diff --git a/keystone-17.0.0.tar.gz b/keystone-17.0.0.tar.gz deleted file mode 100644 index 5d86768..0000000 Binary files a/keystone-17.0.0.tar.gz and /dev/null differ diff --git a/keystone-18.0.0.tar.gz b/keystone-18.0.0.tar.gz new file mode 100644 index 0000000..c235bda Binary files /dev/null and b/keystone-18.0.0.tar.gz differ diff --git a/keystone.spec b/keystone.spec deleted file mode 100644 index 2c0c7a5..0000000 --- a/keystone.spec +++ /dev/null @@ -1,59 +0,0 @@ -# rpmrebuild autogenerated specfile - -BuildRoot: /root/.tmp/rpmrebuild.50933/work/root -AutoProv: no -%undefine __find_provides -AutoReq: no -%undefine __find_requires -# Do not try autogenerate prereq/conflicts/obsoletes and check files -%undefine __check_files -%undefine __find_prereq -%undefine __find_conflicts -%undefine __find_obsoletes -# Be sure buildpolicy set to do nothing -%define __spec_install_post %{nil} -# Something that need for rpm-4.1 -%define _missing_doc_files_terminate_build 0 - - -Name: keystone -Version: 17.0.0 -Release: 1%{?dist} -Summary: OpenStack Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family -License: GPL -Source0: keystone-17.0.0.tar.gz - -BuildRequires: python3 - -%description - -OpenStack Keystone provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family. It is most commonly deployed as an HTTP interface to existing identity systems, such as LDAP - -%prep -%autosetup - -%install -rm -rf $RPM_BUILD_ROOT -mkdir -p %{buildroot}/var/lib/keystone -mkdir -p %{buildroot}/var/log/keystone -mkdir -p %{buildroot}/usr/local/lib -python3 setup.py install --prefix=%{buildroot}/usr/ -cp -r %{buildroot}/usr/lib/* %{buildroot}/usr/local/lib -rm -rf %{buildroot}/usr/lib - - -%files -%attr(0755, root, root) "/usr/bin/keystone-manage" -%attr(0755, root, root) "/usr/bin/keystone-wsgi-admin" -%attr(0755, root, root) "/usr/bin/keystone-wsgi-public" -%dir %attr(0755, root, root) "/var/lib/keystone" -%dir %attr(0750, root, root) "/var/log/keystone" -%ghost %attr(0660, root, root) %verify(not md5 size link mtime) "/var/log/keystone/keystone.log" -%dir %attr(0750, root, root) "/usr/local/lib/python3.7" -%dir %attr(0750, root, root) "/usr/local/lib/python3.7/site-packages" -%attr(0750, root, root) "/usr/local/lib/python3.7/site-packages/*" - -%changelog -* Tue Sep 29 2020 zhang_donglin1 -- Update init - diff --git a/openstack-keystone.defaultconf b/openstack-keystone.defaultconf new file mode 100644 index 0000000..ebd997d --- /dev/null +++ b/openstack-keystone.defaultconf @@ -0,0 +1,2 @@ +[DEFAULT] +log_dir=/var/log/keystone \ No newline at end of file diff --git a/openstack-keystone.logrotate b/openstack-keystone.logrotate new file mode 100644 index 0000000..cd2dd5a --- /dev/null +++ b/openstack-keystone.logrotate @@ -0,0 +1,13 @@ +/var/log/keystone/*.log { + compress + copytruncate + dateext + minsize 100k + missingok + notifempty + rotate 10 + sharedscripts + size 1M + su keystone keystone + weekly +} diff --git a/openstack-keystone.spec b/openstack-keystone.spec new file mode 100644 index 0000000..940f6da --- /dev/null +++ b/openstack-keystone.spec @@ -0,0 +1,181 @@ +Name: openstack-keystone +Version: 18.0.0 +Release: 1 +Summary: OpenStack Identity Service +License: ASL 2.0 +URL: https://launchpad.net/keystone +Source0: keystone-18.0.0.tar.gz +Source1: openstack-keystone.logrotate +Source2: openstack-keystone.sysctl +Source3: openstack-keystone.defaultconf + +BuildRequires: openstack-macros +BuildRequires: python3-flask +BuildRequires: python3-flask-restful +BuildRequires: python3-webtest +BuildRequires: python3-bcrypt +BuildRequires: python3-fixtures +BuildRequires: python3-freezegun +BuildRequires: python3-jsonschema +BuildRequires: python3-keystonemiddleware +BuildRequires: python3-lxml +BuildRequires: python3-mock +BuildRequires: python3-oauthlib +BuildRequires: python3-oslo-cache +BuildRequires: python3-oslo-config +BuildRequires: python3-oslo-db +BuildRequires: python3-oslo-messaging +BuildRequires: python3-oslo-policy +BuildRequires: python3-oslo-upgradecheck +BuildRequires: python3-oslotest +BuildRequires: python3-osprofiler +BuildRequires: python3-passlib +BuildRequires: python3-pbr +BuildRequires: python3-pysaml2 +BuildRequires: python3-requests +BuildRequires: python3-scrypt +BuildRequires: python3-sqlparse +BuildRequires: which + +Requires: logrotate +Requires: python3-keystone + +BuildArch: noarch + +%description +Keystone is a Python implementation of the OpenStack +(http://www.openstack.org) identity service API. +. +This package contains the keystone python libraries. + +%package -n python3-keystone +Summary: Keystone Python libraries +Group: Applications/System +Requires: python3-ldap +Requires: python3-babel +Requires: python3-flask +Requires: python3-flask-restful +Requires: python3-jwt +Requires: python3-sqlalchemy +Requires: python3-webob +Requires: python3-bcrypt +Requires: python3-cryptography +Requires: python3-dogpile-cache +Requires: python3-jsonschema +Requires: python3-keystoneclient +Requires: python3-keystonemiddleware +Requires: python3-msgpack +Requires: python3-oauthlib +Requires: python3-oslo-cache +Requires: python3-oslo-concurrency +Requires: python3-oslo-config +Requires: python3-oslo-context +Requires: python3-oslo-db +Requires: python3-oslo-i18n +Requires: python3-oslo-log +Requires: python3-oslo-messaging +Requires: python3-oslo-middleware +Requires: python3-oslo-policy +Requires: python3-oslo-serialization +Requires: python3-oslo-upgradecheck +Requires: python3-oslo-utils +Requires: python3-osprofiler +Requires: python3-passlib +Requires: python3-pbr +Requires: python3-pycadf +Requires: python3-pysaml2 +Requires: python3-memcached +Requires: python3-pytz +Requires: python3-scrypt +Requires: python3-six +Requires: python3-migrate +Requires: python3-stevedore + +%description -n python3-keystone +Keystone is a Python implementation of the OpenStack +(https://docs.openstack.org/developer/keystone/) identity service API. +This package contains the Keystone Python library. + +%prep +%autosetup -p1 -n keystone-18.0.0 +%py_req_cleanup +find . \( -name .gitignore -o -name .placeholder \) -delete +find keystone -name \*.py -exec sed -i '/\/usr\/bin\/env python/d' {} \; +# adjust paths to WSGI scripts +sed -i 's#/local/bin#/bin#' httpd/wsgi-keystone.conf +sed -i 's#apache2#httpd#' httpd/wsgi-keystone.conf + +%build +%{py3_build} + +# config file generation +PYTHONPATH=. oslo-config-generator --config-file config-generator/keystone.conf \ +--output-file etc/keystone.conf.sample +# policy file generation +oslopolicy-sample-generator --config-file config-generator/keystone-policy-generator.conf --output-file etc/keystone.policy.yaml + +%install +%{py3_install} +install -d -m 755 %{buildroot}%{_sysconfdir}/keystone +install -d -m 755 %{buildroot}%{_sysconfdir}/sysctl.d +install -d -m 750 %{buildroot}%{_localstatedir}/{lib,log,cache}/keystone +install -d -m 755 %{buildroot}%{_sysconfdir}/keystone/keystone.conf.d/ +# default dir for fernet tokens +install -d -m 750 %{buildroot}%{_sysconfdir}/keystone/credential-keys/ +install -D -m 644 %{SOURCE3} %{buildroot}/%{_tmpfilesdir}/keystone.conf +install -p -D -m 640 etc/keystone.conf.sample %{buildroot}%{_sysconfdir}/keystone/keystone.conf +install -p -D -m 640 etc/logging.conf.sample %{buildroot}%{_sysconfdir}/keystone/logging.conf +install -p -D -m 640 etc/keystone.policy.yaml %{buildroot}%{_sysconfdir}/keystone/keystone.policy.yaml +install -p -D -m 640 etc/default_catalog.templates %{buildroot}%{_sysconfdir}/keystone/default_catalog.templates +install -p -D -m 640 etc/sso_callback_template.html %{buildroot}%{_sysconfdir}/keystone/sso_callback_template.html +install -p -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/logrotate.d/openstack-keystone +install -p -D -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysctl.d/openstack-keystone.conf +# remove wrongly installed tree +rm -rv %{buildroot}/%{_prefix}%{_sysconfdir}/ +# Install sample data script. +install -p -D -m 755 tools/sample_data.sh %{buildroot}%{_datadir}/keystone/sample_data.sh +# Install apache configuration files +install -p -D -m 644 httpd/wsgi-keystone.conf %{buildroot}%{_datadir}/keystone/ + +%pre +%openstack_pre_user_group_create keystone keystone /sbin/nologin +exit 0 + +%post +%tmpfiles_create %{_tmpfilesdir}/keystone.conf +%sysctl_apply openstack-keystone.conf + +%files +%license LICENSE +%doc README.rst +%{_bindir}/keystone-wsgi-admin +%{_bindir}/keystone-wsgi-public +%{_bindir}/keystone-manage +%{_bindir}/keystone-status +%_tmpfilesdir/keystone.conf +%dir %{_datadir}/keystone +%attr(0755, root, root) %{_datadir}/keystone/sample_data.sh +%attr(0644, root, keystone) %{_datadir}/keystone/wsgi-keystone.conf +%dir %attr(0750, root, keystone) %{_sysconfdir}/keystone/ +%dir %attr(0750, root, keystone) %{_sysconfdir}/keystone/keystone.conf.d/ +%dir %attr(0750, root, keystone) %{_sysconfdir}/keystone/credential-keys +%config(noreplace) %attr(0640, root, keystone) %{_sysconfdir}/keystone/keystone.conf +%config(noreplace) %attr(0640, root, keystone) %{_sysconfdir}/keystone/logging.conf +%config(noreplace) %attr(0640, root, keystone) %{_sysconfdir}/keystone/default_catalog.templates +%config(noreplace) %attr(0640, keystone, keystone) %{_sysconfdir}/keystone/keystone.policy.yaml +%config(noreplace) %attr(0640, keystone, keystone) %{_sysconfdir}/keystone/sso_callback_template.html +%config(noreplace) %{_sysconfdir}/logrotate.d/openstack-keystone +%dir %attr(0750, keystone, keystone) %{_localstatedir}/lib/keystone +%dir %attr(0750, keystone, keystone) %{_localstatedir}/log/keystone +%dir %attr(0750, keystone, keystone) %{_localstatedir}/cache/keystone +%{_sysconfdir}/sysctl.d/openstack-keystone.conf + +%files -n python3-keystone +%doc README.rst +%license LICENSE +%{python3_sitelib}/keystone* +%exclude %{python3_sitelib}/keystone/tests + +%changelog +* Wed Feb 3 2021 wangxiyuan +- Support OpenStack Victoria release diff --git a/openstack-keystone.sysctl b/openstack-keystone.sysctl new file mode 100644 index 0000000..682c160 --- /dev/null +++ b/openstack-keystone.sysctl @@ -0,0 +1,3 @@ +# By default, keystone starts a service on IANA-assigned port 35357 +# http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt +net.ipv4.ip_local_reserved_ports = 35357