Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

google-compute-engine-oslogin-20190801-lp152.5.4.1 RPM for ppc64le

From OpenSuSE Ports Leap 15.2 updates for ppc64le

Name: google-compute-engine-oslogin Distribution: openSUSE Leap 15.2
Version: 20190801 Vendor: openSUSE
Release: lp152.5.4.1 Build date: Thu Jul 16 18:05:39 2020
Group: System/Daemons Build host: obs-power9-06
Size: 4759111 Source RPM: google-compute-engine-20190801-lp152.5.4.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://github.com/GoogleCloudPlatform/compute-image-packages
Summary: OS Login Functionality for Google Compute Engine
Libraries and scripts  to enable OS Login functionality for
Google Compute Engine. Modifies sshd, nsswitch, and sshd_pam configurations.

Provides

Requires

License

Apache-2.0

Changelog

* Sat Jun 20 2020 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Don't enable and start google-network-daemon.service when it's
    already installed (bsc#1169978)
* Tue Apr 28 2020 Robert Schweikert <rjschwei@suse.com>
  - Add gceosl-no-def-sysgrps.patch (bsc#1170719, bsc#1170720)
    + Do not add the created user to the adm (CVE-2020-8903),
      docker (CVE-2020-8907), or lxd (CVE-2020-8933) groups
      if they exist (bsc#1173258)
* Wed Apr 08 2020 Robert Schweikert <rjschwei@suse.com>
  - Rename the sysctl file that applies the GCE network settings (bsc#1167810)
    + The file 11-gce-network-security.conf applies network configuration
      settings. Specifically the value for net.ipv4.conf.all.rp_filter is also
      part of the system defaults in /usr/lib/sysctl.d/50-default.conf and thus
      the default setting was applied, instead of the desired setting. As
      50-default is processed after 11-gce-network-security.
* Tue Oct 22 2019 Robert Schweikert <rjschwei@suse.com>
  - Add gcei-waitlimit-dns.patch (bsc#1151398)
    + Add a wait limit to retrying DNS resolution to avoid a forever loop
* Tue Sep 17 2019 Robert Schweikert <rjschwei@suse.com>
  - Fix file list
    + On i586 Python code is also under _libdir thus creating a conflict between
      the packages.
* Wed Sep 11 2019 Robert Schweikert <rjschwei@suse.com>
  - Add gcei_disableipv6.patch (bsc#1150058)
    + Upstream introduced an interface named "DisableIpv6" but the
      implementation was incomplete and the interface was missing for SUSE
      distros
* Tue Aug 20 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Fix install location of NSS and PAM shared libraries (bsc#1146172)
  - Switch RPM group for oslogin package from Hardware to System/Daemons
* Tue Aug 06 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Add patch to normalize setup version of Python code
    + gcei-normalize-python-version.patch
  - Fix file matching patterns in %files section for oslogin package
* Mon Aug 05 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20190801 (bsc#1144092, bsc#1144170)
    + Google Compute Engine
    * Re-enable boto config without plugin.
    * Fix metadata script retrieval for python 2 and 3.
    + Google Compute Engine OS Login
    * Fix for 2FA on RHEL 8.
  - from version 20190730
    + Google Compute Engine
    * Support for Debian 10.
    * New package versioning.
    * Support for Google Private Access over IPv6.
    * Support root disk expansion in RHEL 8 and Debian 10.
    + Google Compute Engine OS Login
    * Bug fixes for sudoers.
    * Initial groups support (not yet enabled).
  - Add patch to explicitly link NSS and PAM shared
    libraries against libboost_regex on SLE-12
    + gcei-link-boost_regex.patch
  - Refresh patches for new version
    + gcei-scripts-after-reg.patch
  - Set StandardOutput=journal+console in custom systemd service files
    + google-optimize-local-ssd.service
    + google-set-multiqueue.service
  - Stop installing configuration file for systemd-journald
    + Logging is now configured through systemd service files
  - Update file matching patterns in %files section for new version
* Mon May 27 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20190522 (bsc#1136266, bsc#1136267)
    + Google Compute Engine
    * Fix guest attributes flow in Python 3.
    + Google Compute Engine OS Login
    * Update OS Login control file for FreeBSD support.
  - from version 20190521
    + Google Compute Engine
    * Retry download for metadata scripts.
    * Fix script retrieval in Python 3.
    * Disable boto config in Python 3.
    * Update SSH host keys in guest attributes.
    * Fix XPS settings with more than 64 vCPUs.
* Thu May 16 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20190416 (bsc#1128392, bsc#1134179)
    + Google Compute Engine
    * FreeBSD fixes: syslog socket location and OS detection.
    * Upstart systems: only run startup scripts at boot.
    + Google Compute Engine OS Login
    * Fix pam_group ordering detection.
    * Restart cron from the OS Login control file.
    * Add PAM entry to su:account stack.
  - from version 20190315
    + Google Compute Engine OS Login
    * Fix alternate challenge section for two factor authentication.
    * Fix FreeBSD compatibility issues in the control file.
  - from version 20190304
    + Google Compute Engine
    * Set oom_score_adjust for google_accounts_daemon.
    + Google Compute Engine OS Login
    * Use pam_group to provide users with default groups.
    * Add compat.h to support FreeBSD.
    * Exit immediately after a two factor authentication failure.
    * Add support for Google phone prompt challenges.
  - Adjust paths for new upstream directory layout in %build and %install
  - Include systemd service file to run google_optimize_local_ssd command
    + google-optimize-local-ssd.service
  - Include systemd service file to run google_set_multiqueue command
    + google-set-multiqueue.service
  - Install journald configuration files into /usr/lib/systemd/journald.conf.d
  - Refresh patches for new version
    + gcei-hide-py-deps.patch
    + gcei-scripts-after-reg.patch
    + gcei-set-run_dir.patch
* Wed Jan 30 2019 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20190124 (bsc#1123671, bsc#1123672)
    + Google Compute Engine
    * Fix metadata script retrieval to support Python 3.
* Mon Jan 21 2019 Robert Schweikert <rjschwei@suse.com>
  - Remove dropped service from systemd setup macros (bsc#1122172)
  - Drop use of restart_on_update, force service restart with  -f option
    on service_del_preun and service_del_postun
  - Detect and handle removed services in pre rather than post
* Tue Dec 11 2018 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20181206 (bsc#1119029, bsc#1119110)
    + Google Compute Engine
    * Support enabling OS Login two factor authentication.
    * Improve accounts support for FreeBSD.
    + Google Compute Engine OS Login
    * Support OS Login two factor authentication (Alpha).
    * Improve SELinux support.
  - from version 20181023
    + Google Compute Engine
    * Fix: Update sudoer group membership without overriding local groups.
  - from version 20181018
    + Google Compute Engine
    * Fix: Remove users from sudoers group on account removal.
* Sun Nov 25 2018 Robert Schweikert <rjschwei@suse.com>
  - Remove conditions for distributions older than Leap 42.3 and SLE 12
    + Delete init scripts google-accounts-daemon.suse,
      google-clock-skew-daemon.suse, google-instance-setup.suse,
      google-network-daemon.suse, google-shutdown-scripts.suse,
      google-startup-scripts.suse
  - Fix build for distributions with gcc version less than 4.9
    + Add new dependency on boost
* Fri Oct 12 2018 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
  - Update to version 20181011
    + Google Compute Engine
    * Revert: Remove users from sudoers group on account removal.
  - from version 20181008
    + Google Compute Engine
    * Remove users from sudoers group on account removal.
    * Remove gsutil dependency for metadata scripts.
  - from version 20180905
    + Google Compute Engine
    * Remove ntp package dependency.
    * Support Debian 10 Buster.
    * Restart the network daemon if networking is restarted.
    * Prevent setup of the default ethernet interface.
    * Accounts daemon verifies username is 32 characters or less.
    + Google Compute Engine OS Login
    * Add user name validation to pam modules.
    * Return false on failed final load.
    * Support FreeBSD.
    * Support Debian 10 Buster.
  - from version 20180611
    + Google Compute Engine
    * Prevent IP forwarding daemon log spam.
    * Make default shell configurable when executing metadata scripts.
    * Rename distro directory to distro_lib.
  - Refresh patches for new version
    + gcei-set-run_dir.patch
* Mon Jun 18 2018 adrian.glaubitz@suse.com
  - Ensure that google-ip-forwarding-daemon service and
    google-network-setup are stopped and disabled
    during upgrade
  - Ensure that google-network-daemon service is enabled
    and started during upgrade
* Thu Jun 14 2018 adrian.glaubitz@suse.com
  - Add patch to set run_dir to /var/run (bsc#1097378, #1097616)
    + gcei-set-run_dir.patch
  - Drop deleted patch from spec file
    + gcei-lnx-distro-py3.patch
* Tue May 29 2018 rjschwei@suse.com
  - Remove gcei-lnx-distro-py3.patch
    + Upstream intention is to depend on distro module from GitHub
  - Add dependency on python3-distro for SLE/Leap 15 and later
* Mon May 21 2018 rjschwei@suse.com
  - Add patch gcei-lnx-distro-py3.patch (bsc#1094074)
* Fri May 11 2018 adrian.glaubitz@suse.com
  - Update to version 20180510 (bsc#1092214)
    + Prevent delay in configuring IP forwarding routes.
    + Improve instance setup support for FreeBSD.
  - Include new google-network-daemon
    + Add google-network-daemon.service activation in
      %pre and %post sections
    + Add google-network-daemon.suse init script for SysV
  - Stop shipping deprecated google-ip-forwarding-daemon service
    + Remove google-ip-forwarding-daemon.service activation in
      %pre and %post sections
    + Drop google-ip-forwarding-daemon.suse from source distribution
  - Add missing association with "init" package for  %pre, %post,
    %preun and %postun sections
  - Install google_oslogin_nss_cache binary into oslogin package
* Tue May 08 2018 adrian.glaubitz@suse.com
  - Update to version 20180504 (bsc#1092214)
    + Create a new network daemon.
    + Refactor the IP forwarding daemon and network setup.
    + Improvements for using NSS cache in the accounts daemon.
    + Include libnss cache as part of the OS Login package.
  - Refresh patches for new version:
    + gcei-scripts-after-reg.patch
* Mon Apr 16 2018 adrian.glaubitz@suse.com
  - Update to version 20180227 (bsc#1066273)
    + Add distro specific logic.
    + Support SLES 11 and 12 in multi-nic setup.
    + Fix boto config documentation.
    + Add modprobe blacklist for nouveau and floppy modules.
    + Fix irqbalance conflict in Debian package.
    + Fix conflict with other applications that use curl and SSL.
  - Install new kernel module blacklist into /etc/modprobe.d.
  - Refresh patches for new version:
    + gcei-hide-py-deps.patch
* Fri Feb 02 2018 adrian.glaubitz@suse.com
  - Update to version 20180129 (bsc#1078349, bsc#1079077)
    + Improve rsyslog daemon reset when using the dhcp exit hook.
    + The OS Login feature is generally available.
    + Change the OS Login uid restriction to allow uid 1000.
    + Close socket connections after requesting metadata.
  - From version 20171213
    + Force IPv4 for Debian apt configs.
* Sun Dec 03 2017 adrian.glaubitz@suse.com
  - Update to version 20171129 (bsc#1070895, bsc#1070918)
    + Generate SSH host keys when none are present.
    + Improve logging when activating OS Login.
    + Fix parsing logic for expiration time on SSH public keys.
    + Fix home directory creation PAM config.
* Fri Nov 03 2017 rjschwei@suse.com
  - Change dependencies -init depends on -oslogin
    + oslogin feature is now enabled by the initialization code
      when appropriate
  - Do not start the oslogin feature upon package install
* Fri Oct 27 2017 rjschwei@suse.com
  - Fix build for SLES 11
* Thu Oct 26 2017 adrian.glaubitz@suse.com
  - Update to version 20171025 (bsc#1064356, bsc#1065308)
    + Add apt configuration to prevent auto-removal of Google packages.
    + Rename set_hostname to prevent naming conflicts.
    + Remove logging when checking OS Login status.
  - From version 20171019
    + Support the enable-oslogin metadata key for activating OS Login.
    + Improve packaging to restart services.
    + OS Login is available in Beta.
    + Add status option to the OS Login control file.
  - From version 20171006
    + Fix system hang during VM shutdown.
    + JSON parser accepts string types for int64 values.
  - From version 20170921
    + JSON parser casts uid and gid to unsigned integers.
  - From version 20170914
    + Remove fstab barrier options in EL 7.
    + Use curl to download metadata script files for SSL certificate validation.
    + Use netifaces for retrieving MAC address names if the import exists.
* Tue Sep 19 2017 rjschwei@suse.com
  - Ship the udevrules with the -init package only
* Tue Sep 12 2017 rjschwei@suse.com
  - Fix baslibs.conf, use package, not files
  - Include rpmlintrc and baslibc.conf as source
* Mon Sep 11 2017 rjschwei@suse.com
  - Add gcei-scripts-after-reg.patch (bsc#1057671)
* Sat Sep 09 2017 rjschwei@suse.com
  - Update to version 20170829 (bsc#1049242, FATE#323757)
    + Support oslogin feature
    + Add rpmlintrc
      ~ We ship pam and nss modules in -oslogin we do not want
      to name the package according to the shared library naming policy
    + Add baslibs.config
      ~ Handle the nss and pam modules provided by oslogin properly
  - From version 20170718
    + Allow nologin paths other than /sbin/nologin.
    + Try to download GCS URLs with curl if gsutil is not installed.
    + Fix control scripts to correctly restart sshd and nscd if they exist.
    + Retry HTTP requests if error 500 is received.
    + Move oslogin sudoers directory locations.
  - Setup for Python 3 build oSTW and SLE 15
  - Source package renamed to google-compute-engine
    + Binary subpackages -init -oslogin
* Fri Jan 13 2017 rjschwei@suse.com
  - The startup script attempts a network connection, thus it must
    run after network setup
* Thu Jan 12 2017 rjschwei@suse.com
  - Scripts that are one-shot should not be marked as "stop_on_removal"
    as there is no process running (bsc#1017395)
  - One-shot scripts should not run with startproc
* Mon Dec 19 2016 rjschwei@suse.com
  - Update to version 20161213 (bsc#1015829, bsc#1016372)
    + Remove gcei-handle-failed-open.patch included upstream
    + Remove gcei-handle-missing-gsutil.patch included upstream
    + Forward port gcei-hide-py-deps.patch
    + Improved alias IP support
  - From 20161118
    + Add support for alias IPs in the IP forwarding daemon.
    + IP forwarding daemon adds back local routes after network restart.
    + Account daemon removes expired key access without metadata change.
    + Account daemon ignores SSH keys with non-ascii characters.
    + Improved exception handling.
    + Fix for syslog startup on systemd.
    + Add a route to the metadata server to /etc/hosts.
  - From 20160930
    + Provide a service to enable network interfaces on boot.
    + Create a common library for inspecting network interfaces.
    + Allow metadata script output that is not UTF-8.
    + Fixed instance config file logic.
    + Fixed accounts management Python 3 compatibility.
    + Fixed IP forwarding Python 3 compatibility.
    + Improved style consistency.
    + Run a service on boot to enable additional network interfaces.
    + Update dhclient-script on EL 6 to fix local routing.
* Sun Oct 30 2016 jengelh@inai.de
  - Resolve description inaccuracy
  - Call %service_* just once, but with all args
* Wed Oct 26 2016 rjschwei@suse.com
  - Include in SLE 12 and SLE 11 (FATE#321748, FATE#321890, bsc#994943)
* Thu Oct 20 2016 rjschwei@suse.com
  - Update gcei-handle-failed-open.patch to match upstream PR
* Wed Oct 19 2016 rjschwei@suse.com
  - Add gcei-handle-failed-open.patch
    * Do not exit with a traceback if the sudoers file cannot be written
* Wed Oct 19 2016 rjschwei@suse.com
  - Package the rsyslog config unconditionally, rsyslog also available on
    SLE 11
* Wed Oct 19 2016 rjschwei@suse.com
  - Add sysvinit scripts for SUSE, upstream scripts are RHEL specific
    * google-accounts-daemon.suse
    * google-clock-skew-daemon.suse
    * google-instance-setup.suse
    * google-ip-forwarding-daemon.suse
    * google-shutdown-scripts.suse
    * google-startup-scripts.suse
* Mon Oct 17 2016 rjschwei@suse.com
  - Own the udev directories, fixes issue with SLE 12 build
* Mon Oct 17 2016 rjschwei@suse.com
  - Conflict with the previous generation of initialization code.
    * According to upstream and update path is not supported and
      has too many corner cases to reliably work. Thus running instances are
      not expected to upgrade.
* Mon Oct 17 2016 rjschwei@suse.com
  - Initial build
    - Version 20160803

Files

/lib64/security/pam_oslogin_admin.so
/lib64/security/pam_oslogin_login.so
/usr/bin/google_authorized_keys
/usr/bin/google_oslogin_control
/usr/bin/google_oslogin_nss_cache
/usr/lib64/libnss_cache_oslogin-20190801.00.so
/usr/lib64/libnss_cache_oslogin.so.2
/usr/lib64/libnss_oslogin-20190801.00.so
/usr/lib64/libnss_oslogin.so.2
/usr/share/man/man8/libnss_cache_oslogin.so.2.8.gz
/usr/share/man/man8/libnss_oslogin.so.2.8.gz
/usr/share/man/man8/nss-cache-oslogin.8.gz
/usr/share/man/man8/nss-oslogin.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 12:46:04 2024