diff --git a/0001-krb5-1.15-build-fix.patch b/0001-krb5-1.15-build-fix.patch deleted file mode 100644 index e6ebb32..0000000 --- a/0001-krb5-1.15-build-fix.patch +++ /dev/null @@ -1,29 +0,0 @@ -From: Jan Engelhardt -Date: 2016-12-07 11:36:34.201377440 +0100 -Upstream: no - -build: unlock all krb5 versions - -The check is really stupid (like testing for "2.6.*" kernel was elsewhere), as -it prevents using future versions. The check should have tested -for {1.[0-9]:reject} instead. - -Anyway, unlock all versions. The minimum requirement is enforced -in openSUSE by way of the spec file. ---- - src/external/pac_responder.m4 | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -Index: sssd-1.14.2/src/external/pac_responder.m4 -=================================================================== ---- sssd-1.14.2.orig/src/external/pac_responder.m4 -+++ sssd-1.14.2/src/external/pac_responder.m4 -@@ -11,7 +11,7 @@ then - AC_MSG_CHECKING(for supported MIT krb5 version) - KRB5_VERSION="`$KRB5_CONFIG --version`" - case $KRB5_VERSION in -- Kerberos\ 5\ release\ 1.9* | \ -+ Kerberos\ 5\ release\ 1.* | \ - Kerberos\ 5\ release\ 1.10* | \ - Kerberos\ 5\ release\ 1.11* | \ - Kerberos\ 5\ release\ 1.12* | \ diff --git a/sssd-1.14.2.tar.gz b/sssd-1.14.2.tar.gz deleted file mode 100644 index 5771e39..0000000 --- a/sssd-1.14.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:868660edcdf538e0c0a4889b6b9d600bfdd4036e67b417336a800794cdd7726d -size 5086805 diff --git a/sssd-1.14.2.tar.gz.asc b/sssd-1.14.2.tar.gz.asc deleted file mode 100644 index dc90de1..0000000 --- a/sssd-1.14.2.tar.gz.asc +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iEYEABECAAYFAlgHxxYACgkQHsardTLnvCVGpgCcDtDKl/ziIOtK3/vD2G7oIacG -c2sAoIFLv+nACKc37h0SgaewmJkycRGv -=UHJw ------END PGP SIGNATURE----- diff --git a/sssd-1.15.0.tar.gz b/sssd-1.15.0.tar.gz new file mode 100644 index 0000000..4ed9e2c --- /dev/null +++ b/sssd-1.15.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:729ed277ff99e4adec81291b6a3ec28147a2531b733f36f429940de01ec7b344 +size 5178779 diff --git a/sssd-1.15.0.tar.gz.asc b/sssd-1.15.0.tar.gz.asc new file mode 100644 index 0000000..0c792cb --- /dev/null +++ b/sssd-1.15.0.tar.gz.asc @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iEYEABECAAYFAliIx8gACgkQHsardTLnvCUx9gCggg/0GBat/nZT98+IjlSF9h1u +BsIAoIhnoCAHFsbnF6Y3DfXN47ySyPbt +=o/YH +-----END PGP SIGNATURE----- diff --git a/sssd.changes b/sssd.changes index 2302c3a..2a75083 100644 --- a/sssd.changes +++ b/sssd.changes @@ -1,3 +1,37 @@ +------------------------------------------------------------------- +Wed Jan 25 19:25:09 UTC 2017 - michael@stroeder.com + +- Removed 0001-krb5-1.15-build-fix.patch obsoleted by upstream update +- Update to new upstream release 1.15.0 + * SSSD now allows the responders to be activated by the systemd service + manager and exit when idle. This means the services line in sssd.conf is + optional and the responders can be started on-demand, simplifying the sssd + configuration. Please note that this change is backwards-compatible and + the responders listed explicitly in sssd.conf's services line are managed + by sssd in the same manner as in previous releases. Please refer to man + sssd.conf(5) for more information + * The sudo provider is no longer disabled for configurations that do not + explicitly include the sudo responder in the services list. In order to + disable the sudo-related back end code that executes the periodic LDAP + queries, set the sudo_provider to none explicitly + * The watchdog signal handler no longer uses signal-unsafe functions. This + bug was causing a deadlock in case the watchdog was about to kill a + stuck process + * A bug that prevented TLS to be set up correctly on systems where libldap + links with GnuTLS was fixed + * The functionality to alter SSSD configuration through the D-Bus interface + provided by the IFP responder was removed. This functionality was not used to + the best of our knowledge, had no tests and prevented the InfoPipe responder + from running as a non-privileged user. + * A bug that prevented statically-linked applications from using libnss_sss + was fixed by removing dependency on -lpthreads from the libnss_sss library + (please see https://sourceware.org/bugzilla/show_bug.cgi?id=20500 for + an example on why linking with -lpthread from an NSS modules is problematic) + * Previously, SSSD did not ignore GPOs that were missing the + gPCFunctionalityVersion attribute and failed the whole GPO + processing. Starting with this version, the GPOs without the + gPCFunctionalityVersion are skipped. + ------------------------------------------------------------------- Mon Dec 12 13:36:18 UTC 2016 - dimstar@opensuse.org diff --git a/sssd.spec b/sssd.spec index aa4bba7..d224bf6 100644 --- a/sssd.spec +++ b/sssd.spec @@ -17,7 +17,7 @@ Name: sssd -Version: 1.14.2 +Version: 1.15.0 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+ @@ -32,9 +32,6 @@ Source4: sssd.service Source5: %name.keyring BuildRoot: %{_tmppath}/%{name}-%{version}-build -# see https://build.opensuse.org/request/show/443977 -Patch1: 0001-krb5-1.15-build-fix.patch - %define servicename sssd %define sssdstatedir %_localstatedir/lib/sss %define dbpath %sssdstatedir/db @@ -381,7 +378,6 @@ Security Services Daemon (sssd). %prep %setup -q -%patch -P 1 -p1 %build %if 0%{?suse_version} < 1210 @@ -571,7 +567,6 @@ rm -f /var/lib/sss/db/*.ldb %dir %_libexecdir/sssd/ %_libexecdir/sssd/sssd_ifp %dir %_libdir/sssd/ -%_libdir/sssd/libsss_config.so %_mandir/man5/sssd-ifp.5* %dir %_mandir/??/ %dir %_mandir/??/man5/