[freeipa/f17] 2.2.2-2
Martin Kosek
mkosek at fedoraproject.org
Wed Jun 26 10:00:12 UTC 2013
commit 8ed10eacb424fdeab75997f00ea720f51660adf9
Author: Martin Kosek <mkosek at redhat.com>
Date: Wed Jun 26 11:54:15 2013 +0200
2.2.2-2
Fix CA installation issue with pki-ca 9.0.26 introducing new required
option client_token_name (#976788)
0001-pkisilent-in-pki-ca-9.0.26.patch | 27 +++++++++++++++++++++++++++
freeipa.spec | 14 ++++++++++----
2 files changed, 37 insertions(+), 4 deletions(-)
---
diff --git a/0001-pkisilent-in-pki-ca-9.0.26.patch b/0001-pkisilent-in-pki-ca-9.0.26.patch
new file mode 100644
index 0000000..d9d3492
--- /dev/null
+++ b/0001-pkisilent-in-pki-ca-9.0.26.patch
@@ -0,0 +1,27 @@
+From 353fa6d72c9c341d9e8a028c1c9a0fefae64cc26 Mon Sep 17 00:00:00 2001
+From: Martin Kosek <mkosek at redhat.com>
+Date: Wed, 26 Jun 2013 10:54:48 +0200
+Subject: [PATCH] Add missing pkisilent option required in pki-ca 9.0.26
+
+https://bugzilla.redhat.com/show_bug.cgi?id=976788
+---
+ ipaserver/install/cainstance.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
+index 56b84fcd8f628685ddb5cdc813fcfc3d365be2a6..5577d4127342823c5911484e01c78a38f75adcbc 100644
+--- a/ipaserver/install/cainstance.py
++++ b/ipaserver/install/cainstance.py
+@@ -602,6 +602,9 @@ def __configure_instance(self):
+ "-key_size", "2048",
+ "-key_type", "rsa",
+ "-key_algorithm", "SHA256withRSA",
++ # Add temporary workaround for required -client_token_name option
++ # https://bugzilla.redhat.com/show_bug.cgi?id=976788
++ "-client_token_name", "internal",
+ "-save_p12", "true",
+ "-backup_pwd", self.admin_password,
+ "-subsystem_name", self.service_name,
+--
+1.8.1.4
+
diff --git a/freeipa.spec b/freeipa.spec
index 705cbdc..e6469b3 100644
--- a/freeipa.spec
+++ b/freeipa.spec
@@ -14,7 +14,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
Name: freeipa
Version: 2.2.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: The Identity, Policy and Audit system
Group: System Environment/Base
@@ -23,6 +23,8 @@ URL: http://www.freeipa.org/
Source0: http://www.freeipa.org/downloads/src/freeipa-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch0001: 0001-pkisilent-in-pki-ca-9.0.26.patch
+
%if ! %{ONLY_CLIENT}
BuildRequires: 389-ds-base-devel >= 1.2.10.4
BuildRequires: svrcore-devel
@@ -98,9 +100,9 @@ Requires(post): systemd-units
Requires: selinux-policy >= 3.10.0-110
Requires(post): selinux-policy-base
Requires: slapi-nis >= 0.40
-Requires: pki-ca >= 9.0.18
-Requires: pki-silent >= 9.0.18
-Requires: pki-setup >= 9.0.18
+Requires: pki-ca >= 9.0.26
+Requires: pki-silent >= 9.0.26
+Requires: pki-setup >= 9.0.26
# Only tomcat6 greater than this version provides proper systemd support
Requires: tomcat6 >= 6.0.32-17
Requires: dogtag-pki-common-theme
@@ -622,6 +624,10 @@ fi
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
%changelog
+* Wed Jun 26 2013 Martin Kosek <mkosek at redhat.com> - 2.2.2-2
+- Fix CA installation issue with pki-ca 9.0.26 introducing new required
+ option client_token_name (#976788)
+
* Wed Feb 13 2013 Martin Kosek <mkosek at redhat.com> - 2.2.2-1
- Updated to upstream 2.2.2 GA
More information about the scm-commits
mailing list