[pki-kra] Bugzilla Bug #737122 - DRM: during archiving and recovering, wrapping unwrapping keys should be done

kwright kwright at fedoraproject.org
Sun Oct 30 22:16:56 UTC 2011 

commit 7cf34664f04d9926fee2d710aa147d2461fa8deb
Author: Kevin Wright <kwright at redhat.com>
Date:   Sun Oct 30 15:16:52 2011 -0700

    Bugzilla Bug #737122 - DRM: during archiving and recovering,
    wrapping unwrapping keys should be done in the token (cfu)
    Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after
    the in-place upgrade( CS 8.0->8.1) (cfu)
    Bugzilla Bug #749945 - Installation error reported during CA, DRM,
    OCSP, and TKS package installation . . . (mharmsen)

 .gitignore   |    1 +
 clog         |    8 ++++-
 pki-kra.spec |   87 +++++++++++++++++++++++++++++++++++++++++----------------
 sources      |    2 +-
 4 files changed, 70 insertions(+), 28 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a83c0fc..4caa346 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ pki-kra-1.3.4.tar.gz
 /pki-kra-9.0.3.tar.gz
 /pki-kra-9.0.4.tar.gz
 /pki-kra-9.0.7.tar.gz
+/pki-kra-9.0.9.tar.gz
diff --git a/clog b/clog
index 77317ae..53e8d49 100644
--- a/clog
+++ b/clog
@@ -1,2 +1,6 @@
-Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .
-Bugzilla Bug #699809 - Convert CS to use systemd (alee)
+Bugzilla Bug #737122 - DRM: during archiving and recovering,
+wrapping unwrapping keys should be done in the token (cfu)
+Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after
+the in-place upgrade( CS 8.0->8.1) (cfu)
+Bugzilla Bug #749945 - Installation error reported during CA, DRM,
+OCSP, and TKS package installation . . . (mharmsen)
diff --git a/pki-kra.spec b/pki-kra.spec
index b0a0aa9..0747773 100644
--- a/pki-kra.spec
+++ b/pki-kra.spec
@@ -1,5 +1,5 @@
 Name:             pki-kra
-Version:          9.0.7
+Version:          9.0.9
 Release:          1%{?dist}
 Summary:          Certificate System - Data Recovery Manager
 URL:              http://pki.fedoraproject.org/
@@ -10,44 +10,58 @@ BuildArch:        noarch
 
 BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
+# specify '_unitdir' macro for platforms that don't use 'systemd'
+%if 0%{?rhel} || 0%{?fedora} < 16
+%define           _unitdir /lib/systemd/system
+%endif
+
 BuildRequires:    cmake
 BuildRequires:    java-devel >= 1:1.6.0
+BuildRequires:    nspr-devel
+BuildRequires:    nss-devel
 %if 0%{?fedora} >= 16
 BuildRequires:    jpackage-utils >= 0:1.7.5-10
+BuildRequires:    jss >= 4.2.6-19.1
+BuildRequires:    pki-common >= 9.0.15
+BuildRequires:    pki-util >= 9.0.15
+BuildRequires:    systemd-units
 %else
 BuildRequires:    jpackage-utils
-%endif
 BuildRequires:    jss >= 4.2.6-17
-BuildRequires:    nspr-devel
-BuildRequires:    nss-devel
 BuildRequires:    pki-common
 BuildRequires:    pki-util
-%if 0%{?fedora} >= 16
-BuildRequires:    systemd-units
 %endif
 
 Requires:         java >= 1:1.6.0
-Requires:         pki-common
-Requires:         pki-kra-theme
-Requires:         pki-selinux
+Requires:         pki-kra-theme >= 9.0.0
 %if 0%{?fedora} >= 16
+Requires:         pki-common >= 9.0.15
+Requires:         pki-selinux >= 9.0.15
 Requires(post):   systemd-units
 Requires(preun):  systemd-units
 Requires(postun): systemd-units
-%else 
+%else
+%if 0%{?fedora} >= 15
+Requires:         pki-common
+Requires:         pki-selinux
 Requires(post):   chkconfig
 Requires(preun):  chkconfig
 Requires(preun):  initscripts
 Requires(postun): initscripts
-%endif
-
-%if 0%{?fedora} >= 15
 # Details:
 #
 #     * https://fedoraproject.org/wiki/Features/var-run-tmpfs
 #     * https://fedoraproject.org/wiki/Tmpfiles.d_packaging_draft
 #
 Requires:         initscripts
+%else 
+Requires:         pki-common
+Requires:         pki-selinux
+Requires(post):   chkconfig
+Requires(preun):  chkconfig
+Requires(preun):  initscripts
+Requires(postun): initscripts
+%endif
 %endif
 
 Source0:          http://pki.fedoraproject.org/pki/sources/%{name}/%{name}-%{version}.tar.gz
@@ -158,19 +172,29 @@ fi
 %else
 %post
 # Attempt to update ALL old "KRA" instances to "systemd"
-#for inst in `ls /etc/sysconfig/pki/kra`; do
-#    if [ ! -e "/etc/systemd/system/pki-krad.target.wants/pki-krad@${inst}.service" ]; then
-#        ln -s "/lib/systemd/system/pki-krad at .service"   "/etc/systemd/system/pki-krad.target.wants/pki-krad@${inst}.service"
-#        [ -e /var/lib/${inst}/${inst} ] && unlink /var/lib/${inst}/${inst}
-#        ln -s /usr/sbin/tomcat6-sysd /var/lib/${inst}/${inst}
-#        echo "pkicreate.systemd.servicename=pki-krad@${inst}.service" >> /var/lib/${inst}/conf/CS.cfg
-#    fi
-#done
+if [ -d /etc/sysconfig/pki/kra ]; then
+    for inst in `ls /etc/sysconfig/pki/kra`; do
+        if [ ! -e "/etc/systemd/system/pki-krad.target.wants/pki-krad@${inst}.service" ]; then
+            ln -s "/lib/systemd/system/pki-krad at .service" \
+                  "/etc/systemd/system/pki-krad.target.wants/pki-krad@${inst}.service"
+            [ -L /var/lib/${inst}/${inst} ] && unlink /var/lib/${inst}/${inst}
+            ln -s /usr/sbin/tomcat6-sysd /var/lib/${inst}/${inst}
+
+            if [ -e /var/run/${inst}.pid ]; then
+                kill -9 `cat /var/run/${inst}.pid` || :
+                rm -f /var/run/${inst}.pid
+                echo "pkicreate.systemd.servicename=pki-krad@${inst}.service" >> \
+                     /var/lib/${inst}/conf/CS.cfg || :
+                /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+                /bin/systemctl restart pki-krad@${inst}.service || :
+            else 
+                echo "pkicreate.systemd.servicename=pki-krad@${inst}.service" >> \
+                     /var/lib/${inst}/conf/CS.cfg || :
+            fi
+        fi
+    done
+fi
 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
-# Attempt to restart ALL updated "KRA" instances
-#if [ $1 = 2 ] ; then
-#    /bin/systemctl try-restart pki-krad.target >/dev/null 2>&1 || :
-#fi
  
 %preun 
 if [ $1 = 0 ] ; then
@@ -214,6 +238,19 @@ fi
 
 
 %changelog
+* Fri Oct 28 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.9-1
+- Bugzilla Bug #737122 - DRM: during archiving and recovering,
+  wrapping unwrapping keys should be done in the token (cfu)
+- Bugzilla Bug #744797 - KRA key recovery (retrieve pkcs#12) fails after
+  the in-place upgrade( CS 8.0->8.1) (cfu)
+- Bugzilla Bug #749945 - Installation error reported during CA, DRM,
+  OCSP, and TKS package installation . . . (mharmsen)
+
+* Thu Sep 22 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.8-1
+- Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . . (mharmsen)
+- Bugzilla Bug #699809 - Convert CS to use systemd (alee)
+- Bugzilla Bug #730146 - SSL handshake picks non-FIPS ciphers in FIPS mode (cfu)
+
 * Mon Sep 12 2011 Matthew Harmsen <mharmsen at redhat.com> 9.0.7-1
 - Bugzilla Bug #734590 - Refactor JNI libraries for Fedora 16+ . . .
 - Bugzilla Bug #699809 - Convert CS to use systemd (alee)
diff --git a/sources b/sources
index 3c520f6..99704e0 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-503a674dd06c114c429fa0085ec54d79  pki-kra-9.0.7.tar.gz
+50f829899ff9a73642370416176e3e2e  pki-kra-9.0.9.tar.gz

More information about the scm-commits mailing list