Fedora 14 Update: sssd-1.5.0-1.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Mon Jan 10 21:30:23 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-19221
2010-12-24 23:45:53
--------------------------------------------------------------------------------
Name : sssd
Product : Fedora 14
Version : 1.5.0
Release : 1.fc14
URL : http://fedorahosted.org/sssd/
Summary : System Security Services Daemon
Description :
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
--------------------------------------------------------------------------------
Update Information:
* Fixed issues with LDAP search filters that needed to be escaped
* Add Kerberos FAST support on platforms that support it
* Reduced verbosity of PAM_TEXT_INFO messages for cached credentials
* Added a Kerberos access provider to honor .k5login
* Addressed several thread-safety issues in the sss_client code
* Improved support for delayed online Kerberos auth
* Significantly reduced time between connecting to the network/VPN and
acquiring a TGT
* Added feature for automatic Kerberos ticket renewal
* Provides the kerberos ticket for long-lived processes or cron jobs
even when the user logs out
* Added several new features to the LDAP access provider
* Support for 'shadow' access control
* Support for authorizedService access control
* Ability to mix-and-match LDAP access control features
* Added an option for a separate password-change LDAP server for those
platforms where LDAP referrals are not supported
* Added support for manpage translations
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 22 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.5.0-1
- New upstream release 1.5.0
- Fixed issues with LDAP search filters that needed to be escaped
- Add Kerberos FAST support on platforms that support it
- Reduced verbosity of PAM_TEXT_INFO messages for cached credentials
- Added a Kerberos access provider to honor .k5login
- Addressed several thread-safety issues in the sss_client code
- Improved support for delayed online Kerberos auth
- Significantly reduced time between connecting to the network/VPN and
- acquiring a TGT
- Added feature for automatic Kerberos ticket renewal
- Provides the kerberos ticket for long-lived processes or cron jobs
- even when the user logs out
- Added several new features to the LDAP access provider
- Support for 'shadow' access control
- Support for authorizedService access control
- Ability to mix-and-match LDAP access control features
- Added an option for a separate password-change LDAP server for those
- platforms where LDAP referrals are not supported
- Added support for manpage translations
* Thu Nov 18 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.1-3
- Solve a shutdown race-condition that sometimes left processes running
- Resolves: rhbz#606887 - SSSD stops on upgrade
* Tue Nov 16 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.1-2
- Log startup errors to the syslog
- Allow cache cleanup to be disabled in sssd.conf
* Mon Nov 1 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.1-1
- New upstream release 1.4.1
- Add support for netgroups to the proxy provider
- Fixes a minor bug with UIDs/GIDs >= 2^31
- Fixes a segfault in the kerberos provider
- Fixes a segfault in the NSS responder if a data provider crashes
- Correctly use sdap_netgroup_search_base
* Mon Oct 18 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.0-2
- Fix incorrect tarball URL
* Mon Oct 18 2010 Stephen Gallagher <sgallagh at redhat.com> - 1.4.0-1
- New upstream release 1.4.0
- Added support for netgroups to the LDAP provider
- Performance improvements made to group processing of RFC2307 LDAP servers
- Fixed nested group issues with RFC2307bis LDAP servers without a memberOf plugin
- Build-system improvements to support Gentoo
- Split out several libraries into the ding-libs tarball
- Manpage reviewed and updated
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #645832 - sssd craches AD
https://bugzilla.redhat.com/show_bug.cgi?id=645832
[ 2 ] Bug #646781 - id only returns primary group membership
https://bugzilla.redhat.com/show_bug.cgi?id=646781
[ 3 ] Bug #658689 - On screen unlock, pam_sss doesn't renew Kerberos ticket
https://bugzilla.redhat.com/show_bug.cgi?id=658689
[ 4 ] Bug #658444 - sssd generates corrupt database when started by puppetd from kickstart %post
https://bugzilla.redhat.com/show_bug.cgi?id=658444
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update sssd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list