Commit Graph

139 Commits

Author SHA1 Message Date
Stephen Gallagher
f6c362454d Resolves: rhbz#683267 - sssd 1.5.1-9 breaks AD authentication 2011-03-17 11:47:25 -04:00
Stephen Gallagher
53637a07d3 New upstream release 1.5.3
Support for libldb >= 1.0.0
2011-03-11 13:50:59 -05:00
Stephen Gallagher
1dadc663de Update sources file for sssd-1.5.2 2011-03-10 16:38:54 -05:00
Stephen Gallagher
3b364490a6 New upstream release 1.5.2
https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.2
Fixes for support of FreeIPA v2
Fixes for failover if DNS entries change
Improved sss_obfuscate tool with better interactive mode
Fix several crash bugs
Don't attempt to use START_TLS over SSL. Some LDAP servers can't handle this
Delete users from the local cache if initgroups calls return 'no such user'
(previously only worked for getpwnam/getpwuid)
Use new Transifex.net translations
Better support for automatic TGT renewal (now survives restart)
Netgroup fixes
2011-03-10 15:00:40 -05:00
Simo Sorce
b28cafe61b - Rebuild sssd against libldb 1.0.2 so the memberof module loads again.
- Related: rhbz#677425
2011-02-27 21:54:52 -05:00
Stephen Gallagher
7a33e7710b - Resolves: rhbz#677768 - name service caches names, so id command shows
-                         recently deleted users
2011-02-21 15:42:00 -05:00
Stephen Gallagher
da2a04f651 - Ensure that SSSD builds against libldb-1.0.0 on F15 and later
- Remove .la for memberOf
2011-02-11 11:41:33 -05:00
Stephen Gallagher
0ad47aae65 - Fix memberOf install path 2011-02-11 11:22:33 -05:00
Stephen Gallagher
e8ab291d89 - Add support for libldb 1.0.0 2011-02-11 09:36:41 -05:00
Dennis Gilmore
8923e26c46 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-09 10:00:19 -06:00
Stephen Gallagher
d12cd5dd26 - Fix nested group member filter sanitization for RFC2307bis
- Put translated tool manpages into the sssd-tools subpackage
2011-02-01 09:20:57 -05:00
Stephen Gallagher
749bf2d662 Bump release number 2011-01-27 14:40:33 -05:00
Stephen Gallagher
7e3a2cd879 - Restore Requires: cyrus-sasl-gssapi as it is not auto-detected during
- rpmbuild
2011-01-27 14:38:13 -05:00
Stephen Gallagher
f151b0669b - New upstream release 1.5.1
- Addresses CVE-2010-4341 - DoS in sssd PAM responder can prevent logins
- Vast performance improvements when enumerate = true
- All PAM actions will now perform a forced initgroups lookup instead of just
- a user information lookup
-   This guarantees that all group information is available to other
-   providers, such as the simple provider.
- For backwards-compatibility, DNS lookups will also fall back to trying the
- SSSD domain name as a DNS discovery domain.
- Support for more password expiration policies in LDAP
-    389 Directory Server
-    FreeIPA
-    ActiveDirectory
- Support for ldap_tls_{cert,key,cipher_suite} config options
-Assorted bugfixes
2011-01-27 13:50:21 -05:00
Stephen Gallagher
3a15e92ce7 - CVE-2010-4341 - DoS in sssd PAM responder can prevent logins 2011-01-11 12:32:39 -05:00
Stephen Gallagher
5225c3262b - New upstream release 1.5.0
- Fixed issues with LDAP search filters that needed to be escaped
- Add Kerberos FAST support on platforms that support it
- Reduced verbosity of PAM_TEXT_INFO messages for cached credentials
- Added a Kerberos access provider to honor .k5login
- Addressed several thread-safety issues in the sss_client code
- Improved support for delayed online Kerberos auth
- Significantly reduced time between connecting to the network/VPN and
- acquiring a TGT
- Added feature for automatic Kerberos ticket renewal
- Provides the kerberos ticket for long-lived processes or cron jobs
- even when the user logs out
- Added several new features to the LDAP access provider
- Support for 'shadow' access control
- Support for authorizedService access control
- Ability to mix-and-match LDAP access control features
- Added an option for a separate password-change LDAP server for those
- platforms where LDAP referrals are not supported
- Added support for manpage translations
2010-12-22 14:08:33 -05:00
Stephen Gallagher
9600ada0fd Fix release number 2010-11-18 08:44:23 -05:00
Stephen Gallagher
069ad4076b - Solve a shutdown race-condition that sometimes left processes running
- Resolves: rhbz#606887 - SSSD stops on upgrade
2010-11-18 08:41:39 -05:00
Stephen Gallagher
4e1de07cd8 - Log startup errors to the syslog
- Allow cache cleanup to be disabled in sssd.conf
2010-11-16 12:48:57 -05:00
Stephen Gallagher
9d5bcde0eb - New upstream release 1.4.1
- Add support for netgroups to the proxy provider
- Fixes a minor bug with UIDs/GIDs >= 2^31
- Fixes a segfault in the kerberos provider
- Fixes a segfault in the NSS responder if a data provider crashes
- Correctly use sdap_netgroup_search_base
2010-11-01 09:02:47 -04:00
Stephen Gallagher
75efc48618 Fix incorrect tarball URL 2010-10-18 16:06:09 -04:00
Stephen Gallagher
d8a8ec9a9a Fix tarball URL 2010-10-18 16:04:39 -04:00
Stephen Gallagher
4926f3ae3a Merge branch 'master' into f14 2010-10-18 15:37:53 -04:00
Stephen Gallagher
e439c0b36c Uploading SSSD 1.4.0 tarball 2010-10-18 14:50:39 -04:00
Stephen Gallagher
9b0ef1cecd - New upstream release 1.4.0
- Added support for netgroups to the LDAP provider
- Performance improvements made to group processing of RFC2307 LDAP servers
- Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin
- Build-system improvements to support Gentoo
- Split out several libraries into the ding-libs tarball
- Manpage reviewed and updated
2010-10-18 14:44:48 -04:00
Stephen Gallagher
d856e9b109 Merge branch 'master' into f14 2010-10-04 09:48:41 -04:00
Stephen Gallagher
2d631b340a - Fix pre and post script requirements 2010-10-04 09:47:22 -04:00
Stephen Gallagher
c0762ac0e0 Merge branch 'master' into f14 2010-10-04 09:27:12 -04:00
Stephen Gallagher
3f786445f0 - Resolves: rhbz#606887 - sssd stops on upgrade 2010-10-04 09:23:20 -04:00
Stephen Gallagher
8cdc9d4fbc - Resolves: rhbz#626205 - Unable to unlock screen 2010-10-04 09:14:17 -04:00
Stephen Gallagher
c7ce53cc09 - Resolves: rhbz#637955 - libini_config-devel needs libcollection-devel but
-                         doesn't require it
2010-09-28 08:07:15 -04:00
Stephen Gallagher
c99e02ae14 Bump release number and fix changelog message 2010-09-28 07:55:09 -04:00
Stephen Gallagher
d19c240979 - Resolves: 637955 - libini_config-devel needs libcollection-devel but
-                    doesn't require it
2010-09-28 07:49:22 -04:00
Stephen Gallagher
6931ca88fa - Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib 2010-09-16 09:34:47 -04:00
Stephen Gallagher
cfa7be9344 - Resolves: rhbz#632615 - the krb5 locator plugin isn't packaged for multilib 2010-09-16 09:32:53 -04:00
Stephen Gallagher
8c665d0af5 Resolves: CVE-2010-2940 2010-08-24 12:10:04 -04:00
Fedora Release Engineering
22218bb857 dist-git conversion 2010-07-29 13:10:57 +00:00
dmalcolm
eb2fc3c856 - Rebuilt for
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
2010-07-22 06:37:10 +00:00
Stephen Gallagher
bd215c451c - New upstream version 1.2.91 (1.3.0rc1)
- Improved LDAP failover
- Synchronous sysdb API (provides performance enhancements)
- Better online reconnection detection
2010-07-09 18:52:22 +00:00
Stephen Gallagher
d41b28e7ec - New stable upstream version 1.2.1
- Resolves: rhbz#595529 - spec file should eschew %define in favor of
- %global
- Resolves: rhbz#593644 - Empty list of simple_allow_users causes sssd
    service
- to fail while restart.
- Resolves: rhbz#599026 - Makefile typo causes SSSD not to use the kernel
- keyring
- Resolves: rhbz#599724 - sssd is broken on Rawhide
2010-06-21 11:37:06 +00:00
Stephen Gallagher
d5f2e4a868 - New stable upstream version 1.2.0
- Support ServiceGroups for FreeIPA v2 HBAC rules
- Fix long-standing issue with auth_provider = proxy
- Better logging for TLS issues in LDAP
2010-05-24 19:19:33 +00:00
Stephen Gallagher
439d34ed5c - New LDAP access provider allows for filtering user access by LDAP
attribute
- Reduced default timeout for detecting offline status with LDAP
- GSSAPI ticket lifetime made configurable
- Better offline->online transition support in Kerberos
2010-05-18 18:02:30 +00:00
Stephen Gallagher
6a6c9eb9a8 - Release new upstream version 1.1.91
- Enhancements when using SSSD with FreeIPA v2
- Support for deferred kinit
- Support for DNS SRV records for failover
2010-05-07 21:36:48 +00:00
Simo Sorce
e5b19bf276 - Bump up release number to avoid library sub-packages version issues with
previous releases.
2010-04-02 15:48:31 +00:00
Stephen Gallagher
db77daa344 - New upstream release 1.1.1
- Fixed the IPA provider (which was segfaulting at start)
- Fixed a bug in the SSSDConfig API causing some options to revert to
- their defaults
- This impacted the Authconfig UI
- Ensure that SASL binds to LDAP auto-retry when interrupted by a signal
2010-04-01 15:19:19 +00:00
Stephen Gallagher
58c745dac6 - Release SSSD 1.1.0 final
- Fix two potential segfaults
- Fix memory leak in monitor
- Better error message for unusable confdb
2010-03-22 19:54:48 +00:00
Stephen Gallagher
026e8e0f23 - Release candidate for SSSD 1.1
- Add simple access provider
- Create subpackages for libcollection, libini_config, libdhash and
    librefarray
- Support IPv6
- Support LDAP referrals
- Fix cache issues
- Better feedback from PAM when offline
2010-03-17 16:53:01 +00:00
Stephen Gallagher
7362f8c6bd - Rebuild against new libtevent 2010-02-24 20:44:32 +00:00
Stephen Gallagher
94dadd289a - Fix licenses in sources and on RPMs 2010-02-19 15:39:59 +00:00
Stephen Gallagher
48e4ae867d - Fix regression on 64-bit platforms 2010-01-25 18:52:14 +00:00