis-domainname.service
         ipaplatform.tar.gz)
 sha256sums=('dc88f5404e7613eb6530d71142ef43a9f89019d59cdc6ec25b778413258c317f'
             'SKIP'
-            '2bdfbf4a96d4bbf80db5f04b29dd64d45306707af6daaa3cd3517985f80c9889'
+            '120ad08719e2c8bd3ed46b8e45c0c5f75e45e375510f1417c00810274c789075'
             '74a394af693e3677146eff18a770a4271fba961b2af93b15b8ae26157af1760a'
             '7e20412c9347106485adee06b5fcee174c67eb5a30b6730452e300dfc44faa5e')

 prepare() {
    cd freeipa-${pkgver}
-
-   patch -p1 -i "../${pkgbase}-tripledes.patch"
+        
+   for x in `ls ../*.patch`; do
+     patch -t -p1 -i "${x}"
+        done

    rm -rf ipaplatform/arch

@@ -268,4 +270,3 @@
        mv ../install/"$_file" "$pkgdir"/"$_file"
    done
 }
-

patlefort commented on 2024-12-23 11:51 (UTC)

I've cherry picked a patch that should fix the issue. Please tell me if it's working.

BPplays commented on 2024-12-23 11:37 (UTC)

a temp workaround for my issue is to install an older version of python-cryptography:

wget https://archive.archlinux.org/packages/p/python-cryptography/python-cryptography-43.0.3-2-x86_64.pkg.tar.zst
sudo pacman -U python-cryptography-43.0.3-2-x86_64.pkg.tar.zst

and then add python-cryptography to HoldPkg

BPplays commented on 2024-12-23 11:19 (UTC)

im getting this when using ipa-client-install:

/usr/lib/python3.13/site-packages/ipalib/constants.py:392: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0.
  if getattr(algorithms, 'TripleDES', None):
/usr/lib/python3.13/site-packages/ipalib/constants.py:393: CryptographyDeprecationWarning: TripleDES has been moved to cryptography.hazmat.decrepit.ciphers.algorithms.TripleDES and will be removed from cryptography.hazmat.primitives.ciphers.algorithms in 48.0.0.
  if backend.cipher_supported(algorithms.TripleDES(
Traceback (most recent call last):
  File "/usr/bin/ipa-client-install", line 22, in <module>
    from ipaclient.install import ipa_client_install
  File "/usr/lib/python3.13/site-packages/ipaclient/install/ipa_client_install.py", line 7, in <module>
    from ipaclient.install import client
  File "/usr/lib/python3.13/site-packages/ipaclient/install/client.py", line 37, in <module>
    from ipalib import api, errors, x509
  File "/usr/lib/python3.13/site-packages/ipalib/__init__.py", line 921, in <module>
    from ipalib.frontend import Command, LocalOrRemote, Updater
  File "/usr/lib/python3.13/site-packages/ipalib/frontend.py", line 31, in <module>
    from ipalib.parameters import create_param, Param, Str, Flag
  File "/usr/lib/python3.13/site-packages/ipalib/parameters.py", line 125, in <module>
    from ipalib.x509 import (
        load_der_x509_certificate, IPACertificate, default_backend)
  File "/usr/lib/python3.13/site-packages/ipalib/x509.py", line 91, in <module>
    class IPACertificate(crypto_x509.Certificate):
    ...<358 lines>...
                return self._cert.verify_directly_issued_by(issuer)
TypeError: type 'cryptography.hazmat.bindings._rust.x509.Certificate' is not an acceptable base type

patlefort commented on 2024-09-02 17:52 (UTC)

@furbyhaxx: Only the server component use libpwquality. That error indicate that your PAM modules is using libpwquality module and that would be configured either manually or with authselect. Mine is setup with authselect and I only see pam_pwquality.so local_users_only lines. How did you configure your pam modules?

furbyhaxx commented on 2024-09-02 10:07 (UTC) (edited on 2024-09-02 10:07 (UTC) by furbyhaxx)

dependency "extra/libpwquality" is missing, not sure where exactly but on a freshly installed arch lxc with the freeipa-client installed, this module is missing and prevents changing passwords of remote users with error: "passwd: Module is unknown"