SHA256
1
0
forked from pool/krb5
krb5/krb5-1.9-manpaths.dif
Michael Calmer 84f939323f - update to version 1.10.2
obsolte patches:
  * krb5-1.7-nodeplibs.patch
  * krb5-1.9.1-ai_addrconfig.patch
  * krb5-1.9.1-ai_addrconfig2.patch
  * krb5-1.9.1-sendto_poll.patch
  * krb5-1.9-canonicalize-fallback.patch
  * krb5-1.9-paren.patch
  * krb5-klist_s.patch
  * krb5-pkinit-cms2.patch
  * krb5-trunk-chpw-err.patch
  * krb5-trunk-gss_delete_sec.patch
  * krb5-trunk-kadmin-oldproto.patch
  * krb5-1.9-MITKRB5-SA-2011-006.dif
  * krb5-1.9-gss_display_status-iakerb.patch
  * krb5-1.9.1-sendto_poll2.patch
  * krb5-1.9.1-sendto_poll3.patch
  * krb5-1.9-MITKRB5-SA-2011-007.dif
- Fix an interop issue with Windows Server 2008 R2 Read-Only Domain
  Controllers.
- Update a workaround for a glibc bug that would cause DNS PTR queries
  to occur even when rdns = false.
- Fix a kadmind denial of service issue (null pointer dereference),
  which could only be triggered by an administrator with the "create"
  privilege.  [CVE-2012-1013]
- Fix access controls for KDB string attributes [CVE-2012-1012]
- Make the ASN.1 encoding of key version numbers interoperate with
  Windows Read-Only Domain Controllers
- Avoid generating spurious password expiry warnings in cases where
  the KDC sends an account expiry time without a password expiry time

OBS-URL: https://build.opensuse.org/package/show/network/krb5?expand=0&rev=65
2012-06-06 14:55:51 +00:00

209 lines
7.9 KiB
Plaintext

Change the absolute paths included in the man pages so that the correct
values can be dropped in by config.status. After applying this patch,
these files should be renamed to their ".in" counterparts, and then the
configure scripts should be rebuilt. Originally RT#6525
Index: krb5-1.10.2/src/aclocal.m4
===================================================================
--- krb5-1.10.2.orig/src/aclocal.m4
+++ krb5-1.10.2/src/aclocal.m4
@@ -1743,3 +1743,24 @@ AC_SUBST(PAM_LIBS)
AC_SUBST(PAM_MAN)
AC_SUBST(NON_PAM_MAN)
])dnl
+AC_DEFUN(V5_AC_OUTPUT_MANPAGE,[
+mansysconfdir=$sysconfdir
+mansysconfdir=`eval echo $mansysconfdir | sed -e "s,NONE,$prefix,g"`
+mansysconfdir=`eval echo $mansysconfdir | sed -e "s,NONE,$ac_default_prefix,g"`
+mansbindir=$sbindir
+mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$exec_prefix,g"`
+mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$prefix,g"`
+mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$ac_default_prefix,g"`
+manlocalstatedir=$localstatedir
+manlocalstatedir=`eval echo $manlocalstatedir | sed -e "s,NONE,$prefix,g"`
+manlocalstatedir=`eval echo $manlocalstatedir | sed -e "s,NONE,$ac_default_prefix,g"`
+manlibexecdir=$libexecdir
+manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$exec_prefix,g"`
+manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$prefix,g"`
+manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$ac_default_prefix,g"`
+AC_SUBST(mansysconfdir)
+AC_SUBST(mansbindir)
+AC_SUBST(manlocalstatedir)
+AC_SUBST(manlibexecdir)
+AC_CONFIG_FILES($1)
+])
Index: krb5-1.10.2/src/configure.in
===================================================================
--- krb5-1.10.2.orig/src/configure.in
+++ krb5-1.10.2/src/configure.in
@@ -1249,6 +1249,17 @@ AC_SUBST(localedir)
KRB5_WITH_PAM
AC_CONFIG_FILES(krb5-config, [chmod +x krb5-config])
+
+V5_AC_OUTPUT_MANPAGE([
+ appl/sample/sserver/sserver.M
+ config-files/kdc.conf.M
+ config-files/krb5.conf.M
+ gen-manpages/kerberos.M
+ kadmin/cli/kadmin.M
+ slave/kpropd.M
+ slave/kprop.M
+])
+
V5_AC_OUTPUT_MAKEFILE(.
util util/support util/profile util/profile/testmod util/send-pr
Index: krb5-1.10.2/src/appl/sample/sserver/sserver.M
===================================================================
--- krb5-1.10.2.orig/src/appl/sample/sserver/sserver.M
+++ krb5-1.10.2/src/appl/sample/sserver/sserver.M
@@ -59,7 +59,7 @@ option allows for a different keytab tha
using a line in
/etc/inetd.conf that looks like this:
.PP
-sample stream tcp nowait root /usr/local/sbin/sserver sserver
+sample stream tcp nowait root @mansbindir@/sserver sserver
.PP
Since \fBsample\fP is normally not a port defined in /etc/services, you will
usually have to add a line to /etc/services which looks like this:
Index: krb5-1.10.2/src/config-files/kdc.conf.M
===================================================================
--- krb5-1.10.2.orig/src/config-files/kdc.conf.M
+++ krb5-1.10.2/src/config-files/kdc.conf.M
@@ -92,14 +92,14 @@ This
.B string
specifies the location of the access control list (acl) file that
kadmin uses to determine which principals are allowed which permissions
-on the database. The default value is /usr/local/var/krb5kdc/kadm5.acl.
+on the database. The default value is @manlocalstatedir@/krb5kdc/kadm5.acl.
.IP admin_keytab
This
.B string
Specifies the location of the keytab file that kadmin uses to
authenticate to the database. The default value is
-/usr/local/var/krb5kdc/kadm5.keytab.
+@manlocalstatedir@/krb5kdc/kadm5.keytab.
.IP database_name
This
@@ -274,7 +274,7 @@ tickets should be checked against the tr
realm names and the [capaths] section of its krb5.conf file
.SH FILES
-/usr/local/var/krb5kdc/kdc.conf
+@manlocalstatedir@/krb5kdc/kdc.conf
.SH SEE ALSO
krb5.conf(5), krb5kdc(8)
Index: krb5-1.10.2/src/config-files/krb5.conf.M
===================================================================
--- krb5-1.10.2.orig/src/config-files/krb5.conf.M
+++ krb5-1.10.2/src/config-files/krb5.conf.M
@@ -808,6 +808,6 @@ This module implements the encrypted cha
This module implements the encrypted timestamp mechanism.
.SH FILES
-/etc/krb5.conf
+@mansysconfdir@/krb5.conf
.SH SEE ALSO
syslog(3)
Index: krb5-1.10.2/src/gen-manpages/kerberos.M
===================================================================
--- krb5-1.10.2.orig/src/gen-manpages/kerberos.M
+++ krb5-1.10.2/src/gen-manpages/kerberos.M
@@ -125,7 +125,7 @@ default is /etc/krb5.conf.
Specifies the location of the KDC configuration file, which contains
additional configuration directives for the Key Distribution Center
daemon and associated programs. The default is
-/usr/local/var/krb5kdc/kdc.conf.
+@manlocalstatedir@/krb5kdc/kdc.conf.
.TP
.B KRB5RCACHETYPE
Specifies the default type of replay cache to use for servers. Valid
Index: krb5-1.10.2/src/kadmin/cli/kadmin.M
===================================================================
--- krb5-1.10.2.orig/src/kadmin/cli/kadmin.M
+++ krb5-1.10.2/src/kadmin/cli/kadmin.M
@@ -924,9 +924,9 @@ option is specified, less verbose status
.RS
.TP
EXAMPLE:
-kadmin: ktremove -k /usr/local/var/krb5kdc/kadmind.keytab kadmin/admin
+kadmin: ktremove -k @manlocalstatedir@/krb5kdc/kadmind.keytab kadmin/admin
Entry for principal kadmin/admin with kvno 3 removed
- from keytab WRFILE:/usr/local/var/krb5kdc/kadmind.keytab.
+ from keytab WRFILE:@manlocalstatedir@/krb5kdc/kadmind.keytab.
kadmin:
.RE
.fi
Index: krb5-1.10.2/src/slave/kpropd.M
===================================================================
--- krb5-1.10.2.orig/src/slave/kpropd.M
+++ krb5-1.10.2/src/slave/kpropd.M
@@ -74,7 +74,7 @@ Normally, kpropd is invoked out of
This is done by adding a line to the inetd.conf file which looks like
this:
-kprop stream tcp nowait root /usr/local/sbin/kpropd kpropd
+kprop stream tcp nowait root @mansbindir@/kpropd kpropd
However, kpropd can also run as a standalone daemon, if the
.B \-S
@@ -111,13 +111,13 @@ is used.
\fB\-f\fP \fIfile\fP
specifies the filename where the dumped principal database file is to be
stored; by default the dumped database file is KPROPD_DEFAULT_FILE
-(normally /usr/local/var/krb5kdc/from_master).
+(normally @manlocalstatedir@/krb5kdc/from_master).
.TP
.B \-p
allows the user to specify the pathname to the
.IR kdb5_util (8)
program; by default the pathname used is KPROPD_DEFAULT_KDB5_UTIL
-(normally /usr/local/sbin/kdb5_util).
+(normally @mansbindir@/kdb5_util).
.TP
.B \-S
turn on standalone mode. Normally, kpropd is invoked out of
@@ -148,14 +148,14 @@ mode.
allows the user to specify the path to the
kpropd.acl
file; by default the path used is KPROPD_ACL_FILE
-(normally /usr/local/var/krb5kdc/kpropd.acl).
+(normally @manlocalstatedir@/krb5kdc/kpropd.acl).
.SH FILES
.TP "\w'kpropd.acl\ \ 'u"
kpropd.acl
Access file for
.BR kpropd ;
the default location is KPROPD_ACL_FILE (normally
-/usr/local/var/krb5kdc/kpropd.acl).
+@manlocalstatedir@/krb5kdc/kpropd.acl).
Each entry is a line containing the principal of a host from which the
local machine will allow Kerberos database propagation via kprop.
.SH SEE ALSO
Index: krb5-1.10.2/src/slave/kprop.M
===================================================================
--- krb5-1.10.2.orig/src/slave/kprop.M
+++ krb5-1.10.2/src/slave/kprop.M
@@ -39,7 +39,7 @@ Kerberos server to a slave Kerberos serv
This is done by transmitting the dumped database file to the slave
server over an encrypted, secure channel. The dump file must be created
by kdb5_util, and is normally KPROP_DEFAULT_FILE
-(/usr/local/var/krb5kdc/slave_datatrans).
+(@manlocalstatedir@/krb5kdc/slave_datatrans).
.SH OPTIONS
.TP
\fB\-r\fP \fIrealm\fP
@@ -51,7 +51,7 @@ is used.
\fB\-f\fP \fIfile\fP
specifies the filename where the dumped principal database file is to be
found; by default the dumped database file is KPROP_DEFAULT_FILE
-(normally /usr/local/var/krb5kdc/slave_datatrans).
+(normally @manlocalstatedir@/krb5kdc/slave_datatrans).
.TP
\fB\-P\fP \fIport\fP
specifies the port to use to contact the