Accepting request 311991 from network:ldap

- Update to new upstream release 1.12.5

OBS-URL: https://build.opensuse.org/request/show/311991
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sssd?expand=0&rev=64

sssd-1.12.4.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ea3be3a40b20284bd3126481dd0747cd07e39d5ef7ef7026d4902d96fc3e9edf
-size 4226841

sssd-1.12.4.tar.gz.asc

@@ -1,7 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iEYEABECAAYFAlTk1dAACgkQHsardTLnvCWfnwCg4JrLxP6Jjm9GYlTAqQS5N5cb
-ufYAniGjhC+1IBPQVJYiYiCkzjoYDpq3
-=XPd1
------END PGP SIGNATURE-----

sssd-1.12.5.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:243d8db7c72ecb21aa9db8a09fe9f9b10049dbdb35a1cc2f55e214f21e3ce256
+size 4300869

sssd-1.12.5.tar.gz.asc

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iEYEABECAAYFAlV6uQEACgkQHsardTLnvCWZCwCdEWMU5ry/swLp5y/DGPXp6GkH
+4U4AnjTVtz1Vj1R7hyzVKKL6uqsR6kdR
+=dk0K
+-----END PGP SIGNATURE-----

sssd.changes

@@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Sun Jun 14 17:44:20 UTC 2015 - michael@stroeder.com
+
+- Update to new upstream release 1.12.5
+* The background refresh tasks now supports refreshing users and
+  groups as well. See the "refresh_expired_interval" parameter in
+  the sssd.conf manpage.
+* A new option subdomain_inherit was added.
+* When an expired account attempts to log in, a configurable
+  error message can be displayed with sufficient pam_verbosity
+  setting. See the "pam_account_expired_message" option.
+* OpenLDAP ppolicy can be honored even when an alternate login
+  method (such as SSH key) is used. See the "ldap_access_order"
+  option.
+* A new option :krb5_map_user" was added, allowing the admin to
+  map UNIX usernames to Kerberos principals.
+* BUG FIXES:
+* Fixed AD-specific bugs that resulted in the incorrect set of
+  groups being displayed after the initgroups operation.
+* Fixes related to the IPA ID views feature. Setups using this
+  should update sssd on both IPA servers and clients.
+* The AD provider now handles binary GUIDs correctly.
+* A bug that prevented the `ignore_group_members` parameter to be
+  used with the AD provider was fixed.
+* The failover code now reads and honors TTL value for SRV
+  queries as well.
+* Race condition between setting the timeout in the back ends and
+  reading it in the front end during initgroup operation was
+  fixed. This bug affected applications that perform the
+  initgroups(3) operation in multiple processes simultaneously.
+* Setups that only want to use the domain SSSD is connected to,
+  but not the autodiscovered trusted domains by setting
+  `subdomains_provider=none` now work correctly as long as the
+  domain SID is set manually in the config file.
+* In case only "allow" rules are used, the simple access provider
+  is now able to skip unresolvable groups.
+* The GPO access control code now handles situations where user
+  and computer objects were in different domains.
+
 -------------------------------------------------------------------
 Thu Feb 19 10:51:22 UTC 2015 - hguo@suse.com
 

sssd.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package sssd
 #
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           sssd
-Version:        1.12.4
+Version:        1.12.5
 Release:        0
 Summary:        System Security Services Daemon
 License:        GPL-3.0+ and LGPL-3.0+