- Update to release 2.4.1

OBS-URL: https://build.opensuse.org/package/show/network:ldap/sssd?expand=0&rev=238
2021-02-05 12:58:17 +00:00
parent 92831da8fe
commit e23d738143
6 changed files with 39 additions and 18 deletions
--- a/sssd.changes
+++ b/sssd.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Fri Feb  5 12:56:44 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.4.1
+  * New PAM module pam_sss_gss for authentication using GSSAPI.
+  * case_sensitive=Preserving can now be set for trusted domains
+    with AD and IPA providers.
+  * krb5_use_subdomain_realm=True can now be used when sub-domain
+    user principal names have upnSuffixes which are not known in
+    the parent domain. SSSD will try to send the Kerberos request
+    directly to a KDC of the sub-domain.
+  * SYSLOG_IDENTIFIER was renamed to SSSD_PRG_NAME in journald
+    output, to avoid issues with PID parsing in rsyslog
+    (BSD-style forwarder) output.
+  * Added pam_gssapi_check_upn to enforce authentication only
+    with principal that can be associated with target user.
+  * Added pam_gssapi_services to list PAM services that can
+    authenticate using GSSAPI.
+
 -------------------------------------------------------------------
 Mon Oct 12 13:10:26 UTC 2020 - Jan Engelhardt <jengelh@inai.de>