diff --git a/app-admin/mmc-core/ChangeLog b/app-admin/mmc-core/ChangeLog index fd951df..b335678 100644 --- a/app-admin/mmc-core/ChangeLog +++ b/app-admin/mmc-core/ChangeLog @@ -1,7 +1,13 @@ # ChangeLog for app-admin/mmc-core -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 # $Header: $ +*mmc-core-3.0.5 (16 Apr 2013) + + 16 Apr 2013; Mario Fetka +mmc-core-3.0.5.ebuild, + -files/mmc-core-3.0.2-kerberos-1.patch, -mmc-core-3.0.2.ebuild: + Bump + 30 Jul 2011; Mario Fetka mmc-core-3.0.2.ebuild: add depend on gettext @@ -116,4 +122,3 @@ 14 Jun 2008; Mario Fetka +metadata.xml: Initial import - diff --git a/app-admin/mmc-core/Manifest b/app-admin/mmc-core/Manifest index 9ca4e17..e3997ab 100644 --- a/app-admin/mmc-core/Manifest +++ b/app-admin/mmc-core/Manifest @@ -1,7 +1,6 @@ -AUX mmc-agent.initd 438 RMD160 d7dc64366782ab0d6fe4347d6a169b88a4e03a49 SHA1 e4ae8808678161237703bbb63b144899c9a544c9 SHA256 922d0bacad3eda749f8807e3ae5c183f636fa93e0d41d7079e570c58ebccb879 -AUX mmc-core-3.0.2-gentoo-1.patch 1136 RMD160 c5028596cc64c23d2fa26b9077875a2063227434 SHA1 a62bacdaa54c807c6553a7164d8a926ea15992a3 SHA256 685b53657028624340437329c436eb3ba880dc8c7ee82336e23abc8e5607864d -AUX mmc-core-3.0.2-kerberos-1.patch 18536 RMD160 9c5152efad153a14f8042eb30657bdec46d0d12e SHA1 c97abbc4dcd48b68fc46b73d55b0f6b343a89803 SHA256 6bd14e059802144dba16e4f7ac5fff6d627592665b4d921ee79ab3f44c3a4c4b -DIST mmc-core-3.0.2.tar.gz 1003526 RMD160 4e04ed7f7388b060dacd662dc837172f6ba29e15 SHA1 d6b0e8305b65b62f1d7e93ea547bf690684da7d3 SHA256 6ec685bb7247226e5973e40c6e1889674a5a453e97a584e39cf8b8e76a99266a -EBUILD mmc-core-3.0.2.ebuild 1576 RMD160 cfba7ac2b1b37eac8ad4ca140085924274e50747 SHA1 a30d347b034716d6cef2ffe290d55dc4714629b4 SHA256 1f45a6bd852ccd5f6652d502b1114b7bab028e5196fc18268040ae78edfa690e -MISC ChangeLog 3636 RMD160 d711211628c5b3d8046aecb5ecbab4a0e1a05d89 SHA1 2faf985610e4dd5c00044b61c39f95849bf27968 SHA256 26c680c55767114f41872da6670a6e7b560a3a4828b653351de2de138a519d3c -MISC metadata.xml 226 RMD160 bebcbe7a5e3d2be83c25e006192f71ebf45abb14 SHA1 ec2b713fc2363b8c51e9c164d0802eeb59d9d296 SHA256 a9d3f7df2362a9a7ddcbe05c5d97d726eeb4bab135b21643508149a08bf6a2b2 +AUX mmc-agent.initd 438 SHA256 922d0bacad3eda749f8807e3ae5c183f636fa93e0d41d7079e570c58ebccb879 SHA512 33a40e2b43251d145dcc6ca5477619b28e300b0f5b7456f49c71d8554708f0c2c468de41d92355b8aff7459d99adfb9116b557771275b3e83c4d4e3ff82e8a45 WHIRLPOOL a4615067f05c4192949ce65a9c199fcb7798b410bb18aef7637779709d66b1eadda4fc84fdbbee7d841b5058f871af704ba1d21cda6611c2c0dbbc598950a7ee +AUX mmc-core-3.0.2-gentoo-1.patch 1136 SHA256 685b53657028624340437329c436eb3ba880dc8c7ee82336e23abc8e5607864d SHA512 12977d82148a6ab4a6d5b38f5b6f1939608c1b6f11d74dfea5f4b0ec2e57c3b3c012f4627547fa8d3bfaeef502a56a6b2cf8490c8c6f89c2dce94d565a8abf74 WHIRLPOOL 165137b72a74da286cba66a18209f636bc6d47eb6011cd827b6dd678cd846138719f5c4cb1b729f46328e9534de46ba45d1f98b5dfff1b42d7ca4a2bf090eb9c +DIST mmc-core-3.0.5.tar.gz 991900 SHA256 e7f8a2636c21f2a62bed109c6a0ff12db0e435d512786ad0eca021a138f7c020 SHA512 4fbe00f17396ece5277489da94c3d73ac40243b421e9e10b36f525254fef60b0326ad45a47d1df4e57135e05ce0949c4ad7b5975b3c767e5a095b1858bd1f1fc WHIRLPOOL cde0865b12390989233bd39e316cbd3ddeeb3ef1a7a93226a0183b0d01e2a4c7b30964c74ec64fff6c0ff5dd5d51b9c223662178a1fcde68c76b9679ad98b9f3 +EBUILD mmc-core-3.0.5.ebuild 1390 SHA256 0b5823a6df255b3fcff68b39e335c054eb82c81694cf2e427256614ac94282ea SHA512 f8f0a12ec86fd90e5a7bc3b139242a64a644e9555f36ed34163452605c3b96195cd2d7eaec0f8a6fdc08b0244ad86dfd6a4a7f1b56edb388bca9351123c3b4c9 WHIRLPOOL 0523098019ffa5dc6dd185315821eae2f78dffa73115a38800aab469440811a5121ace9ee672bcc01ba5592ca425a60fe6436d53ff955acaf4e3f542f97aa151 +MISC ChangeLog 3815 SHA256 992d4baf26a0e4818cddfa070d9e8064451a537b91240561e83939a26bb2e54f SHA512 e290b4e094c944f5051740fc8e8c5ddbdbfb0270360473680a3885199fe1016a031a039e81c341ce3016258e41e4d993e3c1e0097e6374ff5ddcdf4c23b9dd0e WHIRLPOOL 38dcdff735bd50733456ce6f9466abfa7035742596a1696b72320c9fe0379d0dcda872b4e67e6fb77756df867ba657091c0fdab9ffc33d7c4a705d9d35dc9917 +MISC metadata.xml 226 SHA256 a9d3f7df2362a9a7ddcbe05c5d97d726eeb4bab135b21643508149a08bf6a2b2 SHA512 5912920d8f6e9ee5126fb0aaa5717a562feb009cc59b759c6a6eaa909900b19e95e51e3aa7f32fdf2e77073b19878830b97947148e3adeff3b49e7555cfe29e9 WHIRLPOOL c07e2ddb648893f1e9c422e07b0b73a6d0f7e1c9501200b6fcc9d25fe68c3b05fe4f3523e6844067eeca6969973a44004e1ba8a6fa725591a1916648bd2d4834 diff --git a/app-admin/mmc-core/files/mmc-core-3.0.2-kerberos-1.patch b/app-admin/mmc-core/files/mmc-core-3.0.2-kerberos-1.patch deleted file mode 100644 index d002c45..0000000 --- a/app-admin/mmc-core/files/mmc-core-3.0.2-kerberos-1.patch +++ /dev/null @@ -1,423 +0,0 @@ -Submitted By: Mario Fetka (geos_one) (mario dot fetka at gmail dot com) -Date: 2011-07-30 -Initial Package Version: 2.3.1 -Origin: http://mds.mandriva.org/ticket/144 -Upstream Status: unknown -Description: add support for kerberos attributes - -diff -uNr mmc-core-3.0.2.orig//agent/conf/Makefile.am mmc-core-3.0.2/agent/conf/Makefile.am ---- mmc-core-3.0.2.orig//agent/conf/Makefile.am 2011-07-30 07:38:43.327000122 +0200 -+++ mmc-core-3.0.2/agent/conf/Makefile.am 2011-07-30 07:43:17.272000123 +0200 -@@ -21,7 +21,7 @@ - # Jean Parpaillon - # - mmcconfdir = $(sysconfdir)/mmc --nobase_dist_mmcconf_DATA = plugins/ppolicy.ini \ -+nobase_dist_mmcconf_DATA = plugins/ppolicy.ini plugins/kerberos.ini \ - agent/keys/cacert.pem agent/keys/localcert.pem - nobase_nodist_mmcconf_DATA = agent/config.ini plugins/base.ini - -diff -uNr mmc-core-3.0.2.orig//agent/conf/plugins/kerberos.ini mmc-core-3.0.2/agent/conf/plugins/kerberos.ini ---- mmc-core-3.0.2.orig//agent/conf/plugins/kerberos.ini 1970-01-01 01:00:00.000000000 +0100 -+++ mmc-core-3.0.2/agent/conf/plugins/kerberos.ini 2011-07-30 07:39:59.350000124 +0200 -@@ -0,0 +1,5 @@ -+[main] -+disable = 0 -+ -+[kerberos] -+realm = EXAMPLE.COM -diff -uNr mmc-core-3.0.2.orig//agent/contrib/ldap/Makefile.am mmc-core-3.0.2/agent/contrib/ldap/Makefile.am ---- mmc-core-3.0.2.orig//agent/contrib/ldap/Makefile.am 2011-07-30 07:38:43.342000122 +0200 -+++ mmc-core-3.0.2/agent/contrib/ldap/Makefile.am 2011-07-30 07:45:43.795000123 +0200 -@@ -23,4 +23,4 @@ - ldapcontribdir = $(datarootdir)/doc/python-mmc-base/contrib/ldap - dist_ldapcontrib_DATA = dhcp.schema mail.schema nsswitch.conf pam_ldap.conf quota.schema slapd.conf \ - slapd.conf.samba dnszone.schema mmc.schema printer.schema samba.schema slapd.conf.mmc-samba-ox \ -- slapd.conf.userquota zarafa.schema ppolicy.schema openssh-lpk.schema -+ slapd.conf.userquota zarafa.schema ppolicy.schema openssh-lpk.schema krb5-kdc.schema -diff -uNr mmc-core-3.0.2.orig//agent/contrib/ldap/krb5-kdc.schema mmc-core-3.0.2/agent/contrib/ldap/krb5-kdc.schema ---- mmc-core-3.0.2.orig//agent/contrib/ldap/krb5-kdc.schema 1970-01-01 01:00:00.000000000 +0100 -+++ mmc-core-3.0.2/agent/contrib/ldap/krb5-kdc.schema 2011-07-30 07:39:59.351000123 +0200 -@@ -0,0 +1,136 @@ -+# $Id: krb5-kdc.schema,v 1.1 2004-03-22 17:25:05 quanah Exp $ -+# Definitions for a Kerberos V KDC schema -+ -+# OID Base is iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) padl(5322) kdcSchema(10) -+# -+# Syntaxes are under 1.3.6.1.4.1.5322.10.0 -+# Attributes types are under 1.3.6.1.4.1.5322.10.1 -+# Object classes are under 1.3.6.1.4.1.5322.10.2 -+ -+# Syntax definitions -+ -+#krb5KDCFlagsSyntax SYNTAX ::= { -+# WITH SYNTAX INTEGER -+#-- initial(0), -- require as-req -+#-- forwardable(1), -- may issue forwardable -+#-- proxiable(2), -- may issue proxiable -+#-- renewable(3), -- may issue renewable -+#-- postdate(4), -- may issue postdatable -+#-- server(5), -- may be server -+#-- client(6), -- may be client -+#-- invalid(7), -- entry is invalid -+#-- require-preauth(8), -- must use preauth -+#-- change-pw(9), -- change password service -+#-- require-hwauth(10), -- must use hwauth -+#-- ok-as-delegate(11), -- as in TicketFlags -+#-- user-to-user(12), -- may use user-to-user auth -+#-- immutable(13) -- may not be deleted -+# ID { 1.3.6.1.4.1.5322.10.0.1 } -+#} -+ -+#krb5PrincipalNameSyntax SYNTAX ::= { -+# WITH SYNTAX OCTET STRING -+#-- String representations of distinguished names as per RFC1510 -+# ID { 1.3.6.1.4.1.5322.10.0.2 } -+#} -+ -+# Attribute type definitions -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.1 -+ NAME 'krb5PrincipalName' -+ DESC 'The unparsed Kerberos principal name' -+ EQUALITY caseExactIA5Match -+ SINGLE-VALUE -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.2 -+ NAME 'krb5KeyVersionNumber' -+ EQUALITY integerMatch -+ SINGLE-VALUE -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.3 -+ NAME 'krb5MaxLife' -+ EQUALITY integerMatch -+ SINGLE-VALUE -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.4 -+ NAME 'krb5MaxRenew' -+ EQUALITY integerMatch -+ SINGLE-VALUE -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.5 -+ NAME 'krb5KDCFlags' -+ EQUALITY integerMatch -+ SINGLE-VALUE -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.6 -+ NAME 'krb5EncryptionType' -+ EQUALITY integerMatch -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.7 -+ NAME 'krb5ValidStart' -+ EQUALITY generalizedTimeMatch -+ ORDERING generalizedTimeOrderingMatch -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 -+ SINGLE-VALUE ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.8 -+ NAME 'krb5ValidEnd' -+ EQUALITY generalizedTimeMatch -+ ORDERING generalizedTimeOrderingMatch -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 -+ SINGLE-VALUE ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.9 -+ NAME 'krb5PasswordEnd' -+ EQUALITY generalizedTimeMatch -+ ORDERING generalizedTimeOrderingMatch -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 -+ SINGLE-VALUE ) -+ -+# this is temporary; keys will eventually -+# be child entries or compound attributes. -+attributetype ( 1.3.6.1.4.1.5322.10.1.10 -+ NAME 'krb5Key' -+ DESC 'Encoded ASN1 Key as an octet string' -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.11 -+ NAME 'krb5PrincipalRealm' -+ DESC 'Distinguished name of krb5Realm entry' -+ SUP distinguishedName ) -+ -+attributetype ( 1.3.6.1.4.1.5322.10.1.12 -+ NAME 'krb5RealmName' -+ EQUALITY octetStringMatch -+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) -+ -+# Object class definitions -+ -+objectclass ( 1.3.6.1.4.1.5322.10.2.1 -+ NAME 'krb5Principal' -+ SUP top -+ AUXILIARY -+ MUST ( krb5PrincipalName ) -+ MAY ( cn $ krb5PrincipalRealm ) ) -+ -+objectclass ( 1.3.6.1.4.1.5322.10.2.2 -+ NAME 'krb5KDCEntry' -+ SUP krb5Principal -+ AUXILIARY -+ MUST ( krb5KeyVersionNumber ) -+ MAY ( krb5ValidStart $ krb5ValidEnd $ krb5PasswordEnd $ -+ krb5MaxLife $ krb5MaxRenew $ krb5KDCFlags $ -+ krb5EncryptionType $ krb5Key ) ) -+ -+objectclass ( 1.3.6.1.4.1.5322.10.2.3 -+ NAME 'krb5Realm' -+ SUP top -+ AUXILIARY -+ MUST ( krb5RealmName ) ) -+ -diff -uNr mmc-core-3.0.2.orig//agent/mmc/Makefile.am mmc-core-3.0.2/agent/mmc/Makefile.am ---- mmc-core-3.0.2.orig//agent/mmc/Makefile.am 2011-07-30 07:38:43.333000122 +0200 -+++ mmc-core-3.0.2/agent/mmc/Makefile.am 2011-07-30 07:41:43.306000122 +0200 -@@ -20,7 +20,7 @@ - # Author(s): - # Jean Parpaillon - # --pythonmodules = support plugins plugins.base plugins.ppolicy \ -+pythonmodules = support plugins plugins.base plugins.ppolicy plugins.kerberos \ - core core.audit - - all-local: site.py -diff -uNr mmc-core-3.0.2.orig//agent/mmc/plugins/base/__init__.py mmc-core-3.0.2/agent/mmc/plugins/base/__init__.py ---- mmc-core-3.0.2.orig//agent/mmc/plugins/base/__init__.py 2011-07-30 07:38:43.331000122 +0200 -+++ mmc-core-3.0.2/agent/mmc/plugins/base/__init__.py 2011-07-30 07:39:59.352000122 +0200 -@@ -1322,6 +1322,10 @@ - attrs = [] - attrib = self.l.search_s(dn, ldap.SCOPE_BASE) - c, attrs = attrib[0] -+ # kerberos -> remove binary key from attrs -+ try: attrs.pop('krb5Key') -+ except: pass -+ # - newattrs = copy.deepcopy(attrs) - return newattrs - -@@ -1351,6 +1355,10 @@ - attrib = self.l.search_s(cn, ldap.SCOPE_BASE, attrlist = myattrlist) - - c,attrs=attrib[0] -+ # kerberos -> remove binary key from attrs -+ try: attrs.pop('krb5Key') -+ except: pass -+ # - - newattrs = copy.deepcopy(attrs) - -@@ -1541,8 +1549,13 @@ - @rtype: list - """ - if not base: base = self.baseUsersDN -- if (pattern==''): searchFilter = "uid=*" -- else: searchFilter = pattern -+ # kerberos -> search only PosixAccount -+ if (pattern==''): searchFilter = "(&(objectClass=posixAccount)(uid=*))" -+ elif pattern[0] == '(': -+ searchFilter = "(&(objectClass=posixAccount)%s)" % (pattern) -+ else: -+ searchFilter = "(&(objectClass=posixAccount)(%s))" % (pattern) -+ # - monoattrs = ["uid", "sn", "givenName", "mail"] - result_set = self.search(searchFilter, base, monoattrs + ["telephoneNumber", "loginShell", "objectClass"], ldap.SCOPE_ONELEVEL) - -diff -uNr mmc-core-3.0.2.orig//agent/mmc/plugins/kerberos/__init__.py mmc-core-3.0.2/agent/mmc/plugins/kerberos/__init__.py ---- mmc-core-3.0.2.orig//agent/mmc/plugins/kerberos/__init__.py 1970-01-01 01:00:00.000000000 +0100 -+++ mmc-core-3.0.2/agent/mmc/plugins/kerberos/__init__.py 2011-07-30 07:39:59.352000122 +0200 -@@ -0,0 +1,180 @@ -+# -*- coding: utf-8; -*- -+# -+# (c) 2004-2007 Linbox / Free&ALter Soft, http://linbox.com -+# (c) 2007 Mandriva, http://www.mandriva.com/ -+# (c) 2007 Kids-und-Co g.e.V http://www.kids-und-co.de -+# -+# $Id: __init__.py 108 2007-11-21 09:56:21Z iosifb $ -+# -+# This file is part of Mandriva Management Console (MMC). -+# -+# MMC is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# MMC is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with MMC; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -+ -+import logging -+import ldap.modlist -+import copy -+from mmc.plugins.base import ldapUserGroupControl -+import xmlrpclib -+from mmc.support.errorObj import errorMessage -+from mmc.support.mmcException import * -+from mmc.support import mmctools -+import mmc.plugins.base -+from mmc.support.config import * -+from mmc.plugins.base import ldapUserGroupControl -+ -+VERSION = "2.3.1" -+APIVERSION = "4:2:0" -+REVISION = int("$Rev: 108 $".split(':')[1].strip(' $')) -+ -+def getVersion(): return VERSION -+def getApiVersion(): return APIVERSION -+def getRevision(): return REVISION -+ -+def activate(): -+ """ -+ this function define if the module "base" can be activated. -+ @return: return True if this module can be activate -+ @rtype: boolean -+ """ -+ config = KerberosConfig("kerberos") -+ logger = logging.getLogger() -+ -+ if config.disabled: -+ logger.info("Kerberos plugin disabled by configuration.") -+ return False -+ -+ try: -+ ldapObj = ldapUserGroupControl() -+ except ldap.INVALID_CREDENTIALS: -+ logger.error("Can't bind to LDAP: invalid credentials.") -+ return False -+ -+ # Test if the Kerberos LDAP schema is available in the directory -+ try: -+ schema = ldapObj.getSchema("krb5KDCEntry") -+ if len(schema) <= 0: -+ logger.error("Kerberos schema is not included in LDAP directory"); -+ return False -+ except: -+ logger.exception("invalid schema") -+ return False -+ try: -+ schema = ldapObj.getSchema("krb5Principal") -+ if len(schema) <= 0: -+ logger.error("Kerberos schema is not included in LDAP directory"); -+ return False -+ except: -+ logger.exception("invalid schema") -+ return False -+ """ -+ TODO: Check kerberos database -+ """ -+ return True -+ -+def isKrbUser(uid): -+ return kerberosLdapControl().isKerberosUser(uid) -+ -+def addKrbAttr(uid,password): -+ return kerberosLdapControl().addKerberosAttr(uid,password) -+ -+def delKrbAttr(uid,password): -+ return kerberosLdapControl().delKerberosAttr(uid,password) -+ -+def changePassword(uid,password): -+ return kerberosLdapControl().changePassword(uid, password) -+ -+class KerberosConfig(PluginConfig): -+ def __init__(self,name, conffile = None): -+ PluginConfig.__init__(self,name, conffile = None) -+ self.setDefault() -+ self.readConfig() -+ -+ def readConfig(self): -+ PluginConfig.readConf(self) -+ self.realm = self.get("kerberos", "realm") -+ -+class kerberosLdapControl(mmc.plugins.base.ldapUserGroupControl): -+ -+ def __init__(self, conffile = None, conffilebase = None): -+ mmc.plugins.base.ldapUserGroupControl.__init__(self, conffilebase) -+ self.configKerberos = KerberosConfig("kerberos", conffile) -+ self.realm = self.configKerberos.realm -+ -+ def delKerberosAttr(self,uid,password): -+ # If the password has been encoded in the XML-RPC stream, decode it -+ if isinstance(password, xmlrpclib.Binary): -+ password = str(password) -+ dn = 'uid=' + uid + ',' + self.baseUsersDN -+ s = self.l.search_s(dn, ldap.SCOPE_BASE) -+ c, attr = s[0] -+ old = {} -+ new = {} -+ for key in attr.keys(): old[key.lower()] = attr[key] -+ new = copy.deepcopy(old) -+ # remove krb attributes -+ new.pop('krb5kdcflags') -+ new.pop('krb5principalname') -+ new.pop('krb5keyversionnumber') -+ try: new.pop('krb5key') -+ except KeyError: pass -+ newobjclasses = () -+ for s in new.pop('objectclass'): -+ if s[0:4] == 'krb5': pass -+ else: newobjclasses = newobjclasses + (s,) -+ new['objectclass'] = newobjclasses -+ modlist = ldap.modlist.modifyModlist(old, new) -+ #logger = logging.getLogger() -+ #logger.debug(newobjclasses) -+ #logger.debug(modlist) -+ self.l.modify_s(dn, modlist) -+ mmc.plugins.base.ldapUserGroupControl.changeUserPasswd(self,uid,password) -+ return True -+ -+ def addKerberosAttr(self,uid,password): -+ # If the password has been encoded in the XML-RPC stream, decode it -+ if isinstance(password, xmlrpclib.Binary): -+ password = str(password) -+ dn = 'uid=' + uid + ',' + self.baseUsersDN -+ s = self.l.search_s(dn, ldap.SCOPE_BASE) -+ c, attr = s[0] -+ old = {} -+ new = {} -+ for key in attr.keys(): old[key.lower()] = attr[key] -+ new = copy.deepcopy(old) -+ new['objectclass'] = new['objectclass'] + ['krb5Principal','krb5KDCEntry'] -+ new['userpassword'] = ['{K5Key}'] -+ new['krb5kdcflags'] = ['126'] -+ new['krb5keyversionnumber'] = ['0'] -+ new['krb5principalname'] = [uid+'@' +self.realm] -+ modlist = ldap.modlist.modifyModlist(old, new) -+ self.l.modify_s(dn, modlist) -+ self.l.passwd_s(dn, None, password) -+ return True -+ -+ def isKerberosUser(self,uid): -+ ret = False -+ if self.existUser(uid): ret = "krb5Principal" in self.getDetailedUser(uid)["objectClass"] -+ return ret -+ -+ def changePassword(self,uid,password): -+ # If the password has been encoded in the XML-RPC stream, decode it -+ if isinstance(password, xmlrpclib.Binary): -+ password = str(password) -+ dn = 'uid=' + uid + ',' + self.baseUsersDN -+ self.l.modify_s(dn, [(ldap.MOD_REPLACE,'userPassWord','{K5KEY}')]) -+ self.l.passwd_s(dn, None, password) -+ return True -+ -+ -diff -uNr mmc-core-3.0.2.orig//conf/plugins/kerberos.ini mmc-core-3.0.2/conf/plugins/kerberos.ini ---- mmc-core-3.0.2.orig//conf/plugins/kerberos.ini 1970-01-01 01:00:00.000000000 +0100 -+++ mmc-core-3.0.2/conf/plugins/kerberos.ini 2011-07-30 07:40:15.121000121 +0200 -@@ -0,0 +1,5 @@ -+[main] -+disable = 0 -+ -+[kerberos] -+realm = EXAMPLE.COM diff --git a/app-admin/mmc-core/mmc-core-3.0.2.ebuild b/app-admin/mmc-core/mmc-core-3.0.5.ebuild similarity index 73% rename from app-admin/mmc-core/mmc-core-3.0.2.ebuild rename to app-admin/mmc-core/mmc-core-3.0.5.ebuild index 787ff7b..5a88d99 100644 --- a/app-admin/mmc-core/mmc-core-3.0.2.ebuild +++ b/app-admin/mmc-core/mmc-core-3.0.5.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2013 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: $ @@ -9,11 +9,11 @@ inherit eutils autotools flag-o-matic MY_P="${P/_p/-}" MY_PV="${PV/_p*/}" +DLID="1078" DESCRIPTION="The MMC Agent and its Core Python plugins." HOMEPAGE="http://mds.mandriva.org/" -SRC_URI="http://mds.mandriva.org/pub/mmc-core/sources//${PV}/${P}.tar.gz" - +SRC_URI="http://projects.mandriva.org/attachments/download/${DLID}/${P}.tar.gz" LICENSE="GPL-2" KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" IUSE="" @@ -25,23 +25,19 @@ RDEPEND=">=dev-python/twisted-web-0.7.0 >=dev-python/mysql-python-1.2.0 >=dev-python/sqlalchemy-0.6.1 >=dev-python/pyopenssl-0.10 - >=net-nds/openldap-2.4.26 - !app-admin/mmc-web-core - !app-admin/mmc-agent" + >=net-nds/openldap-2.4.26" -DEPEND="$RDEPEND +DEPEND="${RDEPEND} sys-apps/lsb-release sys-devel/gettext" src_prepare() { - epatch "${FILESDIR}"/${PN}-3.0.2-kerberos-1.patch epatch "${FILESDIR}"/${PN}-3.0.2-gentoo-1.patch eautoreconf } src_configure() { - append-flags -U_FORTIFY_SOURCE - econf --enable-check-password --with-ldap-confdir=/etc/openldap --with-ldap-libdir=/usr/$(get_libdir)/openldap/openldap + econf --sysconfdir=/etc --localstatedir=/var } src_install() {