diff options
| author | Petr Spacek <pspacek@redhat.com> | 2015-07-16 15:09:45 +0200 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-07-17 10:40:44 +0200 |
| commit | f1f3ef478d8d2786269a919bb428cb2ee5372ba6 (patch) | |
| tree | cadc5f2147e7f3c72b4ab0813d7265ced211dc32 /freeipa.spec.in | |
| parent | e5d179b5b96bba5048a05135693acc5507d38163 (diff) | |
| download | freeipa-f1f3ef478d8d2786269a919bb428cb2ee5372ba6.tar.gz freeipa-f1f3ef478d8d2786269a919bb428cb2ee5372ba6.tar.xz freeipa-f1f3ef478d8d2786269a919bb428cb2ee5372ba6.zip | |
Create server-dns sub-package.
This allows us to automatically pull in package bind-pkcs11
and thus create upgrade path for on CentOS 7.1 -> 7.2.
IPA previously had no requires on BIND packages and these had to be
installed manually before first ipa-dns-install run.
We need to pull additional bind-pkcs11 package during RPM upgrade
so ipa-dns-install cannot help with this.
https://fedorahosted.org/freeipa/ticket/4058
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Diffstat (limited to 'freeipa.spec.in')
| -rw-r--r-- | freeipa.spec.in | 50 |
1 files changed, 35 insertions, 15 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in index fabfaee61..fef20e1f7 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -170,19 +170,8 @@ Obsoletes: %{alt_name}-server < %{version} # entire SELinux policy is stored in the system policy Obsoletes: freeipa-server-selinux < 3.3.0 -# We have a soft-requires on bind. It is an optional part of -# IPA but if it is configured we need a way to require versions -# that work for us. -Conflicts: bind-dyndb-ldap < 6.0-4 -%if 0%{?fedora} >= 21 -Conflicts: bind < 9.9.6-3 -Conflicts: bind-utils < 9.9.6-3 -%else -Conflicts: bind < 9.9.4-21 -Conflicts: bind-utils < 9.9.4-21 -%endif -# DNSSEC -Conflicts: opendnssec < 1.4.6-4 +# upgrade path from monolithic -server to -server + -server-dns +Obsoletes: %{name}-server <= 4.2.0 # Versions of nss-pam-ldapd < 0.8.4 require a mapping from uniqueMember to # member. @@ -197,6 +186,35 @@ to install this package (in other words, most people should NOT install this package). +%package server-dns +Summary: IPA integrated DNS server with support for automatic DNSSEC signing +Group: System Environment/Base +Requires: %{name}-server = %{version}-%{release} +Requires: bind-dyndb-ldap >= 6.0-4 +%if 0%{?fedora} >= 21 +Requires: bind >= 9.9.6-3 +Requires: bind-utils >= 9.9.6-3 +Requires: bind-pkcs11 >= 9.9.6-3 +Requires: bind-pkcs11-utils >= 9.9.6-3 +%else +Requires: bind >= 9.9.4-21 +Requires: bind-utils >= 9.9.4-21 +Requires: bind-pkcs11 >= 9.9.4-21 +Requires: bind-pkcs11-utils >= 9.9.4-21 +%endif +Requires: opendnssec >= 1.4.6-4 + +Conflicts: %{alt_name}-server-dns +Obsoletes: %{alt_name}-server-dns < %{version} + +# upgrade path from monolithic -server to -server + -server-dns +Obsoletes: %{name}-server <= 4.2.0 + +%description server-dns +IPA integrated DNS server with support for automatic DNSSEC signing. +Integrated DNS server is BIND 9. OpenDNSSEC provides key management. + + %package server-trust-ad Summary: Virtual package to install packages required for Active Directory trusts Group: System Environment/Base @@ -683,7 +701,6 @@ fi %{_sbindir}/ipa-backup %{_sbindir}/ipa-restore %{_sbindir}/ipa-ca-install -%{_sbindir}/ipa-dns-install %{_sbindir}/ipa-kra-install %{_sbindir}/ipa-server-install %{_sbindir}/ipa-replica-conncheck @@ -857,7 +874,6 @@ fi %{_mandir}/man1/ipa-server-certinstall.1.gz %{_mandir}/man1/ipa-server-install.1.gz %{_mandir}/man1/ipa-server-upgrade.1.gz -%{_mandir}/man1/ipa-dns-install.1.gz %{_mandir}/man1/ipa-ca-install.1.gz %{_mandir}/man1/ipa-kra-install.1.gz %{_mandir}/man1/ipa-compat-manage.1.gz @@ -873,6 +889,10 @@ fi %{_mandir}/man1/ipa-cacert-manage.1.gz %{_mandir}/man1/ipa-winsync-migrate.1.gz +%files server-dns +%{_sbindir}/ipa-dns-install +%{_mandir}/man1/ipa-dns-install.1.gz + %files server-trust-ad %{_sbindir}/ipa-adtrust-install %{_usr}/share/ipa/smb.conf.empty |