- Add SSSDConfig API

- Update polish translation for 0.6.0
- Fix long timeout on ldap operation
- Make dp requests more robust
This commit is contained in:
Stephen Gallagher 2009-10-13 20:25:50 +00:00
parent fbbcc44a29
commit a0cdb7e0dc
4 changed files with 27 additions and 13 deletions

View File

@ -1 +1 @@
sssd-0.6.0.tar.gz
sssd-0.6.1.tar.gz

View File

@ -1,7 +1,7 @@
From 5ab9ed3c42781ae1911d253d56d67dc0288d55f7 Mon Sep 17 00:00:00 2001
From e98645b11a18d5eba14f9108504003ffdfe81f3a Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Mon, 28 Sep 2009 07:51:26 -0400
Subject: [PATCH 1/2] Tighten up permission.
Subject: [PATCH] Tighten up permission.
SSSD may contain passwords and other sensitive data, make sure we always keep its
permission tight. Also make /etc/sssd permission very strict, just in case,
@ -13,18 +13,18 @@ permissions.
2 files changed, 13 insertions(+), 2 deletions(-)
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 5dc45d2..9513a6b 100644
index 2dd291f..93a1401 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -129,7 +129,7 @@ rm -rf $RPM_BUILD_ROOT
@@ -132,7 +132,7 @@ rm -rf $RPM_BUILD_ROOT
%attr(755,root,root) %dir %{pipepath}
%attr(700,root,root) %dir %{pipepath}/private
%attr(750,root,root) %dir %{_var}/log/%{name}
-%dir %{_sysconfdir}/sssd
+%attr(700,root,root) %dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
%{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sssd-krb5.5*
%config %{_sysconfdir}/sssd/sssd.api.conf
%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
diff --git a/server/upgrade/upgrade_config.py b/server/upgrade/upgrade_config.py
index 412fad5..87e3990 100644
--- a/server/upgrade/upgrade_config.py

View File

@ -1 +1 @@
2a2e118d9f29dda15dd4b8202b9cac62 sssd-0.6.0.tar.gz
2deb5f1506ae2e172c9ce1de45c1d1df sssd-0.6.1.tar.gz

View File

@ -1,7 +1,8 @@
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: sssd
Version: 0.6.0
Version: 0.6.1
Release: 1%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
@ -16,14 +17,13 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ###
Patch1: 0001-Tighten-up-permission.patch
Patch2: 0002-Fix-infinite-loop-with-empty-group-enumeration.patch
### Dependencies ###
Requires: libldb >= 0.9.3
Requires: libtdb >= 1.1.3
Requires: sssd-client = 0.6.0
Requires: sssd-client = 0.6.1
Requires(post): python
Requires(preun): initscripts chkconfig
Requires(postun): /sbin/service
@ -78,7 +78,6 @@ service.
%setup -q
%patch1 -p1 -b .tighten_permission
%patch2 -p1 -b .infinite_group_loop
%build
%configure \
@ -109,6 +108,10 @@ rm -f \
mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d
install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
touch locator.filelist
if test -e $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
then
@ -137,8 +140,11 @@ rm -rf $RPM_BUILD_ROOT
%attr(755,root,root) %dir %{pipepath}
%attr(700,root,root) %dir %{pipepath}/private
%attr(750,root,root) %dir %{_var}/log/%{name}
%dir %{_sysconfdir}/sssd
%attr(700,root,root) %dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
%config %{_sysconfdir}/sssd/sssd.api.conf
%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
%config %{_sysconfdir}/sssd/sssd.api.d/
%{_mandir}/man5/sssd.conf.5*
%{_mandir}/man5/sssd-krb5.5*
%{_mandir}/man5/sssd-ldap.5*
@ -153,6 +159,8 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/locale/*/LC_MESSAGES/sss_client.mo
%{_datadir}/locale/*/LC_MESSAGES/sss_daemon.mo
%{python_sitearch}/pysss.so
%{python_sitelib}/*.py*
%{?fedora:%{python_sitelib}/*.egg-info}
%files client
/%{_lib}/libnss_sss.so.2
@ -180,6 +188,12 @@ if [ $1 -ge 1 ] ; then
fi
%changelog
* Tue Oct 13 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.6.1-1
- Add SSSDConfig API
- Update polish translation for 0.6.0
- Fix long timeout on ldap operation
- Make dp requests more robust
* Tue Sep 29 2009 Stephen Gallagher <sgallagh@redhat.com> - 0.6.0-1
- Ensure that the configuration upgrade script always writes the config
file with 0600 permissions