=== SSSD 1.9.1 === The SSSD team is proud to announce the release of version 1.9.1 of the System Security Services Daemon.
As always, the source is available from https://fedorahosted.org/sssd RPM packages will be made available for Fedora shortly, initially for F-18 and rawhide and later also backported to F-17. == Feedback == Please provide comments, bugs and other feedback via the sssd-devel or sssd-users mailing lists: https://lists.fedorahosted.org/mailman/listinfo/sssd-devel https://lists.fedorahosted.org/mailman/listinfo/sssd-users == Highlights == * The distribution tarball was fixed to include a missing file, which prevented "make rpms" from running correctly. * Handle gracefully the situation where the namingContext is zero-length, such as when connected to the Novell eDirectory server. * A new option default_domain_suffix was added. This option is mainly useful for environments whose users come from a trusted domain so that the user doesn't have to specify that trusted domain with every user lookup. * Many man page fixes that were held from the 1.9.0 release during the string freeze * The entries in the generated known_hosts file are now expired preventing the file from growing indefinitely * The PID file is now created after all the SSSD services start up to avoid notifying the user via the init system before SSSD is able to handle requests. == Tickets Fixed == https://fedorahosted.org/sssd/ticket/1303 SSSD is slow at startup https://fedorahosted.org/sssd/ticket/1357 Init script reports complete before sssd is actually working https://fedorahosted.org/sssd/ticket/1471 Range Retrieval: Unable to retrieve all members when filter is used in search base. https://fedorahosted.org/sssd/ticket/1483 Mention ldap_schema types on newlines or comma separate them. https://fedorahosted.org/sssd/ticket/1494 ldap_chpass_update_last_change is not included in the manual page https://fedorahosted.org/sssd/ticket/1525 Explain default re_expression in IPA and AD provider man pages https://fedorahosted.org/sssd/ticket/1529 [RFE] Login with users from a trusted domain always requires a FQ name https://fedorahosted.org/sssd/ticket/1533 Improve recreating new ccache file when the old one is not accessible any more https://fedorahosted.org/sssd/ticket/1535 Flip the default value of ldap_initgroups_use_matching_rule_in_chain https://fedorahosted.org/sssd/ticket/1537 Fix sssd-ad id ranges https://fedorahosted.org/sssd/ticket/1540 [man sssd-ldap] 'ldap_access_filter' description needs to be updated https://fedorahosted.org/sssd/ticket/1541 Manpage has ldap_autofs_search_base as experimental feature https://fedorahosted.org/sssd/ticket/1542 User authentication using LDAP doesn't work https://fedorahosted.org/sssd/ticket/1546 sss_seed "-h" and "--help" options should output similar results https://fedorahosted.org/sssd/ticket/1548 User authentication fails when password is read from a file using -p option of SSS_SEED tool. https://fedorahosted.org/sssd/ticket/1549 Providing invalid UID/GID values, terminates sss_seed tool without any error message https://fedorahosted.org/sssd/ticket/1554 sss_seed should not allow blank passwords https://fedorahosted.org/sssd/ticket/1562 Domains overlap in range 1 - 4294967295 https://fedorahosted.org/sssd/ticket/1563 Document the need to restart autofs service. == Detailed Changelog == Jakub Hrozek (11): * Bumping the version to 1.9.1 release * Document ldap_chpass_update_last_change * sudo and autofs search bases should not be marked experimental * Flip the default value of ldap_initgroups_use_matching_rule_in_chain * Include param_help_py.xml in the list of po4a sources * Note that Range Retrieval is not supported when filter is used in the search base. * Change the log level of two DEBUG messages in check_domain_ranges * Remove unused variable * Check for existing pidfile before starting the providers * man: Note that automounter must be restarted to re-read the master map * Updating the translations for 1.9.1 release Jan Cholasta (2): * SSH: Refactor sysdb and related code * SSH: Expire hosts in known_hosts Michal Zidek (7): * Change option to display help message in man pages. * sss_seed: Option --debug did not work in sss_seed tool. * sss_seed: Show error message when interactive input fails. * sss_seed: Make only first line of password file valid. * sss_seed: Passwords longer then PASS_MAX not allowed. * sss_seed: Improved error message when the domain does not exist. * Variable in sdap_sudo_rules_refresh_send could be used, uninitialized. Ondrej Kos (4): * sssd-ldap manpage: ldap_scheme formatting * Log possibly non-randomizable ccache file template * Slices calculation is alway wrong for default values * Fix default upper limit of slices Pavel Březina (5): * Fix few coding style issues * monitor: create pid file after all responders are started * remove left over principal selection * manpage: ldap_access_filter is not always mandatory * do not create pid file twice Stephen Gallagher (2): * LDAP: Handle empty namingContexts values safely * BUILD: Include the patch file in the tarball Sumit Bose (4): * Add new option default_domain_suffix * Use flat name for master domain as well * sysdb_master_domain_get_info: fix copy-and-paste error * Add man page section about provider specific re_expression _______________________________________________ Freeipa-interest mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-interest