[sssd] Fix the Kerberos password expiration warning (#912223)
Jakub Hrozek
jhrozek at fedoraproject.org
Thu Feb 21 10:55:09 UTC 2013
commit 21a05ac5408c28f4fd9f979193f53be80afc2a93
Author: Jakub Hrozek <jhrozek at redhat.com>
Date: Thu Feb 21 11:53:21 2013 +0100
Fix the Kerberos password expiration warning (#912223)
...-Fix-the-krb5-password-expiration-warning.patch | 39 ++++++++++++++++++++
sssd.spec | 6 +++-
2 files changed, 44 insertions(+), 1 deletions(-)
---
diff --git a/0005-Fix-the-krb5-password-expiration-warning.patch b/0005-Fix-the-krb5-password-expiration-warning.patch
new file mode 100644
index 0000000..3996494
--- /dev/null
+++ b/0005-Fix-the-krb5-password-expiration-warning.patch
@@ -0,0 +1,39 @@
+From e354a96bbca5da8525ee51f91907e75af897b856 Mon Sep 17 00:00:00 2001
+From: Jakub Hrozek <jhrozek at redhat.com>
+Date: Thu, 14 Feb 2013 10:13:59 +0100
+Subject: [PATCH] Fix the krb5 password expiration warning
+
+https://fedorahosted.org/sssd/ticket/1808
+---
+ src/confdb/confdb.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
+index 31efd9443be8490715961c8a45f9352bd1ade653..31c48bd28aee37008687e7e255ebf2ef2d79798a 100644
+--- a/src/confdb/confdb.c
++++ b/src/confdb/confdb.c
+@@ -1020,7 +1020,11 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
+ goto done;
+ }
+
+- /* Set the PAM warning time, if specified */
++ /* Set the PAM warning time, if specified. If not specified, pass on
++ * the "not set" value of "-1" which means "use provider default". The
++ * value 0 means "always display the warning if server sends one" */
++ domain->pwd_expiration_warning = -1;
++
+ val = ldb_msg_find_attr_as_int(res->msgs[0],
+ CONFDB_DOMAIN_PWD_EXPIRATION_WARNING,
+ -1);
+@@ -1035,6 +1039,8 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
+ }
+
+ if (val > 0) {
++ DEBUG(SSSDBG_CONF_SETTINGS,
++ ("Setting domain password expiration warning to %d days\n", val));
+ /* The value is in days, transform it to seconds */
+ domain->pwd_expiration_warning = val * 24 * 3600;
+ }
+--
+1.8.1.2
+
diff --git a/sssd.spec b/sssd.spec
index 6e3dde1..304350b 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -16,7 +16,7 @@
Name: sssd
Version: 1.9.4
-Release: 7%{?dist}
+Release: 8%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
License: GPLv3+
@@ -29,6 +29,7 @@ Patch0001: 0001-krb-recreate-ccache-if-it-was-deleted.patch
Patch0002: 0002-Don-t-use-srcdir-with-tests.patch
Patch0003: 0003-krb5-include-backwards-compatible-declaration-of-krb.patch
Patch0004: 0004-subdomains-replace-invalid-characters-with-underscor.patch
+Patch0005: 0005-Fix-the-krb5-password-expiration-warning.patch
Patch0501: 0501-FEDORA-Switch-the-default-ccache-location.patch
@@ -528,6 +529,9 @@ fi
%postun -n libsss_sudo -p /sbin/ldconfig
%changelog
+* Thu Feb 14 2013 Jakub Hrozek <jhrozek at redhat.com> - 1.9.4-8
+- Fix the Kerberos password expiration warning (#912223)
+
* Thu Feb 14 2013 Jakub Hrozek <jhrozek at redhat.com> - 1.9.4-7
- Do not write out dots in the domain-realm mapping file (#905650)
More information about the scm-commits
mailing list