parent
23b784cf95
commit
8d6343c01f
|
@ -1 +1 @@
|
|||
sssd-1.0.0.tar.gz
|
||||
sssd-1.0.1.tar.gz
|
||||
|
|
|
@ -1,47 +0,0 @@
|
|||
From a79fed1bece2e33759546f97ce0f22af3745ac80 Mon Sep 17 00:00:00 2001
|
||||
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||
Date: Mon, 21 Dec 2009 13:03:03 -0500
|
||||
Subject: [PATCH] Allow debug_timestamps setting on a per-domain basis
|
||||
|
||||
This was missing from the SSSDConfig API, though it was supported
|
||||
by the daemon.
|
||||
---
|
||||
server/config/SSSDConfigTest.py | 2 ++
|
||||
server/config/etc/sssd.api.conf | 1 +
|
||||
2 files changed, 3 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/server/config/SSSDConfigTest.py b/server/config/SSSDConfigTest.py
|
||||
index f893d98..1e79342 100755
|
||||
--- a/server/config/SSSDConfigTest.py
|
||||
+++ b/server/config/SSSDConfigTest.py
|
||||
@@ -372,6 +372,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
|
||||
options = domain.list_options()
|
||||
control_list = [
|
||||
'debug_level',
|
||||
+ 'debug_timestamps',
|
||||
'min_id',
|
||||
'max_id',
|
||||
'timeout',
|
||||
@@ -586,6 +587,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
|
||||
options = domain.list_options()
|
||||
control_list = [
|
||||
'debug_level',
|
||||
+ 'debug_timestamps',
|
||||
'min_id',
|
||||
'max_id',
|
||||
'timeout',
|
||||
diff --git a/server/config/etc/sssd.api.conf b/server/config/etc/sssd.api.conf
|
||||
index c8ddae4..bdb6aab 100644
|
||||
--- a/server/config/etc/sssd.api.conf
|
||||
+++ b/server/config/etc/sssd.api.conf
|
||||
@@ -42,6 +42,7 @@ chpass_provider = str, None
|
||||
[domain]
|
||||
# Options available to all domains
|
||||
debug_level = int, None, 0
|
||||
+debug_timestamps = bool, None
|
||||
command = str, None
|
||||
min_id = int, None, 1000
|
||||
max_id = int, None
|
||||
--
|
||||
1.6.5.2
|
||||
|
|
@ -1 +1,2 @@
|
|||
sssd-0_1_0-5_20090309git691c9b3_fc10:HEAD:sssd-0.1.0-5.20090309git691c9b3.fc10.src.rpm:1236618353
|
||||
sssd-1_0_1-1_fc13:F-11:sssd-1.0.1-1.fc13.src.rpm:1263221083
|
||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
b4a21cd65157e775dd5843d6a7ded10d sssd-1.0.0.tar.gz
|
||||
695a5fb6003dad6f4af65146e4f039bf sssd-1.0.1.tar.gz
|
||||
|
|
|
@ -1,90 +0,0 @@
|
|||
[services]
|
||||
description = Local Service Configuration
|
||||
activeServices = nss, dp, pam
|
||||
|
||||
[services/nss]
|
||||
description = NSS Responder Configuration
|
||||
# the following prevents sssd for searching for the root user/group in
|
||||
# all domains (you can add here a comma separated list of system accounts are
|
||||
# always going to be /etc/passwd users, or that you want to filter out)
|
||||
filterGroups = root
|
||||
filterUsers = root
|
||||
|
||||
[services/dp]
|
||||
description = Data Provider Configuration
|
||||
|
||||
[services/pam]
|
||||
description = PAM Responder Configuration
|
||||
|
||||
[services/monitor]
|
||||
description = Service Monitor Configuration
|
||||
#if a backend is particularly slow you can raise this timeout here
|
||||
sbusTimeout = 30
|
||||
|
||||
[domains]
|
||||
description = Domains served by SSSD
|
||||
; domains = LOCAL,LDAP
|
||||
|
||||
# SSSD will not start if you don't configure any domain.
|
||||
# Add new domains condifgurations as [domains/<NAME>] sections.
|
||||
# Then add the list of domains (in the order you want them to be
|
||||
# queried in the 'domains" attribute above and uncomment it
|
||||
|
||||
# Example LOCAL domain that proxies to /etc/passwd and /etc/group files
|
||||
# This configuration is meant mostly as a migration path to be able to store
|
||||
# additional information about users while still keeping /etc/passwd
|
||||
# authoritative.
|
||||
|
||||
; [domains/LOCAL]
|
||||
; description = LOCAL migration domain
|
||||
; enumerate = 3
|
||||
; minId = 500
|
||||
; magicPrivateGroups = FALSE
|
||||
; legacy = TRUE
|
||||
;
|
||||
; provider = proxy
|
||||
; libName = files
|
||||
; libPath = libnss_files.so.2
|
||||
|
||||
# optionally a file named sssdproxylocal can be place in pam.d configured to
|
||||
# check pam_unix only and pam_sss can be used in the normal pam stack
|
||||
; auth-module = proxy
|
||||
; pam-target = sssdproxylocal
|
||||
|
||||
# Example LOCAL domain that stores all users natively in the SSSD internal
|
||||
# directory. These local users and groups are not visibile in /etc/passwd, it
|
||||
# now contains only root and system accounts.
|
||||
|
||||
; [domains/LOCAL]
|
||||
; description = LOCAL Users domain
|
||||
; enumerate = 3
|
||||
; minId = 500
|
||||
; maxId = 999
|
||||
; legacy = FALSE
|
||||
; magicPrivateGroups = TRUE
|
||||
; provider = local
|
||||
|
||||
# Example LDAP domain that uses the proxy backend and the standard nss_ldap
|
||||
# and pam_ldap modules (Useful until we have good working native ldap backends).
|
||||
# For this to work the /etc/ldap.conf file needs to be correctly configured just
|
||||
# like you would do when using nss_ldap in nsswitch.conf, but instead of setting
|
||||
# passwd: files ldap, set passwd: files, sss instead there.
|
||||
# Also consider using the following setting in /etc/ldap.conf to avoid needless
|
||||
# delays if the ldap server is offline:
|
||||
# timelimit 10
|
||||
# bind_timelimit 5
|
||||
# nss_reconnect_maxsleeptime 2
|
||||
# nss_reconnect_sleeptime 1
|
||||
|
||||
; [domains/LDAP]
|
||||
; description = Proxy request to our LDAP server
|
||||
; enumerate = 0
|
||||
; minId = 1000
|
||||
; legacy = TRUE
|
||||
;
|
||||
; provider = proxy
|
||||
; libName = ldap
|
||||
; libPath = libnss_ldap.so.2
|
||||
;
|
||||
#if a backend is particularly slow you can raise this timeout here
|
||||
; timeout = 60
|
10
sssd.spec
10
sssd.spec
|
@ -2,8 +2,8 @@
|
|||
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
|
||||
|
||||
Name: sssd
|
||||
Version: 1.0.0
|
||||
Release: 2%{?dist}
|
||||
Version: 1.0.1
|
||||
Release: 1%{?dist}
|
||||
Group: Applications/System
|
||||
Summary: System Security Services Daemon
|
||||
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
|
||||
|
@ -12,8 +12,6 @@ URL: http://fedorahosted.org/sssd
|
|||
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
|
||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||
|
||||
Patch1: cfg_dbg_timestamps.patch
|
||||
|
||||
### Patches ###
|
||||
|
||||
### Dependencies ###
|
||||
|
@ -80,7 +78,6 @@ service.
|
|||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch1 -p1 -b .cfg_dbg_timestamps
|
||||
|
||||
%build
|
||||
NSS_LIBS=-lnss3 \
|
||||
|
@ -208,6 +205,9 @@ fi
|
|||
%postun client -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Mon Jan 11 2010 Stephen Gallagher <sgallagh@redhat.com> - 1.0.1-1
|
||||
- Fix CVE-2010-0014
|
||||
|
||||
* Mon Dec 21 2009 Stephen Gallagher <sgallagh@redhat.com> - 1.0.0-2
|
||||
- Patch SSSDConfig API to address
|
||||
- https://bugzilla.redhat.com/show_bug.cgi?id=549482
|
||||
|
|
Loading…
Reference in New Issue