openSUSE Build Service

Jan Engelhardt (jengelh) accepted request 677966 from

Samuel Cabrero (scabrero) over 5 years ago (revision 213)

- Install systemd service unit file created from source's template
  (bsc#1120852)
- Install logrotate configuration (bsc#1004220)
- Set journald as system logger

Jan Engelhardt (jengelh) committed over 5 years ago (revision 212)

trim spaces

Jan Engelhardt (jengelh) committed over 5 years ago (revision 211)

- Add krb-noversion.diff so sssd_pac builds even with newer krb.

Jan Engelhardt (jengelh) accepted request 639404 from

Chris Kowalczyk (ckowalczyk) over 5 years ago (revision 210)

- Add dependency to adcli for sssd-ad
    (SLE15: fate#326619, bsc#1109849)
    (SLE12SP4: fate#326620, bsc#1110121)

Jan Engelhardt (jengelh) committed almost 6 years ago (revision 209)

Jan Engelhardt (jengelh) committed almost 6 years ago (revision 208)

- Update to new upstream release 2.0.0

Jan Engelhardt (jengelh) committed almost 6 years ago (revision 207)

Compact overly long changelog, wrap to 66 cols as demanded

Jan Engelhardt (jengelh) accepted request 632454 from

Karol Babioch (kbabioch) almost 6 years ago (revision 206)

- Update to upstream release 1.16.3

Chris Kowalczyk (ckowalczyk) accepted request 620030 from

Chris Kowalczyk (ckowalczyk) almost 6 years ago (revision 205)

Fixed patch name.

Jan Engelhardt (jengelh) committed almost 6 years ago (revision 204)

Restore the default changelog format

Jan Engelhardt (jengelh) accepted request 619100 from

Chris Kowalczyk (ckowalczyk) almost 6 years ago (revision 203)

- Introduce patches:
  * Create sockets with right permissions:
    0001-SUDO-Create-the-socket-with-stricter-permissions.patch
    (bsc#1098377, CVE-2018-10852)
  * Fix for sssd upstream integration tests
    0002-intg-Do-not-hardcode-nsslibdir.patch
    (bsc#1098163)

Peter Varkoly (varkoly) committed almost 6 years ago (revision 202)

Fix spec for new package.

Peter Varkoly (varkoly) committed almost 6 years ago (revision 201)

Add patch to fix build

Peter Varkoly (varkoly) committed almost 6 years ago (revision 200)

Remove unnecessary comment.

Peter Varkoly (varkoly) committed almost 6 years ago (revision 199)

Fix requirement

Peter Varkoly (varkoly) committed almost 6 years ago (revision 198)

Add missed requirement

Peter Varkoly (varkoly) committed almost 6 years ago (revision 197)

- Update to new minor upstream release 1.16.2
New Features:
  * The smart card authentication, or in more general certificate
    authentication code now supports OpenSSL in addition to previously
    supported NSS (#3489). In addition, the SSH responder can now
    return public SSH keys derived from the public keys stored in a
    X.509 certificate. Please refer to the ssh_use_certificate_keys
    option in the man pages.
  * The files provider now supports mirroring multiple passwd or
    group files. This enhancement can be used to use the SSSD files
    provider instead of the nss_altfiles module
Bugfixes:
  * A memory handling issue in the nss_ex interface was fixed. This
    bug would manifest in IPA environments with a trusted AD domain
    as a crash of the ns-slapd process, because a ns-slapd plugin
    loads the nss_ex interface (#3715)
  * Several fixes for the KCM deamon were merged (see #3687, #3671, #3633)
  * The ad_site override is now honored in GPO code as well (#3646)
  * Several potential crashes in the NSS responder’s netgroup code
    were fixed (#3679, #3731)
  * A potential crash in the autofs responder’s code was fixed (#3752)
  * The LDAP provider now supports group renaming (#2653)
  * The GPO access control code no longer returns an error if one
    of the relevant GPO rules contained no SIDs at all (#3680)
  * A memory leak in the IPA provider related to resolving external
    AD groups was fixed (#3719)
  * Setups that used multiple domains where one of the domains had
    its ID space limited using the min_id/max_id options did not
    resolve requests by ID properly (#3728)
  * Overriding IDs or names did not work correctly when the domain

Peter Varkoly (varkoly) committed almost 6 years ago (revision 196)

Jan Engelhardt (jengelh) accepted request 602087 from

Chris Kowalczyk (ckowalczyk) about 6 years ago (revision 195)

- Update to new minor upstream release 1.16.1 (fate#323340):
New Features:
 * A new option auto_private_groups was added. If this option is
   enabled, SSSD will automatically create user private groups based
   on user’s UID number. The GID number is ignored in this case.
 * The SSSD smart card integration now supports a special type of PAM
   conversation implemented by GDM which allows the user to select
   the appropriate smrt card certificate in GDM.
 * A new API for accessing user and group information was added.
   This API is similar to the tradiional Name Service Switch API, but
   allows the consumer to talk to SSSD directly as well as to
   fine-tune the query with e.g. how cache should be evaluated.
 * The sssctl command line tool gained a new command access-report,
   which can generate who can access the client machine. Currently
   only generating the report on an IPA client based on HBAC rules
   is supported.
 * The hostid provider was moved from the IPA specific code to
   the generic LDAP code. This allows SSH host keys to be access by
   the generic LDAP provider as well. See the ldap_host_* options in
   the sssd-ldap manual page for more details.
 * Setting the memcache_timeout option to 0 disabled creating
   the memory cache files altogether. This can be useful in cases
   there is a bug in the memory cache that needs working around.

Jan Engelhardt (jengelh) accepted request 600643 from

Chris Kowalczyk (ckowalczyk) about 6 years ago (revision 194)

- Updated sssd.spec:
  The IPA provider depends on AD provider's PAC executable, hence
  introducing the package dependency. (bsc#1021441, bsc#1062124)

Places

Revisions of sssd

Places