On Mon, Jan 14, 2013 at 04:41:42PM -0500, Stephen Gallagher wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon 14 Jan 2013 04:28:57 PM EST, Jakub Hrozek wrote:
> On Mon, Jan 14, 2013 at 08:37:56PM +0000, Daniel Laird wrote:
>> I am stuck with Ubuntu 10.04 (no chance of upgrading our servers).
>> This means I am currently running SSSD 1.0.5.
>
> This is a very, very old version of SSSD. It hasn't been supported in
> ages.
>
>>
>> I want to limit which users can login.
>> In later versions I believe I would use
>> 'ldap_access_filter'
>>
>
> Does that version have the "simple" access provider (man sssd-simple).
> If so, you could use that one.
>
>> This would allow only users in the specified groups to login.
>>
>> Given my limitation on the version of SSSD can anyone help me achieve the same
or is it not possible?
>>
>> I am a bit scared of rebuilding newer versions of SSSD.
>>
>
> I would really urge you to upgrade. I'm CC-ing Timo Aaltonen, the Ubuntu
> SSSD maintainer.
>
> Timo, do you have maybe any PPA for 10.04 with more recent SSSD
> versions?
>
SSSD was approved for a standing Micro Release Exception on January
8th[1], meaning that it's now on the list of packages that Ubuntu can
opt to upgrade within a stable release. My understanding is that there
are plans to backport SSSD 1.8 at least to the currently-supported
Ubuntu releases, though Timo will have to confirm that for me (I'm only
going from hearsay).
[1]
https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions
Ah, thank you, I was wondering what MRE stands for when I was skimming
through the Ubuntu bug reports lately :-)