Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu
Please consider accepting the following changes for packages GOsa² in jessie-proposed-updates. + * debian/patches: After deployment of two Debian Edu sites based on Debian jessie, several experiences have been made with GOsa² in Debian jessie that require some post-release fixups: + + Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix + label stripping in GOsa²'s image() function. This fixes displaying the + insertDhcp* icon in the DHCP service plugin. (Closes: #794117). It is not possible to insert DHCP subsections due to a bug in the image() function of gosa-core. Patch 1009 resolves this. + + Add 2009_allow-Debian-blends-to-override-gosa-conf.patch. Allow + Debian blends to provide their own version of gosa.conf and not get + bugged by GOsa's notification message on gosa.conf template changes. + Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf + updates themselves. (Closes: #794118). For Debian Edu (and Debian LAN), a special configVersion key value is needed to suppress warning messages about changes of the gosa.conf template (this happens whenever the gosa.conf template is updated in gosa src:package). Such a change just occurred in a previous gosa upload to jessie-pu (2.7.4+reloaded2-1+deb8u2) and GOsa² in Debian Edu / Debian LAN should not be affected by such changes. In debian-edu-config, the Debian Edu team wants to make use of this special configVersion key value for Debian Edu jessie. + + Add 0004_fix-get-post.patch. Fix transferral of POST variables. Nasty bug, fix cherry-picked from upstream. + + Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion + of items in "alternatives addresses" and "forward messages to + non-group members" for group mail objects. (LP:#1307483). A fix for gosa-plugin-mail provided via Launchpad which should also qualify for a jessie-pu. + + Add 0005_fix-password-expiry-status.patch. Fix expiration status + for passwords if shadowMax is used in POSIX/shadow accounts. Cherry-picked from upstream. Relevant for correct display of account expiration in Debian Edu. + + Add 1011_define-isPluginModified.patch. Fix undefined property + error for non-defined usertags::$isPluginModified. (Closes: #794690). Fixes a PHP error bugging admins in /var/log/syslog on nearly every click within the GOsa² WebUI. + + Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow + one-level domains in email addresses (such as <uid>@intern, as used + in Debian Edu by default). (Closes: #794738). A fix required for Debian Edu. GOsa²'s is_email function expects mail address of style u...@domain.tld. Debian Edu, though, uses mail addresses of the form user@intern. Such addresses cannot be configured in Debian jessie's GOsa² (but they should). My general impression of GOsa² 2.7.4 is that it is rather buggy. The upstream SVN repository contains +200 commits on top of 2.7.4, most of them maintenance fixes (no new features). As GOsa² 2.7.4 is the core tool in Debian Edu, please understand that there may be more jessie-pu requests coming in the future. (I don't upload to patch-in all those +200 commits, but it may become necessary to backport some of them). Thanks. light+love Mike -- System Information: Debian Release: 8.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
diff -Nru gosa-2.7.4+reloaded2/debian/changelog gosa-2.7.4+reloaded2/debian/changelog --- gosa-2.7.4+reloaded2/debian/changelog 2015-07-25 22:09:03.000000000 +0200 +++ gosa-2.7.4+reloaded2/debian/changelog 2015-08-24 21:24:28.000000000 +0200 @@ -1,3 +1,28 @@ +gosa (2.7.4+reloaded2-1+deb8u2) jessie-proposed-updates; urgency=medium + + * debian/patches: + + Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix + label stripping in GOsa²'s image() function. This fixes displaying the + insertDhcp* icon in the DHCP service plugin. (Closes: #794117). + + Add 2009_allow-Debian-blends-to-override-gosa-conf.patch. Allow + Debian blends to provide their own version of gosa.conf and not get + bugged by GOsa's notification message on gosa.conf template changes. + Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf + updates themselves. (Closes: #794118). + + Add 0004_fix-get-post.patch. Fix transferral of POST variables. + + Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion + of items in "alternatives addresses" and "forward messages to + non-group members" for group mail objects. (LP:#1307483). + + Add 0005_fix-password-expiry-status.patch. Fix expiration status + for passwords if shadowMax is used in POSIX/shadow accounts. + + Add 1011_define-isPluginModified.patch. Fix undefined property + error for non-defined usertags::$isPluginModified. (Closes: #794690). + + Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow + one-level domains in email addresses (such as <uid>@intern, as used + in Debian Edu by default). (Closes: #794738). + + -- Mike Gabriel <sunwea...@debian.org> Mon, 24 Aug 2015 21:23:29 +0200 + gosa (2.7.4+reloaded2-1+deb8u1) jessie-proposed-updates; urgency=medium * debian/patches: diff -Nru gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch --- gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/0004_fix-get-post.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,14 @@ +Description: Fix get_post for non-strings +Origin: https://oss.gonicus.de/labs/gosa/changeset/21181/trunk + +--- a/gosa-core/include/functions.inc ++++ b/gosa-core/include/functions.inc +@@ -2757,7 +2757,7 @@ + } else { + $tmp = $_POST; + } +- return($tmp); ++ return($tmp[$name]); + }else{ + + if(version_compare(PHP_VERSION, '5.4.0', '<') && get_magic_quotes_gpc()){ diff -Nru gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch --- gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/0005_fix-password-expiry-status.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,14 @@ +Description: Fix expiration status when shadowMax is used +Origin: https://oss.gonicus.de/labs/gosa/changeset/21241 + +--- a/gosa-core/plugins/personal/posix/class_posixAccount.inc ++++ b/gosa-core/plugins/personal/posix/class_posixAccount.inc +@@ -155,7 +155,7 @@ + } + } elseif (($this->shadowLastChange + $this->shadowMin) >= $current){ + $this->status= _("active").", "._("password not changeable"); +- } elseif (($this->shadowLastChange + $this->shadowMax) >= $current){ ++ } elseif (($this->shadowLastChange + $this->shadowMax) <= $current){ + $this->status= _("active").", "._("password expired"); + } else { + $this->status= _("active"); diff -Nru gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch --- gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch 2015-08-24 21:17:05.000000000 +0200 @@ -0,0 +1,62 @@ +Description: Fix label extraction from image paths +Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> +Abstract: + The DHCP service plugin uses image() function calls like this kind: + . + $editImgIns = image('images/lists/element.png[new]', 'insertDhcp_%s', _("Insert new DHCP section")); + . + The "[new] part of the image file name is used for referencing the + style sheet of the image label. + . + The upstream version of the image function now does three things: + . + 1. Check if the image itself has a style sheet (if not, bail out). + ^^^^ Here the function bails out, as it cannot find a style sheet + for "element.png[new]". The label needs to be substracted first. + + 2. Check if a label name has been appended to the image file name. + 3. If (2), check if the label style sheet exists (if not, die). + 4. If (3), then strip the "[<label>]" part from the file name. + . + We change this to: + 1. Check if a label name has been appended to the image file name. + (if so, substract that label name from the path name of the image). + 2. Check if the image itself has a style sheet (if not, bail out). + 3. Check if the label style sheet exist (if not, die). + +--- a/gosa-core/include/functions.inc ++++ b/gosa-core/include/functions.inc +@@ -3576,16 +3576,19 @@ + } + $styles= session::global_get('img-styles'); + ++ /* Extract labels from path */ ++ preg_match("/(.*\.png)\[(.*)\]$/", $path, $matches); ++ ++ if (count($matches) == 3) { ++ $path = $matches[1]; ++ $label= $matches[2]; ++ } ++ + /* If there's nothing available, just return nothing */ + if (!array_key_exists($path, $styles)) { + return ""; + } + +- /* Extract labels from path */ +- if (preg_match("/\.png\[(.*)\]$/", $path, $matches)) { +- $label= $matches[1]; +- } +- + $lbl= ""; + if ($label) { + if (isset($styles["images/label-".$label.".png"])) { +@@ -3593,8 +3596,6 @@ + } else { + die("Invalid label specified: $label\n"); + } +- +- $path= preg_replace("/\[.*\]$/", "", $path); + } + + // Non middle layout? diff -Nru gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch --- gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/1010_fix-entry-removal-in-mail-plugin.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,30 @@ +Description: Fix entry removal in mail plugin +Author: eannj <g...@brazcubas.br> +Abstract: + Without this patch, it is not possible to remove entries from + "Alternative addresses" or from "Forward messages to non group members" + list in "mail" tab of group objects. One selects an address and press + "delete" but nothing happens, the page is refreshed but address entry + remains. The same operation succeeds for users. It fails only for group + objects. The attached patch fixes the issue. + +--- a/mail/admin/groups/mail/class_groupMail.inc ++++ b/mail/admin/groups/mail/class_groupMail.inc +@@ -394,7 +394,7 @@ + } + } + if (isset($_POST['delete_forwarder'])){ +- $this->delForwarder (get_post('forwarder_list')); ++ $this->delForwarder ($_POST('forwarder_list')); + } + + +@@ -432,7 +432,7 @@ + } + } + if (isset($_POST['delete_alternate']) && isset($_POST['alternates_list'])){ +- $this->delAlternate (get_post('alternates_list')); ++ $this->delAlternate ($_POST('alternates_list')); + } + + \ No newline at end of file diff -Nru gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch --- gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/1011_define-isPluginModified.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,13 @@ +Description: Define undefined usertabs::$isPluginModified +Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> + +--- a/gosa-core/include/class_tabs.inc ++++ b/gosa-core/include/class_tabs.inc +@@ -36,6 +36,7 @@ + var $SubDialog = false; + var $acl_category; + var $multiple_support_active = FALSE; ++ var $isPluginModified = FALSE; + + var $parent = null; // A parent object if available, e.g. a management class. + diff -Nru gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch --- gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/1012_allow-one-level-domains-in-email-addresses.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,22 @@ +Description: Allow one-level domains in email addresses +Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> +Abstract: + Make it possible to use one-level domains in email address + (such as <uid>@intern) as commonly used in a Debian Edu + default installation. + +--- a/gosa-core/include/utils/class_tests.inc ++++ b/gosa-core/include/utils/class_tests.inc +@@ -237,10 +237,10 @@ + return (TRUE); + } + if ($template){ +- return preg_match ("/^[._a-z0-9{\[\]}%\+-]+@[_a-{}\[\]%z0-9-]+(\.[a-z0-9-]+)(\.[a-z0-9-]+)*$/i", ++ return preg_match ("/^[^0-9][a-zA-Z0-9_{\[\]}%]+([.][a-zA-Z0-9_{\[\]}%]\+-]+)*[@][a-zA-Z0-9_-{\[\]}%]+([.][a-zA-Z0-9_-{\[\]}%]+)*$/", + $address); + } else { +- return preg_match ("/^[._a-z0-9\+-]+@[_a-z0-9-]+(\.[a-z0-9i-]+)(\.[a-z0-9-]+)*$/i", ++ return preg_match ("/^[^0-9][a-zA-Z0-9_\+-]+([.][a-zA-Z0-9_\+-]+)*[@][a-zA-Z0-9_-]+([.][a-zA-Z0-9_-]+)*$/", + $address); + } + } diff -Nru gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch --- gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch 1970-01-01 01:00:00.000000000 +0100 +++ gosa-2.7.4+reloaded2/debian/patches/2009_allow-Debian-blends-to-override-gosa-conf.patch 2015-08-24 21:24:28.000000000 +0200 @@ -0,0 +1,27 @@ +Description: Debian Edu and Debian LAN take care of maintaining its own version of gosa.conf +Author: Mike Gabriel <mike.gabr...@das-netzwerkteam.de> + +--- a/gosa-core/include/class_config.inc ++++ b/gosa-core/include/class_config.inc +@@ -1124,6 +1124,21 @@ + */ + session::global_set("LastChecked",$this->config_version); + ++ /* Debian Edu and Debian LAN take care of maintaining its own ++ version of gosa.conf. ++ ++ Do not compare our gosa.conf template with the actual config ++ version in /etc/gosa/gosa.conf to avoid the misleading message ++ dialog asking the GOsa admin to re-run the GOsa setup. With ++ Debian Edu and Debian LAN, re-running the GOsa setup will ++ break GOsa for those setups. ++ */ ++ ++ // The below regexp is the PHP way of a <string>.startsWith() function... ++ if (preg_match('~'.preg_quote("Managed-by-Debian",'~').'~A', $this->config_version) > 0) { ++ return; ++ } ++ + $current = md5(file_get_contents(CONFIG_TEMPLATE_DIR."/gosa.conf")); + + /* Check contributed config version and current config version. diff -Nru gosa-2.7.4+reloaded2/debian/patches/series gosa-2.7.4+reloaded2/debian/patches/series --- gosa-2.7.4+reloaded2/debian/patches/series 2015-07-24 12:36:34.000000000 +0200 +++ gosa-2.7.4+reloaded2/debian/patches/series 2015-08-24 21:24:28.000000000 +0200 @@ -1,10 +1,16 @@ 0001_smarty3.patch 0002_style-robustness.patch 0003_xss-vulnerability-on-login-screen.patch +0004_fix-get-post.patch +0005_fix-password-expiry-status.patch 1001_fix-mass-ldapimport.patch 1002_trim-decrypt.patch 1003_RequestHeader-no-underscores-apache24.patch 1004_fix-typos-in-man-pages.patch +1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch +1010_fix-entry-removal-in-mail-plugin.patch +1011_define-isPluginModified.patch +1012_allow-one-level-domains-in-email-addresses.patch 2001_fix-smarty-location.patch 2002_fix-template-location.patch 2003_fix-class-mapping.patch @@ -13,3 +19,4 @@ 2006_sasl-password-change.patch 2007_gen-uids-like-gosa26.patch 2008_enable-csv-import-on-clean-installs.patch +2009_allow-Debian-blends-to-override-gosa-conf.patch