[authconfig] check nslcd for restart when --enableforcelegacy is used
Tomáš Mráz
tmraz at fedoraproject.org
Wed Jan 29 14:24:25 UTC 2014
commit 1f07cfc20b3c4ec1f061cf0607b7a2032e12389d
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Wed Jan 29 15:24:46 2014 +0100
check nslcd for restart when --enableforcelegacy is used
- call restorecon on newly created configuration files
authconfig-6.2.8-norestart.patch | 19 ++++++++++---------
authconfig-6.2.8-restorecon.patch | 37 +++++++++++++++++++++++++++++++++++++
authconfig.spec | 8 +++++++-
3 files changed, 54 insertions(+), 10 deletions(-)
---
diff --git a/authconfig-6.2.8-norestart.patch b/authconfig-6.2.8-norestart.patch
index b4adba3..0ad389e 100644
--- a/authconfig-6.2.8-norestart.patch
+++ b/authconfig-6.2.8-norestart.patch
@@ -1,6 +1,6 @@
diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
---- authconfig-6.2.8/authinfo.py.norestart 2014-01-17 15:35:09.000000000 +0100
-+++ authconfig-6.2.8/authinfo.py 2014-01-17 15:37:45.085207188 +0100
+--- authconfig-6.2.8/authinfo.py.norestart 2014-01-17 15:42:31.512947910 +0100
++++ authconfig-6.2.8/authinfo.py 2014-01-29 14:58:17.010078820 +0100
@@ -80,11 +80,6 @@ PATH_PWCONV = "/usr/sbin/pwconv"
PATH_RPCBIND = "/sbin/rpcbind"
PATH_NSCD = "/usr/sbin/nscd"
@@ -178,7 +178,7 @@ diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
("enableLDAP", "b"), ("enableLDAPAuth", "b"), ("enableKerberos", "b"),
("enableEcryptfs", "b"), ("enableSmartcard", "b"), ("forceSmartcard", "b"),
("enableWinbindAuth", "b"), ("enableWinbind", "b"), ("winbindKrb5", "b"), ("enableDB", "b"),
-@@ -1494,8 +1426,14 @@ class AuthInfo:
+@@ -1494,8 +1426,15 @@ class AuthInfo:
("enableSSSD", "b"), ("enableSSSDAuth", "b"), ("enableForceLegacy", "b"),
("ipav2Server", "i"), ("ipav2Domain", "i"), ("ipav2Realm", "c"),
("enableIPAv2", "b"), ("ipaDomainJoined", "b"), ("ipav2NoNTP", "b")]),
@@ -188,14 +188,15 @@ diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
+ SaveGroup(self.toggleShadow, None, [("enableShadow", "b")]),
+ SaveGroup(None, self.toggleNisService, [("enableNIS", "b")]),
+ SaveGroup(None, self.toggleOddjobService, [("enableMkHomeDir", "b")]),
-+ SaveGroup(None, self.toggleLDAPService, [("enableLDAP", "b"), ("enableLDAPAuth", "b")]),
++ SaveGroup(None, self.toggleLDAPService, [("enableLDAP", "b"), ("enableLDAPAuth", "b"),
++ ("implicitSSSD", "b"), ("implicitSSSDAuth", "b"), ("enableForceLegacy", "b")]),
+ SaveGroup(None, self.toggleSSSDService, [("implicitSSSD", "b"), ("implicitSSSDAuth", "b"),
-+ ("enableIPAv2", "b"), ("enableSSSD", "b"), ("enableSSSDAuth", "b")]),
++ ("enableIPAv2", "b"), ("enableSSSD", "b"), ("enableSSSDAuth", "b"), ("enableForceLegacy", "b")]),
+ SaveGroup(None, self.toggleWinbindService, [("enableWinbind", "b"), ("enableWinbindAuth", "b")])]
def setParam(self, attr, value, ref):
oldval = getattr(self, attr)
-@@ -4049,7 +3987,6 @@ class AuthInfo:
+@@ -4049,7 +3988,6 @@ class AuthInfo:
self.update()
self.prewriteUpdate()
self.setupBackup(PATH_CONFIG_BACKUPS + "/last")
@@ -203,7 +204,7 @@ diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
try:
ret = self.writeLibuser()
ret = ret and self.writeLogindefs()
-@@ -4080,6 +4017,9 @@ class AuthInfo:
+@@ -4080,6 +4018,9 @@ class AuthInfo:
except (OSError, IOError):
sys.stderr.write(str(sys.exc_info()[1]) + "\n")
return False
@@ -213,7 +214,7 @@ diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
return ret
def writeChanged(self, ref):
-@@ -4091,8 +4031,10 @@ class AuthInfo:
+@@ -4091,8 +4032,10 @@ class AuthInfo:
try:
for group in self.save_groups:
if group.attrsDiffer(self, ref):
@@ -226,7 +227,7 @@ diff -up authconfig-6.2.8/authinfo.py.norestart authconfig-6.2.8/authinfo.py
except (OSError, IOError):
sys.stderr.write(str(sys.exc_info()[1]) + "\n")
return False
-@@ -4326,44 +4268,93 @@ class AuthInfo:
+@@ -4326,44 +4269,93 @@ class AuthInfo:
cmd = PATH_IPA_CLIENT_INSTALL + " --uninstall --noac"
os.system(cmd)
diff --git a/authconfig-6.2.8-restorecon.patch b/authconfig-6.2.8-restorecon.patch
new file mode 100644
index 0000000..0ae5c9f
--- /dev/null
+++ b/authconfig-6.2.8-restorecon.patch
@@ -0,0 +1,37 @@
+diff -up authconfig-6.2.8/authinfo.py.restorecon authconfig-6.2.8/authinfo.py
+--- authconfig-6.2.8/authinfo.py.restorecon 2014-01-29 15:21:07.000000000 +0100
++++ authconfig-6.2.8/authinfo.py 2014-01-29 15:21:32.024225923 +0100
+@@ -1009,10 +1009,12 @@ class SaveGroup:
+ class SafeFile:
+ def __init__(self, filename, default_mode):
+ (base, name) = os.path.split(filename)
++ self.missing = False
+ self.file = tempfile.NamedTemporaryFile(dir=base, prefix=name, delete=True)
+ # overwrite the inode attributes and contents
+ if call(["/bin/cp", "-af", filename, self.file.name],
+ stderr=os.open('/dev/null', os.O_WRONLY)) == 1:
++ self.missing = True
+ # the mode was not copied, use the default
+ os.fchmod(self.file.fileno(), default_mode)
+ self.filename = filename
+@@ -1021,6 +1023,9 @@ class SafeFile:
+ self.file.flush()
+ os.fsync(self.file.fileno())
+ os.rename(self.file.name, self.filename)
++ if self.missing:
++ call(["/usr/sbin/restorecon", self.filename],
++ stderr=os.open('/dev/null', os.O_WRONLY))
+
+ def close(self):
+ # we may have renamed the temp file, need to catch OSError
+@@ -1111,7 +1116,9 @@ class FileBackup:
+ rv = self.safeCopy(backuppath, self.origPath)
+
+ try:
+- os.system("restorecon '"+self.origPath+"'")
++ if rv:
++ call(["/usr/sbin/restorecon", self.origPath],
++ stderr=os.open('/dev/null', os.O_WRONLY))
+ except (IOError, OSError):
+ pass
+
diff --git a/authconfig.spec b/authconfig.spec
index 6a237c7..7f81342 100644
--- a/authconfig.spec
+++ b/authconfig.spec
@@ -1,7 +1,7 @@
Summary: Command line tool for setting up authentication from network services
Name: authconfig
Version: 6.2.8
-Release: 5%{?dist}
+Release: 6%{?dist}
License: GPLv2+
ExclusiveOS: Linux
Group: System Environment/Base
@@ -13,6 +13,7 @@ Patch3: authconfig-6.2.8-wait-for-card.patch
Patch4: authconfig-6.2.8-translation-updates.patch
Patch5: authconfig-6.2.8-norestart.patch
Patch6: authconfig-6.2.8-notraceback.patch
+Patch7: authconfig-6.2.8-restorecon.patch
Requires: newt-python, pam >= 0.99.10.0, python, libpwquality > 0.9
Conflicts: pam_krb5 < 1.49, samba-common < 3.0, samba-client < 3.0
Conflicts: nss_ldap < 254, sssd < 0.99.1
@@ -47,6 +48,7 @@ authentication schemes.
%patch4 -p1 -b .translations
%patch5 -p1 -b .norestart
%patch6 -p1 -b .notraceback
+%patch7 -p1 -b .restorecon
%build
%configure
@@ -129,6 +131,10 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_datadir}/icons/hicolor/256x256/apps/system-config-authentication.*
%changelog
+* Wed Jan 29 2014 Tomáš Mráz <tmraz at redhat.com> - 6.2.8-6
+- check nslcd for restart when --enableforcelegacy is used
+- call restorecon on newly created configuration files
+
* Mon Jan 20 2014 Tomáš Mráz <tmraz at redhat.com> - 6.2.8-5
- fix typo enableNis
More information about the scm-commits
mailing list