Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package himmelblau for openSUSE:Factory checked in at 2024-11-26 20:55:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/himmelblau (Old) and /work/SRC/openSUSE:Factory/.himmelblau.new.28523 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "himmelblau" Tue Nov 26 20:55:40 2024 rev:19 rq:1226359 version:0.7.5+git.0.8f421b0 Changes: -------- --- /work/SRC/openSUSE:Factory/himmelblau/himmelblau.changes 2024-10-23 21:11:29.673736186 +0200 +++ /work/SRC/openSUSE:Factory/.himmelblau.new.28523/himmelblau.changes 2024-11-26 20:55:53.534417187 +0100 @@ -1,0 +2,101 @@ +Mon Nov 25 19:55:22 UTC 2024 - david.mul...@suse.com + +- Update to version 0.7.5+git.0.8f421b0: + * Version 0.7.5 + * Remove the org.samba.himmelblau dbus service + +------------------------------------------------------------------- +Mon Nov 25 17:26:11 UTC 2024 - david.mul...@suse.com + +- Update to version 0.7.4+git.0.d1291c6: + * Version 0.7.4 + * Fix missing dependency utf8proc_NFKC_Casefold + * Package Siemens Linux Entra SSO for Himmelblau + * Add SLE15SP6 packaging + * Add Fedora 41 packaging + * Add Fedora Rawhide packaging + * The tasks daemon needs /etc/groups write access + * Version 0.7.3 + * Increase the cache timeout to 5 minutes + * Always fetch and cache the graph url + +------------------------------------------------------------------- +Mon Nov 25 14:45:36 UTC 2024 - david.mul...@suse.com + +- Update to version 0.7.2+git.0.c76ac0e: + * Version 0.7.2 + * Hello support depends on openssl3 + * Version 0.7.1 + * Fix sshd rpm depends + * Resolve RPM dependencies automatically + * Revert "deps(rust): update notify-debouncer-full requirement from 0.3 to 0.4" + * Add openSUSE Tumbleweed packaging + * Fix RPM packaging placement of systemd files + * Remove the failed attempt at debian packaging + * Add stable-0.7.x to CI workflows + * deps(rust): update utoipa requirement from 4.0.0 to 4.2.0 + * deps(rust): update hashbrown requirement from 0.14.0 to 0.15.1 + * Remove missing feature causing warnings + * deps(rust): update notify-debouncer-full requirement from 0.3 to 0.4 + * Specify scopes when making an SSO request + * Implement logon script for ensuring compliance + * Option for adding Entra Id users to local groups + * Configure EL sshd with ChallengeResponseAuthentication yes + * Add rocky 8 packaging + * Add RPM packaging for EL9 + * Modify Ubuntu defaults to fix snaps + * Resolve Libreoffice fails to start on Ubuntu + * Minor formatting fix + * Revert RwLock -> Arc<Mutex> change in idmap + * Ignore broker scopes requests for now + * Ensure every file specifies the proper license + * postinst should not fail on patch or apparmor update + * Install pam module to additional location via make + * Add sshd config to the Makefile + * Don't use sudo in postinst/postrm scripts for deb + * PAM should be placed first in the stack + * Add the libutf8proc-dev dep for deb + * Match the object ID of the fake user and group + * Make it possible to stop the broker service + * Move sshd config into it's own debian package + * Allow the graph to start w/out network + * Add hello_pin_min_length conf option + * Don't attempt SFA fallback if AADSTSError + * Have libhimmelblau handle the DAG fallback + * Add a warning to user that SSH needs restarted + * Ensure local users are ignored when CN mapping + * Ensure DAG is rejected if lifetime expires + * Rework the poll logic to resolve timeout issues + * Add a sshd soft depends for the deb package + * CN name mapping in PAM and NSS + * Make CN an optional home directory attribute + * Remove the sssd build dependencies + * Configuration patches for himmelblau on Debian + * Simplify PAM get_item_string calls + * Bug in pam which needs defended against + * Fix deb build by adding Broker service file + * WIP: Install Ubuntu unix-chkpwd apparmor deps + * Ensure make install places pam_himmelblau correctly + * Add Ubuntu pam-config for pam_himmelblau + * Never return Err(PAM_SUCCESS) from get_user + * Never return the Pam result from get_user() + * Revert "Speed up nss requests w/out auth attempt" + * Speed up nss requests w/out auth attempt + * Fix some broker responses + * Fixes for the dbus broker + * Attempt to fix the cargo version in launchpad build + * Makefile typo fixes + * Version 0.7.0 + * Add libdbus-1-dev dep + * Improve the README installation instructions + * Add `make install` command + * Improve Debian/Ubuntu install instructions + * Fix tag push permissions for tag-version workflow + * Add a version check script + * Remove the rustc dependency, breaking rustup + * Add a debug option to the config + * DBus requires that the service file match the name + * Add a pam option for the OpenSSH 2876 workaround + * Update to the latest libhimmelblau + +------------------------------------------------------------------- Old: ---- himmelblau-0.6.14+git.0.bbda0b6.tar.bz2 New: ---- himmelblau-0.7.5+git.0.8f421b0.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ himmelblau.spec ++++++ --- /var/tmp/diff_new_pack.0vFcvr/_old 2024-11-26 20:55:56.014520214 +0100 +++ /var/tmp/diff_new_pack.0vFcvr/_new 2024-11-26 20:55:56.030520879 +0100 @@ -17,11 +17,11 @@ Name: himmelblau -Version: 0.6.14+git.0.bbda0b6 +Version: 0.7.5+git.0.8f421b0 Release: 0 -Summary: Interoperability suite for Microsoft Azure AD and Intune +Summary: Interoperability suite for Microsoft Azure Entra Id License: GPL-3.0-or-later -URL: https://github.com/openSUSE/himmelblau +URL: https://github.com/himmelblau-idm/himmelblau Group: Productivity/Networking/Security Source: %{name}-%{version}.tar.bz2 Source1: vendor.tar.zst @@ -30,6 +30,7 @@ BuildRequires: cargo BuildRequires: cargo-packaging BuildRequires: clang-devel +BuildRequires: dbus-1-devel BuildRequires: krb5-devel BuildRequires: libcap-devel BuildRequires: libclang13 @@ -43,31 +44,35 @@ BuildRequires: pcre2-devel BuildRequires: sqlite3-devel BuildRequires: tpm2-0-tss-devel +BuildRequires: utf8proc-devel ExclusiveArch: %{rust_tier1_arches} Recommends: libnss_himmelblau2 Recommends: pam-himmelblau Provides: aad-cli Provides: aad-common +Suggests: himmelblau-sso +# This is necessary to prevent users from installing Himmelblau along side +# Microsoft's Broker, as these will conflict. +Provides: microsoft-identity-broker %description -Himmelblau is an interoperability suite for Microsoft Azure AD and -Intune, which allows users to sign into a Linux machine using Azure -Active Directory credentials. It relies on the Microsoft -Authentication Library to communicate with the Microsoft service. +Himmelblau is an interoperability suite for Microsoft Azure Entra Id, +which allows users to sign into a Linux machine using Azure +Entra Id credentials. %package -n pam-himmelblau -Summary: Azure AD authentication PAM module +Summary: Azure Entra Id authentication PAM module Requires: %{name} = %{version} Provides: libpam-aad +Suggests: himmelblau-sshd-config %description -n pam-himmelblau -Himmelblau is an interoperability suite for Microsoft Azure AD and -Intune, which allows users to sign into a Linux machine using Azure -Active Directory credentials. It relies on the Microsoft -Authentication Library to communicate with the Microsoft service. +Himmelblau is an interoperability suite for Microsoft Azure Entra Id, +which allows users to sign into a Linux machine using Azure +Entra Id credentials. %package -n libnss_himmelblau2 -Summary: Azure AD authentication NSS module +Summary: Azure Entra Id authentication NSS module Requires(post): /sbin/ldconfig Requires(postun): /sbin/ldconfig Requires: %{name} @@ -75,10 +80,33 @@ Provides: nss-himmelblau %description -n libnss_himmelblau2 -Himmelblau is an interoperability suite for Microsoft Azure AD and -Intune, which allows users to sign into a Linux machine using Azure -Active Directory credentials. It relies on the Microsoft -Authentication Library to communicate with the Microsoft service. +Himmelblau is an interoperability suite for Microsoft Azure Entra Id, +which allows users to sign into a Linux machine using Azure +Entra Id credentials. + +%package -n himmelblau-sshd-config +Summary: Azure Entra Id SSHD Configuration +Requires: %{name} = %{version} +Requires: openssh-server +BuildRequires: openssh-server +BuildArch: noarch + +%description -n himmelblau-sshd-config +Himmelblau is an interoperability suite for Microsoft Azure Entra Id, +which allows users to sign into a Linux machine using Azure +Entra Id credentials. + +%package -n himmelblau-sso +Summary: Azure Entra Id Firefox SSO Configuration +Requires: %{name} = %{version} +Requires: MozillaFirefox +Requires: python3-pydbus +Provides: linux-entra-sso + +%description -n himmelblau-sso +Himmelblau is an interoperability suite for Microsoft Azure Entra Id, +which allows users to sign into a Linux machine using Azure +Entra Id credentials. %post -n libnss_himmelblau2 -p /sbin/ldconfig %postun -n libnss_himmelblau2 -p /sbin/ldconfig @@ -108,11 +136,14 @@ install -D -d -m 0755 %{buildroot}%{_sbindir} strip --strip-unneeded target/release/himmelblaud strip --strip-unneeded target/release/himmelblaud_tasks +strip --strip-unneeded target/release/broker install -m 0755 target/release/himmelblaud %{buildroot}/%{_sbindir} install -m 0755 target/release/himmelblaud_tasks %{buildroot}/%{_sbindir} +install -m 0755 target/release/broker %{buildroot}/%{_sbindir} pushd %{buildroot}%{_sbindir} ln -s himmelblaud rchimmelblaud ln -s himmelblaud_tasks rchimmelblaud_tasks +ln -s broker rcbroker popd install -D -d -m 0755 %{buildroot}%{_bindir} strip --strip-unneeded target/release/aad-tool @@ -120,6 +151,18 @@ install -D -d -m 0755 %{buildroot}%{_unitdir} install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/himmelblaud.service %{buildroot}%{_unitdir}/himmelblaud.service install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/himmelblaud-tasks.service %{buildroot}%{_unitdir}/himmelblaud-tasks.service +install -D -d -m 0755 %{buildroot}%{_datarootdir}/dbus-1/services +install -m 0644 %{_builddir}/%{name}-%{version}/platform/opensuse/com.microsoft.identity.broker1.service %{buildroot}%{_datarootdir}/dbus-1/services/ +install -D -d -m 0755 %{buildroot}%{_sysconfdir}/ssh/sshd_config.d +install -m 0644 %{_builddir}/%{name}-%{version}/platform/el/sshd_config %{buildroot}%{_sysconfdir}/ssh/sshd_config.d/himmelblau.conf + +# Firefox Single Sign On +install -m 0755 %{_builddir}/%{name}-%{version}/src/sso/src/linux-entra-sso.py %{buildroot}/%{_bindir}/linux-entra-sso +sed -i 's/#!\/usr\/bin\/env python3/#!\/usr\/bin\/python3/' %{buildroot}/%{_bindir}/linux-entra-sso +install -D -d -m 0755 %{buildroot}%{_libdir}/mozilla/native-messaging-hosts +install -m 0644 %{_builddir}/%{name}-%{version}/src/sso/src/firefox/linux_entra_sso.json %{buildroot}%{_libdir}/mozilla/native-messaging-hosts/ +install -D -d -m 0755 %{buildroot}%{_sysconfdir}/firefox/policies +install -m 0644 %{_builddir}/%{name}-%{version}/src/sso/src/firefox/policies.json %{buildroot}%{_sysconfdir}/firefox/policies/ %pre %service_add_pre himmelblaud.service himmelblaud-tasks.service @@ -135,14 +178,17 @@ %files %dir %{_sysconfdir}/himmelblau -%config %{_sysconfdir}/himmelblau/himmelblau.conf +%config(noreplace) %{_sysconfdir}/himmelblau/himmelblau.conf %{_sbindir}/himmelblaud %{_sbindir}/rchimmelblaud %{_sbindir}/himmelblaud_tasks %{_sbindir}/rchimmelblaud_tasks +%{_sbindir}/broker +%{_sbindir}/rcbroker %{_bindir}/aad-tool %{_unitdir}/himmelblaud.service %{_unitdir}/himmelblaud-tasks.service +%{_datarootdir}/dbus-1/services/com.microsoft.identity.broker1.service %files -n libnss_himmelblau2 %{_libdir}/libnss_%{name}.so.* @@ -150,3 +196,15 @@ %files -n pam-himmelblau %{_pam_moduledir}/pam_%{name}.so +%files -n himmelblau-sshd-config +%config %{_sysconfdir}/ssh/sshd_config.d/himmelblau.conf + +%files -n himmelblau-sso +%{_bindir}/linux-entra-sso +%dir %{_libdir}/mozilla +%dir %{_libdir}/mozilla/native-messaging-hosts +%{_libdir}/mozilla/native-messaging-hosts/linux_entra_sso.json +%dir %{_sysconfdir}/firefox +%dir %{_sysconfdir}/firefox/policies +%config %{_sysconfdir}/firefox/policies/policies.json + ++++++ _service ++++++ --- /var/tmp/diff_new_pack.0vFcvr/_old 2024-11-26 20:55:56.270530849 +0100 +++ /var/tmp/diff_new_pack.0vFcvr/_new 2024-11-26 20:55:56.298532012 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/himmelblau-idm/himmelblau.git</param> <param name="scm">git</param> - <param name="revision">stable-0.6.x</param> + <param name="revision">stable-0.7.x</param> <param name="versionformat">@PARENT_TAG@+git.@TAG_OFFSET@.%h</param> <param name="versionrewrite-pattern">himmelblau-(.*)</param> <param name="versionrewrite-replacement">\1</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.0vFcvr/_old 2024-11-26 20:55:56.526541484 +0100 +++ /var/tmp/diff_new_pack.0vFcvr/_new 2024-11-26 20:55:56.578543644 +0100 @@ -3,6 +3,6 @@ <param name="url">https://github.com/openSUSE/himmelblau.git</param> <param name="changesrevision">6d2f6450ff3c0c945a884d4b35307e03a035a581</param></service><service name="tar_scm"> <param name="url">https://github.com/himmelblau-idm/himmelblau.git</param> - <param name="changesrevision">bbda0b636e884701747931a3ae3997f63658ae16</param></service></servicedata> + <param name="changesrevision">8f421b0aabce57ee6cbfa712eb5875b3c9949601</param></service></servicedata> (No newline at EOF) ++++++ himmelblau-0.6.14+git.0.bbda0b6.tar.bz2 -> himmelblau-0.7.5+git.0.8f421b0.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/himmelblau/himmelblau-0.6.14+git.0.bbda0b6.tar.bz2 /work/SRC/openSUSE:Factory/.himmelblau.new.28523/himmelblau-0.7.5+git.0.8f421b0.tar.bz2 differ: char 11, line 1 ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/himmelblau/vendor.tar.zst /work/SRC/openSUSE:Factory/.himmelblau.new.28523/vendor.tar.zst differ: char 28055, line 112
