Accepting request 479818 from home:stroeder:branches:network:ldap

update to 1.15.2 OBS-URL: https://build.opensuse.org/request/show/479818 OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=185
2017-03-15 23:57:39 +00:00 · 2017-03-15 23:57:39 +00:00 · fb25d602fc
commit fb25d602fc
parent 96255f5760
6 changed files with 42 additions and 11 deletions
--- a/sssd-1.15.1.tar.gz
+++ b/sssd-1.15.1.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:0a64a15c1e344fdfd1904872133d558b4fbbc6cb1ac748b66819f941d5c804fb
-size 5244029
--- a/sssd-1.15.1.tar.gz.asc
+++ b/sssd-1.15.1.tar.gz.asc
@ -1,6 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iEYEABECAAYFAli53WwACgkQHsardTLnvCUIBQCguPYgc+o1n1+bl3fnrqs/QJh9
-LXQAnj6hXHbfhvAJy23otBTKi3Xs2+9h
-=S3bq
-----END PGP SIGNATURE-----
--- a/sssd-1.15.2.tar.gz
+++ b/sssd-1.15.2.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4cd5fcb314d77a58029a216b7e6001c6cb41c5b784cf570c5761c97d1c12d264
+size 5248134
--- a/sssd-1.15.2.tar.gz.asc
+++ b/sssd-1.15.2.tar.gz.asc
@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iEYEABECAAYFAljJcscACgkQHsardTLnvCVCdwCgj0g3CSbz/gIS37W553d0QI7i
+waoAnRN8+lQjwHQS+76q5nz2eSdRLnIG
+=4tQo
+-----END PGP SIGNATURE-----
--- a/sssd.changes
+++ b/sssd.changes
@ -1,3 +1,35 @@
+-------------------------------------------------------------------
+Wed Mar 15 22:18:03 UTC 2017 - michael@stroeder.com
+
+- Update to new upstream release 1.15.2
+  * It is now possible to configure certain parameters of a trusted domain
+    in a configuration file sub-section.
+  * Several issues related to socket-activating the NSS service, especially
+    if SSSD was configured to use a non-privileged userm were fixed.
+    The NSS service now doesn't change the ownership of its log files to
+    avoid triggering a name-service lookup while the NSS service is not
+    running yet. Additionally, the NSS service is started before any other
+    service to make sure username resolution works and the other service
+    can resolve the SSSD user correctly.
+  * A new option "cache_first" allows the administrator to change the way
+    multiple domains are searched. When this option is enabled, SSSD will
+    first try to "pin" the requested name or ID to a domain by searching
+    the entries that are already cached and contact the domain that contains
+    the cached entry first. Previously, SSSD would check the cache and the
+    remote server for each domain. This option brings performance benefit
+    for setups that use multiple domains (even auto-discovered trusted
+    domains), especially for ID lookups that would previously iterate over
+    all domains. Please note that this option must be enabled with care as the
+    administrator must ensure that the ID space of domains does not overlap.
+  * The SSSD D-Bus interface gained two new methods:
+    "FindByNameAndCertificate" and "ListByCertificate". These methods
+    will be used primarily by IPA and
+    `mod_lookup_identity <https://github.com/adelton/mod_lookup_identity/>
+    to correctly match multple users who use the same certificate for Smart
+    Card login.
+  * A bug where SSSD did not properly sanitize a username with a newline
+    character in it was fixed.
+
 -------------------------------------------------------------------
 Sat Mar 11 22:34:41 UTC 2017 - jengelh@inai.de

--- a/sssd.spec
+++ b/sssd.spec
@ -17,7 +17,7 @@


 Name:           sssd
-Version:        1.15.1
+Version:        1.15.2
 Release:        0
 Summary:        System Security Services Daemon
 License:        GPL-3.0+ and LGPL-3.0+
@ -563,7 +563,6 @@ rm -f /var/lib/sss/db/*.ldb
 %_mandir/man5/sssd-ad.5*
 %dir %_mandir/??/
 %dir %_mandir/??/man5/
-%_mandir/??/man5/sssd-ad.5*

 %files dbus
 %defattr(-,root,root)