New upstream release
Fix segfaults and upgrade issues. Provide newer default configuration.
This commit is contained in:
parent
56c3f220f8
commit
9b52793f52
@ -1 +1 @@
|
|||||||
sssd-0.7.0.tar.gz
|
sssd-0.7.1.tar.gz
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
>From ff5fd17a20037377889b60a73b2b1f470c67c674 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
||||||
Date: Mon, 26 Oct 2009 12:54:38 +0100
|
|
||||||
Subject: [PATCH] Fix migration script for pre-0.5 local domains
|
|
||||||
|
|
||||||
Configuration files before 0.5.0 did not enforce provider= in local
|
|
||||||
domains it did special-case by domain name (LOCAL). Our script was
|
|
||||||
relying on provider= value, this patch adds the special-casing in case
|
|
||||||
the domain was called LOCAL.
|
|
||||||
---
|
|
||||||
server/upgrade/upgrade_config.py | 13 +++++++++++--
|
|
||||||
1 files changed, 11 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/server/upgrade/upgrade_config.py b/server/upgrade/upgrade_config.py
|
|
||||||
index 87e3990..fe20811 100644
|
|
||||||
--- a/server/upgrade/upgrade_config.py
|
|
||||||
+++ b/server/upgrade/upgrade_config.py
|
|
||||||
@@ -25,6 +25,7 @@ import sys
|
|
||||||
import shutil
|
|
||||||
import traceback
|
|
||||||
from ConfigParser import RawConfigParser
|
|
||||||
+from ConfigParser import NoOptionError
|
|
||||||
from optparse import OptionParser
|
|
||||||
|
|
||||||
class SSSDConfigParser(RawConfigParser):
|
|
||||||
@@ -211,11 +212,19 @@ class SSSDConfigFile(object):
|
|
||||||
self._migrate_kw(new_domsec, old_domsec, ldap_kw)
|
|
||||||
self._migrate_kw(new_domsec, old_domsec, krb5_kw)
|
|
||||||
|
|
||||||
+ # configuration files before 0.5.0 did not enforce provider= in local domains
|
|
||||||
+ # it did special-case by domain name (LOCAL)
|
|
||||||
+ try:
|
|
||||||
+ prv = self._new_config.get(new_domsec, 'id_provider')
|
|
||||||
+ except NoOptionError:
|
|
||||||
+ if old_domsec == 'domains/LOCAL':
|
|
||||||
+ prv = 'local'
|
|
||||||
+ self._new_config.set(new_domsec, 'id_provider', prv)
|
|
||||||
+
|
|
||||||
# if domain was local, update with parameters from [user_defaults]
|
|
||||||
- if self._new_config.get(new_domsec, 'id_provider') == 'local':
|
|
||||||
+ if prv == 'local':
|
|
||||||
self._migrate_kw(new_domsec, 'user_defaults', user_defaults_kw)
|
|
||||||
|
|
||||||
-
|
|
||||||
def _migrate_domains(self):
|
|
||||||
for domain in [ s.replace('domains/','') for s in self._config.sections() if s.startswith("domains/") ]:
|
|
||||||
domain = domain.strip()
|
|
||||||
--
|
|
||||||
1.6.2.5
|
|
||||||
|
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
403945c70c902302e5d8babecb24b096 sssd-0.7.0.tar.gz
|
827ef46d27c54ce790d329a6b1b82586 sssd-0.7.1.tar.gz
|
||||||
|
@ -1,57 +0,0 @@
|
|||||||
[sssd]
|
|
||||||
config_file_version = 2
|
|
||||||
# Number of times services should attempt to reconnect in the
|
|
||||||
# event of a crash or restart before they give up
|
|
||||||
reconnection_retries = 3
|
|
||||||
# if a backend is particularly slow you can raise this timeout here
|
|
||||||
sbus_timeout = 30
|
|
||||||
services = nss, dp, pam
|
|
||||||
; domains = LOCAL,LDAP
|
|
||||||
# SSSD will not start if you don't configure any domain.
|
|
||||||
# Add new domains condifgurations as [domain/<NAME>] sections.
|
|
||||||
# Then add the list of domains (in the order you want them to be
|
|
||||||
# queried in the 'domains" attribute above and uncomment it
|
|
||||||
|
|
||||||
|
|
||||||
[nss]
|
|
||||||
# the following prevents sssd for searching for the root user/group in
|
|
||||||
# all domains (you can add here a comma separated list of system accounts are
|
|
||||||
# always going to be /etc/passwd users, or that you want to filter out)
|
|
||||||
filter_groups = root
|
|
||||||
filter_users = root
|
|
||||||
reconnection_retries = 3
|
|
||||||
|
|
||||||
# The EntryCacheTimeout indicates the number of seconds to retain before
|
|
||||||
# an entry in cache is considered stale and must block to refresh.
|
|
||||||
# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
|
|
||||||
# wait before updating the cache out-of-band. (NSS requests will still
|
|
||||||
# be returned from cache until the full EntryCacheTimeout). Setting this
|
|
||||||
# value to 0 turns this feature off (default)
|
|
||||||
; entry_cache_timeout = 600
|
|
||||||
; entry_cache_nowait_timeout = 300
|
|
||||||
|
|
||||||
[pam]
|
|
||||||
reconnection_retries = 3
|
|
||||||
|
|
||||||
[dp]
|
|
||||||
reconnection_retries = 3
|
|
||||||
|
|
||||||
# Example LOCAL domain that stores all users natively in the SSSD internal
|
|
||||||
# directory. These local users and groups are not visibile in /etc/passwd, it
|
|
||||||
# now contains only root and system accounts.
|
|
||||||
; [domain/LOCAL]
|
|
||||||
; description = LOCAL Users domain
|
|
||||||
; id_provider = local
|
|
||||||
; enumerate = true
|
|
||||||
; min_id = 500
|
|
||||||
; max_id = 999
|
|
||||||
|
|
||||||
# Example native LDAP domain
|
|
||||||
; [domain/LDAP]
|
|
||||||
; id_provider = ldap
|
|
||||||
; auth_provider = ldap
|
|
||||||
; ldap_uri = ldap://ldap.mydomain.org
|
|
||||||
; ldap_user_search_base = dc=mydomain,dc=org
|
|
||||||
; ldap_tls_reqcert = demand
|
|
||||||
; cache_credentials = true
|
|
||||||
; enumerate = true
|
|
18
sssd.spec
18
sssd.spec
@ -2,26 +2,23 @@
|
|||||||
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
|
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
|
||||||
|
|
||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 0.7.0
|
Version: 0.7.1
|
||||||
Release: 2%{?dist}
|
Release: 1%{?dist}
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
|
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
|
||||||
License: GPLv3+ and LGPLv3+
|
License: GPLv3+ and LGPLv3+
|
||||||
URL: http://fedorahosted.org/sssd
|
URL: http://fedorahosted.org/sssd
|
||||||
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
|
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
|
||||||
Source1: sssd.conf.default
|
|
||||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||||
|
|
||||||
### Patches ###
|
### Patches ###
|
||||||
|
|
||||||
Patch1: 0001-Fix-migration-script-for-pre-0.5-local-domains.patch
|
|
||||||
|
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
|
|
||||||
Requires: libldb >= 0.9.3
|
Requires: libldb >= 0.9.3
|
||||||
Requires: libtdb >= 1.1.3
|
Requires: libtdb >= 1.1.3
|
||||||
Requires: sssd-client = 0.7.0
|
Requires: sssd-client = 0.7.1
|
||||||
Requires(post): python
|
Requires(post): python
|
||||||
Requires(preun): initscripts chkconfig
|
Requires(preun): initscripts chkconfig
|
||||||
Requires(postun): /sbin/service
|
Requires(postun): /sbin/service
|
||||||
@ -75,8 +72,6 @@ service.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
%patch1 -p1 -b .upgrade_fixes
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure \
|
%configure \
|
||||||
--without-tests \
|
--without-tests \
|
||||||
@ -97,7 +92,7 @@ make install DESTDIR=$RPM_BUILD_ROOT
|
|||||||
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
|
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
|
||||||
|
|
||||||
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
|
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
|
||||||
install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
|
install -m600 server/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
|
||||||
|
|
||||||
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
|
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
|
||||||
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
|
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
|
||||||
@ -194,6 +189,11 @@ fi
|
|||||||
%postun client -p /sbin/ldconfig
|
%postun client -p /sbin/ldconfig
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Oct 27 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.1-1
|
||||||
|
- Fix segfault in sssd_pam when cache_credentials was enabled
|
||||||
|
- Update the sample configuration
|
||||||
|
- Fix upgrade issues caused by data provider service removal
|
||||||
|
|
||||||
* Mon Oct 26 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2
|
* Mon Oct 26 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2
|
||||||
- Fix upgrade issues from old (pre-0.5.0) releases of SSSD
|
- Fix upgrade issues from old (pre-0.5.0) releases of SSSD
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user