New upstream release

Fix segfaults and upgrade issues. Provide newer default configuration.
This commit is contained in:
Stephen Gallagher 2009-10-27 19:29:01 +00:00
parent 56c3f220f8
commit 9b52793f52
5 changed files with 11 additions and 118 deletions

View File

@ -1 +1 @@
sssd-0.7.0.tar.gz sssd-0.7.1.tar.gz

View File

@ -1,50 +0,0 @@
>From ff5fd17a20037377889b60a73b2b1f470c67c674 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Mon, 26 Oct 2009 12:54:38 +0100
Subject: [PATCH] Fix migration script for pre-0.5 local domains
Configuration files before 0.5.0 did not enforce provider= in local
domains it did special-case by domain name (LOCAL). Our script was
relying on provider= value, this patch adds the special-casing in case
the domain was called LOCAL.
---
server/upgrade/upgrade_config.py | 13 +++++++++++--
1 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/server/upgrade/upgrade_config.py b/server/upgrade/upgrade_config.py
index 87e3990..fe20811 100644
--- a/server/upgrade/upgrade_config.py
+++ b/server/upgrade/upgrade_config.py
@@ -25,6 +25,7 @@ import sys
import shutil
import traceback
from ConfigParser import RawConfigParser
+from ConfigParser import NoOptionError
from optparse import OptionParser
class SSSDConfigParser(RawConfigParser):
@@ -211,11 +212,19 @@ class SSSDConfigFile(object):
self._migrate_kw(new_domsec, old_domsec, ldap_kw)
self._migrate_kw(new_domsec, old_domsec, krb5_kw)
+ # configuration files before 0.5.0 did not enforce provider= in local domains
+ # it did special-case by domain name (LOCAL)
+ try:
+ prv = self._new_config.get(new_domsec, 'id_provider')
+ except NoOptionError:
+ if old_domsec == 'domains/LOCAL':
+ prv = 'local'
+ self._new_config.set(new_domsec, 'id_provider', prv)
+
# if domain was local, update with parameters from [user_defaults]
- if self._new_config.get(new_domsec, 'id_provider') == 'local':
+ if prv == 'local':
self._migrate_kw(new_domsec, 'user_defaults', user_defaults_kw)
-
def _migrate_domains(self):
for domain in [ s.replace('domains/','') for s in self._config.sections() if s.startswith("domains/") ]:
domain = domain.strip()
--
1.6.2.5

View File

@ -1 +1 @@
403945c70c902302e5d8babecb24b096 sssd-0.7.0.tar.gz 827ef46d27c54ce790d329a6b1b82586 sssd-0.7.1.tar.gz

View File

@ -1,57 +0,0 @@
[sssd]
config_file_version = 2
# Number of times services should attempt to reconnect in the
# event of a crash or restart before they give up
reconnection_retries = 3
# if a backend is particularly slow you can raise this timeout here
sbus_timeout = 30
services = nss, dp, pam
; domains = LOCAL,LDAP
# SSSD will not start if you don't configure any domain.
# Add new domains condifgurations as [domain/<NAME>] sections.
# Then add the list of domains (in the order you want them to be
# queried in the 'domains" attribute above and uncomment it
[nss]
# the following prevents sssd for searching for the root user/group in
# all domains (you can add here a comma separated list of system accounts are
# always going to be /etc/passwd users, or that you want to filter out)
filter_groups = root
filter_users = root
reconnection_retries = 3
# The EntryCacheTimeout indicates the number of seconds to retain before
# an entry in cache is considered stale and must block to refresh.
# The EntryCacheNoWaitRefreshTimeout indicates the number of seconds to
# wait before updating the cache out-of-band. (NSS requests will still
# be returned from cache until the full EntryCacheTimeout). Setting this
# value to 0 turns this feature off (default)
; entry_cache_timeout = 600
; entry_cache_nowait_timeout = 300
[pam]
reconnection_retries = 3
[dp]
reconnection_retries = 3
# Example LOCAL domain that stores all users natively in the SSSD internal
# directory. These local users and groups are not visibile in /etc/passwd, it
# now contains only root and system accounts.
; [domain/LOCAL]
; description = LOCAL Users domain
; id_provider = local
; enumerate = true
; min_id = 500
; max_id = 999
# Example native LDAP domain
; [domain/LDAP]
; id_provider = ldap
; auth_provider = ldap
; ldap_uri = ldap://ldap.mydomain.org
; ldap_user_search_base = dc=mydomain,dc=org
; ldap_tls_reqcert = demand
; cache_credentials = true
; enumerate = true

View File

@ -2,26 +2,23 @@
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")} %{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
Name: sssd Name: sssd
Version: 0.7.0 Version: 0.7.1
Release: 2%{?dist} Release: 1%{?dist}
Group: Applications/System Group: Applications/System
Summary: System Security Services Daemon Summary: System Security Services Daemon
# The entire source code is GPLv3+ except replace/ which is LGPLv3+ # The entire source code is GPLv3+ except replace/ which is LGPLv3+
License: GPLv3+ and LGPLv3+ License: GPLv3+ and LGPLv3+
URL: http://fedorahosted.org/sssd URL: http://fedorahosted.org/sssd
Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz Source: https://fedorahosted.org/released/sssd/sssd-%{version}.tar.gz
Source1: sssd.conf.default
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ### ### Patches ###
Patch1: 0001-Fix-migration-script-for-pre-0.5-local-domains.patch
### Dependencies ### ### Dependencies ###
Requires: libldb >= 0.9.3 Requires: libldb >= 0.9.3
Requires: libtdb >= 1.1.3 Requires: libtdb >= 1.1.3
Requires: sssd-client = 0.7.0 Requires: sssd-client = 0.7.1
Requires(post): python Requires(post): python
Requires(preun): initscripts chkconfig Requires(preun): initscripts chkconfig
Requires(postun): /sbin/service Requires(postun): /sbin/service
@ -75,8 +72,6 @@ service.
%prep %prep
%setup -q %setup -q
%patch1 -p1 -b .upgrade_fixes
%build %build
%configure \ %configure \
--without-tests \ --without-tests \
@ -97,7 +92,7 @@ make install DESTDIR=$RPM_BUILD_ROOT
/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client /usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf install -m600 server/examples/sssd.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/ install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
@ -194,6 +189,11 @@ fi
%postun client -p /sbin/ldconfig %postun client -p /sbin/ldconfig
%changelog %changelog
* Tue Oct 27 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.1-1
- Fix segfault in sssd_pam when cache_credentials was enabled
- Update the sample configuration
- Fix upgrade issues caused by data provider service removal
* Mon Oct 26 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2 * Mon Oct 26 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.7.0-2
- Fix upgrade issues from old (pre-0.5.0) releases of SSSD - Fix upgrade issues from old (pre-0.5.0) releases of SSSD