The SSSD team is proud to announce the fifth of six preview releases of version 1.9 of the System Security Services Daemon.
Beta 6 will be released on July 31st and will contain a new tool for "seeding" accounts with a temporary password for sending machines to remotees as well as introducing a concept of primary vs. secondary servers. After Beta 6, no new features will be added to SSSD 1.9.0 and we will focus on stability and our backlog of bugfixes until the final release around September 1st. We will most likely issue a series of release candidate builds prior to that, but these have not yet been scheduled. As always, you can download the latest sources at https://fedorahosted.org/sssd/ == Highlights == * Many fixes for the support for setting default SELinux user context from FreeIPA, most notably fixed the specificity evaluation * Fixed an incorrect default in the krb5_canonicalize option of the AD provider which was preventing password change operation * The shadowLastChange attribute value is now correctly updated with the number of days since the Epoch, not seconds == Tickets Fixed == https://fedorahosted.org/sssd/ticket/1360 format of file for pam_selinux is incorrect https://fedorahosted.org/sssd/ticket/1379 Possible use of uninitialized values https://fedorahosted.org/sssd/ticket/1395 SELinux rule matching ignores specificity requirement https://fedorahosted.org/sssd/ticket/1417 Several unowned directories https://fedorahosted.org/sssd/ticket/1419 sssd incorrectly sets shadowLastChange in seconds not days https://fedorahosted.org/sssd/ticket/1421 selinux rules are never deleted from sysdb https://fedorahosted.org/sssd/ticket/1422 When ldap_sasl_minssf is assigned large values, appropriate error message should be logged sssd_DOMAIN log == Detailed Changelog == Jakub Hrozek (9): * Bumping version to 1.9.0 beta 5 * Add newline to DEBUG messages * RPM: Own several directories * Add missing "%" to specfile * IPA: Download defaults even if there are no SELinux mappings * SYSDB: Delete SELinux mappings * IPA: Return and save all SELinux rules in the provider * PAM: Fix off-by-one-error in the SELinux session code * Update translations for 1.9.0 beta 5 release Jan Vcelak (1): * LDAP: Properly cast type for MINSSF value Jan Zeleny (3): * Fixed wrong number in shadowLastChange * Add function sysdb_attrs_copy_values() * Modify priority evaluation in SELinux user maps Michal Zidek (2): * Fixed: Unchecked return value from dp_opt_set_int. * Fixed: Uninitialized value in krb5_child-test if ccname was specified. Nick Guay (1): * Fix uninitialized values Pavel Březina (2): * resolv_gethostbyname_send: strdup hostname to work properly when hostname is allocated on stack * sudo test client: avoid SIGSEGV when run without arguments Stephen Gallagher (2): * AD: Add missing DP option terminator * AD: Fix defaults for krb5_canonicalize Yuri Chornoivan (1): * Fix typo: exhasution->exhaustion. _______________________________________________ Freeipa-interest mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-interest