-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlInTqcACgkQeiVVYja6o6NCywCeJTP7WIHDPfFkGActAtl/D0XB qQgAoJDmw93DuqCkHqELCInFSHJXZXHv =wk7f -----END PGP SIGNATURE-----
From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
+%description common-pac +Provides common files needed by SSSD providers such as IPA and Active Directory +for handling Kerberos PACs. +%endif #is_rhel5
Othewise looks good and builds fine.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/04/2013 12:31 PM, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote: It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
- ---
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
Yeah, but that made me realize that I had this wrong, anyway.
There's no need to Conflict here, because sssd-ad and sssd-ipa have strict version dependencies which will pull this in.
It also needs to have "Requires: sssd-common" or else it would be possible to install just the 'sssd-common-pac' package (which makes no sense).
The attached patch should address this issue.
On (04/09/13 12:48), Stephen Gallagher wrote:
On 09/04/2013 12:31 PM, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote: It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
Yeah, but that made me realize that I had this wrong, anyway.
There's no need to Conflict here, because sssd-ad and sssd-ipa have strict version dependencies which will pull this in.
It also needs to have "Requires: sssd-common" or else it would be possible to install just the 'sssd-common-pac' package (which makes no sense).
The attached patch should address this issue.
Package sssd-client contains file: ./usr/lib64/krb5/plugins/authdata/sssd_pac_plugin.so
This file requires libkrb5.so
objdump -t -p ./usr/lib64/krb5/plugins/authdata/sssd_pac_plugin.so | tail -n 17
Version References: required from libkrb5.so.3: 0x0b3029b4 0x00 06 krb5_3_MIT required from libpthread.so.0: 0x06969192 0x00 04 GLIBC_2.12 0x09691a75 0x00 03 GLIBC_2.2.5 required from libc.so.6: 0x09691974 0x00 08 GLIBC_2.3.4 0x06969194 0x00 07 GLIBC_2.14 0x0d696914 0x00 05 GLIBC_2.4 0x09691a75 0x00 02 GLIBC_2.2.5
SYMBOL TABLE: no symbols
Does it make sense to move file sssd_pac_plugin.so into sssd-common-pac?
LS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/04/2013 01:33 PM, Lukas Slebodnik wrote:
On (04/09/13 12:48), Stephen Gallagher wrote:
On 09/04/2013 12:31 PM, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote: It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
- From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00
2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
- ---
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9
100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@
-59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
Yeah, but that made me realize that I had this wrong, anyway.
There's no need to Conflict here, because sssd-ad and sssd-ipa have strict version dependencies which will pull this in.
It also needs to have "Requires: sssd-common" or else it would be possible to install just the 'sssd-common-pac' package (which makes no sense).
The attached patch should address this issue.
Package sssd-client contains file: ./usr/lib64/krb5/plugins/authdata/sssd_pac_plugin.so
This file requires libkrb5.so
objdump -t -p ./usr/lib64/krb5/plugins/authdata/sssd_pac_plugin.so | tail -n 17
Version References: required from libkrb5.so.3: 0x0b3029b4 0x00 06 krb5_3_MIT required from libpthread.so.0: 0x06969192 0x00 04 GLIBC_2.12 0x09691a75 0x00 03 GLIBC_2.2.5 required from libc.so.6: 0x09691974 0x00 08 GLIBC_2.3.4 0x06969194 0x00 07 GLIBC_2.14 0x0d696914 0x00 05 GLIBC_2.4 0x09691a75 0x00 02 GLIBC_2.2.5
SYMBOL TABLE: no symbols
Does it make sense to move file sssd_pac_plugin.so into sssd-common-pac?
No, that has to stay in sssd-client because sssd-client is multilib-enabled. (In other words, there is a different sssd_pac_plugin.so in sssd-client.i686 and sssd-client.x86_64).
Since this plugin doesn't actually *do* anything meaningful if sssd-common-pac isn't installed, it's fine to leave it in sssd-client.
On Wed, Sep 04, 2013 at 12:48:36PM -0400, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/04/2013 12:31 PM, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote: It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
Yeah, but that made me realize that I had this wrong, anyway.
There's no need to Conflict here, because sssd-ad and sssd-ipa have strict version dependencies which will pull this in.
It also needs to have "Requires: sssd-common" or else it would be possible to install just the 'sssd-common-pac' package (which makes no sense).
The attached patch should address this issue.
ACK
On Thu, Sep 05, 2013 at 11:41:45AM +0200, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 12:48:36PM -0400, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/04/2013 12:31 PM, Jakub Hrozek wrote:
On Wed, Sep 04, 2013 at 11:15:51AM -0400, Stephen Gallagher wrote: It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
From b9a5c02af52b042d00c723d70e698deb81fd763c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher sgallagh@redhat.com Date: Wed, 4 Sep 2013 11:12:30 -0400 Subject: [PATCH] RPM: Add new subpackage for PAC responder
It was discovered that duplicating files in two subpackages is not permitted by Fedora packaging guidelines[1]. This patch moves the PAC responder to a new sssd-common-pac subpackage that both the sssd-ipa and sssd-ad subpackages will require.
[1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#...
contrib/sssd.spec.in | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in index 217625a3a0e551f5a99e498773ff71dfea1a32ed..71c400b13e525dfda8ffa22a26e2922420dfe1d9 100644 --- a/contrib/sssd.spec.in +++ b/contrib/sssd.spec.in @@ -59,6 +59,7 @@ Requires: sssd-common = %{version}-%{release} Requires: sssd-ldap = %{version}-%{release} Requires: sssd-krb5 = %{version}-%{release} Requires: sssd-ipa = %{version}-%{release} +Requires: sssd-common-pac = %{version}-%{release} Requires: sssd-ad = %{version}-%{release} Requires: sssd-proxy = %{version}-%{release} Requires: python-sssdconfig = %{version}-%{release} @@ -243,6 +244,19 @@ Requires: sssd-krb5-common = %{version}-%{release} Provides the Kerberos back end that the SSSD can utilize authenticate against a Kerberos server.
+# RHEL 5 is too old to support the PAC responder +%if !0%{?is_rhel5} +%package common-pac +Summary: Common files needed for supporting PAC processing +Group: Applications/System +License: GPLv3+ +Conflicts: sssd-ad < %{version}-{release}
Shouldn't this new subpackage alco Conflict with sssd-ipa ?
Yeah, but that made me realize that I had this wrong, anyway.
There's no need to Conflict here, because sssd-ad and sssd-ipa have strict version dependencies which will pull this in.
It also needs to have "Requires: sssd-common" or else it would be possible to install just the 'sssd-common-pac' package (which makes no sense).
The attached patch should address this issue.
ACK
Pushed to master and sssd-1-10
sssd-devel@lists.fedorahosted.org