Revisions of sssd
Jan Engelhardt (jengelh)
accepted
request 677966
from
Samuel Cabrero (scabrero)
(revision 213)
- Install systemd service unit file created from source's template (bsc#1120852) - Install logrotate configuration (bsc#1004220) - Set journald as system logger
Jan Engelhardt (jengelh)
committed
(revision 212)
trim spaces
Jan Engelhardt (jengelh)
committed
(revision 211)
- Add krb-noversion.diff so sssd_pac builds even with newer krb.
Jan Engelhardt (jengelh)
accepted
request 639404
from
Chris Kowalczyk (ckowalczyk)
(revision 210)
- Add dependency to adcli for sssd-ad (SLE15: fate#326619, bsc#1109849) (SLE12SP4: fate#326620, bsc#1110121)
Jan Engelhardt (jengelh)
committed
(revision 209)
Jan Engelhardt (jengelh)
committed
(revision 208)
- Update to new upstream release 2.0.0
Jan Engelhardt (jengelh)
committed
(revision 207)
Compact overly long changelog, wrap to 66 cols as demanded
Jan Engelhardt (jengelh)
accepted
request 632454
from
Karol Babioch (kbabioch)
(revision 206)
- Update to upstream release 1.16.3
Chris Kowalczyk (ckowalczyk)
accepted
request 620030
from
Chris Kowalczyk (ckowalczyk)
(revision 205)
Fixed patch name.
Jan Engelhardt (jengelh)
committed
(revision 204)
Restore the default changelog format
Jan Engelhardt (jengelh)
accepted
request 619100
from
Chris Kowalczyk (ckowalczyk)
(revision 203)
- Introduce patches: * Create sockets with right permissions: 0001-SUDO-Create-the-socket-with-stricter-permissions.patch (bsc#1098377, CVE-2018-10852) * Fix for sssd upstream integration tests 0002-intg-Do-not-hardcode-nsslibdir.patch (bsc#1098163)
Peter Varkoly (varkoly)
committed
(revision 202)
Fix spec for new package.
Peter Varkoly (varkoly)
committed
(revision 201)
Add patch to fix build
Peter Varkoly (varkoly)
committed
(revision 200)
Remove unnecessary comment.
Peter Varkoly (varkoly)
committed
(revision 199)
Fix requirement
Peter Varkoly (varkoly)
committed
(revision 198)
Add missed requirement
Peter Varkoly (varkoly)
committed
(revision 197)
- Update to new minor upstream release 1.16.2 New Features: * The smart card authentication, or in more general certificate authentication code now supports OpenSSL in addition to previously supported NSS (#3489). In addition, the SSH responder can now return public SSH keys derived from the public keys stored in a X.509 certificate. Please refer to the ssh_use_certificate_keys option in the man pages. * The files provider now supports mirroring multiple passwd or group files. This enhancement can be used to use the SSSD files provider instead of the nss_altfiles module Bugfixes: * A memory handling issue in the nss_ex interface was fixed. This bug would manifest in IPA environments with a trusted AD domain as a crash of the ns-slapd process, because a ns-slapd plugin loads the nss_ex interface (#3715) * Several fixes for the KCM deamon were merged (see #3687, #3671, #3633) * The ad_site override is now honored in GPO code as well (#3646) * Several potential crashes in the NSS responder’s netgroup code were fixed (#3679, #3731) * A potential crash in the autofs responder’s code was fixed (#3752) * The LDAP provider now supports group renaming (#2653) * The GPO access control code no longer returns an error if one of the relevant GPO rules contained no SIDs at all (#3680) * A memory leak in the IPA provider related to resolving external AD groups was fixed (#3719) * Setups that used multiple domains where one of the domains had its ID space limited using the min_id/max_id options did not resolve requests by ID properly (#3728) * Overriding IDs or names did not work correctly when the domain
Peter Varkoly (varkoly)
committed
(revision 196)
Jan Engelhardt (jengelh)
accepted
request 602087
from
Chris Kowalczyk (ckowalczyk)
(revision 195)
- Update to new minor upstream release 1.16.1 (fate#323340): New Features: * A new option auto_private_groups was added. If this option is enabled, SSSD will automatically create user private groups based on user’s UID number. The GID number is ignored in this case. * The SSSD smart card integration now supports a special type of PAM conversation implemented by GDM which allows the user to select the appropriate smrt card certificate in GDM. * A new API for accessing user and group information was added. This API is similar to the tradiional Name Service Switch API, but allows the consumer to talk to SSSD directly as well as to fine-tune the query with e.g. how cache should be evaluated. * The sssctl command line tool gained a new command access-report, which can generate who can access the client machine. Currently only generating the report on an IPA client based on HBAC rules is supported. * The hostid provider was moved from the IPA specific code to the generic LDAP code. This allows SSH host keys to be access by the generic LDAP provider as well. See the ldap_host_* options in the sssd-ldap manual page for more details. * Setting the memcache_timeout option to 0 disabled creating the memory cache files altogether. This can be useful in cases there is a bug in the memory cache that needs working around.
Jan Engelhardt (jengelh)
accepted
request 600643
from
Chris Kowalczyk (ckowalczyk)
(revision 194)
- Updated sssd.spec: The IPA provider depends on AD provider's PAC executable, hence introducing the package dependency. (bsc#1021441, bsc#1062124)
Displaying revisions 101 - 120 of 313