Compare commits
19 Commits
Author | SHA1 | Date |
---|---|---|
Pavel Březina | 2092905a7d | |
Michal Židek | 615654a817 | |
Michal Židek | 4dda4c489a | |
Michal Židek | 6264db25dc | |
Michal Židek | e0793ce307 | |
Michal Židek | 314cf1123e | |
Michal Židek | 72b64ad80d | |
Michal Židek | 7252636a8b | |
Michal Židek | 2ed29f8cef | |
Michal Židek | 0c2070b81f | |
Michal Židek | 4c4abc9b11 | |
Michal Židek | a5962bc9d1 | |
Michal Židek | b0987754e4 | |
Michal Židek | 8f17bad6c4 | |
Michal Židek | 16aa971f45 | |
Adam Williamson | 3c6b613710 | |
Adam Williamson | 8c9129d4da | |
Michal Židek | b8791eb418 | |
Mohan Boddu | 2fe894465c |
|
@ -83,3 +83,7 @@ sssd-1.2.91.tar.gz
|
|||
/sssd-2.0.0.tar.gz
|
||||
/sssd-2.1.0.tar.gz
|
||||
/sssd-2.2.0.tar.gz
|
||||
/sssd-2.2.1.tar.gz
|
||||
/sssd-2.2.2.tar.gz
|
||||
/sssd-2.2.3.tar.gz
|
||||
/sssd-2.3.0.tar.gz
|
||||
|
|
|
@ -1,133 +0,0 @@
|
|||
From e1b678c0cce73494d986610920b03956c1dbb62a Mon Sep 17 00:00:00 2001
|
||||
From: Lukas Slebodnik <lslebodn@redhat.com>
|
||||
Date: Fri, 28 Jun 2019 16:27:21 +0200
|
||||
Subject: [PATCH] PROXY: Return data in output parameter if everything is OK
|
||||
|
||||
The function remove_duplicate_group_members might return EOK also in the middle
|
||||
of function but return parameter was not set with right data.
|
||||
Processing continued in the function save_group but there was a
|
||||
dereference of NULL pointer.
|
||||
|
||||
Introduced in: https://pagure.io/SSSD/sssd/issue/3931
|
||||
|
||||
Crash:
|
||||
(gdb) bt
|
||||
#0 0x00007fb4ce4a9ac5 in save_group (sysdb=sysdb@entry=0x55c9a0efb230, dom=dom@entry=0x55c9a0efb420, grp=grp@entry=0x55c9a0f370f0, real_name=0x55c9a0f47340 "nobody@ldap",
|
||||
alias=alias@entry=0x0) at src/providers/proxy/proxy_id.c:748
|
||||
#1 0x00007fb4ce4aa600 in get_gr_gid (mem_ctx=mem_ctx@entry=0x55c9a0f38be0, sysdb=sysdb@entry=0x55c9a0efb230, dom=dom@entry=0x55c9a0efb420, gid=99, now=<optimized out>,
|
||||
ctx=<optimized out>) at src/providers/proxy/proxy_id.c:1160
|
||||
#2 0x00007fb4ce4ac9e5 in get_initgr_groups_process (pwd=0x55c9a0f384a0, pwd=0x55c9a0f384a0, dom=0x55c9a0efb420, sysdb=0x55c9a0efb230, ctx=0x55c9a0f048e0, memctx=0x55c9a0f38be0)
|
||||
at src/providers/proxy/proxy_id.c:1553
|
||||
#3 get_initgr (i_name=<optimized out>, dom=0x55c9a0efb420, sysdb=<optimized out>, ctx=0x55c9a0f048e0, mem_ctx=0x55c9a0f38b70) at src/providers/proxy/proxy_id.c:1461
|
||||
#4 proxy_account_info (domain=0x55c9a0efb420, be_ctx=<optimized out>, data=<optimized out>, ctx=0x55c9a0f048e0, mem_ctx=0x55c9a0f38b70) at src/providers/proxy/proxy_id.c:1659
|
||||
#5 proxy_account_info_handler_send (mem_ctx=<optimized out>, id_ctx=0x55c9a0f048e0, data=<optimized out>, params=0x55c9a0f39790) at src/providers/proxy/proxy_id.c:1758
|
||||
#6 0x000055c99fc67677 in file_dp_request (_dp_req=<synthetic pointer>, req=0x55c9a0f39470, request_data=<optimized out>, dp_flags=1, method=DPM_ACCOUNT_HANDLER, target=DPT_ID,
|
||||
name=<optimized out>, domainname=0x55c9a0f39190 "LDAP", provider=0x55c9a0efe0e0, mem_ctx=<optimized out>) at src/providers/data_provider/dp_request.c:250
|
||||
#7 dp_req_send (mem_ctx=0x55c9a0f37b60, provider=provider@entry=0x55c9a0efe0e0, domain=domain@entry=0x55c9a0f39190 "LDAP", name=<optimized out>, target=target@entry=DPT_ID,
|
||||
method=method@entry=DPM_ACCOUNT_HANDLER, dp_flags=dp_flags@entry=1, request_data=0x55c9a0f37c00, _request_name=0x55c9a0f37b60) at src/providers/data_provider/dp_request.c:295
|
||||
#8 0x000055c99fc6a132 in dp_get_account_info_send (mem_ctx=<optimized out>, ev=0x55c9a0eddbc0, sbus_req=<optimized out>, provider=0x55c9a0efe0e0, dp_flags=1,
|
||||
entry_type=<optimized out>, filter=0x55c9a0f358d0 "name=nobody@ldap", domain=0x55c9a0f39190 "LDAP", extra=0x55c9a0f354a0 "") at src/providers/data_provider/dp_target_id.c:528
|
||||
#9 0x00007fb4da35265b in _sbus_sss_invoke_in_uusss_out_qus_step (ev=0x55c9a0eddbc0, te=<optimized out>, tv=..., private_data=<optimized out>) at src/sss_iface/sbus_sss_invokers.c:2847
|
||||
#10 0x00007fb4d9cfb1cf in tevent_common_invoke_timer_handler () from /lib64/libtevent.so.0
|
||||
#11 0x00007fb4d9cfb339 in tevent_common_loop_timer_delay () from /lib64/libtevent.so.0
|
||||
#12 0x00007fb4d9cfc2f9 in epoll_event_loop_once () from /lib64/libtevent.so.0
|
||||
#13 0x00007fb4d9cfa7b7 in std_event_loop_once () from /lib64/libtevent.so.0
|
||||
#14 0x00007fb4d9cf5b5d in _tevent_loop_once () from /lib64/libtevent.so.0
|
||||
#15 0x00007fb4d9cf5d8b in tevent_common_loop_wait () from /lib64/libtevent.so.0
|
||||
#16 0x00007fb4d9cfa757 in std_event_loop_wait () from /lib64/libtevent.so.0
|
||||
#17 0x00007fb4dd955ac3 in server_loop (main_ctx=0x55c9a0edf090) at src/util/server.c:724
|
||||
#18 0x000055c99fc59760 in main (argc=8, argv=<optimized out>) at src/providers/data_provider_be.c:747
|
||||
(gdb) l
|
||||
(gdb) bt
|
||||
#0 0x00007fb4ce4a9ac5 in save_group (sysdb=sysdb@entry=0x55c9a0efb230, dom=dom@entry=0x55c9a0efb420, grp=grp@entry=0x55c9a0f370f0, real_name=0x55c9a0f47340 "nobody@ldap",
|
||||
alias=alias@entry=0x0) at src/providers/proxy/proxy_id.c:748
|
||||
#1 0x00007fb4ce4aa600 in get_gr_gid (mem_ctx=mem_ctx@entry=0x55c9a0f38be0, sysdb=sysdb@entry=0x55c9a0efb230, dom=dom@entry=0x55c9a0efb420, gid=99, now=<optimized out>,
|
||||
ctx=<optimized out>) at src/providers/proxy/proxy_id.c:1160
|
||||
#2 0x00007fb4ce4ac9e5 in get_initgr_groups_process (pwd=0x55c9a0f384a0, pwd=0x55c9a0f384a0, dom=0x55c9a0efb420, sysdb=0x55c9a0efb230, ctx=0x55c9a0f048e0, memctx=0x55c9a0f38be0)
|
||||
at src/providers/proxy/proxy_id.c:1553
|
||||
#3 get_initgr (i_name=<optimized out>, dom=0x55c9a0efb420, sysdb=<optimized out>, ctx=0x55c9a0f048e0, mem_ctx=0x55c9a0f38b70) at src/providers/proxy/proxy_id.c:1461
|
||||
#4 proxy_account_info (domain=0x55c9a0efb420, be_ctx=<optimized out>, data=<optimized out>, ctx=0x55c9a0f048e0, mem_ctx=0x55c9a0f38b70) at src/providers/proxy/proxy_id.c:1659
|
||||
#5 proxy_account_info_handler_send (mem_ctx=<optimized out>, id_ctx=0x55c9a0f048e0, data=<optimized out>, params=0x55c9a0f39790) at src/providers/proxy/proxy_id.c:1758
|
||||
#6 0x000055c99fc67677 in file_dp_request (_dp_req=<synthetic pointer>, req=0x55c9a0f39470, request_data=<optimized out>, dp_flags=1, method=DPM_ACCOUNT_HANDLER, target=DPT_ID,
|
||||
name=<optimized out>, domainname=0x55c9a0f39190 "LDAP", provider=0x55c9a0efe0e0, mem_ctx=<optimized out>) at src/providers/data_provider/dp_request.c:250
|
||||
#7 dp_req_send (mem_ctx=0x55c9a0f37b60, provider=provider@entry=0x55c9a0efe0e0, domain=domain@entry=0x55c9a0f39190 "LDAP", name=<optimized out>, target=target@entry=DPT_ID,
|
||||
method=method@entry=DPM_ACCOUNT_HANDLER, dp_flags=dp_flags@entry=1, request_data=0x55c9a0f37c00, _request_name=0x55c9a0f37b60) at src/providers/data_provider/dp_request.c:295
|
||||
#8 0x000055c99fc6a132 in dp_get_account_info_send (mem_ctx=<optimized out>, ev=0x55c9a0eddbc0, sbus_req=<optimized out>, provider=0x55c9a0efe0e0, dp_flags=1,
|
||||
entry_type=<optimized out>, filter=0x55c9a0f358d0 "name=nobody@ldap", domain=0x55c9a0f39190 "LDAP", extra=0x55c9a0f354a0 "") at src/providers/data_provider/dp_target_id.c:528
|
||||
#9 0x00007fb4da35265b in _sbus_sss_invoke_in_uusss_out_qus_step (ev=0x55c9a0eddbc0, te=<optimized out>, tv=..., private_data=<optimized out>) at src/sss_iface/sbus_sss_invokers.c:2847
|
||||
#10 0x00007fb4d9cfb1cf in tevent_common_invoke_timer_handler () from /lib64/libtevent.so.0
|
||||
#11 0x00007fb4d9cfb339 in tevent_common_loop_timer_delay () from /lib64/libtevent.so.0
|
||||
#12 0x00007fb4d9cfc2f9 in epoll_event_loop_once () from /lib64/libtevent.so.0
|
||||
#13 0x00007fb4d9cfa7b7 in std_event_loop_once () from /lib64/libtevent.so.0
|
||||
#14 0x00007fb4d9cf5b5d in _tevent_loop_once () from /lib64/libtevent.so.0
|
||||
#15 0x00007fb4d9cf5d8b in tevent_common_loop_wait () from /lib64/libtevent.so.0
|
||||
#16 0x00007fb4d9cfa757 in std_event_loop_wait () from /lib64/libtevent.so.0
|
||||
#17 0x00007fb4dd955ac3 in server_loop (main_ctx=0x55c9a0edf090) at src/util/server.c:724
|
||||
#18 0x000055c99fc59760 in main (argc=8, argv=<optimized out>) at src/providers/data_provider_be.c:747
|
||||
(gdb) l
|
||||
733 ret = remove_duplicate_group_members(tmp_ctx, grp, &ngroup);
|
||||
734 if (ret != EOK) {
|
||||
735 DEBUG(SSSDBG_CRIT_FAILURE, "Failed to remove duplicate group member s\n");
|
||||
736 goto done;
|
||||
737 }
|
||||
738
|
||||
739 DEBUG_GR_MEM(SSSDBG_TRACE_LIBS, ngroup);
|
||||
740
|
||||
741 ret = sysdb_transaction_start(sysdb);
|
||||
742 if (ret != EOK) {
|
||||
743 DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
|
||||
744 goto done;
|
||||
745 }
|
||||
746 in_transaction = true;
|
||||
747
|
||||
748 if (ngroup->gr_mem && ngroup->gr_mem[0]) {
|
||||
749 attrs = sysdb_new_attrs(tmp_ctx);
|
||||
750 if (!attrs) {
|
||||
751 DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error?!\n");
|
||||
752 ret = ENOMEM;
|
||||
(gdb) p ngroup
|
||||
$1 = (struct group *) 0x0
|
||||
743 DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
|
||||
744 goto done;
|
||||
745 }
|
||||
746 in_transaction = true;
|
||||
747
|
||||
748 if (ngroup->gr_mem && ngroup->gr_mem[0]) {
|
||||
749 attrs = sysdb_new_attrs(tmp_ctx);
|
||||
750 if (!attrs) {
|
||||
751 DEBUG(SSSDBG_CRIT_FAILURE, "Allocation error?!\n");
|
||||
752 ret = ENOMEM;
|
||||
(gdb) p ngroup
|
||||
$1 = (struct group *) 0x0
|
||||
|
||||
Merges: https://pagure.io/SSSD/sssd/pull-request/4036
|
||||
|
||||
Resolves:
|
||||
https://pagure.io/SSSD/sssd/issue/4037
|
||||
|
||||
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
||||
---
|
||||
src/providers/proxy/proxy_id.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c
|
||||
index e1be29076..91105ce5a 100644
|
||||
--- a/src/providers/proxy/proxy_id.c
|
||||
+++ b/src/providers/proxy/proxy_id.c
|
||||
@@ -698,10 +698,12 @@ static errno_t remove_duplicate_group_members(TALLOC_CTX *mem_ctx,
|
||||
}
|
||||
grp->gr_mem[i] = NULL;
|
||||
|
||||
- *_grp = talloc_steal(mem_ctx, grp);
|
||||
ret = EOK;
|
||||
|
||||
done:
|
||||
+ if (ret == EOK) {
|
||||
+ *_grp = talloc_steal(mem_ctx, grp);
|
||||
+ }
|
||||
talloc_zfree(tmp_ctx);
|
||||
|
||||
return ret;
|
||||
--
|
||||
2.20.1
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
From 88a0c39b341098f92725458b2055faaaf2bbad5b Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
||||
Date: Wed, 20 May 2020 12:07:13 +0200
|
||||
Subject: [PATCH] test: avoid endian issues in network tests
|
||||
|
||||
---
|
||||
src/tests/cmocka/test_nss_srv.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c
|
||||
index 2c91d0a23fe4ce6e66fee70da7501b0ec5f0feb8..3cd7809cf001f5f8ac68fcd191e05660b40cd267 100644
|
||||
--- a/src/tests/cmocka/test_nss_srv.c
|
||||
+++ b/src/tests/cmocka/test_nss_srv.c
|
||||
@@ -35,6 +35,7 @@
|
||||
#include "util/util_sss_idmap.h"
|
||||
#include "util/crypto/sss_crypto.h"
|
||||
#include "util/crypto/nss/nss_util.h"
|
||||
+#include "util/sss_endian.h"
|
||||
#include "db/sysdb_private.h" /* new_subdomain() */
|
||||
#include "db/sysdb_iphosts.h"
|
||||
#include "db/sysdb_ipnetworks.h"
|
||||
@@ -5308,7 +5309,13 @@ struct netent test_netent = {
|
||||
.n_name = discard_const("test_network"),
|
||||
.n_aliases = discard_const(test_netent_aliases),
|
||||
.n_addrtype = AF_INET,
|
||||
+#if (__BYTE_ORDER == __LITTLE_ENDIAN)
|
||||
.n_net = 0x04030201 /* 1.2.3.4 */
|
||||
+#elif (__BYTE_ORDER == __BIG_ENDIAN)
|
||||
+ .n_net = 0x01020304 /* 1.2.3.4 */
|
||||
+#else
|
||||
+ #error "unknow endianess"
|
||||
+#endif
|
||||
};
|
||||
|
||||
static void mock_input_netbyname(const char *name)
|
||||
--
|
||||
2.20.1
|
||||
|
|
@ -1,106 +0,0 @@
|
|||
From 0a10d863f4186a18d4622e72065c8aa66b6bfa17 Mon Sep 17 00:00:00 2001
|
||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
||||
Date: Tue, 18 Jun 2019 21:21:08 +0200
|
||||
Subject: [PATCH] MONITOR: Don't check for the nscd socket while regenerating
|
||||
configuration
|
||||
|
||||
https://pagure.io/SSSD/sssd/issue/4028
|
||||
|
||||
In setups where only sssd-kcm is used and not the rest of SSSD, seeing
|
||||
the nscd warning might be irritating.
|
||||
|
||||
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
|
||||
---
|
||||
src/monitor/monitor.c | 69 ++++++++++++++++++++++---------------------
|
||||
1 file changed, 35 insertions(+), 34 deletions(-)
|
||||
|
||||
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
||||
index 33a28a09f..d3f8c8878 100644
|
||||
--- a/src/monitor/monitor.c
|
||||
+++ b/src/monitor/monitor.c
|
||||
@@ -2480,40 +2480,8 @@ int main(int argc, const char *argv[])
|
||||
}
|
||||
#endif
|
||||
|
||||
- /* Warn if nscd seems to be running */
|
||||
- ret = check_file(NSCD_SOCKET_PATH,
|
||||
- -1, -1, S_IFSOCK, S_IFMT, NULL, false);
|
||||
- if (ret == EOK) {
|
||||
- ret = sss_nscd_parse_conf(NSCD_CONF_PATH);
|
||||
-
|
||||
- switch (ret) {
|
||||
- case ENOENT:
|
||||
- sss_log(SSS_LOG_NOTICE,
|
||||
- "NSCD socket was detected. NSCD caching capabilities "
|
||||
- "may conflict with SSSD for users and groups. It is "
|
||||
- "recommended not to run NSCD in parallel with SSSD, "
|
||||
- "unless NSCD is configured not to cache the passwd, "
|
||||
- "group, netgroup and services nsswitch maps.");
|
||||
- break;
|
||||
-
|
||||
- case EEXIST:
|
||||
- sss_log(SSS_LOG_NOTICE,
|
||||
- "NSCD socket was detected and seems to be configured "
|
||||
- "to cache some of the databases controlled by "
|
||||
- "SSSD [passwd,group,netgroup,services]. It is "
|
||||
- "recommended not to run NSCD in parallel with SSSD, "
|
||||
- "unless NSCD is configured not to cache these.");
|
||||
- break;
|
||||
-
|
||||
- case EOK:
|
||||
- DEBUG(SSSDBG_TRACE_FUNC, "NSCD socket was detected and it "
|
||||
- "seems to be configured not to interfere with "
|
||||
- "SSSD's caching capabilities\n");
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- /* Check if the SSSD is already running unless we're only interested
|
||||
- * in re-reading the configuration
|
||||
+ /* Check if the SSSD is already running and for nscd conflicts unless we're
|
||||
+ * only interested in re-reading the configuration
|
||||
*/
|
||||
if (opt_genconf == 0) {
|
||||
ret = check_file(SSSD_PIDFILE, 0, 0, S_IFREG|0600, 0, NULL, false);
|
||||
@@ -2523,6 +2491,39 @@ int main(int argc, const char *argv[])
|
||||
ERROR("SSSD is already running\n");
|
||||
return 2;
|
||||
}
|
||||
+
|
||||
+ /* Warn if nscd seems to be running */
|
||||
+ ret = check_file(NSCD_SOCKET_PATH,
|
||||
+ -1, -1, S_IFSOCK, S_IFMT, NULL, false);
|
||||
+ if (ret == EOK) {
|
||||
+ ret = sss_nscd_parse_conf(NSCD_CONF_PATH);
|
||||
+
|
||||
+ switch (ret) {
|
||||
+ case ENOENT:
|
||||
+ sss_log(SSS_LOG_NOTICE,
|
||||
+ "NSCD socket was detected. NSCD caching capabilities "
|
||||
+ "may conflict with SSSD for users and groups. It is "
|
||||
+ "recommended not to run NSCD in parallel with SSSD, "
|
||||
+ "unless NSCD is configured not to cache the passwd, "
|
||||
+ "group, netgroup and services nsswitch maps.");
|
||||
+ break;
|
||||
+
|
||||
+ case EEXIST:
|
||||
+ sss_log(SSS_LOG_NOTICE,
|
||||
+ "NSCD socket was detected and seems to be configured "
|
||||
+ "to cache some of the databases controlled by "
|
||||
+ "SSSD [passwd,group,netgroup,services]. It is "
|
||||
+ "recommended not to run NSCD in parallel with SSSD, "
|
||||
+ "unless NSCD is configured not to cache these.");
|
||||
+ break;
|
||||
+
|
||||
+ case EOK:
|
||||
+ DEBUG(SSSDBG_TRACE_FUNC, "NSCD socket was detected and it "
|
||||
+ "seems to be configured not to interfere with "
|
||||
+ "SSSD's caching capabilities\n");
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
}
|
||||
|
||||
/* Parse config file, fail if cannot be done */
|
||||
--
|
||||
2.20.1
|
||||
|
|
@ -17,9 +17,9 @@ index 0c515d34caaa3ea397c4c7e95eef0188df170840..252889dbb2b7b1e651966258e7b76eab
|
|||
NotifyAccess=main
|
||||
PIDFile=@pidpath@/sssd.pid
|
||||
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_CHOWN CAP_DAC_READ_SEARCH CAP_KILL CAP_NET_ADMIN CAP_SYS_NICE CAP_FOWNER CAP_SETGID CAP_SETUID CAP_SYS_ADMIN CAP_SYS_RESOURCE CAP_BLOCK_SUSPEND
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
--
|
||||
2.15.1
|
||||
|
||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
SHA512 (sssd-2.2.0.tar.gz) = 9ebd8784e1f0c72cb808bbc153c0b0aa9bf507938f78336a260073a89b49350dc2c6172653509738ea7a50bb9da596725e1d6c92f99c7a03308aa42f6378dbbb
|
||||
SHA512 (sssd-2.3.0.tar.gz) = 72fc69018c4b8a71198f4a82e89d49d7a5c513e9291deff2f8e0e132cbd67341a8fa89598d28fcc1d785497526c9eeffe9b261c751524ee0e553badf0f748d59
|
||||
|
|
84
sssd.spec
84
sssd.spec
|
@ -35,16 +35,15 @@
|
|||
%endif
|
||||
|
||||
Name: sssd
|
||||
Version: 2.2.0
|
||||
Release: 4%{?dist}
|
||||
Version: 2.3.0
|
||||
Release: 1%{?dist}
|
||||
Summary: System Security Services Daemon
|
||||
License: GPLv3+
|
||||
URL: https://pagure.io/SSSD/sssd/
|
||||
Source0: https://releases.pagure.org/SSSD/sssd/%{name}-%{version}.tar.gz
|
||||
URL: https://gihub.com/SSSD/sssd/
|
||||
Source0: https://github.com/SSSD/sssd/releases/download/sssd-2_3_0/sssd-2.3.0.tar.gz
|
||||
|
||||
### Patches ###
|
||||
Patch0001: 0001-PROXY-Return-data-in-output-parameter-if-everything-.patch
|
||||
Patch0002: 0002-MONITOR-Don-t-check-for-the-nscd-socket-while-regene.patch
|
||||
Patch0001: 0001-test-avoid-endian-issues-in-network-tests.patch
|
||||
|
||||
### Downstream only patches ###
|
||||
Patch0502: 0502-SYSTEMD-Use-capabilities.patch
|
||||
|
@ -73,6 +72,7 @@ Suggests: sssd-dbus = %{version}-%{release}
|
|||
|
||||
### Build Dependencies ###
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: libtool
|
||||
|
@ -208,6 +208,7 @@ Requires: sssd-common = %{version}-%{release}
|
|||
# required by sss_obfuscate
|
||||
Requires: python3-sss = %{version}-%{release}
|
||||
Requires: python3-sssdconfig = %{version}-%{release}
|
||||
Recommends: sssd-dbus
|
||||
|
||||
%description tools
|
||||
Provides userspace tools for manipulating users, groups, and nested groups in
|
||||
|
@ -775,6 +776,7 @@ done
|
|||
%{_datadir}/sssd/systemtap/id_perf.stp
|
||||
%{_datadir}/sssd/systemtap/nested_group_perf.stp
|
||||
%{_datadir}/sssd/systemtap/dp_request.stp
|
||||
%{_datadir}/sssd/systemtap/ldap_perf.stp
|
||||
%dir %{_datadir}/systemtap
|
||||
%dir %{_datadir}/systemtap/tapset
|
||||
%{_datadir}/systemtap/tapset/sssd.stp
|
||||
|
@ -786,6 +788,7 @@ done
|
|||
%license COPYING
|
||||
%{_libdir}/%{name}/libsss_ldap.so
|
||||
%{_mandir}/man5/sssd-ldap.5*
|
||||
%{_mandir}/man5/sssd-ldap-attributes.5*
|
||||
|
||||
%files krb5-common
|
||||
%license COPYING
|
||||
|
@ -1069,6 +1072,75 @@ fi
|
|||
%{_libdir}/%{name}/modules/libwbclient.so
|
||||
|
||||
%changelog
|
||||
* Wed May 20 2020 Pavel Březina <pbrezina@redhat.com> - 2.3.0-1
|
||||
- Rebase to SSSD 2.3.0
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-13
|
||||
- Resolves: upstream#4159 - p11_child should have an option to skip
|
||||
C_WaitForSlotEvent if the PKCS#11 module does not
|
||||
implement it properly
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-12
|
||||
- Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in
|
||||
`sss_ptr_hash_delete_cb()`
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-11
|
||||
- Resolves: upstream#4118 - sssd requires timed sudoers ldap entries to be
|
||||
specified up to the seconds
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-11
|
||||
- Add sssd-dbus package as a dependency of sssd-tools
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-10
|
||||
- Resolves: upstream#4142 - sssd_be frequent crash
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-9
|
||||
- Resolves: upstream#4131 Force LDAPS over 636 with AD Provider
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-8
|
||||
- Resolves: upstream#3630 - Randomize ldap_connection_expire_timeout either
|
||||
by default or w/ a configure option
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-7
|
||||
- Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in
|
||||
`sss_ptr_hash_delete_cb()`
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-6
|
||||
- Resolves: upstream#4088 - server/be: SIGTERM handling is incorrect
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-5
|
||||
- Resolves: upstream##4089 Watchdog implementation or usage is incorrect
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-4
|
||||
- Resolves: upstream#4126 pcscd rejecting sssd ldap_child as unauthorized
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-3
|
||||
- Resolves: upstream#4127 - [Doc]Provide explanation on escape character for
|
||||
match rules sss-certmap
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-2
|
||||
- Resolves: upstream#4129 - sssctl config-check command does not give proper
|
||||
error messages with line numbers
|
||||
|
||||
* Wed Feb 26 2020 Michal Židek <mzidek@redhat.com> - 2.2.3-1
|
||||
- Update to latest released upstream version
|
||||
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_2_2_3.htm
|
||||
|
||||
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-3
|
||||
- Resolves: rhbz#1755643 - Upgrade to sssd 2.2.2-1.fc30 breaks setting
|
||||
up FreeIPA replica in containers
|
||||
|
||||
* Tue Oct 22 2019 Adam Williamson <awilliam@redhat.com> - 2.2.2-2
|
||||
- Resolves: rhbz#1757224 - Tickets act like they're expiring prematurely
|
||||
when using KCM cache
|
||||
|
||||
* Wed Sep 11 2019 Michal Židek <mzidek@redhat.com> - 2.2.2-1
|
||||
- Update to latest released upstream version
|
||||
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_2_2_2.html
|
||||
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_2_2_1.html
|
||||
|
||||
* Tue Aug 27 2019 Mohan Boddu <mboddu@bhujji.com> - 2.2.0-5
|
||||
- Rebuilding for libldb 2.0.5
|
||||
|
||||
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
|
|
Loading…
Reference in New Issue