Package Details: python-ipaclient 4.8.10-1

Git Clone URL: https://aur.archlinux.org/freeipa.git (read-only, click to copy)
Package Base: freeipa
Description: Python libraries used by IPA client
Upstream URL: http://www.freeipa.org/
Keywords: freeipa identity management policy trusts
Licenses: GPL3
Submitter: chenxiaolong
Maintainer: backerman
Last Packager: backerman
Votes: 19
Popularity: 0.038845
First Submitted: 2012-11-15 23:50
Last Updated: 2020-10-22 03:35

Latest Comments

1 2 3 4 5 6 Next › Last »

fishbone222 commented on 2020-12-11 12:45

ipa-client-install fails after the update:

$ /usr/bin/ipa-client-install 
    Traceback (most recent call last):
    File /usr/bin/ipa-client-install, line 22, in <module>
    from ipaclient.install import ipa_client_install
    ModuleNotFoundError: No module named 'ipaclient.install'

asbhad2c commented on 2020-09-15 09:53

to get past the issues reported by yougotborked, I had to:

1) install unlisted build dependencies:

ding-libs, openldap, python-jinja, python-pyasn1-modules, xmlrpc-c

2) install unlisted dependencies from AUR:

python-gssapi, python-nss, python-yubico, yp-tool, certmonger, oddjob, python-ipaclient, python-ipalib

3) fix around things arch does not have (but Fedora/CentOS do)

$ mkdir /etc/krb5.conf.d
$ ln -sf /usr/bin/true  /usr/bin/authselect
$ mkdir /etc/authselect
$ cp /etc/nsswitch.conf /etc/authselect/user-nsswitch.conf

$ cat /etc/krb5.conf.d/freeipa
[libdefaults]
    spake_preauth_groups = edwards25519

Its about the presence of these files and dirs.

After that freeipa-client did build and a join using ipa-client-install ... succeeded.

To get users visible (ie with id) I then had to:

4) manually setup nsswitch.conf by adding to the top:

passwd:     sss files systemd
shadow:     files sss
group:      sss files systemd
netgroup:   sss files
automount:  sss files
services:   sss files
sudoers:    files sss

To get users authenticated I had to:

5) manually setup PAM as described here https://wiki.archlinux.org/index.php/LDAP_authentication#PAM_Configuration_2

the last two are apparently necessary cause arch has no authconfig.

crazzyfool commented on 2020-08-24 18:01

Same issue as yougotborked :-(

yougotborked commented on 2020-07-23 03:56

the package is missing a chrony dependancy, ipa-client-install fails setting up ntp without it

Continue to configure the system with these values? [no]: yes
Synchronizing time
Configuration of chrony was changed by installer.
CalledProcessError(Command ['/bin/systemctl', 'restart', 'chronyd.service'] returned non-zero exit status 5: 'Failed to restart chronyd.service: Unit chronyd.service not found.\n')
The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information

next ipa-client-install is missing access to some template files

Could not remove /tmp/tmpp8azpdku.ipabkp
[Errno 2] No such file or directory: '/usr/share/ipa/client/freeipa.template'
The ipa-client-install command failed. See /var/log/ipaclient-install.log for more information

Next, when trying to uninstall with ipa-client-install --uninstall we get another missing dependency "authselect"

[awing /]# ipa-client-install --uninstall
Disabling client Kerberos and LDAP configurations
Failed to remove krb5/LDAP configuration: [Errno 2] No such file or directory: '/usr/bin/authselect'
The ipa-client-install command failed. See /var/log/ipaclient-uninstall.log for more information

TheGoliath commented on 2020-06-24 11:51

Updated :)

hadogenes commented on 2020-06-22 09:52

Could you add --with-ipaplatform=arch to ./configure to allow building on manjaro

TheGoliath commented on 2020-06-03 13:09

Thank you. Just updated the PKGBUILD to include all of your changes :)

Also added you as a contributor into the Contributors section

EoleDev commented on 2020-06-03 12:51

Hi,

Here you go :

From 7af1f4b3c8d0130f6c6d61765d8396b2e8b7a508 Mon Sep 17 00:00:00 2001
From: Xiao-Long Chen <chenxiaolong@cxl.epac.to>
Date: Wed, 16 Apr 2014 19:31:08 -0400
Subject: [PATCH 2/2] platform: add Arch Linux platform

This patch has been adapted from the patches provided with freeipa package
in the Arch User Repository (AUR).

Signed-off-by: Jan Cholasta <jcholast@redhat.com>
---
 client/man/ipa-client-automount.1 |  4 ++--
 client/man/ipa-client-install.1   |  4 ++--
 ipaplatform/arch/__init__.py      |  3 +++
 ipaplatform/arch/constants.py     | 12 ++++++++++++
 ipaplatform/arch/paths.py         | 22 ++++++++++++++++++++++
 ipaplatform/arch/services.py      | 30 ++++++++++++++++++++++++++++++
 ipaplatform/arch/tasks.py         | 19 +++++++++++++++++++
 ipaplatform/setup.py              |  1 +
 8 files changed, 91 insertions(+), 4 deletions(-)
 create mode 100644 ipaplatform/arch/__init__.py
 create mode 100644 ipaplatform/arch/constants.py
 create mode 100644 ipaplatform/arch/paths.py
 create mode 100644 ipaplatform/arch/services.py
 create mode 100644 ipaplatform/arch/tasks.py

diff --git a/client/man/ipa-client-automount.1 b/client/man/ipa-client-automount.1
index 8b9989dec..2399250b1 100644
--- a/client/man/ipa-client-automount.1
+++ b/client/man/ipa-client-automount.1
@@ -29,7 +29,7 @@ The automount configuration consists of three files:
 .IP  o
 /etc/nsswitch.conf
 .IP  o
-/etc/sysconfig/autofs
+/etc/conf.d/autofs
 .IP  o
 /etc/autofs_ldap_auth.conf

@@ -79,7 +79,7 @@ Files that will be configured when SSSD is the automount client (default):
 .TP
 Files that will be configured when using the ldap automount client:

-/etc/sysconfig/autofs
+/etc/conf.d/autofs

 /etc/autofs_ldap_auth.conf

diff --git a/client/man/ipa-client-install.1 b/client/man/ipa-client-install.1
index 319952cb6..d01ccec64 100644
--- a/client/man/ipa-client-install.1
+++ b/client/man/ipa-client-install.1
@@ -270,6 +270,6 @@ Files updated, existing content is maintained:
 .br
 /etc/krb5.keytab
 .br
-/etc/sysconfig/network
+/etc/hostname

 .TP
diff --git a/ipaplatform/arch/__init__.py b/ipaplatform/arch/__init__.py
new file mode 100644
index 000000000..9da42e7b4
--- /dev/null
+++ b/ipaplatform/arch/__init__.py
@@ -0,0 +1,3 @@
+#
+# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+#
diff --git a/ipaplatform/arch/constants.py b/ipaplatform/arch/constants.py
new file mode 100644
index 000000000..b4857aa7c
--- /dev/null
+++ b/ipaplatform/arch/constants.py
@@ -0,0 +1,12 @@
+#
+# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+#
+
+from ipaplatform.redhat.constants import RedHatConstantsNamespace
+
+
+class ArchConstantsNamespace(RedHatConstantsNamespace):
+    pass
+
+
+constants = ArchConstantsNamespace()
diff --git a/ipaplatform/arch/paths.py b/ipaplatform/arch/paths.py
new file mode 100644
index 000000000..27721cf2f
--- /dev/null
+++ b/ipaplatform/arch/paths.py
@@ -0,0 +1,22 @@
+#
+# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+#
+
+from ipaplatform.redhat.paths import RedHatPathNamespace
+
+
+class ArchPathNamespace(RedHatPathNamespace):
+    AUTOFS_LDAP_AUTH_CONF = "/etc/autofs/autofs_ldap_auth.conf"
+    CERTMONGER_COMMAND_TEMPLATE = "/usr/lib/ipa/certmonger/%s"
+    SYSCONFIG_NFS = "/etc/conf.d/nfs-common.conf"
+    SYSCONFIG_NTPD = "/etc/conf.d/ntpd.conf"
+    SYSCONFIG_AUTOFS = "/etc/default/autofs"
+    DOGTAG_IPA_CA_RENEW_AGENT_SUBMIT = (
+        "/usr/lib/certmonger/certmonger/dogtag-ipa-ca-renew-agent-submit")
+    DOGTAG_IPA_RENEW_AGENT_SUBMIT = (
+        "/usr/lib/certmonger/certmonger/dogtag-ipa-renew-agent-submit")
+    IPA_SERVER_GUARD = "/usr/lib/certmonger/certmonger/ipa-server-guard"
+    LIB64_FIREFOX = "/usr/lib/firefox"
+
+
+paths = ArchPathNamespace()
diff --git a/ipaplatform/arch/services.py b/ipaplatform/arch/services.py
new file mode 100644
index 000000000..4ddfb53c9
--- /dev/null
+++ b/ipaplatform/arch/services.py
@@ -0,0 +1,30 @@
+#
+# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+#
+
+from ipaplatform.redhat import services as redhat_services
+
+arch_system_units = dict(redhat_services.redhat_system_units)
+arch_system_units['messagebus'] = 'dbus.service'
+arch_system_units['rpcgssd'] = 'rpc-gssd.service'
+arch_system_units['rpcidmapd'] = 'rpc-idmapd.service'
+
+
+class ArchService(redhat_services.RedHatService):
+    system_units = arch_system_units
+
+
+def arch_service_class_factory(name, api=None):
+    if name in {'messagebus', 'rpcgssd', 'rpcidmapd'}:
+        return ArchService(name, api)
+    return redhat_services.redhat_service_class_factory(name, api)
+
+
+class ArchServices(redhat_services.RedHatServices):
+    def service_class_factory(self, name, api=None):
+        return arch_service_class_factory(name, api)
+
+
+timedate_services = redhat_services.timedate_services
+service = arch_service_class_factory
+knownservices = ArchServices()
diff --git a/ipaplatform/arch/tasks.py b/ipaplatform/arch/tasks.py
new file mode 100644
index 000000000..58b837d79
--- /dev/null
+++ b/ipaplatform/arch/tasks.py
@@ -0,0 +1,19 @@
+#
+# Copyright (C) 2015  FreeIPA Contributors see COPYING for license
+#
+
+from ipaplatform.arch.paths import paths
+from ipaplatform.redhat.tasks import RedHatTaskNamespace
+
+
+class ArchTaskNamespace(RedHatTaskNamespace):
+    def restore_network_configuration(self, fstore, statestore):
+        filepath = paths.ETC_HOSTNAME
+        if fstore.has_file(filepath):
+            fstore.restore_file(filepath)
+
+    def is_fips_enabled(self):
+        return False
+
+
+tasks = ArchTaskNamespace()
diff --git a/ipaplatform/setup.py b/ipaplatform/setup.py
index 501e2bc56..b47875164 100644
--- a/ipaplatform/setup.py
+++ b/ipaplatform/setup.py
@@ -34,6 +34,7 @@ if __name__ == '__main__':
         package_dir={'ipaplatform': ''},
         packages=[
             "ipaplatform",
+            "ipaplatform.arch",
             "ipaplatform.base",
             "ipaplatform.debian",
             "ipaplatform.fedora",
-- 
2.13.3

TheGoliath commented on 2020-06-03 10:48

Hello @EoleDev :) would you mind to paste the whole 0001-platform-add-Arch-Linux-platform.patch in here?

EoleDev commented on 2020-06-03 09:00

Hi,

I successfully build this package, with some modifications. I didn't tried all the tools, and I don't know if there is some side effects to my patches. But right now, my ipa cli seems to be working fine. The main goal was to remove all python2 dependencies and only build python3 packages.

Here are the modifications I made by file :

  • PKGBUILD

In the pkgname var, I removed python2-ipalib and python2-ipaclient. In the makedepends var, I removed python2, python2-setuptools, python2-nss, python2-pyasn1, python2-pyasn1-modules, python2-dnspython, python2-six, python2-cffi, python2-jinja.

In the sha256sums, I replaced the sum for 0001-platform-add-Arch-Linux-platform.patch by 'SKIP' to skip it.

In the build function, I removed the lines between "cd freeipa-${pkgver}" and "export PYTHON=/usr/bin/python3". I also removed all the line with either "pushd" or "popd" in the end of the function.

I commented the function to build python2-ipalib and python2-ipaclient. In the package_freeipa-client function, I modified the python2-ipaclient requirements to python-ipaclient and python2-gssapi to python-gssapi.

  • 0001-platform-add-Arch-Linux-platform.patch

I updated the ipa-client-install.1 patch to :

diff --git a/client/man/ipa-client-install.1 b/client/man/ipa-client-install.1
index 319952cb6..d01ccec64 100644
--- a/client/man/ipa-client-install.1
+++ b/client/man/ipa-client-install.1
@@ -270,6 +270,6 @@ Files updated, existing content is maintained:
 .br
 /etc/krb5.keytab
 .br
-/etc/sysconfig/network
+/etc/hostname

.TP