Fedora 16 Update: sssd-1.8.1-7.fc16
updates at fedoraproject.org
updates at fedoraproject.org
Sat Mar 17 23:44:22 UTC 2012
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-2725
2012-03-01 08:58:46
--------------------------------------------------------------------------------
Name : sssd
Product : Fedora 16
Version : 1.8.1
Release : 7.fc16
URL : http://fedorahosted.org/sssd/
Summary : System Security Services Daemon
Description :
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
--------------------------------------------------------------------------------
Update Information:
Changes in 1.7.0
* Support for case-insensitive domains
* Support for multiple search bases in the LDAP provider
* Support for the native FreeIPA netgroup implementation
* Reliability improvements to the process monitor
* New DEBUG facility with more consistent log levels
* New tool to change debug log levels without restarting SSSD
* SSSD will now disconnect from LDAP server when idle
* FreeIPA HBAC rules can choose to ignore srchost options for significant performance gains
* Assorted performance improvements in the LDAP provider (reducing disk-writes to the cache)
* Fixed upgrade issue with search bases.
* Fixed memory corruption issue causing random LDAP failures
* Found and fixed one more issue related to the search base setup
Changes in 1.8.0beta3
* Support for the service map in NSS
* Support for setting default SELinux user context from FreeIPA
* Support for retrieving SSH user and host keys from LDAP (Experimental)
* Support for caching autofs LDAP requests (Experimental)
* Support for caching SUDO rules (Experimental)
* Fix two minor manpage bugs
* Include the IPA AutoFS provider
* Fixed a regression in group enumeration since 1.7.0
* Fixed several memory-corruption bugs
* Finalized the ABI for the autofs support
* Fixed a regression in the proxy provider
Changes in sssd-1.8.0-5.fc16.beta3.1:
* Remove changes to switch the default credential cache location. This has been deferred to Fedora 18
Changes in sssd-1.8.0-6.fc16
* Assorted stabilization fixes
Changes in sssd-1.8.1-7.fc16
* Resolve issue where we could enter an infinite loop trying to connect to an auth server
* Fix serious issue with complex (3+ levels) nested groups
* Fix netgroup support for case-insensitivity and aliases
* Fix serious issue with lookup bundling resulting in requests never completing
* IPA provider will now check the value of nsAccountLock during pam_acct_mgmt in addition to pam_authenticate
* Fix several regressions in the proxy provider
--------------------------------------------------------------------------------
ChangeLog:
* Mon Mar 12 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.1-7
- New upstream release 1.8.1
- Resolve issue where we could enter an infinite loop trying to connect to an
auth server
- Fix serious issue with complex (3+ levels) nested groups
- Fix netgroup support for case-insensitivity and aliases
- Fix serious issue with lookup bundling resulting in requests never
completing
- IPA provider will now check the value of nsAccountLock during pam_acct_mgmt
in addition to pam_authenticate
- Fix several regressions in the proxy provider
- Resolves: rhbz#743133 - Performance regression with Kerberos authentication
against AD
- Resolves: rhbz#799031 - --debug option for sss_debuglevel doesn't work
* Tue Feb 28 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-6
- New upstream release 1.8.0
- Support for the service map in NSS
- Support for setting default SELinux user context from FreeIPA
- Support for retrieving SSH user and host keys from LDAP (Experimental)
- Support for caching autofs LDAP requests (Experimental)
- Support for caching SUDO rules (Experimental)
- Include the IPA AutoFS provider
- Fixed several memory-corruption bugs
- Fixed a regression in group enumeration since 1.7.0
- Fixed a regression in the proxy provider
- Resolves: rhbz#741981 - Separate Cache Timeouts for SSSD
- Resolves: rhbz#797968 - sssd_be: The requested tar get is not configured is
logged at each login
- Resolves: rhbz#754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process
/usr/sbin/sssd was killed by signal 11 (SIGSEGV)
- Resolves: rhbz#743133 - Performance regression with Kerberos authentication
against AD
- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
new LDAP features
* Thu Feb 23 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-5.beta3.1
- Remove patch for changing default credential cache. Deferred to F18
* Wed Feb 22 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-5.beta3
- Change default kerberos credential cache location to /run/user/<username>
* Wed Feb 15 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-4.beta3
- New upstream release 1.8.0 beta 3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta3
- Fixed a regression in group enumeration since 1.7.0
- Fixed several memory-corruption bugs
- Finalized the ABI for the autofs support
- Fixed a regression in the proxy provider
* Fri Feb 10 2012 Petr Pisar <ppisar at redhat.com> - 1.8.0-3.beta2
- Rebuild against PCRE 8.30
* Mon Feb 6 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-1.beta2
- New upstream release
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta2
- Fix two minor manpage bugs
- Include the IPA AutoFS provider
* Mon Feb 6 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.8.0-1.beta1
- New upstream release
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.8.0beta1
- Support for the service map in NSS
- Support for setting default SELinux user context from FreeIPA
- Support for retrieving SSH user and host keys from LDAP (Experimental)
- Support for caching autofs LDAP requests (Experimental)
- Support for caching SUDO rules (Experimental)
* Wed Feb 1 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.7.0-5
- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
new LDAP features - fix netgroups and sudo as well
* Wed Feb 1 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.7.0-4
- Fixes a serious memory hierarchy bug causing unpredictable behavior in the
LDAP provider.
* Wed Feb 1 2012 Stephen Gallagher <sgallagh at redhat.com> - 1.7.0-3
- Resolves: rhbz#773706 - SSSD fails during autodetection of search bases for
new LDAP features
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Dec 22 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.7.0-1
- New upstream release 1.7.0
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.7.0
- Support for case-insensitive domains
- Support for multiple search bases in the LDAP provider
- Support for the native FreeIPA netgroup implementation
- Reliability improvements to the process monitor
- New DEBUG facility with more consistent log levels
- New tool to change debug log levels without restarting SSSD
- SSSD will now disconnect from LDAP server when idle
- FreeIPA HBAC rules can choose to ignore srchost options for significant
performance gains
- Assorted performance improvements in the LDAP provider
* Mon Dec 19 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.4-1
- New upstream release 1.6.4
- Rolls up previous patches applied to the 1.6.3 tarball
- Fixes a rare issue causing crashes in the failover logic
- Fixes an issue where SSSD would return the wrong PAM error code for users
that it does not recognize.
* Wed Dec 7 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.3-5
- Rebuild against libldb 1.1.4
* Tue Nov 29 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.3-4
- Resolves: rhbz#753639 - sssd_nss crashes when passed invalid UTF-8 for the
username in getpwnam()
- Resolves: rhbz#758425 - LDAP failover not working if server refuses
connections
* Thu Nov 24 2011 Jakub Hrozek <jhrozek at redhat.com> - 1.6.3-3
- Rebuild for libldb 1.1.3
* Thu Nov 10 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.3-2
- Resolves: rhbz#752495 - Crash when apply settings
* Fri Nov 4 2011 Stephen Gallagher <sgallagh at redhat.com> - 1.6.3-1
- New upstream release 1.6.3
- https://fedorahosted.org/sssd/wiki/Releases/Notes-1.6.3
- Fixes a major cache performance issue introduced in 1.6.2
- Fixes a potential infinite-loop with certain LDAP layouts
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #743133 - Performance regression with Kerberos authentication against AD
https://bugzilla.redhat.com/show_bug.cgi?id=743133
[ 2 ] Bug #799031 - --debug option for sss_debuglevel doesn't work.
https://bugzilla.redhat.com/show_bug.cgi?id=799031
[ 3 ] Bug #773706 - SSSD fails during autodetection of search bases for new LDAP features
https://bugzilla.redhat.com/show_bug.cgi?id=773706
[ 4 ] Bug #741981 - Separate Cache Timeouts for SSSD
https://bugzilla.redhat.com/show_bug.cgi?id=741981
[ 5 ] Bug #797968 - sssd_be: The requested tar get is not configured is logged at each login
https://bugzilla.redhat.com/show_bug.cgi?id=797968
[ 6 ] Bug #754114 - [abrt] sssd-1.6.3-1.fc16: ping_check: Process /usr/sbin/sssd was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=754114
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update sssd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list