rpms/sssd
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
437 Commits 35 Branches 155 Tags 4.2 MiB
1dad4d1fac
Commit Graph

437 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Fabiano Fidêncio
1dad4d1fac Resolves: rhbz#1591804 - something keeps /lib/libnss_systemd.so.2 open on minimal appliance image, breaking composes 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 192e845618)
 2018-06-25 09:55:43 +02:00
Fabiano Fidêncio
f14161ac08 New upstream release 1.16.2 
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_2.html

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit a36f5fea4b)
 2018-06-11 15:05:24 +02:00
Fabiano Fidêncio
e56517d602 Related: upstream#3742 - Change of: User may not run sudo --> a password is required 
Patch 0017-sudo-ldap-do-not-store-rules-without-sudoHost-attrib.patch
has been commented out as it caused some regressions on IPA tests.

In order to unblock IPA folks, let's revert this patch from Fedora till
we have a proper fix.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 29d69716ad)
 2018-05-28 10:12:29 +02:00
Fabiano Fidêncio
e428c4af45 Revert "Add: "ExcludeArch: armv7hl"" 
This reverts commit bc3790f5a0.

(cherry picked from commit 4979898a6e)
 2018-05-17 17:55:54 +02:00
Fabiano Fidêncio
38221da669 Add: "ExcludeArch: armv7hl" 
For some reason still unclear we're *not* able to build SSSD on koji's
buildroot for armv7hl. Some tests have been done and SSSD was built
successfully using real armv7hl hardware, which indicates that we're
facing https://bugzilla.redhat.com/show_bug.cgi?id=1576593

As soon as the bug is resolved, this patch could be safely reverted.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit bc3790f5a0)
 2018-05-16 22:25:57 +02:00
Fabiano Fidêncio
b6ae123d6b Related: upstream#3436 - Certificates used in unit tests have limited lifetime 
Fix a non harmful warning shown by recent versions of OpenSSL.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 0a2c83fbd0)
 2018-05-16 22:25:33 +02:00
Fabiano Fidêncio
0302f3db88 Related: upstream#3436 - Add openssl, openssh and nss-tools as BuildRequires 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit c4f0508af1)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
b2d97e727b Resolves: upstream#3595 - ID override GID from Default Trust View is not properly resolved in case domain resolution order is set 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 5f75f7e4f2)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
43d49c871d Resolves: upstream#3731 - nss_clear_netgroup_hash_table(): only remove entries from the hash table, do not free them 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 1511bcd8b2)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
b2bfd972c9 Resolves: upstream#3728 - Request by ID outside the min_id/max_id limit of a first domain does not reach the second domain 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 3ad9e211eb)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
8530c8b24d Resolves: upstream#3719 - The SSSD IPA provider allocates information about external groups on a long lived memory context, causing memory growth of the sssd_be process 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit ed238e28ff)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
d212c95076 Related: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 97a62b83f1)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
681d87c2ae Resolves: upstream#3726 - SSSD with ID provider 'ad' should give a warning in case the ldap schema is manually changed to something different than 'ad'. 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 163543f40b)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
e4e9316ad9 Resolves: upstream#3725 - sssd not honoring dyndns_server if the DNS update process is terminated with a signal 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 510134aa02)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
7dc8777d56 Related: upstream#3436 - Certificates used in unit tests have limited lifetime 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 5e1db8fc3e)
 2018-05-14 11:49:48 +02:00
Fabiano Fidêncio
c715b8d660 Resolves: rhbz#1574778 - sssd fails to download known_hosts from freeipa 
Patch 0018-sysdb-custom-completely-replace-old-object-instead-o.patch
caused a regression, caught by lslebodn and reported by a few users.

Let's comment out this patch for now and uncomment it when we have a fix
that do not cause a regression.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 5254cdcca5)
 2018-05-05 21:58:05 +02:00
Fabiano Fidêncio
99a84c4b16 Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM 
Also ...
Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data
                         Provider returned an error
                         [org.freedesktop.sssd.Error.DataProvider.Fatal]

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 90dd145c92)
 2018-04-27 22:23:57 +02:00
Fabiano Fidêncio
e45d803139 Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit a305fc11b7)
 2018-04-27 22:23:49 +02:00
Fabiano Fidêncio
15af9187cf Document which principal does the AD provider use 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit b6696d97c4)
 2018-04-27 22:23:43 +02:00
Fabiano Fidêncio
e9424464d1 Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 2dd8451396)
 2018-04-27 22:23:34 +02:00
Fabiano Fidêncio
bf6526be6c Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound? 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 209701ef7f)
 2018-04-27 22:23:28 +02:00
Fabiano Fidêncio
8ac548e27d Improve docs/debug message about GC detection 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 3115154117)
 2018-04-27 22:23:23 +02:00
Fabiano Fidêncio
94dacbcff1 Resolves: upstream#3469 - extend sss-certmap man page regarding priority processing 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit f47c82bc8d)
 2018-04-27 22:23:15 +02:00
Fabiano Fidêncio
d5953555e4 Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not configured 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 64b69ec813)
 2018-04-27 22:23:08 +02:00
Fabiano Fidêncio
f585ce79e5 Resolves: upstream#3679 - Make nss netgroup requests more robust 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 8d67726a47)
 2018-04-27 22:23:03 +02:00
Fabiano Fidêncio
d4cc9f09a9 Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 8565df471c)
 2018-04-27 22:22:49 +02:00
Fabiano Fidêncio
69dd3e36eb Resolves: upstream#3402 - Support alternative sources for the files provider 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 9709b73a3f)
 2018-04-27 22:22:43 +02:00
Fabiano Fidêncio
1ec14767eb Resolves: upstream#3550 - refresh_expired_interval does not work with netgrous in 1.15 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit a7d4f0b3f4)
 2018-04-27 22:22:38 +02:00
Fabiano Fidêncio
ff80480d02 IPA: Qualify the externalUser sudo attribute 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit ab53ba849a)
 2018-04-27 22:22:31 +02:00
Fabiano Fidêncio
11342ddfab Tone down shutdown messages for socket activated responders 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit ef1d48a0c2)
 2018-04-27 22:22:16 +02:00
Fabiano Fidêncio
b1ddb6443b Resolves: upstream#3558 - sudo: report error when two rules share cn 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit fcff118bbf)
 2018-04-27 22:22:09 +02:00
Fabiano Fidêncio
7809e6eedd Resolves: upstream#3684 - A group is not updated if its member is removed with the cleanup task, but the group does not change 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit f3d06df50d)
 2018-04-27 22:22:04 +02:00
Fabiano Fidêncio
2540bf426d A few KCM misc fixes 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 32f2c81e59)
 2018-03-30 15:02:55 +02:00
Fabiano Fidêncio
4d8a2ac870 Resolves: upstream#3666 - Fix usage of str.decode() in our test 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 99da72db23)
 2018-03-30 15:02:49 +02:00
Fabiano Fidêncio
7d773ed035 Resolves: upstream#3386 - KCM: Payload buffer is too small 
Related to: rhbz#1494843 - KCM Does not work

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 1c7376afc5)
 2018-03-30 15:02:43 +02:00
Fabiano Fidêncio
0392642064 Resolves: usptream#3687 - KCM: Don't pass a non null terminated string to json_loads() 
Related to: rhbz#1494843 - KCM Does not work

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 73735e9522)
 2018-03-30 15:02:27 +02:00
Fabiano Fidêncio
4d2103b723 Resolves: upstream#3658 - Application domain is not interpreted correctly 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 563dd33f72)
 2018-03-30 15:02:19 +02:00
Fabiano Fidêncio
c126b3174c Resolves: upstream#3660 - confdb_expand_app_domains() always fails 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 2c812f3cba)
 2018-03-30 15:02:08 +02:00
Fabiano Fidêncio
928c3e94ab Resolves: upstream#3573 - sssd won't show netgroups with blank domai 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 40fe76feb8)
 2018-03-30 15:01:59 +02:00
Fabiano Fidêncio
d11cfce2ff New upstream release 1.16.1 
https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_1.html

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
(cherry picked from commit 62a3258629)
 2018-03-09 16:12:14 +01:00
Lukas Slebodnik
5eba7a8f1f Resolves: upstream#3621 - backport bug found by static analyzers 2018-02-20 15:12:59 +01:00
Fabiano Fidêncio
4b1fe8a0ab Resolves: upstream#3621: FleetCommander integration must not require capability DAC_OVERRIDE 
Together with the patches backported from upstream, we're changing
the deskprofilepath permissions from 755 to 751, reflecting the
upstream spec file changes.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-02-14 23:03:25 +01:00
Fabiano Fidêncio
199a72e62a Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no specific host/hostgroup set 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-02-14 22:15:04 +01:00
Igor Gnatenko
11c6ee78b8 Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-14 00:40:17 +01:00
Lukas Slebodnik
18ae44bc79 Resolves: upstream#3618 - selinux_child segfaults in a docker container 2018-02-07 22:04:27 +01:00
Lukas Slebodnik
f55e235d75 Resolves: rhbz#1431153 - sssd: libsss_proxy.so needs to be linked with -ldl 2018-02-06 13:11:55 +01:00
Lukas Slebodnik
e242e8ef93 Fix systemd executions/requirements 
systemd was added to BuildRequires because it provides rpm macros
/usr/lib/rpm/macros.d/macros.systemd and it is unreliable to rely
on indirect dependency between systemd-devel and systemd

Related to: https://src.fedoraproject.org/rpms/sssd/pull-request/1
 2018-02-06 13:04:26 +01:00
Lukas Slebodnik
6d370601d4 Revert "Workaround for BZ1537183" 
This reverts commit 0a5a392684.

nsupdate is fixed on rawhide.i686
 2018-02-06 12:57:05 +01:00
Igor Gnatenko
a3b937064c Fix systemd executions/requirements 
Merges: https://src.fedoraproject.org/rpms/sssd/pull-request/1

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-01-25 20:42:01 +01:00
Lukas Slebodnik
ebdebbe467 Do not try to link with -Wl,-z,defs 
https://bugzilla.redhat.com/show_bug.cgi?id=1535422
https://fedoraproject.org/wiki/Changes/BINUTILS2291
https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/master/f/buildflags.md#strict-symbol-checks-in-the-link-editor-ld

sssd cannot be linked with -Wl,-z,defs atm.
 2018-01-25 20:23:09 +01:00