SHA256
1
0
forked from pool/sssd

Accepting request 982796 from network:ldap

OBS-URL: https://build.opensuse.org/request/show/982796
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sssd?expand=0&rev=118
This commit is contained in:
Dominique Leuenberger 2022-06-17 19:18:22 +00:00 committed by Git OBS Bridge
commit a11117da61
7 changed files with 172 additions and 67 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3dd820b3da90cddbcb1041ef3c16102d78aad9d8c9ab25630e0c14a2f8992b18
size 7510020

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEGkHcZ1BfiaMwgotmr/513ehQjhIFAmHv2rIACgkQr/513ehQ
jhK34ggAwKpJotxYdcCMbNVqj7oEFyjedbU8zvFuoV5c3E2L062wBEQnW4TcRs2B
A0NNJrl9mwJc92+7mywhL/GCLlm/sefltvQGM+QS2GVaaMBgRcZmyg9Qi6v2BDzp
hhpx3PxKmcOKbHstSnwAjUaqsKfwCJaPBT/43rR+WskWt6BJy0SiOPGNiTO7yZ/U
uh90qrUBLsoWmRICldRdOVbdWV08AJBkng09uMiCAhMhAj/xk1mPCw2fwslBpJtg
m5KaZZuRrzZC3qQqBzWUSDRx6EyljZkGFZW1qTgBaEQhopOz6K6h6xS7NqHGJO8k
cLCtAysTxFkTaJBsuV7a/BL8c64rZg==
=tt82
-----END PGP SIGNATURE-----

3
sssd-2.7.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c982947e940c59579c429e5afb83e21713bf00ed75ee002966b9cd32236ce051
size 7606911

16
sssd-2.7.2.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEwTzQf/stsUCORXo809IbKRDPZ1kFAmKnRXAACgkQ09IbKRDP
Z1kImQ/7BkalFk/OSbTyQNk7qeFQYTsLKJQ1lehyuqPXbBiOpSCBMoBd6n73Gq4U
Fgz2Wes5vg1cS73XxTz+e2ERroPnfCLUP3xSvxjsomdCmLij5gld3gJAu6EF95BU
Ew1a/xD18G2dEhkhsum2BL6ERM4yQ4X90HSr+Dajq7uoSZiHrgHedPHhcnvDVXQk
vkiWdBthXmD12e2MpTsJUaEg8GgdJAvHkWIv3c8URg1z1J2rHnX7tSIF7Z2MIEwB
PpgEXZKtKlAZaLqa/iOON9I1FG4ZSrrO+l03XZEc+1yO8s8DHkhl+JBbvK9Eauui
1svJk9kTscsSbu2GzWple3tYMRGMiFMiHbyxq3AfNVQRj+0xSyRGDSnK7MU1kNvp
nFCURQdshnZKwAdGGjw0eBCDBFqO8axn3wfSMXEbExLjOcC6Z364HNZZTBVLMwgp
PtpK4AJi2DIci+o0XIjYLLbzcrro48UOxNc45gURW/gfjqGCqBr8U+ikWUGiwMQe
pNEtLt58IV9Siy1kBgHrnGeQgsVyzMRIskA/X0FhXl9Mkhs2p7QWxr7LPTvyfBB1
4I1ooxnW6a6SmmyAgCzekVtPpst8YdCUfT3+LZIy2PIrEWPoOlO3NTUDxSXaQYTl
VtAEfJCQcFpfJI2Mu0NC7eN2Os+XXJ8kEMPosbt9dP0vitutPXQ=
=Zi4I
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,53 @@
-------------------------------------------------------------------
Wed Jun 15 11:28:35 UTC 2022 - Samuel Cabrero <scabrero@suse.de>
- Use pam rpm macros to avoid hardcoding the directory names;
(bsc#1191047);
- Do not take ownership of %_pam_confdir directory, it is owned by
pam package
-------------------------------------------------------------------
Mon Jun 13 14:48:28 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 2.7.2
* A sssd-2.7.1 regression preventing successful authentication of
IPA users was fixed.
* Default value of pac_check changed to check_upn,
check_upn_dns_info_ex (for AD and IPA provider).
-------------------------------------------------------------------
Thu Jun 2 15:24:57 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 2.7.1
* SSSD can now handle multi-valued RDNs if a unique name must
be determined with the help of the RDN.
* A regression in pam_sss_gss module causing a failure if
KRB5CCNAME environment variable was not set was fixed.
* New option `implicit_pac_responder` to control if the PAC
responder is started for the IPA and AD providers; the
default is true.
* New option `krb5_check_pac` to control the PAC validation
behavior.
* Multiple `crl_file` arguments can be used in the
`certificate_verification` option.
-------------------------------------------------------------------
Mon May 16 21:49:38 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Enable subid_sss
-------------------------------------------------------------------
Thu Apr 14 22:43:03 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 2.7.0
* Better default for IPA/AD re_expression. Tunning for group
names containing '@' is no longer needed.
* A new debug level is added to show statistical and
performance data.
* Added support for anonymous PKINIT to get FAST credentials.
* SSSD now correctly falls back to UPN search if the user was
not found even with `cache_first = true`.
-------------------------------------------------------------------
Mon Feb 21 14:50:38 UTC 2022 - Callum Farmer <gmbr3@opensuse.org>

View File

@ -1,30 +1,75 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF65FqQBCADQQUcPSux/eX7fpP05HOW1HE32tBPWs5MPktMdzErrG7DTOaUo
XxMhorPSHgt2Q5mX/LV4Yk2cRHk2uStWTtIVhtC62DPqstqfr0aC3TJ36LrsAr/s
YaG2ktD26xADA5j67oP4lHN4+rjSbKfRLiLpSsABb4fx85SS066MsDQOQFEs1bsG
UAqavdlRGUYXSA5uwwbJRRfI5ryeWyOpfpIIdJeyNDx6ZSuc8kgLm/PhNpwChiY2
h7Qs4nekVT1c9ujyPTUQ+x8lnGblP8Kwb+ZtOp+aWMWZlxk2ifwFr+u1pKTr8we5
DarQxMTjBwrRRuBk7RwYKXdj91jwMGSx6ZaRABEBAAG0JFBhdmVsIELFmWV6aW5h
IDxwYnJlemluYUByZWRoYXQuY29tPokBTgQTAQgAOBYhBBpB3GdQX4mjMIKLZq/+
dd3oUI4SBQJeuRakAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEK/+dd3o
UI4SupUH/RRKqwHSYSIf37pFz6tsE5+7ASiCdVVdtOPtaXu43sRNLrCSu4CjisBu
rdFPmd57jwQneyh5RUEXbY5jq4KK4nuHZppjlaGqs/8LIVl13x01zD+V/hlDZXfr
BEDaE2PjUtacP+NvJWtYO/tHlTqxfFssFh7btO9EOYSfc7IhQ+hReKkX9K1dNLJM
SYCDaDQRSxJeAnYX7E3mXoaIC7JXH0ZF1NS0a3SP/q7u+WsQ+j58Z0xMdP6lBd1M
7ntNQ+BHz4+jlEgN9GXRTn7PIucpvVCEwTYysklIKbWJHi7J+C6ZV+4nDnaA0Z6J
m+XGsbvc7/P1b4FpU9YAmBd7VqQG8Ve5AQ0EXrkWpAEIAKVIiPI6sZXhnrpKxYO0
nNAazIkA0WtqTVeSPE0AkNXAW4wtbhluwfBEsYr6wU8ieDGU/KdIpwZprsKf4x3r
kFgRRwnNpB9AhGNex4tzoHlNoAX601OOjhy44DaRrJKY1Zg+V2ljx6cySsX2zsQp
/pKA5uN7Y4mWfZMPmlpljqYRXMIAZWf7F0dJTdh+Vv646ZBYg7mBfaVs3E5AKRZ+
xNnxna7Se+OihyOcmMwtotMF8tlU8/yGyWTCoNu/86+eAVXWIpu358f1Q1Ez9bXI
/neav857DTCGTXY5NNigunscMPje5MLEp9T1ozZl0ZK3LUcfh7w8IMLCB2YK/7zF
NpcAEQEAAYkBNgQYAQgAIBYhBBpB3GdQX4mjMIKLZq/+dd3oUI4SBQJeuRakAhsM
AAoJEK/+dd3oUI4S8FAH/0bHCGi6+sWnJqOqYwJIHPeYR33zb3D09jQYXWzadNGX
F6nuGzNgqCUZ3+GK73hDXq/v9WyUhaLLvd7XGryQ5DGGO0ZkHD3Td+YMeoSdDVbQ
PiTZS3DyQB0qHp6pKgjvDlbMYeqSVoletsa6ruSvFtE2kb+W6fRn6K8QeTyMA8Rn
NIUOSaSwQjcETaexMuD2oyRmzDmdWTUOS/Q/Tn3HE7Yz8670CLM1yN70MfAHpeUt
dIkFm9g3ZPTING+gC98iylLAFR1QKqz4HRWd8ofmnHemPpzAPGMITztwnZsLIPDj
nZ/57dk9LQVekGFjWm5GYThUwrHWYRyzjGz/xOmjJoM=
=b5K7
mQINBGI9m7YBEACjfmpZrW6wpmz+QRfnx1UuOABpTmsBi6ElTqx+ZzLU2R3N4KLl
PDycp6Pm5PqnLRLoC0TzHh1MjpVWiCfrnlTm6yD2Y6A37c6/elFjiZlbY93zUJi9
mE3OXyxe3RQHVjEYiQZ+DCcgQe5r2mFL8prK2OBIIoJJK2t46EjcjsJJkOIgT9H0
7FaLWfT2MHhO0mg6EqwqOsSKI392sVhJ0GTDULiI1ZlRULZwn3oWdXglO5O9KAhu
jSAIrKuX6QsIxXfVDG1wmOR99yyuiXpJhlKbgdw3Y37IcHRD9DLbqCnp//3WkW9W
k5Mn/bYK1TIed92U4CWNqz557lGnQxwPyyaNkJW9L1kNWO6P9Kl8RgxuX0689Zb0
sqooxTK//O+BBOso1iSRsdyqo2KSIBF06Fe9x5i+jwX2N3hHbzODfT0rHOokPj5p
jT/o6NFQ0lMqYQJxQA7/71Dk/6EkkxE3kHTkFNHBii1pt0msyQij8URmTTN39V1f
n+HlxDOrzDSccrs5x0b+cT5wuB1tSp9JhkmmAk5rb8vsHL+iPRM4ZDIOJNm/Qlg6
pQ+V4FEamntO9undQro0hSShEq69JDbBhT+fmHcAH2a03buTdyu3aqok3OSdxMj/
aprl84eFxE3cwlCXzsu0qf8ue9UjFWynmwsDQgR4EMMbVDwInd/rrV+wOwARAQAB
tElTU1NEIFByb2plY3QgKGh0dHBzOi8vc3NzZC5pbykgPHNzc2QtbWFpbnRhaW5l
cnNAbGlzdHMuZmVkb3JhcHJvamVjdC5vcmc+iQJOBBMBCAA4FiEEwTzQf/stsUCO
RXo809IbKRDPZ1kFAmI9m7YCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ
09IbKRDPZ1nmShAAlEZD+l7OSTb8uOQDj9wHXjkJbrz2vp3vfHiUo69NIssEQRUE
WRpygejjCsc3XlS8XivWwLIqrDOczenyCVVNSSWfaQpBc2ZR+XXBKMpxa1PlFduQ
wax2cbPXVdo47t3gVWAzicO0zxeAQVEZHUKyoWmaKtuFdN1ZJpNCvFJcr6yEFY5k
vQy5Caf6G1oDS9XYsx4YZZT0YhMo3d/8awJLJuVfnqsC/mTOaC7Khms31c2SC+50
+i+gE9HOVkLqanYkQcmdWIMN/oOljAd3zCFBNw5cXXuNmjp32URcm4khLKuxgV12
RetW63SAMydavCp8jMpjuE1pBo6s+/ZcvHe0IhS5fcAbXnIuxqhB2FfeJVg3Udx8
u+zZjwtndUZ9NCETomHa77Beq3h/0A/hiEmNl6xAYttNRvF/bbNg9k3o6lZydDYM
zhdmGh+VfZhuyyGJXWsrK0ZzJ0zXjorIKPlCi32cMrOPlYd94N4aWZaHC+uDZSMW
Xwjl79Tt92psOIiQwSSm1vaRvXV9w3HzyZtOIlK+Nc7T6qTOIHGgCuQI5zXNorNb
sdmzOR+ZrnYBk/E6hiaU8b4hQS2HJyr9YqERi2LjB9VICC+KHhsjba/hxIoVZR/v
Hg+WM/NBpOoaiScxLaqWNuoxY84SNJCgupWlCmBEDxWG+Q0ku/xgyRARCt2JATME
EAEIAB0WIQQaQdxnUF+JozCCi2av/nXd6FCOEgUCYj2dVAAKCRCv/nXd6FCOEihw
CACcbB3JuIeSGZbtVOvepRSjoaWRzC97V7Lj2lz9nIc610W0WfzHCePi+I9leuup
R/eV3Hhhx04QU9Zisc0CWVUC4mpgqzSgB1o4DYu1vPVPXZdfZkGVGtSiW+5rfjZo
iqGBGX8JalieI0wNYHQz660f21w08niecpnpFyadZh8/8oH3or0xvtCbPXOM+YH3
CpsBGS0aP2sf+uhvbGHoEygmLqr5rkkkC8XmEa8GxFFFpYVc1nzys7zVFoMWZ9Ta
UnyNwyo1JZHgVEbyCL3lK8OS9xXoPyOAqFT6Ux+Odj36hqamAsGAHL9O/DoEaUKI
fuGGvRb6Dlebrt3KDTiXbR9DiHUEEBYKAB0WIQQoeTnfBirYxTh2pTXC17mKk07s
FwUCYj2umAAKCRDC17mKk07sFyBsAQCAL84Bwe4BA8DEhGYhrl9Eb38LQ2hbNeJX
nLtjKqQlnwEA0BC1FR+bBm5NunMYbKtKcMLIAHtzSBbBrNqQzTO8XguJAjMEEAEI
AB0WIQSTAgGqtC3RlHIQt4ONcyY1GnJiEQUCYj28PgAKCRCNcyY1GnJiEZHdD/95
sK4SFrSb1fJYcvk6OQMW2hW7VCohuqDOYWob2Tm7RWP9CxJ7I3PilEUizbp76AoX
V6UvXiBtY2q6omXMv2qBeEja7OWd3HWl0SXA5XLyRSF7hwirP2CqQZM8+zSyiYKf
TNw3rWTJjjarUnv6GYdoH55jEfk7sCIrbp5xEzvWu+9w/5pnIsSsFhYwJOD5ic+h
or3LHRN5Jn+jm6ec6H4Ums5zA4rnvTdxfcHKx1sX1KDez2d0k1BYONHGh5tTJSrx
3F5xxOqXHzPt7obiVOCYbE3NU2LswcHz2XNpdoXTyO/LLmvRVvoG1O6LGRrw5Tkg
lnres9gWMccHna4AnDGpXtXzyhlMlzIY5LNrROsg462tIWJcIopSmRct+IQxnOyW
te7k4BAVA/vO6FGnzfLPdH6Lwnos5OMfBew2j2b8yddM8qkBQxR7NUVhYMei7jLh
MiN1FTwtrtuAeMUddbIo/lZYMqUlNyl7Kiwqxse7EFGUvZwq5qhlaKfMZ48qVSYM
QQb6NILl9t5f/UrAkOSrgTF3uWQbcAOMQWusfDuBmHOolFVPTujQP7N5Asob9Nw0
+oL2zY0MuG41xAf1tej25i8iYctJuB2L1uJULhw3i3iswPSuTJIKtYpKoES81jxG
Tit45gyS7XYpYdvAnYPTOPwF3sezy3uwmsob3geYR4h1BBAWCgAdFiEEf4f7DbyL
UMrqkdmCWuS5aYPSAzAFAmJDI/4ACgkQWuS5aYPSAzCznAD8DpzDOP5ILp2FbUGh
ROWM5T6cOppAOXDX2VN8hViDDmsA/24jLp5ga8cUwy7QVHduC9f8LLwN3O7q7XYz
BdBNnRMCuQINBGI9m7YBEACyE5/YORGMmYqKksDPFZNUW7unejUW7XTuLSMXrI9m
u8sFXT8tqPQJetYxaKiZqXxiS652u1XnLZf3ps4t6OINHSuT61Xw1Z6Svhn+o+Wz
Tmnfneahk1Czjlzs59qv3YXwLKffws7H5vGuOTnesgTyWJJG1A0wpehcZsI+rUzC
6mDwip1rSxocuFET6HK2eMpAo1B4V7XLC6srh3HzCNr5AB5UkjMWAuQqjUrqIt6O
dfPO9mqYf/w+CoI2HhVebwDjIXtoO5nVjPUncb0lUEsVWiA9C3xWi/pk2pd3nfkW
s+P0iJNYut+CQwGaHV8+gmwSLUUw/fraMASY5FVxLdSHKZ402Q6aSyuk93k7UQ7i
VIuZpOdjWASWgkATM5KEQHRVrt2enurn6oYBY2tSjzXmbTiCaaCG0p8CBtDvCIxT
Pz4Y0uaWcbIHLz3k0Tr4+zko/PEdh7qLCO83BJPf7/bVxGBMynxkAKXXgBlfjlFt
q7KMpbiM+qndP3SJpjlb0AnI7nCV1KvEeW+oIO+uQ2PwAlyFyV0pf8IYOeI0SN/R
3QSKL8CjlzSIwraUoCk79h3hJgBPG9D4ASwxeSPmriY9tbhNtsVUCT9YZgfxrJg8
bzZvObeng+2IknKbxDzs/hnkNQ7uWx2GGeq7BYZ1eTwctWsw3V8VejiPByJEjQve
PQARAQABiQI2BBgBCAAgFiEEwTzQf/stsUCORXo809IbKRDPZ1kFAmI9m7YCGwwA
CgkQ09IbKRDPZ1mbeA//YYPvboEUjp/qqXK8XEgcEL33M+uWJJQucuhtBEjfwAlQ
m29NqO6I3n9cbuINXRtNMUawk86LMouEkhexqUmSg7NNDu1Nqp32yHn8MMJjOPsy
u6AZQinQoT8UKnUMqvmqMFJiotvDb2j2aP9yL0PjCiEeyYkk3bl2oGSdMD4A4o4D
0PUpLWt+w+3YbG58iBazPD/FwiGhe8TO7EAm3I7dYZ4ErALdmT6ptCW90IG9AHfK
CZTvaMB0NX/IksfJ9DEwMgsF0Hwlx5dmTin9ufFKfhKFcwV5aDXlEsYDMqT2o7z9
l/7UTNXnk6VG/QXFhRjBDPtQNkgZoze1VV5itGmBsVE+c9lRtr+6YPJ04CDDv9dX
DI0eGdPxVmfDTR2tHOt+LOYIw4umsID3/qQzYluoUx5Cpud45qaBRjq7/iE+KJgS
IqxgBTXkV39C8T4gXrDRRjlBsOcIc7P6yUVqyClExynQ1BAJSEueO95CtxXV2btK
xSkZ2CyhVtjRxW5TOfQdvrFPueoxC17syQTslM/mKk6DBRHJrullqPLbSieKEJyc
SMkza3BVIhi0hdPfVfBRnSYe8jRFmBIR+cXnyAOkDkPqWK7q/icGVDpJPuunteH3
1vXu/KcDrL7GVRj2LD136Xla1sgGUEbYmLfIHvYmqh1DXJQvnoAyUFKaBWEpSBg=
=E0Gq
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -1,7 +1,7 @@
#
# spec file for package sssd
#
# Copyright (c) 2021 SUSE LLC
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,13 +17,13 @@
Name: sssd
Version: 2.6.3
Version: 2.7.2
Release: 0
Summary: System Security Services Daemon
License: GPL-3.0-or-later and LGPL-3.0-or-later
Group: System/Daemons
URL: https://pagure.io/SSSD/sssd
#Git-Clone: https://pagure.io/SSSD/sssd
URL: https://github.com/SSSD/sssd
#Git-Clone: https://github.com/SSSD/sssd
Source: https://github.com/SSSD/sssd/releases/download/%version/%name-%version.tar.gz
Source2: https://github.com/SSSD/sssd/releases/download/%version/%name-%version.tar.gz.asc
Source3: baselibs.conf
@ -61,6 +61,7 @@ BuildRequires: pkgconfig(jansson)
BuildRequires: pkgconfig(ldb) >= 0.9.2
BuildRequires: pkgconfig(libcares)
BuildRequires: pkgconfig(libcrypto)
BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libnfsidmap)
BuildRequires: pkgconfig(libnl-3.0) >= 3.0
BuildRequires: pkgconfig(libnl-route-3.0) >= 3.0
@ -77,6 +78,7 @@ BuildRequires: pkgconfig(tdb) >= 1.1.3
BuildRequires: pkgconfig(tevent)
BuildRequires: pkgconfig(uuid)
BuildRequires: pkgconfig(libsemanage)
BuildRequires: libsubid-devel
%{?systemd_ordering}
Requires: sssd-ldap = %version-%release
Requires(postun): pam-config
@ -381,13 +383,15 @@ autoreconf -fiv
--with-syslog=journald \
--with-pid-path="%_rundir" \
--enable-nsslibdir="/%_lib" \
--enable-pammoddir="/%_lib/security" \
--enable-pammoddir="%_pam_moduledir" \
--with-ldb-lib-dir="%ldbdir" \
--with-selinux=yes \
--with-subid \
--with-os=suse \
--disable-ldb-version-check \
--without-secrets \
--without-python2-bindings
--without-python2-bindings \
--without-oidc-child
%make_build all
%install
@ -572,8 +576,7 @@ fi
%config(noreplace) %_sysconfdir/sssd/sssd.conf
%config(noreplace) %_sysconfdir/logrotate.d/sssd
%dir %_sysconfdir/sssd/conf.d
%dir %_sysconfdir/pam.d/
%config(noreplace) %_sysconfdir/pam.d/sssd-shadowutils
%config(noreplace) %_pam_confdir/sssd-shadowutils
%dir %_datadir/%name/
%_datadir/%name/cfg_rules.ini
%_datadir/%name/sssd.api.conf
@ -584,17 +587,19 @@ fi
# sssd-client
#
/%_lib/libnss_sss.so.2
/%_lib/security/pam_sss.so
/%_lib/security/pam_sss_gss.so
%_pam_moduledir/pam_sss.so
%_pam_moduledir/pam_sss_gss.so
%_libdir/krb5/
%_libdir/%name/modules/sssd_krb5_localauth_plugin.so
%_libdir/%name/modules/sssd_krb5_idp_plugin.so
%_libdir/libsubid_sss.so
%_mandir/??/man8/sssd_krb5_locator_plugin.8*
%_mandir/??/man8/pam_sss.8*
%_mandir/??/man8/pam_sss_gss.8*
%_mandir/man8/pam_sss.8*
%_mandir/man8/pam_sss_gss.8*
%_mandir/man8/sssd_krb5_localauth_plugin.8*
%_mandir/man8/sssd_krb5_locator_plugin.8*
%_mandir/uk/man8/pam_sss_gss.8*
# cifs idmap plugin
%dir %_sysconfdir/cifs-utils
%cifs_idmap_plugin