From c08296adff58517934b3ea3e4a6581b55fbc2d0c Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 10 Jan 2012 22:39:26 -0500
Subject: Configure s4u2proxy during installation.

This creates a new container, cn=s4u2proxy,cn=etc,$SUFFIX

Within that container we control which services are allowed to
delegate tickets for other services. Right now that is limited
from the IPA HTTP to ldap services.

Requires a version of mod_auth_kerb that supports s4u2proxy

https://fedorahosted.org/freeipa/ticket/1098
---
 freeipa.spec.in | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'freeipa.spec.in')

diff --git a/freeipa.spec.in b/freeipa.spec.in
index 46aefe1f..05e1a1a2 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -103,7 +103,7 @@ Requires: cyrus-sasl-gssapi%{?_isa}
 Requires: ntp
 Requires: httpd
 Requires: mod_wsgi
-Requires: mod_auth_kerb
+Requires: mod_auth_kerb >= 5.4-9
 Requires: mod_nss >= 1.0.8-10
 Requires: python-ldap
 Requires: python-krbV
@@ -621,6 +621,9 @@ fi
 %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf
 
 %changelog
+* Wed Jan 11 2012 Rob Crittenden <rcritten@redhat.com> - 2.99.0-14
+- Set min for mod_auth_kerb to 5.4-9 to pick up s4u2proxy support
+
 * Fri Dec 9 2011 Alexander Bokovoy <abokovoy@redhat.com> - 2.99.0-13
 - Fix dependency for samba4-devel package
 
-- 
cgit