Revisions of sssd
Stephan Kulow (coolo)
accepted
request 259244
from
Jan Engelhardt (jengelh)
(revision 60)
- Update to new upstream release 1.12.2 (bugfix release, bnc#900159) * Fixed a regression where the IPA provider did not fetch User Private Groups correctly * An important bug in the GPO access control which resulted in a wrong principal being used, was fixed. * Several new options are available for deployments that need to restrict a certain PAM service from connecting to a certain SSSD domain. For more details, see the description of pam_trusted_users and pam_public_domains options in the sssd.conf(5) man page and the domains option in the pam_sss(8) man page. * When SSSD is acting as an IPA client in setup with trusted AD domains, it is able to return group members or full group memberships for users from trusted AD domains. * Support for the "views" feature of IPA. - Remove 0001-build-call-AC_BUILD_AUX_DIR-before-anything-else.patch (merged upstream) - Add 0001-build-call-AC_BUILD_AUX_DIR-before-anything-else.patch to workaround bad autoconf invocation - 0001-build-detect-endianness-at-configure-time.patch Correct defective endianness test. - Update to new upstream release 1.12.1 * The GPO access control was further enhanced to allow the access control decisions while offline and map the Windows logon rights onto Linux PAM services. * The SSSD now ships a plugin for the rpc.idmapd daemon, sss_rpcidmapd(5).
Stephan Kulow (coolo)
accepted
request 245814
from
Jan Engelhardt (jengelh)
(revision 58)
- The utility sss_obfuscate uses the Python module pysss, so add a dependency on python-sssd-config to sssd-tools (bnc#890242) (forwarded request 245784 from leonardocf)
Ludwig Nussel (lnussel)
accepted
request 244504
from
Jan Engelhardt (jengelh)
(revision 57)
- Update to new upstream release 1.12.0
Stephan Kulow (coolo)
accepted
request 238107
from
Jan Engelhardt (jengelh)
(revision 56)
- fix %postun to not erroneously remove sss pam module
Stephan Kulow (coolo)
accepted
request 235585
from
Jan Engelhardt (jengelh)
(revision 55)
- Switch to libnl-3 so we can get rid of libnl-1. (forwarded request 235577 from elvigia)
Stephan Kulow (coolo)
accepted
request 233707
from
Jan Engelhardt (jengelh)
(revision 54)
- bnc#877457 - 78 Configuration file /usr/lib/systemd/system/sssd.service is marked executable. Please remove executable permission bits. - Detect endianness at configure time, for use by Samba's byteorder.h header; (bnc#876544). + 0001-build-detect-endianness-at-configure-time.patch (forwarded request 233706 from varkoly)
Stephan Kulow (coolo)
accepted
request 231991
from
Peter Varkoly (varkoly)
(revision 53)
- Update to new upstream release 1.11.5.1 * sssd crashes after upgrade from 1.11.4 to 1.11.5 when using a samba4 domain * SSSD pam module accepts usernames with leading spaces * [RFE] Expose the list of trusted domains to IPA * If both IPA and LDAP are set up with enumeration on, two enum tasks are running * sssd.conf man pages don't list a configuration option. * Make SSSD compilable on systems with non-standard paths to krb5 includes * [freebsd] pam_sss: add ignore_unknown_user option * MAN: Remove misleading memberof example from ldap_access_filter example * not retrieving homedirs of AD users with posix attributes * Document that `sssd` cache needs to be cleared manually, if ID mapping configuration changes * Check IPA idranges before saving them to the cache * Evaluate usage of sudo LDAP provider together with the AD provider * Setting int option to 0 yields the default value * ipa-server-mode: Use lower-case user name component in home dir path * SSSD Does not cache SELinux map from FreeIPA correctly * IPA SELinux code looks for the host in the wrong sysdb subdir when a trusted user logs in * sssd fails to handle expired passwords when OTP is used * Add another Kerberos error code to trigger IPA password migration * Double OK when starting the service * SSSD should create the SELinux mapping file with format expected by pam_selinux * Valgrind: Invalid read of int while processing netgroup * other subdomains are unavailable when joined to a subdomain in the ad forest * Error during password change * configure time variables not expanded when running ./configure * RHEL7 IPA selinuxusermap hbac rule not always matching
Stephan Kulow (coolo)
accepted
request 225993
from
Factory Maintainer (factory-maintainer)
(revision 52)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 212445
from
Factory Maintainer (factory-maintainer)
(revision 51)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 211391
from
Jan Engelhardt (jengelh)
(revision 50)
- Migrate deprecated krb5_kdcip variable to krb5_server (bnc#851048) (forwarded request 208844 from ckornacker)
Stephan Kulow (coolo)
accepted
request 208276
from
Jan Engelhardt (jengelh)
(revision 49)
- Update to new upstream release 1.11.2
Stephan Kulow (coolo)
accepted
request 179170
from
Jan Engelhardt (jengelh)
(revision 47)
- Explicitly formulate SASL BuildRequires
Stephan Kulow (coolo)
accepted
request 174889
from
Factory Maintainer (factory-maintainer)
(revision 46)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 163793
from
Factory Maintainer (factory-maintainer)
(revision 45)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 160208
from
Ralf Haferkamp (rhafer)
(revision 44)
CVE-2013-0287 (bnc#809153) (forwarded request 160207 from rhafer)
Stephan Kulow (coolo)
accepted
request 157216
from
Jan Engelhardt (jengelh)
(revision 43)
Factory only - Resolve user retrieval problems when encountering binary data in LDAP attributes (bnc#806078),
Stephan Kulow (coolo)
accepted
request 151849
from
Ralf Haferkamp (rhafer)
(revision 41)
update to 1.9.4 (bnc#801036)
Displaying revisions 81 - 100 of 140
