rpms/sssd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
571 Commits 10 Branches 75 Tags 6.3 MiB
ee34878d04
Commit Graph

547 Commits

Author SHA1 Message Date
Sumit Bose
bfbe7140ec sssd.spec: disable running files provider by default 
Disable the default files provider as described in
https://fedoraproject.org/wiki/Changes/FlexibleLocalUserCache
 2021-08-09 11:30:58 +02:00
Fedora Release Engineering
aec1c33488 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-23 18:15:25 +00:00
Alexander Bokovoy
a41021524e Rebuild against Samba 4.15.0 RC1 
Samba's libndr did bump soname

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
 2021-07-16 17:04:00 +03:00
Pavel Březina
279a6d02b9 sssd-2.5.2-1: Rebase to latest upstream release 2021-07-13 11:28:31 +02:00
Pavel Březina
d6f7b5cf84 sssd-2.5.1-2: debug_backtrace improvements 2021-06-24 12:11:56 +02:00
Pavel Březina
948a68a9af sssd-2.5.1-1: Rebase to latest upstream release 2021-06-08 13:07:57 +02:00
Python Maint
099b94da59 Rebuilt for Python 3.10 2021-06-04 21:15:45 +02:00
Pavel Březina
f224e547f4 sssd-2.5.0-2: Fix KCM regression on long upgrade path 
Resolves: rhbz#1962006
 2021-05-19 19:42:02 +02:00
Pavel Březina
0f12c3fbb3 sssd-2.5.0-1: Rebase to latest upstream release 2021-05-10 16:02:51 +02:00
Iker Pedrosa
4243ecae87 sssd-2.4.2-5: Change configure to avoid errors with new autoconf version 
(rhbz#1943130)
 2021-04-08 15:46:53 +02:00
Pavel Březina
b1df55fa36 sssd-2.4.2-4: Add CAP_DAC_OVERRIDE to ifp service file if required by build configuration 2021-03-31 13:11:44 +02:00
Pavel Březina
ea1b261cc2 spec: update spec file with recent upstream fixes 
* 815197cb1d
* 9da41eb910

(cherry picked from commit 53a865af5d2972215da41df083002452738474ba)
 2021-03-31 11:52:40 +02:00
Marco Trevisan
29b29498d3 sssd.spec: BuildRequires on openssl binary 
It's required by tests in order to generate the certificate files.
 2021-03-27 22:52:22 +00:00
Zbigniew Jędrzejewski-Szmek
f0ffcb4e3e Rebuilt for updated systemd-rpm-macros 
See https://pagure.io/fesco/issue/2583.
 2021-03-02 16:12:16 +01:00
Pavel Březina
0460a368c6 sssd-2.4.2-2: Remove setuid from child binaries and relax requirement on python3-sssdconfig 2021-02-19 18:24:03 +01:00
Pavel Březina
ac57def994 sssd-2.4.2-1: Rebase to latest upstream release 2021-02-19 17:11:06 +01:00
Pavel Březina
9e5dd4b665 sssd-2.4.1-1: Rebase to latest upstream release 2021-02-05 19:00:09 +01:00
Fedora Release Engineering
331dfd3e60 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-27 21:01:16 +00:00
Pavel Březina
968f95e90a sssd-2.4.0-6 - improve kcm performance 2020-12-11 11:30:39 +01:00
Pavel Březina
d86ed3a2a2 sssd-2.4.0.5 - improve kcm performance 2020-12-07 17:31:23 +01:00
Stephen Gallagher
e67274864c
Rebuild for Fedora ELN 
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 2020-11-30 08:09:43 -05:00
Petr Lautrbach
709264858f Rebuild with libsemanage.so.2 2020-11-03 16:56:27 +01:00
Pavel Březina
65e3d07e64 sssd-2.4.0-2: remove old patches 2020-10-12 14:14:07 +02:00
Pavel Březina
bc988250a3 sssd-2.4.0-1: Rebase to latest upstream release 2020-10-12 13:43:32 +02:00
Pavel Březina
1e74bee608 sssd-2.3.1-4: include 2.3.1 source 2020-07-28 11:52:54 +02:00
Pavel Březina
51e0d0ae04 sssd-2.3.1-3: fix test compilation with check-0.15 2020-07-28 10:27:21 +02:00
Pavel Březina
442c3962bb sssd-2.3.1-2: switch to rundir 2020-07-28 10:26:30 +02:00
Pavel Březina
cf3c8f20ee sssd-2.3.1-1: Rebase to latest upstream release 2020-07-24 16:47:30 +02:00
Merlin Mathesius
1424e14b42 Minor ELN conditional fix 
Signed-off-by: Merlin Mathesius <mmathesi@redhat.com>
 2020-07-24 16:36:14 +02:00
Tom Stellard
97eae27da7 Use make macros 
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-14 14:20:46 +00:00
Jeff Law
ca22aded04 Disable LTO 2020-07-01 12:15:35 -06:00
Peter Jones
2e48ae2d63 Fix github url typo 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2020-06-19 18:50:55 -04:00
Miro Hrončok
83988894b0 Rebuilt for Python 3.9 2020-05-26 03:51:04 +02:00
Pavel Březina
104d122fd9 sssd-2.3.0-1: Rebase to latest upstream release 2020-05-20 13:24:02 +02:00
Michal Židek
261327da76 Fix nss symbol collision Fedora Rawhide 2020-02-28 11:17:41 +01:00
Michal Židek
dfcf325701 Resolves: upstream#4159 - p11_child should have an option to skip C_WaitForSlotEvent if the PKCS#11 module does not implement it properly 2020-02-27 04:34:24 +01:00
Michal Židek
3e2905a176 Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in sss_ptr_hash_delete_cb() 2020-02-27 04:34:24 +01:00
Michal Židek
44805f5ff8 Resolves: upstream#4118 sssd requires timed sudoers ldap entries to be specified up to the seconds 2020-02-27 04:34:24 +01:00
Michal Židek
8b47371b41 Add sssd-dbus package as a dependency of sssd-tools 2020-02-27 04:34:24 +01:00
Michal Židek
573cac525f Resolves: upstream#4142 - sssd_be frequent crash 2020-02-27 04:34:24 +01:00
Michal Židek
8073b6af50 Resolves: upstream#4131 Force LDAPS over 636 with AD Provider 2020-02-27 04:34:24 +01:00
Michal Židek
9aa10702d4 Resolves: upstream#3630 - Randomize ldap_connection_expire_timeout either by default or w/ a configure option 2020-02-27 04:34:24 +01:00
Michal Židek
d61d68d902 Resolves: upstream#4135 - util/sss_ptr_hash.c: potential double free in sss_ptr_hash_delete_cb() 2020-02-27 04:34:24 +01:00
Michal Židek
9781b52c91 Resolves: upstream#4088 - server/be: SIGTERM handling is incorrect 2020-02-27 04:34:24 +01:00
Michal Židek
6c1563e282 Resolves: upstream##4089 Watchdog implementation or usage is incorrect 2020-02-27 04:34:24 +01:00
Michal Židek
b81369e441 Resolves: upstream#4126 pcscd rejecting sssd ldap_child as unauthorized 2020-02-27 04:34:24 +01:00
Michal Židek
069e6c9dc8 Resolves: upstream#4127 - [Doc]Provide explanation on escape character for match rules sss-certmap 2020-02-27 04:34:24 +01:00
Michal Židek
ec08164de5 Resolves: upstream#4129 - sssctl config-check command does not give proper error messages with line numbers 2020-02-27 04:34:24 +01:00
Michal Židek
54f0db91d3 Update to latest released upstream version 2.2.3 2020-02-27 04:34:24 +01:00
Fedora Release Engineering
8078a58a14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-31 00:16:21 +00:00
Stephen Gallagher
2f22753551
Fix build against samba-4.12.0rc1 
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 2020-01-24 16:18:38 +01:00
Mohan Boddu
b3516604c1 Rebuild for samba-4.12.0rc1 
Signed-off-by: Mohan Boddu <mboddu@bhujji.com>
 2020-01-24 07:17:14 -05:00
Adam Williamson
4e675b1715 Backport PR #900 to fix RHBZ #1755643 2019-10-22 11:27:01 -07:00
Adam Williamson
460a59ec3d Backport PR #904 to fix RHBZ #1757224 2019-10-22 10:04:39 -07:00
Michal Židek
0aaf839d04 Update to latest released upstream version 2.2.2 2019-09-17 11:23:59 +02:00
Stephen Gallagher
e35ea7dfd4
Rebuilding for libldb 2.0.5 
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
 2019-08-26 17:57:25 -04:00
Miro Hrončok
3e66e97711 Rebuilt for Python 3.8 2019-08-19 11:06:22 +02:00
Fedora Release Engineering
21a512736f - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-27 00:08:51 +00:00
Jakub Hrozek
7f0d43352a Resolves: rhbz#1721636 - sssd-kcm calls sssd-genconf which triggers nscd warning 2019-07-05 16:45:50 +02:00
Jakub Hrozek
d757370f98 Resolves: rhbz#1724717 - sssd-proxy crashes resolving groups with no members 2019-07-05 16:43:40 +02:00
Michal Židek
e1908a5bc4 Fix Python build failures on rawhide. 
Thx. to Lukas Slebodnik for fixing this issue.
 2019-06-19 10:53:12 +02:00
Michal Židek
76a13b3c78 Update to latest released upstream version 2.2.0 2019-06-17 14:51:15 +02:00
Michal Židek
1d0af0b97b Resolves: upstream#3867 - [RFE] Need an option in SSSD so that it will skip GPOs that have groupPolicyContainers unreadable by SSSD. 
- CVE-2018-16838
 2019-03-28 00:06:39 +01:00
Michal Židek
27d612fd39 Update to latest released upstream version 2.1.0 2019-03-27 18:22:06 +01:00
Sinny Kumari
80cc892c48 Resolves: rhbz#1667444 - sssd: make python3-sssdconfig as suggest 
Signed-off-by: Sinny Kumari <sinny@redhat.com>
 2019-02-14 17:29:11 +05:30
Adam Williamson
786d467c78 Backport fix for RHBZ #1676946 (see upstream #3924) 
This backports three commits that are identified in upstream
issue #3924 as the fixes for RHBZ #1676946 (failure of sssd to
start in current Rawhide).
 2019-02-13 17:55:26 -08:00
Fedora Release Engineering
5c6f906a0e - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-02-03 08:34:02 +00:00
Igor Gnatenko
fa80197b65 Remove obsolete Group tag 
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
 2019-01-28 20:24:50 +01:00
Igor Gnatenko
a5b776ca3c
Remove obsolete ldconfig scriptlets 
References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2019-01-22 18:41:04 +01:00
Adam Williamson
cbdd57fe9d Backport other patches from master to fix build with recent krb5 2018-12-13 00:02:15 -08:00
Adam Williamson
64cb87e84a Resolves: rhbz#1654537 - sbus: use 120 second default timeout 2018-12-12 22:41:39 -08:00
Michal Židek
9732e7fd7b Resolves: rhbz#1629737 - sssd: Remove python2 (sub)packages from Fedora 30+ 2018-11-07 15:18:49 +01:00
Michal Židek
c0971b7e39 Backport a bunch of upstream fixes 
- Resolves: upstream#3821 - crash related to sbus_router_destructor()
- Resolves: upstream#3810 - sbus2: fix memory leak in sbus_message_bound_ref
- Resolves: upstream#3819 - sssd only sets the SELinux login context if it
                            differs from the default
- Resolves: upstream#3807 - The sbus codegen script relies on "python" which
                            might not be available on all distributions
- Resolves: upstream#3820 - sudo: search with lower cased name for case
                            insensitive domains
- Resolves: upstream#3701 - [RFE] Allow changing default behavior of SSSD from
                            an allow-any default to a deny-any default when it
                            can't find any GPOs to apply to a user login.
- Resolves: upstream#3828 - Invalid domain provider causes SSSD to abort
                            startup
- Resolves: upstream#3500 - Make sure sssd is a replacement for pam_pkcs11
                            also for local account authentication
- Resolves: upstream#3812 - sssd 2.0.0 segfaults on startup
- Resolves: upstream#3826 - Remove references of sss_user/group/add/del
                            commands in man pages since local provider is
                            deprecated
- Resolves: upstream#3827 - SSSD should log to syslog if a domain is not
                            started due to a misconfiguration
- Resolves: upstream#3830 - Printing incorrect information about domain with
                            sssctl utility
- Resolves: upstream#3489 - p11_child should work wit openssl1.0+
- Resolves: upstream#3750 - [RFE] man 5 sssd-files should mention necessary
                            changes in nsswitch.conf
- Resovles: upstream#3650 - RFE: Require smartcard authentication
- Resolves: upstream#3334 - sssctl config-check does not check any special
                            characters in domain name of domain section
- Resolves: upstream#3849 - Files: The files provider always enumerates
                            which causes duplicate when running getent passwd
- Related: upstream#3855 - session not recording for local user when groups
                           defined
- Resolves: upstream#3802 - Reuse sysdb_error_to_errno() outside sysdb
- Related: upstream#3493 - Remove the pysss.local interface
 2018-10-24 14:40:58 +02:00
Michal Židek
129efc7839 Resolves: rhbz#1622760 - Console login as FreeIPA domain user fails in current Fedora Rawhide / 29 2018-08-29 16:58:06 +02:00
Michal Židek
4e478641d1 Fix linking issues 2018-08-29 16:58:06 +02:00
Michal Židek
2ef66b266c New upstream release 2.0.0 2018-08-14 11:43:55 +02:00
Fedora Release Engineering
0a06c01711 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-14 06:42:21 +00:00
Jason Tibbitts
8a13e36b6a Remove needless use of %defattr 2018-07-10 01:27:54 -05:00
Miro Hrončok
633afe1b94 Rebuilt for Python 3.7 2018-07-02 18:24:19 +02:00
Fabiano Fidêncio
68ef824a5f Resolves: upstream#3766 - CVE-2018-10852: information leak from the sssd-sudo responder 
And also ...

- Related: upstream#941 - return multiple server addresses to the Kerberos
                          locator plugin
- Related: upstream#3652 - kdcinfo doesn't get populated for other domains
- Resolves: upstream#3747 - sss_ssh_authorizedkeys exits abruptly if SSHD
                            closes its end of the pipe before reading all the
                            SSH keys
- Resolves: upstream#3607 - Handle conflicting e-mail addresses more gracefully
- Resolves: upstream#3754 - SSSD AD uses LDAP filter to detect POSIX attributes
                            stored in AD GC also for regular AD DC queries
- Related: upstream#3219 - [RFE] Regular expression used in sssd.conf not being
                           able to consume an @-sign in the user/group name.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-06-25 09:38:16 +02:00
Fabiano Fidêncio
192e845618 Resolves: rhbz#1591804 - something keeps /lib/libnss_systemd.so.2 open on minimal appliance image, breaking composes 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-06-21 21:38:33 +02:00
Miro Hrončok
d8abd616d9 Rebuilt for Python 3.7 2018-06-19 11:27:58 +02:00
Fabiano Fidêncio
a36f5fea4b New upstream release 1.16.2 
- https://docs.pagure.org/SSSD.sssd/users/relnotes/notes_1_16_2.html

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-06-11 13:32:07 +02:00
Fabiano Fidêncio
29d69716ad Related: upstream#3742 - Change of: User may not run sudo --> a password is required 
Patch 0017-sudo-ldap-do-not-store-rules-without-sudoHost-attrib.patch
has been commented out as it caused some regressions on IPA tests.

In order to unblock IPA folks, let's revert this patch from Fedora till
we have a proper fix.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-28 10:01:23 +02:00
Fabiano Fidêncio
4979898a6e Revert "Add: "ExcludeArch: armv7hl"" 
This reverts commit bc3790f5a0.
 2018-05-17 17:53:56 +02:00
Fabiano Fidêncio
bc3790f5a0 Add: "ExcludeArch: armv7hl" 
For some reason still unclear we're *not* able to build SSSD on koji's
buildroot for armv7hl. Some tests have been done and SSSD was built
successfully using real armv7hl hardware, which indicates that we're
facing https://bugzilla.redhat.com/show_bug.cgi?id=1576593

As soon as the bug is resolved, this patch could be safely reverted.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-16 21:54:59 +02:00
Fabiano Fidêncio
0a2c83fbd0 Related: upstream#3436 - Certificates used in unit tests have limited lifetime 
Fix a non harmful warning shown by recent versions of OpenSSL.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-16 21:53:46 +02:00
Fabiano Fidêncio
c4f0508af1 Related: upstream#3436 - Add openssl, openssh and nss-tools as BuildRequires 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 11:36:56 +02:00
Fabiano Fidêncio
5f75f7e4f2 Resolves: upstream#3595 - ID override GID from Default Trust View is not properly resolved in case domain resolution order is set 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:59:20 +02:00
Fabiano Fidêncio
1511bcd8b2 Resolves: upstream#3731 - nss_clear_netgroup_hash_table(): only remove entries from the hash table, do not free them 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:58:02 +02:00
Fabiano Fidêncio
3ad9e211eb Resolves: upstream#3728 - Request by ID outside the min_id/max_id limit of a first domain does not reach the second domain 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:57:11 +02:00
Fabiano Fidêncio
ed238e28ff Resolves: upstream#3719 - The SSSD IPA provider allocates information about external groups on a long lived memory context, causing memory growth of the sssd_be process 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:56:23 +02:00
Fabiano Fidêncio
97a62b83f1 Related: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:55:43 +02:00
Fabiano Fidêncio
163543f40b Resolves: upstream#3726 - SSSD with ID provider 'ad' should give a warning in case the ldap schema is manually changed to something different than 'ad'. 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:55:01 +02:00
Fabiano Fidêncio
510134aa02 Resolves: upstream#3725 - sssd not honoring dyndns_server if the DNS update process is terminated with a signal 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:54:10 +02:00
Fabiano Fidêncio
5e1db8fc3e Related: upstream#3436 - Certificates used in unit tests have limited lifetime 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-14 09:53:04 +02:00
Fabiano Fidêncio
5254cdcca5 Resolves: rhbz#1574778 - sssd fails to download known_hosts from freeipa 
Patch 0018-sysdb-custom-completely-replace-old-object-instead-o.patch
caused a regression, caught by lslebodn and reported by a few users.

Let's comment out this patch for now and uncomment it when we have a fix
that do not cause a regression.

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-05-05 21:42:38 +02:00
Fabiano Fidêncio
767645dca2 Add gcc to build dependencies 
gcc will be revomed from buildroot in fedora 29
http://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot

Upstream patch from Lukáš Slebodnik <lslebodn@redhat.com>

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
90dd145c92 Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM 
Also ...
Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data
                         Provider returned an error
                         [org.freedesktop.sssd.Error.DataProvider.Fatal]

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-04-27 22:12:12 +02:00
Fabiano Fidêncio
a305fc11b7 Resolves: upstream#3680 - GPO: SSSD fails to process GPOs If a rule is defined, but contains no SIDs 
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
 2018-04-27 22:12:12 +02:00