diff --git a/fedora-config.patch b/fedora-config.patch index 025c0c7..bf8d0c5 100644 --- a/fedora-config.patch +++ b/fedora-config.patch @@ -1,6 +1,7 @@ ---- koji-1.11.0-orig/cli/koji.conf 2016-12-08 22:22:14.000000000 -0600 -+++ koji-1.11.0/cli/koji.conf 2016-12-09 08:29:10.066764435 -0600 -@@ -3,26 +3,17 @@ +diff -up koji-1.11.0/cli/koji.conf.clientconf koji-1.11.0/cli/koji.conf +--- koji-1.11.0/cli/koji.conf.clientconf 2017-01-08 12:35:51.681832856 +0100 ++++ koji-1.11.0/cli/koji.conf 2017-01-08 12:37:14.388829788 +0100 +@@ -3,18 +3,20 @@ ;configuration for koji cli tool ;url of XMLRPC server @@ -18,12 +19,16 @@ ;path to the koji top directory ;topdir = /mnt/koji --;configuration for Kerberos authentication + ;configuration for Kerberos authentication +authtype = kerberos +krb_rdns = false - --;the service name of the principal being used by the hub --;krbservice = host + + ;the service name of the principal being used by the hub + ;krbservice = host +@@ -24,11 +26,3 @@ + + ;the keytab to auth as for automated clients + ;keytab = /etc/krb5.keytab - -;configuration for SSL authentication - diff --git a/koji-pr239-principal-keytab-cli-config.patch b/koji-pr239-principal-keytab-cli-config.patch new file mode 100644 index 0000000..bc6e5e5 --- /dev/null +++ b/koji-pr239-principal-keytab-cli-config.patch @@ -0,0 +1,41 @@ +From c056a2ff45a0e256aa27e1ca2b86ed4284bcaa52 Mon Sep 17 00:00:00 2001 +From: Patrick Uiterwijk +Date: Dec 15 2016 01:58:50 +0000 +Subject: Allow principal and keytab in cli config + + +Signed-off-by: Patrick Uiterwijk + +--- + +diff --git a/cli/koji.conf b/cli/koji.conf +index 4294603..ae77e4e 100644 +--- a/cli/koji.conf ++++ b/cli/koji.conf +@@ -19,6 +19,12 @@ + ;the service name of the principal being used by the hub + ;krbservice = host + ++;the principal to auth as for automated clients ++;principal = client@EXAMPLE.COM ++ ++;the keytab to auth as for automated clients ++;keytab = /etc/krb5.keytab ++ + ;configuration for SSL authentication + + ;client certificate +diff --git a/koji/__init__.py b/koji/__init__.py +index 144c2c5..9b3c75d 100644 +--- a/koji/__init__.py ++++ b/koji/__init__.py +@@ -1584,6 +1584,8 @@ def read_config(profile_name, user_config=None): + 'poll_interval': 6, + 'krbservice': 'host', + 'krb_rdns': True, ++ 'principal': None, ++ 'keytab': None, + 'cert': None, + 'ca': '', # FIXME: remove in next major release + 'serverca': None, + diff --git a/koji.spec b/koji.spec index 4b21345..98694b2 100644 --- a/koji.spec +++ b/koji.spec @@ -9,20 +9,23 @@ Name: koji Version: 1.11.0 -Release: 3%{?dist} -License: LGPLv2 and GPLv2+ +Release: 4%{?dist} # koji.ssl libs (from plague) are GPLv2+ +License: LGPLv2 and GPLv2+ Summary: Build system tools Group: Applications/System URL: https://pagure.io/koji/ Source0: https://releases.pagure.org/koji/koji-%{version}.tar.bz2 -Patch0: fedora-config.patch # https://pagure.io/koji/pull-request/246 Patch1: koji-pr246-kojigc-krb_rds-support.patch # https://pagure.io/koji/pull-request/248 Patch2: koji-pr248-kojigc-keytab-support.patch # https://pagure.io/koji/pull-request/243 Patch3: koji-pr243-CheckClientIP-and-TrustForwardedIP.patch +# https://pagure.io/koji/pull-request/239 +Patch4: koji-pr239-principal-keytab-cli-config.patch +# Not upstreamable +Patch100: fedora-config.patch BuildArch: noarch Requires: python-krbV >= 1.0.13 @@ -172,10 +175,11 @@ koji-web is a web UI to the Koji system. %prep %setup -q -%patch0 -p1 -b orig %patch1 -p1 -b .246 %patch2 -p1 -b .248 %patch3 -p1 -b .243 +%patch4 -p1 -b .239 +%patch100 -p1 -b .fedoraconfig %build @@ -343,6 +347,12 @@ fi %endif %changelog +* Sun Jan 08 2017 Till Maas - 1.11.0-4 +- Add patch for keytab kerberos client config +- Move non upstreamable Fedora patch to the end to ease rebasing to future + upstream release +- Move license comment before license tag + * Sat Jan 07 2017 Till Maas - 1.11.0-3 - Add patches for proxy IP forwarding