Miro Hrončok
d3ba8fb11a
BuildRequire python3-setuptools with Python 3.12+
...
distutils was removed from the Python standard library,
but setuptools can be used instead.
See https://peps.python.org/pep-0632/
2023-03-31 21:06:41 +02:00
Stephen Gallagher
52b92253b5
Rebuild against libunistring 1.1
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-26 10:24:04 -05:00
Fedora Release Engineering
d754fc4089
Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-21 04:01:21 +00:00
Alexey Tikhonov
fc2376eb12
sssd-2.8.2-2: Rebuild against Samba 4.18rc1
2023-01-20 17:30:14 +01:00
Pavel Březina
a168c6ad5f
sssd-2.8.2-1: Rebase to latest upstream release
2022-12-09 14:12:55 +01:00
Pavel Březina
cf2cbdba82
sssd-2.8.1-1: Rebase to latest upstream release
2022-11-04 12:27:37 +01:00
Pavel Březina
d24bcc9e43
sssd-2.8.0-2: fix syslog spamming
...
Resolves: rhbz#2133437
2022-10-24 12:36:26 +02:00
Pavel Březina
ac043fc3b6
sssd-2.8.0-1: Rebase to latest upstream release
2022-10-07 13:39:37 +02:00
Pavel Březina
75b451ce66
sssd-2.7.4-1: Rebase to latest upstream release
2022-08-26 23:04:24 +02:00
Pavel Březina
de3d5df87d
Fix bogus date in changelog
2022-08-26 23:04:24 +02:00
Adam Williamson
d6d567aead
Rebuild against new libndr
2022-08-09 09:44:43 -07:00
Fedora Release Engineering
beee1ce0c2
Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-23 09:23:09 +00:00
Pavel Březina
6895b4538e
sssd-2.7.3-1: Rebase to latest upstream release
2022-07-04 13:32:42 +02:00
Python Maint
2e485e40e8
Rebuilt for Python 3.11
2022-06-15 18:47:48 +02:00
Pavel Březina
450f45b104
Include pac_check patch
2022-06-09 10:50:32 +02:00
Pavel Březina
ec123cd550
sssd-2.7.1-2: fix regression in IPA provider
...
Resolves: rhbz#2094685
2022-06-09 10:38:43 +02:00
Pavel Březina
562c0b9a10
sssd-2.7.1-1: Rebase to latest upstream release
2022-06-02 13:38:30 +02:00
Pavel Březina
aa08692c22
sssd-2.7.0-1: Rebase to latest upstream release
2022-04-14 20:56:18 +02:00
Iker Pedrosa
5591d45546
Reenable make check
...
This reverts commit 1e24a3ac9d
.
2022-04-12 10:32:26 +02:00
Pavel Březina
1e24a3ac9d
Temporarily disable make check
2022-03-24 12:58:54 +01:00
Pavel Březina
94f6ba0323
Add changelog for 2.6.3 rebase
2022-01-25 12:39:05 +01:00
Pavel Březina
a6c8ad89b6
sssd-2.6.3-1: Rebase to latest upstream release
2022-01-25 12:37:04 +01:00
Fedora Release Engineering
2136e097a2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-22 01:38:00 +00:00
Iker Pedrosa
637b653264
Fix IPA reply socket of selinux_child
...
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
2022-01-04 15:13:23 +01:00
Iker Pedrosa
2739fd3aa8
sssd-2.6.2-1: Rebase to latest upstream release
...
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
2021-12-23 16:53:38 +01:00
Pavel Březina
2bec749253
Revert "Temporarily disable make check"
...
This reverts commit 31f8189d14
.
This is no longer needed:
https://bugzilla.redhat.com/show_bug.cgi?id=2021214
2021-12-02 16:32:26 +01:00
Pavel Březina
31f8189d14
Temporarily disable make check
...
Until https://bugzilla.redhat.com/show_bug.cgi?id=2021214 is resolved.
2021-11-09 16:38:26 +01:00
Pavel Březina
a4a75d5f98
sssd-2.6.1-1: Rebase to latest upstream release
2021-11-09 16:37:26 +01:00
Pavel Březina
306f2f008c
sssd-2.6.0-2: pull latest upstream code
2021-11-01 19:10:28 +01:00
Pavel Březina
c0c482c21d
sssd-2.6.0-1: Commit new sources
2021-10-14 13:11:19 +02:00
Pavel Březina
879ffa1b7c
sssd-2.6.0-1: Rebase to latest upstream release
2021-10-14 12:24:52 +02:00
Iker Pedrosa
1f7c03c1eb
Solve compilation problem with autoconf
...
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
2021-09-21 10:10:03 +02:00
Sahana Prasad
7f02d6d429
Rebuilt with OpenSSL 3.0.0
2021-09-14 19:15:54 +02:00
Pavel Březina
866067e628
sssd-2.5.2-5: Fix CVE-2021-3621
2021-08-16 15:08:09 +02:00
Alexey Tikhonov
a7bc87a356
Support subid ranges managed by FreeIPA
2021-08-09 12:48:10 +02:00
Sumit Bose
bfbe7140ec
sssd.spec: disable running files provider by default
...
Disable the default files provider as described in
https://fedoraproject.org/wiki/Changes/FlexibleLocalUserCache
2021-08-09 11:30:58 +02:00
Fedora Release Engineering
aec1c33488
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-23 18:15:25 +00:00
Alexander Bokovoy
a41021524e
Rebuild against Samba 4.15.0 RC1
...
Samba's libndr did bump soname
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2021-07-16 17:04:00 +03:00
Pavel Březina
279a6d02b9
sssd-2.5.2-1: Rebase to latest upstream release
2021-07-13 11:28:31 +02:00
Pavel Březina
d6f7b5cf84
sssd-2.5.1-2: debug_backtrace improvements
2021-06-24 12:11:56 +02:00
Pavel Březina
948a68a9af
sssd-2.5.1-1: Rebase to latest upstream release
2021-06-08 13:07:57 +02:00
Python Maint
099b94da59
Rebuilt for Python 3.10
2021-06-04 21:15:45 +02:00
Pavel Březina
f224e547f4
sssd-2.5.0-2: Fix KCM regression on long upgrade path
...
Resolves: rhbz#1962006
2021-05-19 19:42:02 +02:00
Pavel Březina
0f12c3fbb3
sssd-2.5.0-1: Rebase to latest upstream release
2021-05-10 16:02:51 +02:00
Iker Pedrosa
4243ecae87
sssd-2.4.2-5: Change configure to avoid errors with new autoconf version
...
(rhbz#1943130)
2021-04-08 15:46:53 +02:00
Pavel Březina
b1df55fa36
sssd-2.4.2-4: Add CAP_DAC_OVERRIDE to ifp service file if required by build configuration
2021-03-31 13:11:44 +02:00
Pavel Březina
ea1b261cc2
spec: update spec file with recent upstream fixes
...
* 815197cb1d
* 9da41eb910
(cherry picked from commit 53a865af5d
)
2021-03-31 11:52:40 +02:00
Marco Trevisan
29b29498d3
sssd.spec: BuildRequires on openssl binary
...
It's required by tests in order to generate the certificate files.
2021-03-27 22:52:22 +00:00
Zbigniew Jędrzejewski-Szmek
f0ffcb4e3e
Rebuilt for updated systemd-rpm-macros
...
See https://pagure.io/fesco/issue/2583 .
2021-03-02 16:12:16 +01:00
Pavel Březina
0460a368c6
sssd-2.4.2-2: Remove setuid from child binaries and relax requirement on python3-sssdconfig
2021-02-19 18:24:03 +01:00
Pavel Březina
ac57def994
sssd-2.4.2-1: Rebase to latest upstream release
2021-02-19 17:11:06 +01:00
Pavel Březina
9e5dd4b665
sssd-2.4.1-1: Rebase to latest upstream release
2021-02-05 19:00:09 +01:00
Fedora Release Engineering
331dfd3e60
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-27 21:01:16 +00:00
Pavel Březina
968f95e90a
sssd-2.4.0-6 - improve kcm performance
2020-12-11 11:30:39 +01:00
Pavel Březina
d86ed3a2a2
sssd-2.4.0.5 - improve kcm performance
2020-12-07 17:31:23 +01:00
Stephen Gallagher
e67274864c
Rebuild for Fedora ELN
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2020-11-30 08:09:43 -05:00
Petr Lautrbach
709264858f
Rebuild with libsemanage.so.2
2020-11-03 16:56:27 +01:00
Pavel Březina
65e3d07e64
sssd-2.4.0-2: remove old patches
2020-10-12 14:14:07 +02:00
Pavel Březina
bc988250a3
sssd-2.4.0-1: Rebase to latest upstream release
2020-10-12 13:43:32 +02:00
Pavel Březina
1e74bee608
sssd-2.3.1-4: include 2.3.1 source
2020-07-28 11:52:54 +02:00
Pavel Březina
51e0d0ae04
sssd-2.3.1-3: fix test compilation with check-0.15
2020-07-28 10:27:21 +02:00
Pavel Březina
442c3962bb
sssd-2.3.1-2: switch to rundir
2020-07-28 10:26:30 +02:00
Pavel Březina
cf3c8f20ee
sssd-2.3.1-1: Rebase to latest upstream release
2020-07-24 16:47:30 +02:00
Merlin Mathesius
1424e14b42
Minor ELN conditional fix
...
Signed-off-by: Merlin Mathesius <mmathesi@redhat.com>
2020-07-24 16:36:14 +02:00
Tom Stellard
97eae27da7
Use make macros
...
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-14 14:20:46 +00:00
Jeff Law
ca22aded04
Disable LTO
2020-07-01 12:15:35 -06:00
Peter Jones
2e48ae2d63
Fix github url typo
...
Signed-off-by: Peter Jones <pjones@redhat.com>
2020-06-19 18:50:55 -04:00
Miro Hrončok
83988894b0
Rebuilt for Python 3.9
2020-05-26 03:51:04 +02:00
Pavel Březina
104d122fd9
sssd-2.3.0-1: Rebase to latest upstream release
2020-05-20 13:24:02 +02:00
Michal Židek
261327da76
Fix nss symbol collision Fedora Rawhide
2020-02-28 11:17:41 +01:00
Michal Židek
dfcf325701
Resolves: upstream#4159 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly
2020-02-27 04:34:24 +01:00
Michal Židek
3e2905a176
Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in sss_ptr_hash_delete_cb()
2020-02-27 04:34:24 +01:00
Michal Židek
44805f5ff8
Resolves: upstream#4118 sssd requires timed sudoers ldap entries to be specified up to the seconds
2020-02-27 04:34:24 +01:00
Michal Židek
8b47371b41
Add sssd-dbus package as a dependency of sssd-tools
2020-02-27 04:34:24 +01:00
Michal Židek
573cac525f
Resolves: upstream#4142 - sssd_be frequent crash
2020-02-27 04:34:24 +01:00
Michal Židek
8073b6af50
Resolves: upstream#4131 Force LDAPS over 636 with AD Provider
2020-02-27 04:34:24 +01:00
Michal Židek
9aa10702d4
Resolves: upstream#3630 - Randomize ldap_connection_expire_timeout either by default or w/ a configure option
2020-02-27 04:34:24 +01:00
Michal Židek
d61d68d902
Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in sss_ptr_hash_delete_cb()
2020-02-27 04:34:24 +01:00
Michal Židek
9781b52c91
Resolves: upstream#4088 - server/be: SIGTERM handling is incorrect
2020-02-27 04:34:24 +01:00
Michal Židek
6c1563e282
Resolves: upstream##4089 Watchdog implementation or usage is incorrect
2020-02-27 04:34:24 +01:00
Michal Židek
b81369e441
Resolves: upstream#4126 pcscd rejecting sssd ldap_child as unauthorized
2020-02-27 04:34:24 +01:00
Michal Židek
069e6c9dc8
Resolves: upstream#4127 - [Doc]Provide explanation on escape character for match rules sss-certmap
2020-02-27 04:34:24 +01:00
Michal Židek
ec08164de5
Resolves: upstream#4129 - sssctl config-check command does not give proper error messages with line numbers
2020-02-27 04:34:24 +01:00
Michal Židek
54f0db91d3
Update to latest released upstream version 2.2.3
2020-02-27 04:34:24 +01:00
Fedora Release Engineering
8078a58a14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-31 00:16:21 +00:00
Stephen Gallagher
2f22753551
Fix build against samba-4.12.0rc1
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2020-01-24 16:18:38 +01:00
Mohan Boddu
b3516604c1
Rebuild for samba-4.12.0rc1
...
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
2020-01-24 07:17:14 -05:00
Adam Williamson
4e675b1715
Backport PR #900 to fix RHBZ #1755643
2019-10-22 11:27:01 -07:00
Adam Williamson
460a59ec3d
Backport PR #904 to fix RHBZ #1757224
2019-10-22 10:04:39 -07:00
Michal Židek
0aaf839d04
Update to latest released upstream version 2.2.2
2019-09-17 11:23:59 +02:00
Stephen Gallagher
e35ea7dfd4
Rebuilding for libldb 2.0.5
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2019-08-26 17:57:25 -04:00
Miro Hrončok
3e66e97711
Rebuilt for Python 3.8
2019-08-19 11:06:22 +02:00
Fedora Release Engineering
21a512736f
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-07-27 00:08:51 +00:00
Jakub Hrozek
7f0d43352a
Resolves: rhbz#1721636 - sssd-kcm calls sssd-genconf which triggers nscd warning
2019-07-05 16:45:50 +02:00
Jakub Hrozek
d757370f98
Resolves: rhbz#1724717 - sssd-proxy crashes resolving groups with no members
2019-07-05 16:43:40 +02:00
Michal Židek
e1908a5bc4
Fix Python build failures on rawhide.
...
Thx. to Lukas Slebodnik for fixing this issue.
2019-06-19 10:53:12 +02:00
Michal Židek
76a13b3c78
Update to latest released upstream version 2.2.0
2019-06-17 14:51:15 +02:00
Michal Židek
1d0af0b97b
Resolves: upstream#3867 - [RFE] Need an option in SSSD so that it will skip GPOs that have groupPolicyContainers unreadable by SSSD.
...
- CVE-2018-16838
2019-03-28 00:06:39 +01:00
Michal Židek
27d612fd39
Update to latest released upstream version 2.1.0
2019-03-27 18:22:06 +01:00
Sinny Kumari
80cc892c48
Resolves: rhbz#1667444 - sssd: make python3-sssdconfig as suggest
...
Signed-off-by: Sinny Kumari <sinny@redhat.com>
2019-02-14 17:29:11 +05:30
Adam Williamson
786d467c78
Backport fix for RHBZ #1676946 (see upstream #3924 )
...
This backports three commits that are identified in upstream
issue #3924 as the fixes for RHBZ #1676946 (failure of sssd to
start in current Rawhide).
2019-02-13 17:55:26 -08:00
Fedora Release Engineering
5c6f906a0e
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-02-03 08:34:02 +00:00
Igor Gnatenko
fa80197b65
Remove obsolete Group tag
...
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
2019-01-28 20:24:50 +01:00
Igor Gnatenko
a5b776ca3c
Remove obsolete ldconfig scriptlets
...
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2019-01-22 18:41:04 +01:00
Adam Williamson
cbdd57fe9d
Backport other patches from master to fix build with recent krb5
2018-12-13 00:02:15 -08:00
Adam Williamson
64cb87e84a
Resolves: rhbz#1654537 - sbus: use 120 second default timeout
2018-12-12 22:41:39 -08:00
Michal Židek
9732e7fd7b
Resolves: rhbz#1629737 - sssd: Remove python2 (sub)packages from Fedora 30+
2018-11-07 15:18:49 +01:00
Michal Židek
c0971b7e39
Backport a bunch of upstream fixes
...
- Resolves: upstream#3821 - crash related to sbus_router_destructor()
- Resolves: upstream#3810 - sbus2: fix memory leak in sbus_message_bound_ref
- Resolves: upstream#3819 - sssd only sets the SELinux login context if it
differs from the default
- Resolves: upstream#3807 - The sbus codegen script relies on "python" which
might not be available on all distributions
- Resolves: upstream#3820 - sudo: search with lower cased name for case
insensitive domains
- Resolves: upstream#3701 - [RFE] Allow changing default behavior of SSSD from
an allow-any default to a deny-any default when it
can't find any GPOs to apply to a user login.
- Resolves: upstream#3828 - Invalid domain provider causes SSSD to abort
startup
- Resolves: upstream#3500 - Make sure sssd is a replacement for pam_pkcs11
also for local account authentication
- Resolves: upstream#3812 - sssd 2.0.0 segfaults on startup
- Resolves: upstream#3826 - Remove references of sss_user/group/add/del
commands in man pages since local provider is
deprecated
- Resolves: upstream#3827 - SSSD should log to syslog if a domain is not
started due to a misconfiguration
- Resolves: upstream#3830 - Printing incorrect information about domain with
sssctl utility
- Resolves: upstream#3489 - p11_child should work wit openssl1.0+
- Resolves: upstream#3750 - [RFE] man 5 sssd-files should mention necessary
changes in nsswitch.conf
- Resovles: upstream#3650 - RFE: Require smartcard authentication
- Resolves: upstream#3334 - sssctl config-check does not check any special
characters in domain name of domain section
- Resolves: upstream#3849 - Files: The files provider always enumerates
which causes duplicate when running getent passwd
- Related: upstream#3855 - session not recording for local user when groups
defined
- Resolves: upstream#3802 - Reuse sysdb_error_to_errno() outside sysdb
- Related: upstream#3493 - Remove the pysss.local interface
2018-10-24 14:40:58 +02:00
Michal Židek
129efc7839
Resolves: rhbz#1622760 - Console login as FreeIPA domain user fails in current Fedora Rawhide / 29
2018-08-29 16:58:06 +02:00
Michal Židek
4e478641d1
Fix linking issues
2018-08-29 16:58:06 +02:00
Michal Židek
2ef66b266c
New upstream release 2.0.0
2018-08-14 11:43:55 +02:00
Fedora Release Engineering
0a06c01711
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-14 06:42:21 +00:00
Jason Tibbitts
8a13e36b6a
Remove needless use of %defattr
2018-07-10 01:27:54 -05:00
Miro Hrončok
633afe1b94
Rebuilt for Python 3.7
2018-07-02 18:24:19 +02:00
Fabiano Fidêncio
68ef824a5f
Resolves: upstream#3766 - CVE-2018-10852: information leak from the sssd-sudo responder
...
And also ...
- Related: upstream#941 - return multiple server addresses to the Kerberos
locator plugin
- Related: upstream#3652 - kdcinfo doesn't get populated for other domains
- Resolves: upstream#3747 - sss_ssh_authorizedkeys exits abruptly if SSHD
closes its end of the pipe before reading all the
SSH keys
- Resolves: upstream#3607 - Handle conflicting e-mail addresses more gracefully
- Resolves: upstream#3754 - SSSD AD uses LDAP filter to detect POSIX attributes
stored in AD GC also for regular AD DC queries
- Related: upstream#3219 - [RFE] Regular expression used in sssd.conf not being
able to consume an @-sign in the user/group name.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-06-25 09:38:16 +02:00
Fabiano Fidêncio
192e845618
Resolves: rhbz#1591804 - something keeps /lib/libnss_systemd.so.2 open on minimal appliance image, breaking composes
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-06-21 21:38:33 +02:00
Miro Hrončok
d8abd616d9
Rebuilt for Python 3.7
2018-06-19 11:27:58 +02:00
Fabiano Fidêncio
a36f5fea4b
New upstream release 1.16.2
...
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_2.html
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-06-11 13:32:07 +02:00
Fabiano Fidêncio
29d69716ad
Related: upstream#3742 - Change of: User may not run sudo --> a password is required
...
Patch 0017-sudo-ldap-do-not-store-rules-without-sudoHost-attrib.patch
has been commented out as it caused some regressions on IPA tests.
In order to unblock IPA folks, let's revert this patch from Fedora till
we have a proper fix.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-28 10:01:23 +02:00
Fabiano Fidêncio
4979898a6e
Revert "Add: "ExcludeArch: armv7hl""
...
This reverts commit bc3790f5a0
.
2018-05-17 17:53:56 +02:00
Fabiano Fidêncio
bc3790f5a0
Add: "ExcludeArch: armv7hl"
...
For some reason still unclear we're *not* able to build SSSD on koji's
buildroot for armv7hl. Some tests have been done and SSSD was built
successfully using real armv7hl hardware, which indicates that we're
facing https://bugzilla.redhat.com/show_bug.cgi?id=1576593
As soon as the bug is resolved, this patch could be safely reverted.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-16 21:54:59 +02:00
Fabiano Fidêncio
0a2c83fbd0
Related: upstream#3436 - Certificates used in unit tests have limited lifetime
...
Fix a non harmful warning shown by recent versions of OpenSSL.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-16 21:53:46 +02:00
Fabiano Fidêncio
c4f0508af1
Related: upstream#3436 - Add openssl, openssh and nss-tools as BuildRequires
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 11:36:56 +02:00
Fabiano Fidêncio
5f75f7e4f2
Resolves: upstream#3595 - ID override GID from Default Trust View is not properly resolved in case domain resolution order is set
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:59:20 +02:00
Fabiano Fidêncio
1511bcd8b2
Resolves: upstream#3731 - nss_clear_netgroup_hash_table(): only remove entries from the hash table, do not free them
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:58:02 +02:00
Fabiano Fidêncio
3ad9e211eb
Resolves: upstream#3728 - Request by ID outside the min_id/max_id limit of a first domain does not reach the second domain
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:57:11 +02:00
Fabiano Fidêncio
ed238e28ff
Resolves: upstream#3719 - The SSSD IPA provider allocates information about external groups on a long lived memory context, causing memory growth of the sssd_be process
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:56:23 +02:00
Fabiano Fidêncio
97a62b83f1
Related: upstream#2653 - Group renaming issue when "id_provider = ldap" is set.
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:55:43 +02:00
Fabiano Fidêncio
163543f40b
Resolves: upstream#3726 - SSSD with ID provider 'ad' should give a warning in case the ldap schema is manually changed to something different than 'ad'.
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:55:01 +02:00
Fabiano Fidêncio
510134aa02
Resolves: upstream#3725 - sssd not honoring dyndns_server if the DNS update process is terminated with a signal
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:54:10 +02:00
Fabiano Fidêncio
5e1db8fc3e
Related: upstream#3436 - Certificates used in unit tests have limited lifetime
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-14 09:53:04 +02:00
Fabiano Fidêncio
5254cdcca5
Resolves: rhbz#1574778 - sssd fails to download known_hosts from freeipa
...
Patch 0018-sysdb-custom-completely-replace-old-object-instead-o.patch
caused a regression, caught by lslebodn and reported by a few users.
Let's comment out this patch for now and uncomment it when we have a fix
that do not cause a regression.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-05-05 21:42:38 +02:00
Fabiano Fidêncio
767645dca2
Add gcc to build dependencies
...
gcc will be revomed from buildroot in fedora 29
http://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
Upstream patch from Lukáš Slebodnik <lslebodn@redhat.com>
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
90dd145c92
Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM
...
Also ...
Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data
Provider returned an error
[org.freedesktop.sssd.Error.DataProvider.Fatal]
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
a305fc11b7
Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
b6696d97c4
Document which principal does the AD provider use
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
2dd8451396
Resolves: upstream#2653 - Group renaming issue when "id_provider = ldap" is set.
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
209701ef7f
Resolves: upstream#3715 - ipa 389-ds-base crash in krb5-libs - k5_copy_etypes list out of bound?
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
3115154117
Improve docs/debug message about GC detection
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
f47c82bc8d
Resolves: upstream#3469 - extend sss-certmap man page regarding priority processing
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
64b69ec813
Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not configured
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
8d67726a47
Resolves: upstream#3679 - Make nss netgroup requests more robust
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
8565df471c
Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
9709b73a3f
Resolves: upstream#3402 - Support alternative sources for the files provider
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
a7d4f0b3f4
Resolves: upstream#3550 - refresh_expired_interval does not work with netgrous in 1.15
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
ab53ba849a
IPA: Qualify the externalUser sudo attribute
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
ef1d48a0c2
Tone down shutdown messages for socket activated responders
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
fcff118bbf
Resolves: upstream#3558 - sudo: report error when two rules share cn
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:11 +02:00
Fabiano Fidêncio
f3d06df50d
Resolves: upstream#3684 - A group is not updated if its member is removed with the cleanup task, but the group does not change
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:10 +02:00
Fabiano Fidêncio
32f2c81e59
A few KCM misc fixes
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:47:05 +02:00
Fabiano Fidêncio
99da72db23
Resolves: upstream#3666 - Fix usage of str.decode() in our test
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:45:42 +02:00
Fabiano Fidêncio
1c7376afc5
Resolves: upstream#3386 - KCM: Payload buffer is too small
...
Related to: rhbz#1494843 - KCM Does not work
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:43:19 +02:00
Fabiano Fidêncio
73735e9522
Resolves: usptream#3687 - KCM: Don't pass a non null terminated string to json_loads()
...
Related to: rhbz#1494843 - KCM Does not work
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:38:32 +02:00
Fabiano Fidêncio
563dd33f72
Resolves: upstream#3658 - Application domain is not interpreted correctly
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:35:59 +02:00
Fabiano Fidêncio
2c812f3cba
Resolves: upstream#3660 - confdb_expand_app_domains() always fails
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:33:25 +02:00
Fabiano Fidêncio
40fe76feb8
Resolves: upstream#3573 - sssd won't show netgroups with blank domai
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-30 14:30:01 +02:00
Fabiano Fidêncio
62a3258629
New upstream release 1.16.1
...
https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_1.html
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-03-09 15:42:19 +01:00
Lukas Slebodnik
5eba7a8f1f
Resolves: upstream#3621 - backport bug found by static analyzers
2018-02-20 15:12:59 +01:00
Fabiano Fidêncio
4b1fe8a0ab
Resolves: upstream#3621: FleetCommander integration must not require capability DAC_OVERRIDE
...
Together with the patches backported from upstream, we're changing
the deskprofilepath permissions from 755 to 751, reflecting the
upstream spec file changes.
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-02-14 23:03:25 +01:00
Fabiano Fidêncio
199a72e62a
Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no specific host/hostgroup set
...
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-02-14 22:15:04 +01:00
Igor Gnatenko
11c6ee78b8
Remove BuildRoot definition
...
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-14 00:40:17 +01:00
Lukas Slebodnik
18ae44bc79
Resolves: upstream#3618 - selinux_child segfaults in a docker container
2018-02-07 22:04:27 +01:00
Lukas Slebodnik
f55e235d75
Resolves: rhbz#1431153 - sssd: libsss_proxy.so needs to be linked with -ldl
2018-02-06 13:11:55 +01:00
Lukas Slebodnik
e242e8ef93
Fix systemd executions/requirements
...
systemd was added to BuildRequires because it provides rpm macros
/usr/lib/rpm/macros.d/macros.systemd and it is unreliable to rely
on indirect dependency between systemd-devel and systemd
Related to: https://src.fedoraproject.org/rpms/sssd/pull-request/1
2018-02-06 13:04:26 +01:00
Lukas Slebodnik
6d370601d4
Revert "Workaround for BZ1537183"
...
This reverts commit 0a5a392684
.
nsupdate is fixed on rawhide.i686
2018-02-06 12:57:05 +01:00
Igor Gnatenko
a3b937064c
Fix systemd executions/requirements
...
Merges: https://src.fedoraproject.org/rpms/sssd/pull-request/1
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-01-25 20:42:01 +01:00
Lukas Slebodnik
ebdebbe467
Do not try to link with -Wl,-z,defs
...
https://bugzilla.redhat.com/show_bug.cgi?id=1535422
https://fedoraproject.org/wiki/Changes/BINUTILS2291
https://src.fedoraproject.org/rpms/redhat-rpm-config/blob/master/f/buildflags.md#strict-symbol-checks-in-the-link-editor-ld
sssd cannot be linked with -Wl,-z,defs atm.
2018-01-25 20:23:09 +01:00
Lukas Slebodnik
27d7dcb5bb
Revert "Override linker flags done in redhat-rpm-config-84-1.fc28"
...
This reverts commit 7cda4fbc6f
.
2018-01-25 20:18:39 +01:00
Lukas Slebodnik
b4343b24b6
Fix building on rawhide. Remove -Wl,-z,defs from LDFLAGS
2018-01-25 11:39:00 +01:00
Lukas Slebodnik
0a5a392684
Workaround for BZ1537183
...
unit test will pass but sssd will not be able to use nsupdate with realm
on i686
2018-01-23 15:11:46 +01:00
Lukas Slebodnik
7cda4fbc6f
Override linker flags done in redhat-rpm-config-84-1.fc28
...
https://bugzilla.redhat.com/show_bug.cgi?id=1535422
https://fedoraproject.org/wiki/Changes/BINUTILS2291
sssd cannot be linked with -Wl,-z,defs atm.
2018-01-23 14:37:32 +01:00
Lukas Slebodnik
b390855a98
Fix building of sssd-nfs-idmap with libnfsidmap.so.1
2018-01-11 16:53:36 +01:00
Björn Esser
f9e6094ac5
Rebuilt for libnfsidmap.so.1
2018-01-11 12:01:37 +01:00
Lukas Slebodnik
1dedfbb334
Resolves: upstream#3523 - ABRT crash - /usr/libexec/sssd/sssd_nss in setnetgrent_result_timeout
...
Resolves: upstream#3588 - sssd_nss consumes more memory until restarted
or machine swaps
Resolves: failure in glibc tests
https://sourceware.org/bugzilla/show_bug.cgi?id=22530
Resolves: upstream#3451 - When sssd is configured with id_provider proxy and
auth_provider ldap, login fails if the LDAP server
is not allowing anonymous binds
Resolves: upstream#3285 - SSSD needs restart after incorrect clock is
corrected with AD
Resolves: upstream#3586 - Give a more detailed debug and system-log message
if krb5_init_context() failed
Resolves: rhbz#1431153 - SSSD ships a drop-in configuration snippet
in /etc/systemd/system
Backport few upstream features from 1.16.1
2017-12-04 21:42:37 +01:00
Lukas Slebodnik
ce65f7d9ee
Resolves: rhbz#1494002 - sssd_nss crashed in cache_req_search_domains_next
2017-11-21 17:57:44 +01:00
Lukas Slebodnik
87763840cd
Revert "Disable nfsplugin due to bug rhbz#1509063"
...
This reverts commit b5c435b10b
.
nfs-utils are fixed
2017-11-21 17:56:54 +01:00
Jakub Hrozek
7781c9e992
Backport extended NSS API from upstream master branch
2017-11-17 18:06:26 +01:00
Lukas Slebodnik
b5c435b10b
Disable nfsplugin due to bug rhbz#1509063
2017-11-03 22:58:37 +01:00
Lukas Slebodnik
7ac8b3c4b5
Resolves: upstream#3529 - sssd-kcm Fix restart during/after upgrade
2017-11-03 16:20:10 +01:00
Lukas Slebodnik
7667bd7429
Fix unit tests with libldb-1.3.0
2017-10-21 16:19:39 +02:00
Lukas Slebodnik
f2e72c8931
There are not empty lang files in 1.16.0
2017-10-20 23:18:12 +02:00
Lukas Slebodnik
4f58854911
New upstream release 1.16.0
...
https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_0.html
2017-10-20 18:02:02 +02:00
Lukas Slebodnik
1aff49b48c
Fix build with krb5 1.16
2017-10-11 18:06:00 +02:00
Lukas Slebodnik
7069858231
Resolves: rhbz#1499354 - CVE-2017-12173
...
sssd: unsanitized input when searching in local cache database access on
the sock_file system_bus_socket
2017-10-11 17:48:41 +02:00
Lukas Slebodnik
8eda442b2e
Fix few bugs/regressions
...
Resolves: rhbz#1488327 - SELinux is preventing selinux_child from write access
on the sock_file system_bus_socket
Resolves: rhbz#1490402 - SSSD does not create /var/lib/sss/deskprofile and
fails to download desktop profile data
Resolves: upstream#3485 - getsidbyid does not work with 1.15.3
Resolves: upstream#3488 - SUDO doesn't work for IPA users on IPA clients after
applying ID Views for them in IPA server
Resolves: upstream#3501 - Accessing IdM kerberos ticket fails while id mapping
is applied
2017-09-12 09:22:07 +02:00
Lukas Slebodnik
fa4807ec45
Backport few upstream patches/fixes
2017-09-01 21:34:35 +02:00
Lukas Slebodnik
11cd64de1c
Add krb5 conf snippet for default KCM
...
http://fedoraproject.org/wiki/Releases/27/ChangeSet#Kerberos_KCM_credential_cache_by_default
https://bugzilla.redhat.com/show_bug.cgi?id=1421604
2017-09-01 21:34:20 +02:00
Lukas Slebodnik
5ce8ae1166
Simplify spec file a little bit
...
The plugin for cifs-utils can be built on all supported versions of fedora.
Conditions are required only in upstream spec file for older
distributions. Definition of constant with_cifs_utils_plugin is still
in the beginning of spec file for simpler comparison of changes
between upstream and fedora.
2017-09-01 10:47:18 +02:00
Lukas Slebodnik
088151887a
Remove unused if condition krb5 localauth plugin
...
The plugin can be built on all supported versions of fedora.
And it was removed also from upstream spec file.
2017-09-01 10:39:14 +02:00
Ville Skyttä
308a55f49d
Own the %{_libdir}/%{name}/conf dir
...
https://bugzilla.redhat.com/show_bug.cgi?id=1483517
2017-08-21 12:42:13 +02:00