Bug#775289: marked as done (unblock: heat/2014.1.3-7)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 14 Jan 2015 21:32:53 +0100
with message-id <20150114203222.GN10424@ugent.be>
and subject line Re: Bug#775289: unblock: heat/2014.1.3-7
has caused the Debian Bug report #775289,
regarding unblock: heat/2014.1.3-7
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
775289: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775289
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: heat/2014.1.3-7
• From: Thomas Goirand <zigo@debian.org>
• Date: Tue, 13 Jan 2015 16:03:07 +0100
• Message-id: <[🔎] 20150113150307.26280.94293.reportbug@buzig.gplhost.com>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear release team,

Here's a list of changes:

*/ Package is rebuilt against openstack-pkg-tools >= 22~ to fix the
last systemd issue that was preventing startup of daemons on the first
install (see unblock bug #775278).

*/ To make sure the database directive is left unchanged unless the
user explicitely asked for automated management, and for consistency
across all OpenStack packages, the heat/configure_db debconf variable
default value is now set to false.

*/ For consistency with other OpenStack packages and to allow a better
compatibility with official puppet scripts, the postinst doesn't touch
the db connection directive and doesn't do the "heat-manage db_sync"
unless explicitely requested by the user through debconf. The
pkgos_dbc_postinst isn't called either if no db management is requested.

*/ As SSL version 3 support has been removed from Debian, the Python
object ssl.PROTOCOL_SSLv3 doesn't work anymore. During my tests, I have
found out that this prevented heat from authenticating against Keystone.
This upload fixes it by removing completely the use of the object
ssl.PROTOCOL_SSLv3 (added patch).

Please unblock heat/2014.1.3-7.

Cheers,

Thomas Goirand (zigo)

diff -Nru heat-2014.1.3/debian/changelog heat-2014.1.3/debian/changelog
--- heat-2014.1.3/debian/changelog	2015-01-07 13:59:20.000000000 +0000
+++ heat-2014.1.3/debian/changelog	2015-01-12 23:32:36.000000000 +0000
@@ -1,3 +1,29 @@
+heat (2014.1.3-7) unstable; urgency=medium
+
+  * Removed the use of PROTOCOL_SSLv3 which is removed form Debian.
+
+ -- Thomas Goirand <zigo@debian.org>  Tue, 13 Jan 2015 00:30:06 +0100
+
+heat (2014.1.3-6) unstable; urgency=medium
+
+  * Fixed the use of a wrong Debconf template name (Closes: #774952).
+
+ -- Thomas Goirand <zigo@debian.org>  Fri, 09 Jan 2015 22:40:22 +0000
+
+heat (2014.1.3-5) unstable; urgency=medium
+
+  * Sets heat/configure_db to false by default.
+  * Only calls pkgos_dbc_postinst and su heat -c "heat-manage db_sync" if
+    heat/configure_db is set to true.
+
+ -- Thomas Goirand <zigo@debian.org>  Thu, 08 Jan 2015 16:28:44 +0000
+
+heat (2014.1.3-4) unstable; urgency=medium
+
+  * Rebuilt with openstack-pkg-tools (>= 22~): starts daemons on first install.
+
+ -- Thomas Goirand <zigo@debian.org>  Thu, 08 Jan 2015 15:58:40 +0000
+
 heat (2014.1.3-3) unstable; urgency=medium
 
   * Added Dutch translation of debconf messages thanks to Frans Spiesschaert
diff -Nru heat-2014.1.3/debian/control heat-2014.1.3/debian/control
--- heat-2014.1.3/debian/control	2015-01-07 13:59:20.000000000 +0000
+++ heat-2014.1.3/debian/control	2015-01-12 23:32:36.000000000 +0000
@@ -6,7 +6,7 @@
            Mehdi Abaakouk <sileht@sileht.net>
 Build-Depends: debhelper (>= 9),
                dh-systemd,
-               openstack-pkg-tools (>= 21~),
+               openstack-pkg-tools (>= 22~),
                po-debconf,
                python-all (>= 2.6.6-3~),
                python-pbr (>= 0.6),
diff -Nru heat-2014.1.3/debian/heat-common.postinst.in heat-2014.1.3/debian/heat-common.postinst.in
--- heat-2014.1.3/debian/heat-common.postinst.in	2015-01-07 13:59:20.000000000 +0000
+++ heat-2014.1.3/debian/heat-common.postinst.in	2015-01-12 23:32:36.000000000 +0000
@@ -19,15 +19,22 @@
 	chown heat:heat /var/lib/heat /etc/heat
         pkgos_write_new_conf heat heat.conf
 
-	pkgos_dbc_postinst ${CONF} database connection heat $@
+	db_get heat/configure_db
+	if [ "$RET" = "true" ] ; then
+		pkgos_dbc_postinst ${CONF} database connection heat $@
+	fi
 	pkgos_rabbit_write_conf ${CONF} DEFAULT heat
         pkgos_write_admin_creds ${CONF} keystone_authtoken heat
 	pkgos_register_endpoint_postinst heat heat orchestration "Heat Orchestration API" 8004 /v1/'%(tenant_id)s'
 	# This is the equivalent of db-sync:
-	su heat -c "heat-manage db_sync"
+	db_get heat/configure_db
+	if [ "$RET" = "true" ] ; then
+		su heat -c "heat-manage db_sync"
+	fi
 
         chown -R heat:adm /var/log/heat
         chmod 0750 /var/log/heat
+        db_stop
 fi
 
 #DEBHELPER#
diff -Nru heat-2014.1.3/debian/heat-common.templates heat-2014.1.3/debian/heat-common.templates
--- heat-2014.1.3/debian/heat-common.templates	2015-01-07 13:59:20.000000000 +0000
+++ heat-2014.1.3/debian/heat-common.templates	2015-01-12 23:32:36.000000000 +0000
@@ -80,7 +80,7 @@
 
 Template: heat/configure_db
 Type: boolean
-Default: true
+Default: false
 _Description: Set up a database for heat-common?
  No database has been set up for heat-common to use. Before
  continuing, you should make sure you have the following information:
diff -Nru heat-2014.1.3/debian/patches/remove-the-use-of-ssl.PROTOCOL_SSLv3.patch heat-2014.1.3/debian/patches/remove-the-use-of-ssl.PROTOCOL_SSLv3.patch
--- heat-2014.1.3/debian/patches/remove-the-use-of-ssl.PROTOCOL_SSLv3.patch	1970-01-01 00:00:00.000000000 +0000
+++ heat-2014.1.3/debian/patches/remove-the-use-of-ssl.PROTOCOL_SSLv3.patch	2015-01-12 23:32:36.000000000 +0000
@@ -0,0 +1,19 @@
+Description: Remove the use of ssl.PROTOCOL_SSLv23
+ The ssl.PROTOCOL_SSLv23 object cannot be used in Debian anymore, this patch
+ removes it from heat/openstack/common/sslutils.py.
+Author: Thomas Goirand <zigo@debian.org>
+Forwarded: not-needed
+Last-Update: 2014-01-13
+
+--- heat-2014.1.3.orig/heat/openstack/common/sslutils.py
++++ heat-2014.1.3/heat/openstack/common/sslutils.py
+@@ -80,8 +80,7 @@ def wrap(sock):
+ 
+ _SSL_PROTOCOLS = {
+     "tlsv1": ssl.PROTOCOL_TLSv1,
+-    "sslv23": ssl.PROTOCOL_SSLv23,
+-    "sslv3": ssl.PROTOCOL_SSLv3
++    "sslv23": ssl.PROTOCOL_SSLv23
+ }
+ 
+ try:
diff -Nru heat-2014.1.3/debian/patches/series heat-2014.1.3/debian/patches/series
--- heat-2014.1.3/debian/patches/series	2015-01-07 13:59:20.000000000 +0000
+++ heat-2014.1.3/debian/patches/series	2015-01-12 23:32:36.000000000 +0000
@@ -1 +1,2 @@
 fix-default-db.patch
+remove-the-use-of-ssl.PROTOCOL_SSLv3.patch

--- End Message ---

--- Begin Message ---

• To: Thomas Goirand <zigo@debian.org>, 775289-done@bugs.debian.org
• Subject: Re: Bug#775289: unblock: heat/2014.1.3-7
• From: Ivo De Decker <ivodd@debian.org>
• Date: Wed, 14 Jan 2015 21:32:53 +0100
• Message-id: <20150114203222.GN10424@ugent.be>
• In-reply-to: <[🔎] 20150113150307.26280.94293.reportbug@buzig.gplhost.com>
• References: <[🔎] 20150113150307.26280.94293.reportbug@buzig.gplhost.com>

Hi,

On Tue, Jan 13, 2015 at 04:03:07PM +0100, Thomas Goirand wrote:
> Here's a list of changes:

Unblocked.

Cheers,

Ivo

--- End Message ---