New upstream release
Fix segfaults and upgrade issues. Provide newer default configuration.
This commit is contained in:
Stephen Gallagher
parent
56c3f220f8
commit
9b52793f52
@ -1 +1 @@
|
||||
sssd-0.7.0.tar.gz
|
||||
sssd-0.7.1.tar.gz
|
||||
|
||||
@ -1,50 +0,0 @@
|
||||
>From ff5fd17a20037377889b60a73b2b1f470c67c674 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||
Date: Mon, 26 Oct 2009 12:54:38 +0100
|
||||
Subject: [PATCH] Fix migration script for pre-0.5 local domains
|
||||
|
||||
Configuration files before 0.5.0 did not enforce provider= in local
|
||||
domains it did special-case by domain name (LOCAL). Our script was
|
||||
relying on provider= value, this patch adds the special-casing in case
|
||||
the domain was called LOCAL.
|
||||
---
|
||||
server/upgrade/upgrade_config.py | 13 +++++++++++--
|
||||
1 files changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/server/upgrade/upgrade_config.py b/server/upgrade/upgrade_config.py
|
||||
index 87e3990..fe20811 100644
|
||||
--- a/server/upgrade/upgrade_config.py
|
||||
+++ b/server/upgrade/upgrade_config.py
|
||||
@@ -25,6 +25,7 @@ import sys
|
||||
import shutil
|
||||
import traceback
|
||||
from ConfigParser import RawConfigParser
|
||||
+from ConfigParser import NoOptionError
|
||||
from optparse import OptionParser
|
||||
|
||||
class SSSDConfigParser(RawConfigParser):
|
||||
@@ -211,11 +212,19 @@ class SSSDConfigFile(object):
|
||||
self._migrate_kw(new_domsec, old_domsec, ldap_kw)
|
||||
self._migrate_kw(new_domsec, old_domsec, krb5_kw)
|
||||
|
||||
+ # configuration files before 0.5.0 did not enforce provider= in local domains
|
||||
+ # it did special-case by domain name (LOCAL)
|
||||
+ try:
|
||||
+ prv = self._new_config.get(new_domsec, 'id_provider')
|
||||
+ except NoOptionError:
|
||||
+ if old_domsec == 'domains/LOCAL':
|
||||
+ prv = 'local'
|
||||
+ self._new_config.set(new_domsec, 'id_provider', prv)
|
||||
+
|
||||
# if domain was local, update with parameters from [user_defaults]
|
||||
- if self._new_config.get(new_domsec, 'id_provider') == 'local':
|
||||
+ if prv == 'local':
|
||||
self._migrate_kw(new_domsec, 'user_defaults', user_defaults_kw)
|
||||
|
||||
-
|
||||
def _migrate_domains(self):
|
||||
for domain in [ s.replace('domains/','') for s in self._config.sections() if s.startswith("domains/") ]:
|
||||
domain = domain.strip()
|
||||
--
|
||||
1.6.2.5
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
403945c70c902302e5d8babecb24b096 sssd-0.7.0.tar.gz
|
||||
827ef46d27c54ce790d329a6b1b82586 sssd-0.7.1.tar.gz
|
||||
|
||||
@ -1,57 +0,0 @@
|
||||
[sssd]
|
||||
config_file_version = 2
|
||||
# Number of times services should attempt to reconnect in the
|
||||
# event of a crash or restart before they give up
|
||||
reconnection_retries = 3
|
||||
# if a backend is particularly slow you can raise this timeout here
|
||||
sbus_timeout = 30
|
||||
services = nss, dp, pam
|
||||
; domains = LOCAL,LDAP
|
||||
# SSSD will not start if you don't configure any domain.
|
||||
# Add new domains condifgurations as [domain/<NAME>] sections.
|
||||
# Then add the list of domains (in the order you want them to be
|
||||
# queried in the 'domains" attribute above and uncomment it
|
||||
|
||||
|
||||
[nss]
|
||||
# the following prevents sssd for searching for the root user/group in
|
||||
# all domains (you can add here a comma separated list of system accounts are
|
||||
# always going to be /etc/passwd users, or that you want to filter out)
|
||||
filter_groups = root
|
||||
filter_users = root
|
||||
reconnection_retries = 3
|
||||
|
||||
# The EntryCacheTimeout indicates the number of seconds to retain before
|
||||
# an entry in cache is considered stale and must block to refresh.
|
||||
# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
|
||||
# wait before updating the cache out-of-band. (NSS requests will still
|
||||
# be returned from cache until the full EntryCacheTimeout). Setting this
|
||||
# value to 0 turns this feature off (default)
|
||||
; entry_cache_timeout = 600
|
||||
; entry_cache_nowait_timeout = 300
|
||||
|
||||
[pam]
|
||||
reconnection_retries = 3
|
||||
|
||||
[dp]
|
||||
reconnection_retries = 3
|
||||
|
||||
# Example LOCAL domain that stores all users natively in the SSSD internal
|
||||
# directory. These local users and groups are not visibile in /etc/passwd, it
|
||||
# now contains only root and system accounts.
|
||||
; [domain/LOCAL]
|
||||
; description = LOCAL Users domain
|
||||
; id_provider = local
|
||||
; enumerate = true
|
||||
; min_id = 500
|
||||
; max_id = 999
|
||||
|
||||
# Example native LDAP domain
|
||||
; [domain/LDAP]
|
||||
; id_provider = ldap
|
||||
; auth_provider = ldap
|
||||
; ldap_uri = ldap://ldap.mydomain.org
|
||||
; ldap_user_search_base = dc=mydomain,dc=org
|
||||
; ldap_tls_reqcert = demand
|
||||
; cache_credentials = true
|
||||
; enumerate = true
|
||||
18
sssd.spec
18
sssd.spec
@ -2,26 +2,23 @@
|
||||
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
|
||||
|
||||
Name: sssd
|
||||
Version: 0.7.0
|
||||
Release: 2%{?dist}
|
||||
Version: 0.7.1
|
||||
Release: 1%{?dist}
|
||||
Group: Applications/System
|
||||
Summary: System Security Services Daemon
|
||||
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
|
||||
License: GPLv3+ and LGPLv3+
|
||||
URL: http://fedorahosted.org/sssd
|
||||
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
|
||||
Source1: sssd.conf.default
|
||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||
|
||||
### Patches ###
|
||||
|
||||
Patch1: 0001-Fix-migration-script-for-pre-0.5-local-domains.patch
|
||||
|
||||
### Dependencies ###
|
||||
|
||||
Requires: libldb >= 0.9.3
|
||||
Requires: libtdb >= 1.1.3
|
||||
Requires: sssd-client = 0.7.0
|
||||
Requires: sssd-client = 0.7.1
|
||||
Requires(post): python
|
||||
Requires(preun): initscripts chkconfig
|
||||
Requires(postun): /sbin/service
|
||||
@ -75,8 +72,6 @@ service.
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
%patch1 -p1 -b .upgrade_fixes
|
||||
|
||||
%build
|
||||
%configure \
|
||||
--without-tests \
|
||||
@ -97,7 +92,7 @@ make install DESTDIR=$RPM_BUILD_ROOT
|
||||
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
|
||||
install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
|
||||
install -m600 server/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
|
||||
|
||||
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
|
||||
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
|
||||
@ -194,6 +189,11 @@ fi
|
||||
%postun client -p /sbin/ldconfig
|
||||
|
||||
%changelog
|
||||
* Tue Oct 27 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.1-1
|
||||
- Fix segfault in sssd_pam when cache_credentials was enabled
|
||||
- Update the sample configuration
|
||||
- Fix upgrade issues caused by data provider service removal
|
||||
|
||||
* Mon Oct 26 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2
|
||||
- Fix upgrade issues from old (pre-0.5.0) releases of SSSD
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user