Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian....@packages.debian.org
Usertags: pu
Please consider accepting the following changes for packages GOsa² in
jessie-proposed-updates.
+ * debian/patches:
After deployment of two Debian Edu sites based on Debian jessie, several
experiences have been made with GOsa² in Debian jessie that require some
post-release fixups:
+ + Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix
+ label stripping in GOsa²'s image() function. This fixes displaying the
+ insertDhcp* icon in the DHCP service plugin. (Closes: #794117).
It is not possible to insert DHCP subsections due to a bug in the image()
function of gosa-core. Patch 1009 resolves this.
+ + Add 2009_allow-Debian-blends-to-override-gosa-conf.patch. Allow
+ Debian blends to provide their own version of gosa.conf and not get
+ bugged by GOsa's notification message on gosa.conf template changes.
+ Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf
+ updates themselves. (Closes: #794118).
For Debian Edu (and Debian LAN), a special configVersion key value is
needed to suppress warning messages about changes of the gosa.conf
template (this happens whenever the gosa.conf template is updated in gosa
src:package). Such a change just occurred in a previous gosa upload to
jessie-pu (2.7.4+reloaded2-1+deb8u2) and GOsa² in Debian Edu / Debian LAN
should not be affected by such changes.
In debian-edu-config, the Debian Edu team wants to make use of this
special configVersion key value for Debian Edu jessie.
+ + Add 0004_fix-get-post.patch. Fix transferral of POST variables.
Nasty bug, fix cherry-picked from upstream.
+ + Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion
+ of items in "alternatives addresses" and "forward messages to
+ non-group members" for group mail objects. (LP:#1307483).
A fix for gosa-plugin-mail provided via Launchpad which should also
qualify for a jessie-pu.
+ + Add 0005_fix-password-expiry-status.patch. Fix expiration status
+ for passwords if shadowMax is used in POSIX/shadow accounts.
Cherry-picked from upstream. Relevant for correct display of account
expiration in Debian Edu.
+ + Add 1011_define-isPluginModified.patch. Fix undefined property
+ error for non-defined usertags::$isPluginModified. (Closes: #794690).
Fixes a PHP error bugging admins in /var/log/syslog on nearly every click
within the GOsa² WebUI.
+ + Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow
+ one-level domains in email addresses (such as <uid>@intern, as used
+ in Debian Edu by default). (Closes: #794738).
A fix required for Debian Edu. GOsa²'s is_email function expects mail
address of style u...@domain.tld. Debian Edu, though, uses mail addresses
of the form user@intern. Such addresses cannot be configured in Debian
jessie's GOsa² (but they should).
My general impression of GOsa² 2.7.4 is that it is rather buggy. The
upstream SVN repository contains +200 commits on top of 2.7.4, most of
them maintenance fixes (no new features). As GOsa² 2.7.4 is the core tool
in Debian Edu, please understand that there may be more jessie-pu
requests coming in the future. (I don't upload to patch-in all those +200
commits, but it may become necessary to backport some of them). Thanks.
light+love
Mike
-- System Information:
Debian Release: 8.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru gosa-2.7.4+reloaded2/debian/changelog gosa-2.7.4+reloaded2/debian/changelog
--- gosa-2.7.4+reloaded2/debian/changelog 2015-07-25 22:09:03.000000000 +0200
+++ gosa-2.7.4+reloaded2/debian/changelog 2015-08-24 21:24:28.000000000 +0200
@@ -1,3 +1,28 @@
+gosa (2.7.4+reloaded2-1+deb8u2) jessie-proposed-updates; urgency=medium
+
+ * debian/patches:
+ + Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix
+ label stripping in GOsa²'s image() function. This fixes displaying the
+ insertDhcp* icon in the DHCP service plugin. (Closes: #794117).
+ + Add 2009_allow-Debian-blends-to-override-gosa-conf.patch. Allow
+ Debian blends to provide their own version of gosa.conf and not get
+ bugged by GOsa's notification message on gosa.conf template changes.
+ Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf
+ updates themselves. (Closes: #794118).
+ + Add 0004_fix-get-post.patch. Fix transferral of POST variables.
+ + Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion
+ of items in "alternatives addresses" and "forward messages to
+ non-group members" for group mail objects. (LP:#1307483).
+ + Add 0005_fix-password-expiry-status.patch. Fix expiration status
+ for passwords if shadowMax is used in POSIX/shadow accounts.
+ + Add 1011_define-isPluginModified.patch. Fix undefined property
+ error for non-defined usertags::$isPluginModified. (Closes: #794690).
+ + Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow
+ one-level domains in email addresses (such as <uid>@intern, as used
+ in Debian Edu by default). (Closes: #794738).
+
+ -- Mike Gabriel <sunwea...@debian.org> Mon, 24 Aug 2015 21:23:29 +0200
+
gosa (2.7.4+reloaded2-1+deb8u1) jessie-proposed-updates; urgency=medium
* debian/patches:
diff -Nru gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch
--- gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,14 @@
+Description: Fix get_post for non-strings
+Origin: https://oss.gonicus.de/labs/gosa/changeset/21181/trunk
+
+--- a/gosa-core/include/functions.inc
++++ b/gosa-core/include/functions.inc
+@@ -2757,7 +2757,7 @@
+ } else {
+ $tmp = $_POST;
+ }
+- return($tmp);
++ return($tmp[$name]);
+ }else{
+
+ if(version_compare(PHP_VERSION, '5.4.0', '<') && get_magic_quotes_gpc()){
diff -Nru gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch
--- gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,14 @@
+Description: Fix expiration status when shadowMax is used
+Origin: https://oss.gonicus.de/labs/gosa/changeset/21241
+
+--- a/gosa-core/plugins/personal/posix/class_posixAccount.inc
++++ b/gosa-core/plugins/personal/posix/class_posixAccount.inc
+@@ -155,7 +155,7 @@
+ }
+ } elseif (($this->shadowLastChange + $this->shadowMin) >= $current){
+ $this->status= _("active").", "._("password not changeable");
+- } elseif (($this->shadowLastChange + $this->shadowMax) >= $current){
++ } elseif (($this->shadowLastChange + $this->shadowMax) <= $current){
+ $this->status= _("active").", "._("password expired");
+ } else {
+ $this->status= _("active");
diff -Nru gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch
--- gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch 2015-08-24 21:17:05.000000000 +0200
@@ -0,0 +1,62 @@
+Description: Fix label extraction from image paths
+Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de>
+Abstract:
+ The DHCP service plugin uses image() function calls like this kind:
+ .
+ $editImgIns = image('images/lists/element.png[new]', 'insertDhcp_%s', _("Insert new DHCP section"));
+ .
+ The "[new] part of the image file name is used for referencing the
+ style sheet of the image label.
+ .
+ The upstream version of the image function now does three things:
+ .
+ 1. Check if the image itself has a style sheet (if not, bail out).
+ ^^^^ Here the function bails out, as it cannot find a style sheet
+ for "element.png[new]". The label needs to be substracted first.
+
+ 2. Check if a label name has been appended to the image file name.
+ 3. If (2), check if the label style sheet exists (if not, die).
+ 4. If (3), then strip the "[<label>]" part from the file name.
+ .
+ We change this to:
+ 1. Check if a label name has been appended to the image file name.
+ (if so, substract that label name from the path name of the image).
+ 2. Check if the image itself has a style sheet (if not, bail out).
+ 3. Check if the label style sheet exist (if not, die).
+
+--- a/gosa-core/include/functions.inc
++++ b/gosa-core/include/functions.inc
+@@ -3576,16 +3576,19 @@
+ }
+ $styles= session::global_get('img-styles');
+
++ /* Extract labels from path */
++ preg_match("/(.*\.png)\[(.*)\]$/", $path, $matches);
++
++ if (count($matches) == 3) {
++ $path = $matches[1];
++ $label= $matches[2];
++ }
++
+ /* If there's nothing available, just return nothing */
+ if (!array_key_exists($path, $styles)) {
+ return "";
+ }
+
+- /* Extract labels from path */
+- if (preg_match("/\.png\[(.*)\]$/", $path, $matches)) {
+- $label= $matches[1];
+- }
+-
+ $lbl= "";
+ if ($label) {
+ if (isset($styles["images/label-".$label.".png"])) {
+@@ -3593,8 +3596,6 @@
+ } else {
+ die("Invalid label specified: $label\n");
+ }
+-
+- $path= preg_replace("/\[.*\]$/", "", $path);
+ }
+
+ // Non middle layout?
diff -Nru gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch
--- gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,30 @@
+Description: Fix entry removal in mail plugin
+Author: eannj <g...@brazcubas.br>
+Abstract:
+ Without this patch, it is not possible to remove entries from
+ "Alternative addresses" or from "Forward messages to non group members"
+ list in "mail" tab of group objects. One selects an address and press
+ "delete" but nothing happens, the page is refreshed but address entry
+ remains. The same operation succeeds for users. It fails only for group
+ objects. The attached patch fixes the issue.
+
+--- a/mail/admin/groups/mail/class_groupMail.inc
++++ b/mail/admin/groups/mail/class_groupMail.inc
+@@ -394,7 +394,7 @@
+ }
+ }
+ if (isset($_POST['delete_forwarder'])){
+- $this->delForwarder (get_post('forwarder_list'));
++ $this->delForwarder ($_POST('forwarder_list'));
+ }
+
+
+@@ -432,7 +432,7 @@
+ }
+ }
+ if (isset($_POST['delete_alternate']) && isset($_POST['alternates_list'])){
+- $this->delAlternate (get_post('alternates_list'));
++ $this->delAlternate ($_POST('alternates_list'));
+ }
+
+
\ No newline at end of file
diff -Nru gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch
--- gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,13 @@
+Description: Define undefined usertabs::$isPluginModified
+Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de>
+
+--- a/gosa-core/include/class_tabs.inc
++++ b/gosa-core/include/class_tabs.inc
+@@ -36,6 +36,7 @@
+ var $SubDialog = false;
+ var $acl_category;
+ var $multiple_support_active = FALSE;
++ var $isPluginModified = FALSE;
+
+ var $parent = null; // A parent object if available, e.g. a management class.
+
diff -Nru gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch
--- gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,22 @@
+Description: Allow one-level domains in email addresses
+Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de>
+Abstract:
+ Make it possible to use one-level domains in email address
+ (such as <uid>@intern) as commonly used in a Debian Edu
+ default installation.
+
+--- a/gosa-core/include/utils/class_tests.inc
++++ b/gosa-core/include/utils/class_tests.inc
+@@ -237,10 +237,10 @@
+ return (TRUE);
+ }
+ if ($template){
+- return preg_match ("/^[._a-z0-9{\[\]}%\+-]+@[_a-{}\[\]%z0-9-]+(\.[a-z0-9-]+)(\.[a-z0-9-]+)*$/i",
++ return preg_match ("/^[^0-9][a-zA-Z0-9_{\[\]}%]+([.][a-zA-Z0-9_{\[\]}%]\+-]+)*[@][a-zA-Z0-9_-{\[\]}%]+([.][a-zA-Z0-9_-{\[\]}%]+)*$/",
+ $address);
+ } else {
+- return preg_match ("/^[._a-z0-9\+-]+@[_a-z0-9-]+(\.[a-z0-9i-]+)(\.[a-z0-9-]+)*$/i",
++ return preg_match ("/^[^0-9][a-zA-Z0-9_\+-]+([.][a-zA-Z0-9_\+-]+)*[@][a-zA-Z0-9_-]+([.][a-zA-Z0-9_-]+)*$/",
+ $address);
+ }
+ }
diff -Nru gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch
--- gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch 1970-01-01 01:00:00.000000000 +0100
+++ gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch 2015-08-24 21:24:28.000000000 +0200
@@ -0,0 +1,27 @@
+Description: Debian Edu and Debian LAN take care of maintaining its own version of gosa.conf
+Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de>
+
+--- a/gosa-core/include/class_config.inc
++++ b/gosa-core/include/class_config.inc
+@@ -1124,6 +1124,21 @@
+ */
+ session::global_set("LastChecked",$this->config_version);
+
++ /* Debian Edu and Debian LAN take care of maintaining its own
++ version of gosa.conf.
++
++ Do not compare our gosa.conf template with the actual config
++ version in /etc/gosa/gosa.conf to avoid the misleading message
++ dialog asking the GOsa admin to re-run the GOsa setup. With
++ Debian Edu and Debian LAN, re-running the GOsa setup will
++ break GOsa for those setups.
++ */
++
++ // The below regexp is the PHP way of a <string>.startsWith() function...
++ if (preg_match('~'.preg_quote("Managed-by-Debian",'~').'~A', $this->config_version) > 0) {
++ return;
++ }
++
+ $current = md5(file_get_contents(CONFIG_TEMPLATE_DIR."/gosa.conf"));
+
+ /* Check contributed config version and current config version.
diff -Nru gosa-2.7.4+reloaded2/debian/patches/series gosa-2.7.4+reloaded2/debian/patches/series
--- gosa-2.7.4+reloaded2/debian/patches/series 2015-07-24 12:36:34.000000000 +0200
+++ gosa-2.7.4+reloaded2/debian/patches/series 2015-08-24 21:24:28.000000000 +0200
@@ -1,10 +1,16 @@
0001_smarty3.patch
0002_style-robustness.patch
0003_xss-vulnerability-on-login-screen.patch
+0004_fix-get-post.patch
+0005_fix-password-expiry-status.patch
1001_fix-mass-ldapimport.patch
1002_trim-decrypt.patch
1003_RequestHeader-no-underscores-apache24.patch
1004_fix-typos-in-man-pages.patch
+1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch
+1010_fix-entry-removal-in-mail-plugin.patch
+1011_define-isPluginModified.patch
+1012_allow-one-level-domains-in-email-addresses.patch
2001_fix-smarty-location.patch
2002_fix-template-location.patch
2003_fix-class-mapping.patch
@@ -13,3 +19,4 @@
2006_sasl-password-change.patch
2007_gen-uids-like-gosa26.patch
2008_enable-csv-import-on-clean-installs.patch
+2009_allow-Debian-blends-to-override-gosa-conf.patch
