Hello community, here is the log from the commit of package sssd for openSUSE:Factory checked in at 2015-06-17 16:16:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sssd (Old) and /work/SRC/openSUSE:Factory/.sssd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sssd" Changes: -------- --- /work/SRC/openSUSE:Factory/sssd/sssd.changes 2015-02-22 17:25:32.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.sssd.new/sssd.changes 2015-06-17 16:16:07.000000000 +0200 @@ -1,0 +2,39 @@ +Sun Jun 14 17:44:20 UTC 2015 - mich...@stroeder.com + +- Update to new upstream release 1.12.5 +* The background refresh tasks now supports refreshing users and + groups as well. See the "refresh_expired_interval" parameter in + the sssd.conf manpage. +* A new option subdomain_inherit was added. +* When an expired account attempts to log in, a configurable + error message can be displayed with sufficient pam_verbosity + setting. See the "pam_account_expired_message" option. +* OpenLDAP ppolicy can be honored even when an alternate login + method (such as SSH key) is used. See the "ldap_access_order" + option. +* A new option :krb5_map_user" was added, allowing the admin to + map UNIX usernames to Kerberos principals. +* BUG FIXES: +* Fixed AD-specific bugs that resulted in the incorrect set of + groups being displayed after the initgroups operation. +* Fixes related to the IPA ID views feature. Setups using this + should update sssd on both IPA servers and clients. +* The AD provider now handles binary GUIDs correctly. +* A bug that prevented the `ignore_group_members` parameter to be + used with the AD provider was fixed. +* The failover code now reads and honors TTL value for SRV + queries as well. +* Race condition between setting the timeout in the back ends and + reading it in the front end during initgroup operation was + fixed. This bug affected applications that perform the + initgroups(3) operation in multiple processes simultaneously. +* Setups that only want to use the domain SSSD is connected to, + but not the autodiscovered trusted domains by setting + `subdomains_provider=none` now work correctly as long as the + domain SID is set manually in the config file. +* In case only "allow" rules are used, the simple access provider + is now able to skip unresolvable groups. +* The GPO access control code now handles situations where user + and computer objects were in different domains. + +------------------------------------------------------------------- Old: ---- sssd-1.12.4.tar.gz sssd-1.12.4.tar.gz.asc New: ---- sssd-1.12.5.tar.gz sssd-1.12.5.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sssd.spec ++++++ --- /var/tmp/diff_new_pack.uWrMmI/_old 2015-06-17 16:16:09.000000000 +0200 +++ /var/tmp/diff_new_pack.uWrMmI/_new 2015-06-17 16:16:09.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package sssd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: sssd -Version: 1.12.4 +Version: 1.12.5 Release: 0 Summary: System Security Services Daemon License: GPL-3.0+ and LGPL-3.0+ ++++++ sssd-1.12.4.tar.gz -> sssd-1.12.5.tar.gz ++++++ ++++ 110701 lines of diff (skipped)