System Security Services Daemon
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
- Sources inherited from project SUSE:SLE-15-SP4:GA
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.4:Update/sssd && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
baselibs.conf | 0000000123 123 Bytes | |
sssd-2.5.2.tar.gz | 0007579208 7.23 MB | |
sssd-2.5.2.tar.gz.asc | 0000000488 488 Bytes | |
sssd.changes | 0000081112 79.2 KB | |
sssd.keyring | 0000001749 1.71 KB | |
sssd.spec | 0000025001 24.4 KB |
Revision 2 (latest revision is 3)
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 2)
- Update to version 2.5.2; (jsc#SLE-17763); * originalADgidNumber attribute in the SSSD cache is now indexed. * Add new config option fallback_to_nss. - Changes from version 2.5.1 * auto_private_groups option can be set centrally through ID range setting in IPA (see ipa idrange commands family). This feature requires SSSD update on both client and server. This feature also requires freeipa 4.9.4 and newer. * Fix getsidbyname issues with IPA users with a user-private-group. * Default value of ldap_sudo_random_offset changed to 0 (disabled). This makes sure that sudo rules are available as soon as possible after SSSD start in default configuration. - Changes from version 2.5.0 * Added support for automatic renewal of renewable TGTs that are stored in KCM ccache. This can be enabled by setting tgt_renewal = true. See the sssd-kcm man page for more details. This feature requires MIT Kerberos krb5-1.19-0.beta2.3 or higher. * Backround sudo periodic tasks (smart and full refresh) periods are now extended by a random offset to spread the load on the server in environments with many clients. * Completing a sudo full refresh now postpones the smart refresh by ldap_sudo_smart_refresh_interval value. This ensure that the smart refresh is not run too soon after a successful full refresh. * If debug_backtrace_enabled is set to true then on any error all prior debug messages (to some limit) are printed even if debug_level is set to low value. * Besides trusted domains known by the forest root, trusted domains known by the local domain are used as well. * New configuration option offline_timeout_random_offset to control random
Comments 0