ipa-admintools-3.3.3-28.el7_0.1> H HtxHFTn ?*}} $9(?d " ;pt   0 @ `  8`   (89 :*G\H|IXY\]^\bdefltuvwxyCipa-admintools3.3.328.el7_0.1IPA administrative toolsIPA is an integrated solution to provide centrally managed Identity (machine, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof). This package provides command-line tools for IPA administrators.Tssl7.fnal.gov5Scientific LinuxScientific LinuxGPLv3+Scientific LinuxSystem Environment/Basehttp://www.freeipa.org/linuxx86_648K6A큤A큤TeRsT5TpRsRsRsRs3e847e2fcb090b6a8681c764174ae75649bd75141e88a0618af81cf2da332acb1d54ef328bc61a938d3231f2f1b717a0c52b203c25faabdda7305e41363756588ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b9036ddf843b94d6caa026293a6aa083b5eb0c3f1319d2aad851a779eb876c1e9ba52378ae5f9d2bc73370af9c30cb96b70f5bf81e70f6a14ad259c22de2a1524a9326ffeb7d0573ba2501e299fed0a7b859d2f3c461f2cbe986f83e39413998bc46rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootipa-3.3.3-28.el7_0.1.src.rpmconfig(ipa-admintools)ipa-admintoolsipa-admintools(x86-64)@    /usr/bin/pythonconfig(ipa-admintools)ipa-clientipa-pythonpython-krbVpython-ldaprpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.3.3-28.el7_0.13.3.3-28.el7_0.13.3.3-28.el7_0.13.0.4-14.6.0-14.0-15.2-14.11.1SS:@S2@S1oS!S!S L@S L@Sc@SS @Rb@R@R@RUR@RRx@RR=RʚRƦ@RkRv@RG@RiRz/@RxRsRo@Ro@R^RW@RNR@-@R/ R-@R(r@R7RZ@R R R@R@R@R@R@R6QQQ'@Q@QvwQu&@Qm=@QZ@QVQ(@Q@PPPPPx@Px@PnPj@P\VPG>P@@P4P.2@PP @M6@M.@M.@M.@M-M M@L!LfLNLdLLLzLe3La?@LD>@L#HL#HL@K/KՀ@KK@KKs@Kie@K`*KK@K @JJ@J@J@JJB@J{IIIm@I1Iq@IKIFFI9I1.Ih@IIP@H@HXHO@H-w@H HHH@G߮GGgGs@G@G@G@G}G}G}GG@GC@GkGDG<4G)G(n@G3G@GJF@FS@FFuF@Martin Kosek - 3.3.3-28.1Martin Kosek - 3.3.3-28Martin Kosek - 3.3.3-27Martin Kosek - 3.3.3-26Martin Kosek - 3.3.3-25Martin Kosek - 3.3.3-24Martin Kosek - 3.3.3-23Martin Kosek - 3.3.3-22Martin Kosek - 3.3.3-21Martin Kosek - 3.3.3-20Martin Kosek - 3.3.3-19Martin Kosek - 3.3.3-18Martin Kosek - 3.3.3-17Martin Kosek - 3.3.3-16Daniel Mach - 3.3.3-15Martin Kosek - 3.3.3-14Martin Kosek - 3.3.3-13Martin Kosek - 3.3.3-12Martin Kosek - 3.3.3-11Martin Kosek - 3.3.3-10Martin Kosek - 3.3.3-9Martin Kosek - 3.3.3-8Daniel Mach - 3.3.3-7Martin Kosek - 3.3.3-6Martin Kosek - 3.3.3-5Martin Kosek - 3.3.3-4Martin Kosek - 3.3.3-3Martin Kosek - 3.3.3-2Martin Kosek - 3.3.3-1Martin Kosek - 3.3.2-5Martin Kosek - 3.3.2-4Martin Kosek - 3.3.2-3Martin Kosek - 3.3.2-2Martin Kosek - 3.3.2-1Martin Kosek - 3.3.1-5Martin Kosek - 3.3.1-4Martin Kosek - 3.3.1-3Martin Kosek - 3.3.1-2Rob Crittenden - 3.3.1-1Rob Crittenden - 3.3.0-7Martin Kosek - 3.3.0-6Martin Kosek - 3.3.0-5Martin Kosek - 3.3.0-4Martin Kosek - 3.3.0-3Martin Kosek - 3.3.0-2Martin Kosek - 3.3.0-1Martin Kosek - 3.3.0-0.2.beta2Martin Kosek - 3.3.0-0.1.beta2Martin Kosek - 3.2.2-1Martin Kosek - 3.2.1-1Rob Crittenden - 3.2.0-2Rob Crittenden - 3.2.0-1Rob Crittenden - 3.2.0-0.4.beta1Rob Crittenden - 3.2.0-0.3.beta1Rob Crittenden - 3.2.0-0.2.beta1Martin Kosek - 3.2.0-0.1.pre1Kevin Fenzi 3.1.2-4Kevin Fenzi - 3.1.2-3Fedora Release Engineering - 3.1.2-2Rob Crittenden - 3.1.2-1Martin Kosek - 3.1.0-2Rob Crittenden - 3.1.0-1Martin Kosek - 3.0.0-3Rob Crittenden - 3.0.0-2Rob Crittenden - 3.0.0-1Rob Crittenden - 3.0.0-0.10Martin Kosek - 3.0.0-0.9Rob Crittenden - 3.0.0-0.8Rob Crittenden - 3.0.0-0.7Rob Crittenden - 3.0.0-0.6Alexander Bokovoy - 3.0.0-0.5Rob Crittenden - 3.0.0-0.4Martin Kosek - 3.0.0-0.3Alexander Bokovoy - 3.0.0-0.2Rob Crittenden - 3.0.0-0.1Rob Crittenden - 2.2.0-1Rob Crittenden - 2.1.90-0.2Rob Crittenden - 2.1.90-0.1Alexander Bokovoy - 2.1.4-5Martin Kosek - 2.1.4-4Alexander Bokovoy - 2.1.4-3Alexander Bokovoy - 2.1.4-2Rob Crittenden - 2.1.4-1Rob Crittenden - 2.1.3-8Alexander Bokovoy - 2.1.3-7Alexander Bokovoy - 2.1.3-6Fedora Release Engineering - 2.1.3-5Alexander Bokovoy - 2.1.3-4Alexander Bokovoy - 2.1.3-3Alexander Bokovoy - 2.1.3-2Alexander Bokovoy - 2.1.3-1Alexander Bokovoy - 2.1.2-1Rob Crittenden - 2.1.0-1Simo Sorce - 2.0.1-2Rob Crittenden - 2.0.1-1Rob Crittenden - 2.0.0-1Rob Crittenden - 2.0.0-0.4.rc2Rob Crittenden - 2.0.0-0.3.rc1Rob Crittenden - 2.0.0-0.1.rc1Fedora Release Engineering - 2.0.0-0.2.beta2Rob Crittenden - 2.0.0-0.1.beta2Rob Crittenden - 2.0.0-0.2.beta.git80e87e7Rob Crittenden - 2.0.0-0.1.beta.git80e87e7Rob Crittenden - 1.99-41Adam Young - 1.99-40Simo Sorce - 1.99-39Simo Sorce - 1.99-38Rob Crittenden - 1.99-37Rob Crittenden - 1.99-36Rob Crittenden - 1.99-35Jr Aquino - 1.99-34Simo Sorce - 1.99-33Rob Crittenden - 1.99-32Rob Crittenden - 1.99-31Rob Crittenden - 1.99-30Rob Crittenden - 1.99-29Rob Crittenden - 1.99-28Rob Crittenden - 1.99-27Rob Crittenden - 1.99-26Rob Crittenden - 1.99-25Adam Young - 1.99-24Rob Crittenden - 1.99-23Rob Crittenden - 1.99-22Rob Crittenden - 1.99-21Rob Crittenden - 1.99-20Rob Crittenden - 1.99-19Jason Gerard DeRose - 1.99-18Jason Gerard DeRose - 1.99-17Jason Gerard DeRose - 1.99-16Rob Crittenden - 1.99-15Jason Gerard DeRose - 1.99-14Rob Crittenden - 1.99-13Rob Crittenden - 1.99-12Rob Crittenden - 1.99-11Rob Crittenden - 1.99-10Rob Crittenden - 1.99-9Jason Gerard DeRose - 1.99-8Rob Crittenden - 1.99-7Rob Crittenden - 1.99-6Rob Crittenden - 1.99-5Rob Crittenden - 1.99-4Rob Crittenden - 1.99-3Rob Crittenden - 1.99-2Rob Crittenden - 1.99-1Tomas Mraz - 1.2.1-3Dan Walsh - 1.2.1-2Simo Sorce - 1.2.1-1Simo Sorce - 1.2.1-0Ignacio Vazquez-Abrams - 1.2.0-4Simo Sorce - 1.2.0-3Simo Sorce - 1.2.0-2Rob Crittenden - 1.2.0-1Simo Sorce - 1.1.0-3Rob Crittenden - 1.1.0-2Rob Crittenden - 1.1.0-1Rob Crittenden - 1.0.0-5Rob Crittenden - 1.0.0-4Rob Crittenden - 1.0.0-3Rob Crittenden - 1.0.0-2Rob Crittenden - 1.0.0-1Rob Crittenden 0.99-12Rob Crittenden 0.99-11Rob Crittenden 0.99-10Rob Crittenden 0.99-9Rob Crittenden 0.99-8Rob Crittenden 0.99-7Rob Crittenden 0.99-6Rob Crittenden 0.99-5Rob Crittenden 0.99-4Rob Crittenden 0.99-3Rob Crittenden 0.99-2Rob Crittenden 0.99-1Rob Crittenden - 0.6.0-2Karl MacMillan - 0.6.0-1Karl MacMillan - 0.5.0-1Rob Crittenden - 0.4.1-2Karl MacMillan - 0.4.1-1Karl MacMillan - 0.4.0-6Rob Crittenden - 0.4.0-5Rob Crittenden - 0.4.0-4Karl MacMillan - 0.4.0-3Karl MacMillan - 0.4.0-2Karl MacMillan - 0.2.0-1Rob Crittenden - 0.1.0-3Rob Crittenden - 0.1.0-2Karl MacMillan - 0.1.0-1- Server installation fails using external signed certificates with "IndexError: list index out of range" (#1130031) - Add rhino to BuildRequires to fix Web UI build error- ipa-client-automount fails with incompatibility error when installed against older IPA server (#1083108)- Proxy PKI URI /ca/ee/ca/profileSubmit to enable replication with future PKI versions (#1080865)- When IdM server trusts multiple AD forests, IPA client returns invalid group membership info (#1079498)- Deletion of active subdomain range should not be allowed (#1075615)- PKI database is ugraded during replica installation (#1075118)- Unable to add trust successfully with --trust-secret (#1075704)- ipa-replica-install never checks for 7389 port (#1075165) - Non-terminated string may be passed to LDAP search (#1075091) - ipa-sam may fail to translate group SID into GID (#1073829) - Excessive LDAP calls by ipa-sam during Samba FS operations (#1075132)- Do not fetch a principal two times, remove potential memory leak (#1070924)- trustdomain-find with pkey-only fails (#1068611) - Invalid credential cache in trust-add (#1069182) - ipa-replica-install prints unexpected error (#1069722) - Too big font in input fields in details facet in Firefox (#1069720) - trust-add for POSIX AD does not fetch trustdomains (#1070925) - Misleading trust-add error message in some cases (#1070926) - Access is not rejected for disabled domain (#1070924)- Remove ipa-backup and ipa-restore functionality from RHEL (#1003933)- Display server name in ipa command's verbose mode (#1061703) - Remove sourcehostcategory from default HBAC rule (#1061187) - dnszone-add cannot add classless PTR zones (#1058688) - Move ipa-otpd socket directory to /var/run/krb5kdc (#1063850)- Lockout plugin crashed during ipa-server-install (#912725)- Fallback to global policy in ipa lockout plugin (#912725) - Migration does not add users to default group (#903232)- Mass rebuild 2014-01-24- Fix NetBIOS name generation in CLDAP plugin (#1030517)- Do not add krbPwdPolicyReference for new accounts, hardcode it (#1045218) - Increase default timeout for IPA services (#1033273) - Error while running trustdomain-find (#1054376) - group-show lists SID instead of name for external groups (#1054391) - Fix IPA server NetBIOS name in samba configuration (#1030517) - dnsrecord-mod produces missing API version warning (#1054869) - Hide trust-resolve command as internal (#1052860) - Add Trust domain Web UI (#1054870) - ipasam cannot delete multiple child trusted domains (#1056120)- Missing objectclasses when empty password passed to host-add (#1052979) - sudoOrder missing in sudoers (#1052983) - Missing examples in sudorule help (#1049464) - Client automount does not uninstall when fstore is empty (#910899) - Error not clear for invalid realm given to trust-fetch-domains (#1052981) - trust-fetch-domains does not add idrange for subdomains found (#1049926) - Add option to show if an AD subdomain is enabled/disabled (#1052973) - ipa-adtrust-install still failed with long NetBIOS names (#1030517) - Error not clear for invalid relam given to trustdomain-find (#1049455) - renewed client cert not recognized during IPA CA renewal (#1033273)- hbactest does not work for external users (#848531)- PKI service restart after CA renewal failed (#1040018)- Move ipa-tests package to separate srpm (#1032668)- Fix status trust-add command status message (#910453) - NetBIOS was not trimmed at 15 characters (#1030517) - Harden CA subsystem certificate renewal on CA clones (#1040018)- Mass rebuild 2013-12-27- Remove "Listen 443 http" hack from deployed nss.conf (#1029046) - Re-adding existing trust fails (#1033216) - IPA uninstall exits with a samba error (#1033075) - Added RELRO hardening on /usr/libexec/ipa-otpd (#1026260) - Fixed ownership of /usr/share/ipa/ui/js (#1026260) - ipa-tests: support external names for hosts (#1032668) - ipa-client-install fail due fail to obtain host TGT (#1029354)- Trust add tries to add same value of --base-id for sub domain, causing an error (#1033068) - Improved error reporting for adding trust case (#1029856)- Winsync agreement cannot be created (#1023085)- Installer did not detect different server and IPA domain (#1026845) - Allow kernel keyring CCACHE when supported (#1026861)- ipa-server-install crashes when AD subpackage is not installed (#1026434)- Update to upstream 3.3.3 (#991064)- Temporarily move ipa-backup and ipa-restore functionality back to make them available in public Beta (#1003933)- Server install failure during client enrollment shouldn't roll back (#1023086) - nsds5ReplicaStripAttrs are not set on agreements (#1023085) - ipa-server conflicts with mod_ssl (#1018172)- Reinstalling ipa server hangs when configuring certificate server (#1018804)- Deprecate --serial-autoincrement option (#1016645) - CA installation always failed on replica (#1005446) - Re-initializing a winsync connection exited with error (#994980)- Update to upstream 3.3.2 (#991064) - Add delegation info to MS-PAC (#915799) - Warn about incompatibility with AD when IPA realm and domain differs (#1009044) - Allow PKCS#12 files with empty password in install tools (#1002639) - Privilege "SELinux User Map Administrators" did not list permissions (#997085) - SSH key upload broken when client joins an older server (#1009024)- Remove dependency on python-paramiko (#1002884) - Broken redirection when deleting last entry of DNS resource record (#1006360)- Remove ipa-backup and ipa-restore functionality from RHEL (#1003933)- Replica installation fails for RHEL 6.4 master (#1004680) - Server uninstallation crashes if DS is not available (#998069)- Unable to remove replica by ipa-replica-manage (#1001662) - Before uninstalling a server, warn about active replicas (#998069)- Update to upstream 3.3.1 (#991064) - Update minimum version of bind-dyndb-ldap to 3.5- Fix replica installation failing on certificate subject (#983075)- Allow ipa-tests to work with older version (1.7.7) of python-paramiko- Prevent multilib failures in *.pyo and *.pyc files- ipa-server-install fails if --subject parameter is other than default realm (#983075) - do not allow configuring bind-dyndb-ldap without persistent search (#967876)- diffstat was missing as a build dependency causing multilib problems- Remove ipa-server-selinux obsoletes as upgrades from version prior to 3.3.0 are not allowed - Wrap server-trust-ad subpackage description better - Add (noreplace) flag for %{_sysconfdir}/tmpfiles.d/ipa.conf - Change permissions on default_encoding_utf8.so to fix ipa-python Provides- Update to upstream 3.3.0 (#991064)- Require slapi-nis 0.47.7 delivering a core feature of 3.3.0 release- Update to upstream 3.3.0 Beta 2 (#991064)- Update to upstream 3.2.2 - Drop ipa-server-selinux subpackage - Drop redundant directory /var/cache/ipa/sessions - Do not create /var/lib/ipa/pki-ca/publish, retain reference as ghost - Run ipa-upgradeconfig and server restart in posttrans to avoid inconsistency issues when there are still old parts of software (like entitlements plugin)- Update to upstream 3.2.1 - Drop dogtag-pki-server-theme requires, it won't be build for RHEL-7.0- Add OTP patches - Add patch to set KRB5CCNAME for 389-ds-base- Update to upstream 3.2.0 GA - ipa-client-install fails if /etc/ipa does not exist (#961483) - Certificate status is not visible in Service and Host page (#956718) - ipa-client-install removes needed options from ldap.conf (#953991) - Handle socket.gethostbyaddr() exceptions when verifying hostnames (#953957) - Add triggerin scriptlet to support OpenSSH 6.2 (#953617) - Require nss 3.14.3-12.0 to address certutil certificate import errors (#953485) - Require pki-ca 10.0.2-3 to pull in fix for sslget and mixed IPv4/6 environments. (#953464) - ipa-client-install removes 'sss' from /etc/nsswitch.conf (#953453) - ipa-server-install --uninstall doesn't stop dirsrv instances (#953432) - Add requires for openldap-2.4.35-4 to pickup fixed SASL_NOCANON behavior for socket based connections (#960222) - Require libsss_nss_idmap-python - Add Conflicts on nss-pam-ldapd < 0.8.4. The mapping from uniqueMember to member is now done automatically and having it in the config file raises an error. - Add backup and restore tools, directory. - require at least systemd 38 which provides the journal (we no longer need to require syslog.target) - Update Requires on policycoreutils to 2.1.14-37 - Update Requires on selinux-policy to 3.12.1-42 - Update Requires on 389-ds-base to 1.3.1.0 - Remove a Requires for java-atk-wrapper- Remove release from krb5-server in strict sub-package to allow for rebuilds.- Add a Requires for java-atk-wrapper until we can determine which package should be pulling it in, dogtag or tomcat.- Update to upstream 3.2.0 Beta 1- Update to upstream 3.2.0 Prerelease 1 - Use upstream reference spec file as a base for Fedora spec file- Rebuild for broken deps - Fix 389-ds-base strict dep to be 1.3.0.5 and krb5-server 1.11.1- Rebuild for broken deps in rawhide - Fix 389-ds-base strict dep to be 1.3.0.3- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild- Update to upstream 3.1.2 - CVE-2012-4546: Incorrect CRLs publishing - CVE-2012-5484: MITM Attack during Join process - CVE-2013-0199: Cross-Realm Trust key leak - Updated strict dependencies to 389-ds-base = 1.3.0.2 and pki-ca = 10.0.1- Remove redundat Requires versions that are already in Fedora 17 - Replace python-crypto Requires with m2crypto - Add missing Requires(post) for client and server-trust-ad subpackages - Restart httpd service when server-trust-ad subpackage is installed - Bump selinux-policy Requires to pick up PKI/LDAP port labeling fixes- Updated to upstream 3.1.0 GA - Set minimum for sssd to 1.9.2 - Set minimum for pki-ca to 10.0.0-1 - Set minimum for 389-ds-base to 1.3.0 - Set minimum for selinux-policy to 3.11.1-60 - Remove unneeded dogtag package requires- Update Requires on krb5-server to 1.11- Configure CA replication to use TLS instead of SSL- Updated to upstream 3.0.0 GA - Set minimum for samba to 4.0.0-153. - Make sure server-trust-ad subpackage alternates winbind_krb5_locator.so plugin to /dev/null since they cannot be used when trusts are configured - Restrict krb5-server to 1.10. - Update BR for 389-ds-base to 1.3.0 - Add directory /var/lib/ipa/pki-ca/publish for CRL published by pki-ca - Add Requires on zip for generating FF browser extension- Updated to upstream 3.0.0 rc 2 - Include new FF configuration extension - Set minimum Requires of selinux-policy to 3.11.1-33 - Set minimum Requires dogtag to 10.0.0-0.43.b1 - Add new optional strict sub-package to allow users to limit other package upgrades.- Require samba packages instead of obsoleted samba4 packages- Updated to upstream 3.0.0 rc 1 - Update BR for 389-ds-base to 1.2.11.14 - Update BR for krb5 to 1.10 - Update BR for samba4-devel to 4.0.0-139 (rc1) - Add BR for python-polib - Update BR and Requires on sssd to 1.9.0 - Update Requires on policycoreutils to 2.1.12-5 - Update Requires on 389-ds-base to 1.2.11.14 - Update Requires on selinux-policy to 3.11.1-21 - Update Requires on dogtag to 10.0.0-0.33.a1 - Update Requires on certmonger to 0.60 - Update Requires on tomcat to 7.0.29 - Update minimum version of bind to 9.9.1-10.P3 - Update minimum version of bind-dyndb-ldap to 1.1.0-0.16.rc1 - Remove Requires on authconfig from python sub-package- Rebuild against samba4 beta8- Rebuild against samba4 beta7- Adopt to samba4 beta6 (libsecurity -> libsamba-security) - Add dependency to samba4-winbind- Updated to upstream 3.0.0 beta 2- Updated to current upstream state of 3.0.0 beta 2 development- Rebuild against samba4 beta4- Updated to upstream 3.0.0 beta 1- Updated to upstream 2.2.0 GA - Update minimum n-v-r of certmonger to 0.53 - Update minimum n-v-r of slapi-nis to 0.40 - Add Requires in client to oddjob-mkhomedir and python-krbV - Update minimum selinux-policy to 3.10.0-110- Update to upstream 2.2.0 beta 1 (2.1.90.rc1) - Set minimum n-v-r for pki-ca and pki-silent to 9.0.18. - Add Conflicts on mod_ssl - Update minimum n-v-r of 389-ds-base to 1.2.10.4 - Update minimum n-v-r of sssd to 1.8.0 - Update minimum n-v-r of slapi-nis to 0.38 - Update minimum n-v-r of pki-* to 9.0.18 - Update conflicts on bind-dyndb-ldap to < 1.1.0-0.9.b1 - Update conflicts on bind to < 9.9.0-1 - Drop requires on krb5-server-ldap - Add patch to remove escaping arguments to pkisilent- Update to upstream 2.2.0 alpha 1 (2.1.90.pre1)- Force to use 389-ds 1.2.10-0.8.a7 or above - Improve upgrade script to handle systemd 389-ds change - Fix freeipa to work with python-ldap 2.4.6- Fix ipa-replica-install crashes - Fix ipa-server-install and ipa-dns-install logging - Set minimum version of pki-ca to 9.0.17 to fix sslget problem caused by FEDORA-2011-17400 update (#771357)- Allow Web-based migration to work with tightened SE Linux policy (#769440) - Rebuild slapi plugins against re-enterant version of libldap- Allow longer dirsrv startup with systemd: - IPAdmin class will wait until dirsrv instance is available up to 10 seconds - Helps with restarts during upgrade for ipa-ldap-updater - Fix pylint warnings from F16 and Rawhide- Update to upstream 2.1.4 (CVE-2011-3636)- Update SELinux policy to allow ipa_kpasswd to connect ldap and read /dev/urandom. (#759679)- Fix wrong path in packaging freeipa-systemd-upgrade- Introduce upgrade script to recover existing configuration after systemd migration as user has no means to recover FreeIPA from systemd migration - Upgrade script: - recovers symlinks in Dogtag instance install - recovers systemd configuration for FreeIPA's directory server instances - recovers freeipa.service - migrates directory server and KDC configs to use proper keytabs for systemd services- Rebuilt for glibc bug#747377- clean up spec - Depend on sssd >= 1.6.2 for better user experience- Fix Fedora package changelog after merging systemd changes- Fix postin scriplet for F-15/F-16- 2.1.3- Default to systemd for Fedora 16 and onwards- Update to upstream 2.1.0- Fix bug #702633- Update minimum selinux-policy to 3.9.16-18 - Update minimum pki-ca and pki-selinux to 9.0.7 - Update minimum 389-ds-base to 1.2.8.0-1 - Update to upstream 2.0.1- Update to upstream GA release - Automatically apply updates when the package is upgraded- Update to upstream freeipa-2.0.0.rc2 - Set minimum version of python-nss to 0.11 to make sure IPv6 support is in - Set minimum version of sssd to 1.5.1 - Patch to include SuiteSpotGroup when setting up 389-ds instances - Move a lot of BuildRequires so this will build with ONLY_CLIENT enabled- Set the N-V-R so rc1 is an update to beta2.- Set minimum version of sssd to 1.5.1 - Update to upstream freeipa-2.0.0.rc1 - Move server-only binaries from admintools subpackage to server- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild- Set min version of 389-ds-base to 1.2.8 - Set min version of mod_nss 1.0.8-10 - Set min version of selinux-policy to 3.9.7-27 - Add dogtag themes to Requires - Update to upstream freeipa-2.0.0.pre2- Remove unnecessary moving of v1 CA serial number file in post script - Add Obsoletes for server-selinxu subpackage - Using git snapshot 442d6ad30ce1156914e6245aa7502499e50ec0da- Prepare spec file for release - Using git snapshot 80e87e75bd6ab56e3e20c49ece55bd4d52f1a503- Re-arrange doc and defattr to clean up rpmlint warnings - Remove conditionals on older releases - Move some man pages into admintools subpackage - Remove some explicit Requires in client that aren't needed - Consistent use of buildroot vs RPM_BUILD_ROOT- Moved directory install/static to install/ui- Remove dependency on nss_ldap/nss-pam-ldapd - The official client is sssd and that's what we use by default.- Remove radius subpackages- Set minimum pki-ca and pki-silent versions to 9.0.0- Drop BuildRequires on mozldap-devel- Add Requires on krb5-pkinit-openssl- Add ipa-host-net-manage script- Add ipa init script- Set minimum level of 389-ds-base to 1.2.7 for enhanced memberof plugin- remove ipa-fix-CVE-2008-3274- Remove duplicate %files entries on share/ipa/static - Add python default encoding shared library- Drop requires on python-configobj (not used any more) - Drop ipa-ldap-updater message, upgrades are done differently now- Drop conflicts on mod_nss - Require nss-pam-ldapd on F-14 or higher instead of nss_ldap (#606847) - Drop a slew of conditionals on older Fedora releases (< 12) - Add a few conditionals against RHEL 6 - Add Requires of nss-tools on ipa-client- Set minimum version of certmonger to 0.26 (to pck up #621670) - Set minimum version of pki-silent to 1.3.4 (adds -key_algorithm) - Set minimum version of pki-ca to 1.3.6 - Set minimum version of sssd to 1.2.1- Add BuildRequires for authconfig- Bump up minimum version of python-nss to pick up nss_is_initialize() API- Removed python-asset based webui- Change Requires from fedora-ds-base to 389-ds-base - Set minimum level of 389-ds-base to 1.2.6 for the replication version plugin.- Drop Requires of python-krbV on ipa-client- Load ipa_dogtag.pp in post install- Set minimum level of sssd to 1.1.1 to pull in required hbac fixes.- No need to create /var/log/ipa_error.log since we aren't using TurboGears any more.- Fixed share/ipa/wsgi.py so .pyc, .pyo files are included- Added Require mod_wsgi, added share/ipa/wsgi.py- Require python-wehjit >= 0.2.2- Add sssd and certmonger as a Requires on ipa-client- Require python-wehjit >= 0.2.0- Add ipa-rmkeytab tool- Set minimum of python-pyasn1 to 0.0.9a so we have support for the ASN.1 Any type- Remove v1-style /etc/ipa/ipa.conf, replacing with /etc/ipa/default.conf- Add bash completion script and own /etc/bash_completion.d in case it doesn't already exist- Remove ipa_webgui, its functions rolled into ipa_httpd- Removed python-cherrypy from BuildRequires and Requires - Added Requires python-assets, python-wehjit- Added httpd SELinux policy so CRLs can be read- Move ipalib to ipa-python subpackage - Bump minimum version of slapi-nis to 0.15- Set 0.14 as minimum version for slapi-nis- Add Requires: python-nss to ipa-python sub-package- Remove the IPA DNA plugin, use the DS one- Build radius separately - Fix a few minor issues- Replace TurboGears requirement with python-cherrypy- rebuild with new openssl- Fix SELinux code- Fix breakage caused by python-kerberos update to 1.1- New upstream release 1.2.1- Rebuild for Python 2.6- Respin after the tarball has been re-released upstream New hash is 506c9c92dcaf9f227cba5030e999f177- Conditionally restart also dirsrv and httpd when upgrading- Update to upstream version 1.2.0 - Set fedora-ds-base minimum version to 1.1.3 for winsync header - Set the minimum version for SELinux policy - Remove references to Fedora 7- Fix for CVE-2008-3274 - Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface - Add fix for bug #453185 - Rebuild against openldap libraries, mozldap ones do not work properly - TurboGears is currently broken in rawhide. Added patch to not build the UI locales and removed them from the ipa-server files section.- Add call to /usr/sbin/upgradeconfig to post install- Update to upstream version 1.1.0 - Patch for indexing memberof attribute - Patch for indexing uidnumber and gidnumber - Patch to change DNA default values for replicas - Patch to fix uninitialized variable in ipa-getkeytab- Set fedora-ds-base minimum version to 1.1.0.1-4 and mod_nss minimum version to 1.0.7-4 so we pick up the NSS fixes. - Add selinux-policy-base(post) to Requires (446496)- Add missing entry for /var/cache/ipa/kpasswd (444624) - Added patch to fix permissions problems with the Apache NSS database. - Added patch to fix problem with DNS querying where the query could be returned as the answer. - Fix spec error where patch1 was in the wrong section- Added patch to fix problem reported by ldapmodify- Fix Requires for krb5-server that was missing for Fedora versions > 9 - Remove quotes around test for fedora version to package egg-info- Update to upstream version 1.0.0- Pull upstream changelog 722 - Add Conflicts mod_ssl (435360)- Pull upstream changelog 698 - Fix ownership of /var/log/ipa_error.log during install (435119) - Add pwpolicy command and man page- Pull upstream changelog 678 - Add new subpackage, ipa-server-selinux - Add Requires: authconfig to ipa-python (bz #433747) - Package i18n files- Pull upstream changelog 641 - Require minimum version of krb5-server on F-7 and F-8 - Package some new files- Marked with wrong license. IPA is GPLv2.- Ensure that /etc/ipa exists before moving user-modifiable html files there - Put html files into /etc/ipa/html instead of /etc/ipa- Pull upstream changelog 608 which renamed several files- package the sessions dir /var/cache/ipa/sessions - Pull upstream changelog 597- Updated upstream pull (596) to fix bug in ipa_webgui that was causing the UI to not start.- Included LICENSE and README in all packages for documentation - Move user-modifiable content to /etc/ipa and linked back to /usr/share/ipa/html - Changed some references to /usr to the {_usr} macro and /etc to {_sysconfdir} - Added popt-devel to BuildRequires for Fedora 8 and higher and popt for Fedora 7 - Package the egg-info for Fedora 9 and higher for ipa-python- Added auto* BuildRequires- Unified spec file- Fixed License in specfile - Include files from /usr/lib/python*/site-packages/ipaserver- Version bump for release- Preverse mode on ipa-keytab-util - Version bump for relase and rpm name change- Broke invididual Requires and BuildRequires onto separate lines and reordered them - Added python-tgexpandingformwidget as a dependency - Require at least fedora-ds-base 1.1- Version bump for release- Add dep for freeipa-admintools and acl- Add dependency for python-krbV- Require mod_nss-1.0.7-2 for mod_proxy fixes- Convert to autotools-based build* Fri Sep 7 2007 Karl MacMillan - 0.3.0-1 - Added support for libipa-dna-plugin- Added support for ipa_kpasswd and ipa_pwd_extop- Abstracted client class to work directly or over RPC- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires - Remove references to admin server in ipa-server-setupssl - Generate a client certificate for the XML-RPC server to connect to LDAP with - Create a keytab for Apache - Create an ldif with a test user - Provide a certmap.conf for doing SSL client authentication- Initial rpm version3.3.3-28.el7_0.13.3.3-28.el7_0.13.3.3-28.el7_0.1bash_completion.dipaipaipa-admintools-3.3.3COPYINGContributors.txtREADMEipa.1.gz/etc//etc/bash_completion.d//usr/bin//usr/share/doc//usr/share/doc/ipa-admintools-3.3.3//usr/share/man/man1/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=genericcpioxz2x86_64-redhat-linux-gnudirectoryASCII textPython script, ASCII text executablePascal source, ASCII textUTF-8 Unicode texttroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, from Unix, max compression)R?p7zXZ !#,KH^] b2u jӫ`(f`o|d*΃?o[8$@Ta:'Sm^ɳ0cV83xq-}FA#]kT>g PA`tM&#Xt񁹭a%֪qpj|GÓФ;R: 6(7yQp"4 ~JF6Vd8]-qS}]2.~C #kWQ9Up6j$HfŁL:H:l~7A6b(^pn/0ŻOGxN2W֕fl`wcLvJqvE,L F t{k3k:Tldi$ 1:^?Jac?(@gSkX'0/.k;qjEP uѠ!ӈsV k}2{XҀĤU2Eƒ?gwPN*9L$MiO_7b#v^#5 s\LBVrź#5}jR %V427"u%(sҝİp@*z  l}uq:j%Vg5YxT=mzuA9cTɟbjjFհ/ R,Dy^FqTHJ(]L%96zv*.#r2 [qۋue-X_oBGITN;4D㼱m-^ܪ'diq+Y#\>a/_koizx7aj]uwK}"w ;3K~cDɉsHKj"rנ-: µ>!s띕񆉎jcGV'spۼ8b6̀P'i=\MObtlIS]B=ZsY4D{~ -}. "HqK2 {DID 硉0ϠyY AZ/ CTb{&2 |\ */nUn)gh@m_uنaNʓqyhgzj]' @-^l77"iaq$!W"}xwՐL@,avb:ŬHVW@cAg<OV!}$@1=KzHDФ=.Dx6f8.\*/ bzJb4ٯqRypPǑ`O6B^] XM)i9!T1U4e1@ Y|=>ޜ%sGpleƴGM88qoKxfB%ʕb&Ѭ6Uț%6}V΃OcRgQg4`U0^%X؂Vm)u5>k ^ lqoʒaPAh64.щ]sTqC)nN]A>!17`n. 1w qmeb9"d+$r(Ɵ/9Vn6Hۺ_! 칄WAGwHm4-/QFoQ)k: ן3(lg eK [& M\fwMLndQ[J@dofD[=ug,eûY PAE+\4eL4DO=Z^A+ E܋OS&n>˃9GkՕF1"l 8 I Oq_콽{"@vF4 6Gl +b|mF{5grtA kUqY,~ZoU!,>72'5NY?왅(P<-34Ef4Vgֿ= B:Hk_2[2Z\!^yY s:R7OK yeLPvFϜ_TF+?ޡ:C8ٶQڱU2?XܓYnVK|hi ȁ@Y: %jøϭ'p9Յ* lbɵ\i($+)S@;^ QrL|/I,E 5j!Ҏ32MU4z(9J$Sxz 0$"6J3 I <ԪSc.I%G$ga Th9^X0#sjΓI[}.Z^k5SPGr (,2;hYc19iU`1W5NFĕHρj]L)~JaA[A$%nuIӈ%|RN$yފi#NPBgٕi)(ͽRI?q_xikCu|]D!}drW6eTm'FCz`;Crǘeh|keZ6g}Y(B3Bnت!H؋I 9&$ oP/Jr@ER #Mx^n(&rlCi I~DW] od2CŮ7J[ - d3jq]j$P-{ plRO_­8^GI 32jÎ -$v;b\C~wX98p _ʡU([hϏsJXl/*<¶Έ+E*$,˷bRRBDOk5wBOV5Μ )ƫ|QZe'wsж41y}ҾY6.3|9>-q}x+4̹(s*ۉ%f=,̙ɦu+پޑ{XHu[EVe6uzN?Ou.y5ӓI.=y:ƦpN1ВιTp= ċUJ/>me= kߡ!|܏fߩ$LnSYa1XD*I;Fd1pckfnBEμSW{p=惘"u1FL 4 K.k*\& 4-٧&~waKI8 Xa7—I>FDD$%%Rϴ/{JtDxVJxJ@W?V΂&ޤ}m$92ko>9y=3UFMМ콣ir+;Yedf-U=;eIy($MEE7aGzAZS&ΨMĞvt-IV} nQ4FdsØ2i16^=eM/mZ@ߜoi&e)lӸ\ugݾ =ޭQ3 B H H~wƧ*6ysآ9Ofn9FiTmVf zaЁfs_T/Zcoeֳk}dCYY[Yn{uoگh<0Gg=kވϿ1c48H0črK`/6I^%F"fns%MJ.CZ/B3`#ZÃk&f~ JH,;tr ߲k[f&@ٶK %ג'zc5" H9!9?E@wm=wzߵ|i uJ;WNv]vuP)ړ Uu”6dTR,mǚސ٪v,'R e\#%[:wѠOF4M|[Z~>/Yy8Ĉc_]M2üZWۜt_n8 _㦚b.!}@zkdN"S:(IrQ@ d{Q%PBW9cs֙yR^; !L FFO=_z*yi%9T4bE)f'n7w%K}~H$f-7_,m/~V/3OK%6eKh#uSneH՚gAPժ֌YD *2P9x+b[M8 o&G~NeSP3vDvȓ,绷Pg@|L`4e$53T$uvÚΧ#q$={K,j m0X,4?J>=n{ 7,@$|F%p QiҴ VMGUI&x} 95W'4)Gm'}1_*}KgtD)2'tiI >-\ώE7jQm47,P 7b+ը3z!ՖayckܢXJnK68:Ftowhgμ+@?ػ.V]M H&ith)z( %x]BfwOY`qaq58qN J=B.1 DO 3Z>"gS5Yudl<]9dBzG܋`M? $*[Aza'}@1H~ "O$rKEE?KC (ݖhzW5~U&&@Q xzscЕNF?AlFjlzّF%IXOM]0jSt!Zyh 9父6A:>S"ݵ6}b.HrQtFm[b*LF7B~X*> ٗjeG֘ԏ͎B8 @Vmü,6W *&""pr_Pg!ПЀX r7e/<)@` 3`x*cFqJ TmD2_ 0}]̮ϙ&LL)5Γ!BQ sLi :gckՌyGtq* K߱z`.Ls7ar]yr e ^bOq7$7ާ~}wȱV]9}L6 UZO>j!΃3i HaU~D mJbTS&6/ l OyQoh[6䞪?-,_X[+Hl!TL)u5JIlTujgO:i4 ئxB!7n8pYZ̨^ 7Ƣ j*"]1YF$I.*6B PSqP&`UQ_=DRG {a٭_mk b9s^V<Wz%0f%z=?'H"F@qoYl,`2Tà*9wKKG3 ;m^EڰlTK{T+ĭxX d?ڰH}?1WXj , Ŏ:hpq Rf HOu㍤Z@&B"M-s+A)fGס)I7t碀0e'!?0]`WK0;?j#j~Ul=:R1 IU RFgźk}^ (t~Q^=֒Ů51 :^zu%q췅*rEՕ0  cCx wW[t>lvȳEր=Wo: ]f|dm̹BFѾC7|~oZ~K+N!t0J4$I&7r}|qGEne`Uv_8ޏm0{Uڹ2Jҽ]*!(:ҚeW ^:VqC QU6ƍBM|'0s#]ȲQřN(~*g tû+LG MuQփYT/ǟE:$h l[H hk.&V ml؆Q>Fqmע\7A{B2Mtyћ1{$dVIw+G!R;ZaᬕF>,Zd}GR:v 3qf>֝:Av[-y`$%u,vS1i4\?S_4D B0[γޕ8Pw]X` ]W ϗpwvɯZPw%/ ES Aң$"L$GT 364G$Vq GQ}Ip:j+=;2ֱo4<Ab~iK# QO'słF] ] 7|yBΧ!r (JOl#-JYe7,<[B8t:m`>hhƥukV!i 杶v{?}^FNM}_qHb@.[cBkÜ&V">r9)pRcM_DCOV7F*xZ U-e*?( vbjY[Ne!= Ɯ_*IG+ ceF'2Q*dUSQBb-j<0MP!C!`U\LJ!ZoW:2qKL1-՛tLjaH$wGF*{ii]L*HJBa1hH iVӰ {ڢKó%×ïWɇFtf%6/t7y 9oW|"(s^S5!)+\13XO l*ewlCNTP33} MufI&J}bm8pv‹n(iH4Z,!d$sfo}R?*;ͺʫCX`m СF1Ϭ*%dN5[hh-yM;Xҩsq}cNFa46?Q 0P`bʱ&|7Wt.;{y: >Zt[u I'dLr*bS@ ,Q 9n~@XfDVhQt,R:c|yJNN5o>;۲KQ{җUMp_Oոz]M/"Y.m+9]^֭e#b}B7"cHze*1lynEyi7RZȷA8P%+ly_\|+exx[{saTGӬ|8B{bδDliWqCUi$y]ye$CFU$|[_Lk\TV]=o )ܕ%9Uw5ȏt9O0NI`-O.}Ͳ pVXv#xٔH?%=QSMzDpk+|m^4r- =~ nTDqЙ8@n#&:_M>7Dab0=yaqڃL)_재/.2<he*Ηw9T4ipu mzfjzDHq\JuAaxczWd3oÊ'h1#'rٿ||5 7|s<8)+-!hEs$so[c ;΄9\iw P:ڛ~S-pr:&K%TTa$8O :ԉ5t&N%-e!󜥛( %FLd+ƈd_H= ށ`j0)y)!IXr2`w-n/>4=lm+N]q/"~=9vmL+t_E1C38g j_ϑ Mv=7[i: o4OFYԓSI +9ׇ-4l12}QY~Dh3?4_tgX&c1E!melEgZ_^'Ӳ{S n10 !)jIN~aF SV"#av;I3ٿ^ySht1T$د EԼaz;|!5(wW.*Kۀ*]i*.<1DV0|4fJVkG0F/zK\R 1مUژZTYQOLhԣ֒/0$-iINGSqk]>_~H]Dz 0HfӉAE*1R$%O~o|Ir4"?N һvdx=a 2UT3m\B|r@Kf#.j*'B"1L(4OV,U p#`(qpnuq:+]x[ڑf&Oje,DzIdp!~d_wVJ9|3$3`! o* ͪsWG޴HTQVBu?LvgjZ$@w-VKp*L3OҀQcpRss ۙǢ⠍7*@P`mE5&W++wרL]f׆hm}3uWw =z^9x\zY)aڒ0cΗ' ""\sg(0 &íq P' d+7/ {Ȼ=ImhlG[k_ARp~x(oDr&9Qy&҈6!O|Z9mȳPQ1 !H4uw^?_4ȁ1m1aF/L7n}H#̱ K>U>f)iHPL+Ӻ&t꯹30;:;B(FY{8m$4D{萷2o. oB mԫfP3%c> S#J+6l[F^&FgN\-(ؖ$yO==u/fMV9N( וc{lϾvzmqM`ڴ}fU\T*w#]ea',}gp1}|0ٶ3,Q](3V3w@49 ;]AM$!Qu2=.o+R(WŤ8m6[rl.ieFʆg9pTc4$;T&bMqֆUܻYp (+cS..ptT JY+̚p= +(Ť \(& ];^VHdž/2FHo ˶u̳sC6?.1額q;âINM6>s+ta3hAڢO?0ZȰɭ 'b4 P5[R+ QեP2aWx -l@@' n7 -6o[ѷ?/6>~ {ϣ4*ff"x֤; Q<ʮ#t7&\0%}X3ݠ؜VO-WKcלUH,7fkيAmm$J 0OCv[cqũ%!쩠1VU|l{B:K֘#c( 6zNMA` ſ.vU`ɖ].DwL?s Ss PT!K(MEmu?\*&ba=?':}VѴ>S&K< 3kܛ(Uѽ~3""ΞGt(LĘQ*x'bR X2CQ:ni̼'PZn|뗳8s 55Ov5Wo*<,N*L ?!WxG/GpL GB|o^k*tJ:"0mm54݀1R{*r5]%If)WWJ|ٯvn7'ԓT?˙A<3ϽbL-ƒ[Sgwł;dۧD50D-S^vl J4 ߍq֋cfh66 NZnT(~xI/l(aخ0+a KJC>di (2=iU. '>^xtd]DT𱘣`ٴLAnTJM0h#xJ* 1MjJ glVҟ DpګGU|e]dKJ\"Q_򡥏`K@!XtklԎ|bZAw}@F/.nBgN24TS ^AlMC\+H)=A׷ Yb IŤDbe0IPkmy^eqOξBwЎ$tpJou-%nZK1eQu<`*1nP1~A.[g~4[w|F}\+ǩI#Q)ٖB)VW=-?v?I@֝f+A'JzW4÷)1^/4cY{2}w{\-A`OK8s2%kwG%$$J5^.YB)>L̀/zF]WEk*)ҩ% n4*(ݗkb~> SsI1(Ю'u}}5FI > އl`Sy%'Ut7Rv<_F/ͼNJơ@v=`Os`H)lnEAO y牴MⱅIsT5Ik~Mv>X3J=ub*[<@7l)M Jѿ:]Vyy 8a \C#:uPMKIRD ]arz.0/gְ_@N{TcŌk‴mt 6ip6#۴7J09`h2P YZ