New upstream release 1.9.0 beta 1

- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1 - Add native support for autofs to the IPA provider - Support for ID-mapping when connecting to Active Directory - Support for handling very large (> 1500 users) groups in Active Directory - Support for sub-domains (will be used for dealing with trust relationships) - Add a new fast in-memory cache to speed up lookups of cached data on repeated requests
2012-05-11 16:02:54 -04:00 · 2012-05-11 16:02:54 -04:00 · 7fa00add1e
commit 7fa00add1e
parent 05471b8b76
4 changed files with 59 additions and 20 deletions
--- a/.gitignore
+++ b/.gitignore
@ -28,3 +28,4 @@ sssd-1.2.91.tar.gz
 /sssd-1.8.1.tar.gz
 /sssd-1.8.2.tar.gz
 /sssd-1.8.3.tar.gz
+/sssd-1.9.0beta1.tar.gz
--- a/FED01-Change-Kerberos-credential-cache-default-loca.patch
+++ b/FED01-Change-Kerberos-credential-cache-default-loca.patch
@ -1,4 +1,4 @@
-From 8ae0fc769b419e16ce7804bd516f7c2d03ce8471 Mon Sep 17 00:00:00 2001
+From 05c49dd916dcbea2ce8f6a6b14fd54a5c67fd6db Mon Sep 17 00:00:00 2001
 From: Stephen Gallagher <sgallagh@redhat.com>
 Date: Wed, 22 Feb 2012 07:53:56 -0500
 Subject: [PATCH] FEDORA: Change Kerberos credential cache default location
@ -7,9 +7,9 @@ On Fedora, we need to default to using /run/user/%u for credential
 caches for improved security and to simplify rpc.gssd locating the
 cache for use with NFS.
 ---
- src/man/sssd-krb5.5.xml          |    4 ++--
- src/providers/krb5/krb5_common.c |    4 ++--
- 2 files changed, 4 insertions(+), 4 deletions(-)
+ src/man/sssd-krb5.5.xml        |    4 ++--
+ src/providers/krb5/krb5_opts.h |    2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)

 diff --git a/src/man/sssd-krb5.5.xml b/src/man/sssd-krb5.5.xml
 index 247337a90a80b078d0395b27a02e5ea2c72a5ce8..cc10dc149c407450a59f39ebc2de0ac95e33028e 100644
@ -33,21 +33,19 @@ index 247337a90a80b078d0395b27a02e5ea2c72a5ce8..cc10dc149c407450a59f39ebc2de0ac9
                         </para>
                     </listitem>
                 </varlistentry>
-diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
-index c2cb94b61463cbdaf3f4fa5a5cb311af55b4b960..e3a74697249a8dd10907beaeaef415a48c3c30a9 100644
--- a/src/providers/krb5/krb5_common.c
-+++ b/src/providers/krb5/krb5_common.c
-@@ -34,8 +34,8 @@
- struct dp_option default_krb5_opts[] = {
+diff --git a/src/providers/krb5/krb5_opts.h b/src/providers/krb5/krb5_opts.h
+index 7f47290c961ce6455e0d123e9ec14c7add39d28d..ff1863b98524eab1d175e06253e78cafa15b3f2d 100644
+--- a/src/providers/krb5/krb5_opts.h
+++ b/src/providers/krb5/krb5_opts.h
+@@ -29,7 +29,7 @@ struct dp_option default_krb5_opts[] = {
     { "krb5_server", DP_OPT_STRING, NULL_STRING, NULL_STRING },
     { "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING },
-    { "krb5_ccachedir", DP_OPT_STRING, { "/tmp" }, NULL_STRING },
+     { "krb5_ccachedir", DP_OPT_STRING, { "/tmp" }, NULL_STRING },
 -    { "krb5_ccname_template", DP_OPT_STRING, { "FILE:%d/krb5cc_%U_XXXXXX" }, NULL_STRING},
-+    { "krb5_ccachedir", DP_OPT_STRING, { "/run/user/%u" }, NULL_STRING },
-+    { "krb5_ccname_template", DP_OPT_STRING, { "FILE:%d/krb5cc" }, NULL_STRING},
+    { "krb5_ccname_template", DP_OPT_STRING, { "/run/user/%u" }, NULL_STRING},
     { "krb5_auth_timeout", DP_OPT_NUMBER, { .number = 15 }, NULL_NUMBER },
     { "krb5_keytab", DP_OPT_STRING, { "/etc/krb5.keytab" }, NULL_STRING },
     { "krb5_validate", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
 -- 
-1.7.7.6
+1.7.10.1

--- a/2
+++ b/2
@ -1 +1 @@
-e09410d6bfe0a2bf8a4ce7ab95c005db  sssd-1.8.3.tar.gz
+829ecc6544f76185581d5feb788edae4  sssd-1.9.0beta1.tar.gz
--- a/sssd.spec
+++ b/sssd.spec
@ -15,13 +15,13 @@
 %global ldb_version 1.1.4

 Name: sssd
-Version: 1.8.3
-Release: 11%{?dist}
+Version: 1.9.0
+Release: 1%{?dist}.beta1
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
 URL: http://fedorahosted.org/sssd/
-Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
+Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}beta1.tar.gz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)

 ### Patches ###
@ -36,6 +36,7 @@ Requires: libtdb >= 1.1.3
 Requires: sssd-client%{?_isa} = %{version}-%{release}
 Requires: cyrus-sasl-gssapi%{?_isa}
 Requires: libipa_hbac%{?_isa} = %{version}-%{release}
+Requires: libsss_idmap%{?_isa} = %{version}-%{release}
 Requires: krb5-libs >= 1.9
 Requires: keyutils-libs
 Requires(post): systemd-units initscripts chkconfig /sbin/ldconfig
@ -122,6 +123,23 @@ SSSD when using id_provider = local in /etc/sssd/sssd.conf.
 Also provides a userspace tool for generating an obfuscated LDAP password for
 use with ldap_default_authtok_type = obfuscated_password.

+%package -n libsss_idmap
+Summary: FreeIPA Idmap library
+Group: Development/Libraries
+License: LGPLv3+
+
+%description -n libsss_idmap
+Utility library to SIDs to Unix uids and gids
+
+%package -n libsss_idmap-devel
+Summary: FreeIPA Idmap library
+Group: Development/Libraries
+License: LGPLv3+
+Requires: libsss_idmap = %{version}-%{release}
+
+%description -n libsss_idmap-devel
+Utility library to SIDs to Unix uids and gids
+
 %package -n libipa_hbac
 Summary: FreeIPA HBAC Evaluator library
 Group: Development/Libraries
@ -182,7 +200,7 @@ UpdateTimestamps() {
  done
 }

-%setup -q -n %{name}-%{version}
+%setup -q -n %{name}-1.8.91

 for p in %patches ; do
    %__patch -p1 -i $p
@ -243,7 +261,7 @@ cp src/sysv/systemd/sssd.service $RPM_BUILD_ROOT/%{_unitdir}/
 find $RPM_BUILD_ROOT -name "*.la" -exec rm -f {} \;

 # Suppress developer-only documentation
-rm -Rf ${RPM_BUILD_ROOT}/%{_docdir}/%{name}/doc
+rm -Rf ${RPM_BUILD_ROOT}/%{_docdir}/%{name}

 # Older versions of rpmbuild can only handle one -f option
 # So we need to append to the sssd.lang file
@ -370,6 +388,18 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/sss_cache.8*
 %{_mandir}/man8/sss_debuglevel.8*

+%files -n libsss_idmap
+%defattr(-,root,root,-)
+%doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
+%{_libdir}/libsss_idmap.so.*
+
+%files -n libsss_idmap-devel
+%defattr(-,root,root,-)
+%doc idmap_doc/html
+%{_includedir}/sss_idmap.h
+%{_libdir}/libsss_idmap.so
+%{_libdir}/pkgconfig/sss_idmap.pc
+
 %files -n libipa_hbac
 %defattr(-,root,root,-)
 %doc src/sss_client/COPYING src/sss_client/COPYING.LESSER
@ -456,6 +486,16 @@ fi
 %postun -n libipa_hbac -p /sbin/ldconfig

 %changelog
+* Fri May 11 2012 Stephen Gallagher <sgallagh@redhat.com> - 1.9.0-1.beta1
+- New upstream release 1.9.0 beta 1
+- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.9.0beta1
+- Add native support for autofs to the IPA provider
+- Support for ID-mapping when connecting to Active Directory
+- Support for handling very large (> 1500 users) groups in Active Directory
+- Support for sub-domains (will be used for dealing with trust relationships)
+- Add a new fast in-memory cache to speed up lookups of cached data on
+  repeated requests
+
 * Thu May 03 2012 Stephen Gallagher <sgallagh@redhat.com> - 1.8.3-11
 - New upstream release 1.8.3
 - https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.3