New upstream release 1.14 alpha

- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0alpha

.gitignore

@@ -68,3 +68,4 @@ sssd-1.2.91.tar.gz
 /sssd-1.13.2.tar.gz
 /sssd-1.13.3.tar.gz
 /sssd-1.13.4.tar.gz
+/sssd-1.14.0alpha.tar.gz

0001-IPA-terminate-properly-if-view-name-lookup-fails.patch

@@ -1,40 +0,0 @@
-From d3fd5365fb9fad89af47e17da35cef1a34aff1d3 Mon Sep 17 00:00:00 2001
-From: Sumit Bose <sbose@redhat.com>
-Date: Tue, 19 Apr 2016 15:07:18 +0200
-Subject: [PATCH] IPA: terminate properly if view name lookup fails
-
-Since commit 5a5f1e1053415efaa99bb4d5bc7ce7ac0a95b757 the view name
-lookup is the last step in the subdomain lookup request. In case of an
-error the request should be finished and no previous step should be
-called again.
-
-Resolves https://fedorahosted.org/sssd/ticket/2993
-
-Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-(cherry picked from commit 57d8b4b9254442a568838cb60ea16068965f2df0)
----
- src/providers/ipa/ipa_subdomains.c | 8 +-------
- 1 file changed, 1 insertion(+), 7 deletions(-)
-
-diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
-index cb5a23bfb8043e620061e11d5e567d3e39eab6e3..62796b8d15682aedb952b9c46561867d82684b80 100644
---- a/src/providers/ipa/ipa_subdomains.c
-+++ b/src/providers/ipa/ipa_subdomains.c
-@@ -840,13 +840,7 @@ static void ipa_get_view_name_done(struct tevent_req *req)
-         if (ret == EOPNOTSUPP || ret == EIO) {
-             DEBUG(SSSDBG_TRACE_FUNC, "get_view_name request failed, looks " \
-                                      "like server does not support views.\n");
--            ret = ipa_check_master(ctx);
--            if (ret == EAGAIN) {
--                return;
--            } else if (ret != EOK) {
--                goto done;
--            }
--
-+            ret = EOK;
-         } else {
-             DEBUG(SSSDBG_OP_FAILURE, "get_view_name request failed.\n");
-         }
--- 
-2.7.3
-

0002-UTIL-Add-ERR_SBUS_REQUEST_HANDLED.patch

@@ -1,62 +0,0 @@
-From 33abcf8b0ba5c71369c1c12f91b89e6f6a0143c3 Mon Sep 17 00:00:00 2001
-From: Jakub Hrozek <jhrozek@redhat.com>
-Date: Wed, 27 Apr 2016 11:11:31 +0200
-Subject: [PATCH 2/3] UTIL: Add ERR_SBUS_REQUEST_HANDLED
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-In most cases when sbus request parsing finishes, the request is handled
-internally and a reply is sent to the caller. However, in handlers that
-are parsed and handled completely manually, we might want to be notified
-about this case so that the called of sbus_request_parse_or_finish()
-aborts the request and doesn't proceed with using the sbus request which
-is already freed internally in sbus_request_parse_or_finish().
-
-Reviewed-by: Pavel Březina <pbrezina@redhat.com>
-(cherry picked from commit 406a7e5b731ae79084dce00021e01ebe7b7d724a)
----
- src/sbus/sssd_dbus_request.c | 1 +
- src/util/util_errors.c       | 1 +
- src/util/util_errors.h       | 1 +
- 3 files changed, 3 insertions(+)
-
-diff --git a/src/sbus/sssd_dbus_request.c b/src/sbus/sssd_dbus_request.c
-index aa57f6b6587183a9edd7764d123e82b01b5f6070..c71a79b1f06c92c25f8bb836b5bf815c056d3912 100644
---- a/src/sbus/sssd_dbus_request.c
-+++ b/src/sbus/sssd_dbus_request.c
-@@ -74,6 +74,7 @@ sbus_request_invoke_or_finish(struct sbus_request *dbus_req,
-     }
- 
-     switch(ret) {
-+    case ERR_SBUS_REQUEST_HANDLED:
-     case EOK:
-         return;
-     case ENOMEM:
-diff --git a/src/util/util_errors.c b/src/util/util_errors.c
-index 59ae63ab8d6e834a772349b162bf282f9a4f1c72..c998e14c26e43c3cd6a5a060bb6f74698b9e93ae 100644
---- a/src/util/util_errors.c
-+++ b/src/util/util_errors.c
-@@ -84,6 +84,7 @@ struct err_string error_to_str[] = {
-     { "Subdomain is inactive" }, /* ERR_SUBDOM_INACTIVE */
-     { "Account is locked" }, /* ERR_ACCOUNT_LOCKED */
-     { "AD renewal child failed" }, /* ERR_RENEWAL_CHILD */
-+    { "SBUS request already handled" }, /* ERR_SBUS_REQUEST_HANDLED */
-     { "ERR_LAST" } /* ERR_LAST */
- };
- 
-diff --git a/src/util/util_errors.h b/src/util/util_errors.h
-index 05791f2f08f107a8b4830b810b8826983763174f..c0d9622a431a9946fdfa5e5c60ecf7b9e1ae66a5 100644
---- a/src/util/util_errors.h
-+++ b/src/util/util_errors.h
-@@ -106,6 +106,7 @@ enum sssd_errors {
-     ERR_SUBDOM_INACTIVE,
-     ERR_ACCOUNT_LOCKED,
-     ERR_RENEWAL_CHILD,
-+    ERR_SBUS_REQUEST_HANDLED,
-     ERR_LAST            /* ALWAYS LAST */
- };
- 
--- 
-2.7.4
-

0003-IFP-Do-not-crash-on-invalid-arguments-to-GetUserAttr.patch

@@ -1,39 +0,0 @@
-From 2dcfe9ba33d65aa08373f84a31065597413fc762 Mon Sep 17 00:00:00 2001
-From: Jakub Hrozek <jhrozek@redhat.com>
-Date: Tue, 10 May 2016 12:24:44 +0200
-Subject: [PATCH 3/3] IFP: Do not crash on invalid arguments to GetUserAttr
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Reviewed-by: Pavel Březina <pbrezina@redhat.com>
-(cherry picked from commit 7ff6858b18fb463bc446797aa860960d5165fe9e)
----
- src/responder/ifp/ifpsrv_cmd.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c
-index ab6156fd6c92e8fd8176da6664cd6b79eb3f5a97..624db5f9f16b7f864dc2df67f7a62983686d8e29 100644
---- a/src/responder/ifp/ifpsrv_cmd.c
-+++ b/src/responder/ifp/ifpsrv_cmd.c
-@@ -83,7 +83,7 @@ int ifp_user_get_attr(struct sbus_request *dbus_req, void *data)
- 
-     ret = ifp_user_get_attr_unpack_msg(attr_req);
-     if (ret != EOK) {
--        return ret;     /* handled internally */
-+        return ret;     /* internal error */
-     }
- 
-     DEBUG(SSSDBG_FUNC_DATA,
-@@ -117,7 +117,7 @@ ifp_user_get_attr_unpack_msg(struct ifp_attr_req *attr_req)
-                                           DBUS_TYPE_INVALID);
-     if (parsed == false) {
-         DEBUG(SSSDBG_OP_FAILURE, "Could not parse arguments\n");
--        return EOK; /* handled */
-+        return ERR_SBUS_REQUEST_HANDLED;
-     }
- 
-     /* Copy the attributes to maintain memory hierarchy with talloc */
--- 
-2.7.4
-

1001-Netlink-Ignore-RTM_NEWADDR-signals-from-link-local.patch

@@ -1,88 +0,0 @@
-From fcb8b9bdfa4eed9958e536e8afc8ec9ec7303002 Mon Sep 17 00:00:00 2001
-From: Stephen Gallagher <sgallagh@redhat.com>
-Date: Tue, 5 Apr 2016 12:43:49 -0400
-Subject: [PATCH] Netlink: Ignore RTM_NEWADDR signals from link-local
-
-We only need to go online if we receive a netlink signal that might
-indicate that the external connection might have become available. This
-will never be true for link-local addresses.
-
-Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-(cherry picked from commit a9d1b4b61b614a954c784f224b8fe7a47b6dd206)
----
- src/monitor/monitor_netlink.c | 50 +++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 50 insertions(+)
-
-diff --git a/src/monitor/monitor_netlink.c b/src/monitor/monitor_netlink.c
-index 7e6f8cbbd3c4815fb2c9991698ecfd4ee5deeeef..22262949c67744493dfa722ff38257a75a5b8291 100644
---- a/src/monitor/monitor_netlink.c
-+++ b/src/monitor/monitor_netlink.c
-@@ -669,8 +669,13 @@ static void addr_msg_debug_print(struct rtnl_addr *addr_obj)
- 
- static void addr_msg_handler(struct nl_object *obj, void *arg)
- {
-+    int err;
-     struct netlink_ctx *ctx = (struct netlink_ctx *) arg;
-     struct rtnl_addr *addr_obj;
-+    struct nl_addr *local_addr;
-+    struct sockaddr_in sa4;
-+    struct sockaddr_in6 sa6;
-+    socklen_t salen;
- 
-     if (!nlw_is_addr_object(obj)) return;
- 
-@@ -679,6 +684,51 @@ static void addr_msg_handler(struct nl_object *obj, void *arg)
-         addr_msg_debug_print(addr_obj);
-     }
- 
-+    local_addr = rtnl_addr_get_local(addr_obj);
-+    if (local_addr == NULL) {
-+    DEBUG(SSSDBG_MINOR_FAILURE,
-+          "Received RTM_NEWADDR with no address\n");
-+    return;
-+    }
-+
-+    switch (nl_addr_get_family(local_addr)) {
-+    case AF_INET6:
-+        salen = sizeof(struct sockaddr_in6);
-+        err = nl_addr_fill_sockaddr(local_addr,
-+                                    (struct sockaddr *) &sa6,
-+                                    &salen);
-+        if (err < 0) {
-+          DEBUG(SSSDBG_MINOR_FAILURE,
-+                "Unknown error in nl_addr_fill_sockaddr\n");
-+          return;
-+        }
-+
-+        if (!check_ipv6_addr(&sa6.sin6_addr, SSS_NO_SPECIAL)) {
-+            DEBUG(SSSDBG_TRACE_LIBS, "Ignoring special address.\n");
-+            return;
-+        }
-+        break;
-+
-+    case AF_INET:
-+        salen = sizeof(struct sockaddr_in);
-+        err = nl_addr_fill_sockaddr(local_addr,
-+                                    (struct sockaddr *) &sa4,
-+                                     &salen);
-+        if (err < 0) {
-+            DEBUG(SSSDBG_MINOR_FAILURE,
-+            "Unknown error in nl_addr_fill_sockaddr\n");
-+            return;
-+        }
-+        if (check_ipv4_addr(&sa4.sin_addr, SSS_NO_SPECIAL)) {
-+            DEBUG(SSSDBG_TRACE_LIBS, "Ignoring special address.\n");
-+            return;
-+        }
-+        break;
-+    default:
-+        DEBUG(SSSDBG_CRIT_FAILURE, "Unknown address family\n");
-+        return;
-+    }
-+
-     ctx->change_cb(ctx->cb_data);
- }
- 
--- 
-2.7.3
-

sources

@@ -1 +1 @@
-d147e0a4f4719d993693c6a99370b350  sssd-1.13.4.tar.gz
+11b107740e84918ea652e3b82a0cfe4f  sssd-1.14.0alpha.tar.gz

sssd.spec

@@ -14,6 +14,7 @@
 
     %global with_krb5_localauth_plugin 1
 
+    %global enable_systemtap_opt --enable-systemtap
 
 %global libwbc_alternatives_version 0.12
 %global libwbc_lib_version %{libwbc_alternatives_version}.0
@@ -23,20 +24,16 @@
 %endif
 
 Name: sssd
-Version: 1.13.4
-Release: 3%{?dist}
+Version: 1.14.0
+Release: 1%{?dist}.alpha
 Group: Applications/System
 Summary: System Security Services Daemon
 License: GPLv3+
 URL: http://fedorahosted.org/sssd/
-Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
+Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}alpha.tar.gz
 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 ### Patches ###
-Patch0001: 0001-IPA-terminate-properly-if-view-name-lookup-fails.patch
-Patch0002: 0002-UTIL-Add-ERR_SBUS_REQUEST_HANDLED.patch
-Patch0003: 0003-IFP-Do-not-crash-on-invalid-arguments-to-GetUserAttr.patch
-Patch1001: 1001-Netlink-Ignore-RTM_NEWADDR-signals-from-link-local.patch
 
 ### Dependencies ###
 
@@ -108,6 +105,7 @@ BuildRequires: cifs-utils-devel
 BuildRequires: libnfsidmap-devel
 BuildRequires: samba4-devel >= 4.0.0-59beta2
 BuildRequires: libsmbclient-devel
+BuildRequires: systemtap-sdt-devel
 
 %description
 Provides a set of daemons to manage access to remote directories and
@@ -520,7 +518,7 @@ UpdateTimestamps() {
   done
 }
 
-%setup -q
+%setup -q -n %{name}-1.13.90
 
 for p in %patches ; do
     %__patch -p1 -i $p
@@ -548,6 +546,7 @@ autoreconf -ivf
     --with-syslog=journald \
     --enable-sss-default-nss-plugin \
     %{?with_cifs_utils_plugin_option} \
+    %{?enable_systemtap_opt} \
 
 
 make %{?_smp_mflags} all docs
@@ -728,6 +727,9 @@ done
 %dir %{_sysconfdir}/rwtab.d
 %config(noreplace) %{_sysconfdir}/rwtab.d/sssd
 %dir %{_datadir}/sssd
+%{_sysconfdir}/pam.d/sssd-shadowutils
+%{_libdir}/%{name}/conf/sssd.conf
+
 %{_datadir}/sssd/sssd.api.conf
 %{_datadir}/sssd/sssd.api.d
 %{_mandir}/man1/sss_ssh_authorizedkeys.1*
@@ -738,6 +740,14 @@ done
 %{_mandir}/man5/sss_rpcidmapd.5*
 %{_mandir}/man8/sssd.8*
 %{_mandir}/man8/sss_cache.8*
+%dir %{_datadir}/sssd/systemtap
+%{_datadir}/sssd/systemtap/id_perf.stp
+%{_datadir}/sssd/systemtap/nested_group_perf.stp
+%dir %{_datadir}/systemtap
+%dir %{_datadir}/systemtap/tapset
+%{_datadir}/systemtap/tapset/sssd.stp
+%{_datadir}/systemtap/tapset/sssd_functions.stp
+
 
 %files ldap -f sssd_ldap.lang
 %defattr(-,root,root,-)
@@ -1032,6 +1042,10 @@ fi
                                 %{_libdir}/%{name}/modules/libwbclient.so
 
 %changelog
+* Tue Jun 21 2016 Lukas Slebodnik <lslebodn@redhat.com> - 1.14.0-1.alpha
+- New upstream release 1.14 alpha
+- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.14.0alpha
+
 * Fri May 13 2016 Lukas Slebodnik <lslebodn@redhat.com> - 1.13.4-3
 - Resolves: rhbz#1335639 - [abrt] sssd-dbus: ldb_msg_find_element():
                            sssd_ifp killed by SIGSEGV