there
> were _no_ messages. Either FreeIPA forgot them or the project is
> silently dying...
>
> regards,
> Martin
>
>
This list is not dead, merely quiet.
Much more active is freeipa-users and freeipa-devel.
The original topic here would be best posed on freeipa-users
for nearly-expired passwords
--
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
___
Freeipa-interest mailing list
Freeipa-interest@redhat.com
es
Petter Reinholdtsen (1):
* Remove bash-isms from configure macros
Piotr Drąg (1):
* Update pl translation
Stephen Gallagher (9):
* Add a better error message for TLS failures
* Add enumerate details to the manpage and examples
* Make data provider id_callback public
* Fix error rep
s_*_r()
* Check closedir call in find_uid
* Print correct return code
Stephen Gallagher (30):
* Fix typo in Makefile
* Fix broken build against older versions of OpenLDAP
* Fix typo in Makefile.am
* Disable connection callbacks when going online
* Change default min_id to 1
*
and stack interfaces
Stephen Gallagher (14):
* Drop release requirement from versions
* Bump libini_config version to 0.5.1
* Make RootDSE optional
* Add sss_log() function
* Add log notifications for startup and shutdown.
* Add syslog messages for LDAP GSSAPI bind
* Log TLS errors to
lpers from sysdb
* sysdb: remove remaining traces of sysdb_handle
* sysydb: Finally stop using a common event context
* Make groupshow synchronous.
* tools: remove creation of event_context
* Better handle sdap_handle memory from callers.
* Avoid freeing sdap_handle too early
Stephen Gal
1.3.x.
See https://fedorahosted.org/sssd/wiki/Releases for the appropriate
release for your deployment.
Packages for Fedora are built and should be available in updates-testing
within 24 hours.
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value
ce (1):
* Add option to limit nested groups
Stephen Gallagher (8):
* Request all group attributes during initgroups processing
* Add common hash table setup
* Make sdap_save_users_send handle zero users gracefully
* Handle nested groups in RFC2307bis
* Make user argument of sysdb_update_members_s
nam|gid)
Simo Sorce (2):
* Check if control is supported before using it.
* Add option to limit nested groups
Stephen Gallagher (36):
* Fix chpass operations with LDAP provider
* Remove common directory
* Rewrite toplevel Makefile
* Build SSSD RPMs with external libraries
* Remove src
ann (1):
* Fix misused SDAP_SEARCH_BASE
Piotr Drąg (1):
* Updating pl translation
Stephen Gallagher (2):
* Bumping version to 1.4.1 dev
* Fix incorrect free of req in krb5_auth.c
Sumit Bose (7):
* Add netgroups infrastructure to proxy provider
* Implement netgroups for proxy provider
* Rem
sdap_id_op functions.
* ldap: remove variable that was never assigned nor used
* ldap: add checks to determine if USN features are available.
* ldap: Use USN entries if available.
* Fix wrong test in pam_sss
Stephen Gallagher (58):
* Write log opening failures to the syslog
* Improve vers
-related development and
support is now #sssd on irc.freenode.net.
Thank you to everyone who has helped us grow!
- --
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/
-BEGIN PGP
community member Tyson Whitehead
* Assorted bugfixes
== Detailed Changelog ==
Jakub Hrozek (1):
* NSS obfuscation code cleanup
Piotr Drąg (2):
* Updating pl translation
* Updating pl translation
Stephen Gallagher (27):
* Bumping version to 1.5.1
* Remove unnecessary po4a BuildRequires
* Fix
Sorce (1):
* Check that the socket is really ours before attempting to close it.
Stephen Gallagher (16):
* Update version to 1.5.2dev
* Sanitize search filters for nested group lookups
* Make the domain argument mandatory in sss_obfuscate
* Gracefully handle permission errors in sss_obfuscat
==
* Support for libldb >= 1.0.0
* Proper detection of manpage translations
* Better support for building RPMs for RHEL5 (and other systems with
old autotools)
== Detailed Changelog ==
Stephen Gallagher (5):
* Update version to 1.5.3
* Fix module registration with newer LDB libraries.
* Minor specf
fake groups
* Use fake groups during IPA schema initgroups
* Return from functions in LDAP provider after marking request as failed
Stephen Gallagher (19):
* Update version to 1.5.4
* Require existence of GID number and name in group searches
* Require existence of username, uid and gid for
ed
* Do not attempt to resolve nameless servers
* Remove detection of duplicates from SRV result processing
* Use safe alignment macros for in-tree SRV record parsing
Stephen Gallagher (5):
* Update version to 1.5.5
* Always complete the transaction in sdap_process_group_members_2307
* RFC2307
Hot on the heels of SSSD 1.5.6 comes 1.5.6.1.
The tarball for SSSD 1.5.6 was generated incorrectly and did not contain
the translations for the manpages. SSSD 1.5.6.1 contains no other
changes.
As always, it can be downloaded at https://fedorahosted.org/sssd
signature.asc
Description: This is a
n the kerberos provider not
working with kpasswd
== Detailed Changelog ==
Simo Sorce (2):
* memberof: fix calculation of replaced members
* memberof: free delete operation payload once done
Stephen Gallagher (7):
* Never remove gecos from the sysdb cache
* Do not throw a DP error when failing to del
ulnerability and
restoring the user's ability to log in properly in offline mode.
CREDITS
Thanks to Marko Myllynen (Red Hat) for reporting and to Stephen
Gallagher for identifying the actual problem.
The SSSD team.
signat
successfully saved groups
Simo Sorce (1):
* clients: use poll instead of select
Stephen Gallagher (5):
* Make "password" the default for ldap_default_authtok_type
* simple provider: Don't treat primary GID lookup failures as fatal
* Enable paging support for LDAP
* IPA Provider: don
Jan Zeleny (4):
* Added sysdb_attrs_get_bool() function
* Non-posix group processing - sysdb changes
* Non-posix group processing - ldap provider and nss responder
* Fall back to polling when inotify fails
Kaushik Banerjee (1):
* Changing default to Default for consistency
Stephen Gallagher (
that could result in blocking
calls to LDAP
== Detailed Changelog ==
Stephen Gallagher (2):
* Bumping version to 1.5.10
* Do not attempt to close() a file descriptor < 0
Sumit Bose (1):
* Do not access state after tevent_req_done() is called.
signature.asc
Description: This is a digita
kub Hrozek (2):
* ipa_dyndns: Use sockaddr_storage for storing IP addresses
* Fix unchecked return values of pam_add_response
Matthew Ife (1):
* Replace system() function with fork and execl call.
Stephen Gallagher (1):
* Bumping version to 1.5.11
Sumit Bose (1):
* Call ldap_install_tls(
d nss
* sysdb: use header defined macros instead of explicit values
* memberof: fix calculation of replaced members
* memberof: free delete operation apyload once done
* clients: use poll instead of select
* fix typos
* sss_client: avoid leaking file descriptors
Stephen Gallagher (96):
*
hen gidNumber attribute is not ordered
John Hodrien (1):
* Add vetoed_shells option
Simo Sorce (1):
* sss_client: avoid leaking file descriptors
Stephen Gallagher (19):
* Bumping version to 1.5.12
* Remove incorrect private variable
* Add helper function msgs2attrs_array
* Add HBAC evaluator
provider option to set LDAP_OPT_X_SASL_NOCANON
* Use the default Kerberos realm for LDAP with GSSAPI auth
Ralf Haferkamp (1):
* Allow the O_NONBLOCK flag to be reset correctly
Stephen Gallagher (6):
* Bumping version to 1.5.13
* Use sysdb attribute name for GID, not LDAP attribute
* HBAC
GSSAPI auth
* Fix moving to next entry in deref code
Ralf Haferkamp (1):
* Allow the O_NONBLOCK flag to be reset correctly
Stephen Gallagher (7):
* Bumping version to 1.6.1
* Revert "Allow LDAP to decide when an expiration warning is warranted"
* Use sysdb attribute name for GID
sss_ldap_err2string()
* Added quiet option to pam_sss
Pavel Zuna (1):
* Fix small bug where TALLOC_CTX could end up unfreed.
Stephen Gallagher (18):
* Bumping version to 1.6.2
* Add option to specify the kerberos replay cache dir
* Fix typo in %configure
* Remove all libtool .la files from RPM
* Improve
Marko Myllynen (3):
* Add missing options to sssd.api.conf
* Unbreak ./configure
* Update sssd-example.conf
Pavel Březina (3):
* sss_ldap_err2string() - function created
* sss_ldap_err2string() - ldap_err2string() to sss_ldap_err2string()
* Added quiet option to pam_sss
Stephen Gallagher
correctly
Stephen Gallagher (5):
* Bumping version to 1.6.3
* RESPONDER: Fix segfault in sss_packet_send()
* SYSDB: add index for nameAlias
* Fix bad backport of group rename patch
* Update translation files for release
signature.asc
Description: This is a digitally signed message part
certain LDAP layouts
== Detailed Changelog ==
Jakub Hrozek (3):
* Plug memory leaks in LDAP provider
* RFC2307bis initgroups: fix nested groups processing
* Steal result onto mem_ctx in sdap_initgr_nested_get_direct_parents
Stephen Gallagher (4):
* Bumping version to sssd 1.5.15
* RESPONDER
When we originally designed SSSD, we looked at it as a solution for
dealing with LDAP and Kerberos identity and authentication for Linux and
UNIX clients. With our initial approach, we decided to include only
marginal support for Microsoft's Active Directory as a source of user
information (only su
Zeleny (2):
* Fixed an error in macro for merging double linked lists
* Fixed incorrect return code in PAM client
Krzysztof Klimonda (1):
* Fix FTBFS related to -Werror=format-security
Stephen Gallagher (9):
* Bumping version to 1.6.4
* RESPONDER: Ensure that all input strings are valid UTF-8
s
* Fixed incorrect return code in PAM client
Krzysztof Klimonda (1):
* Fix FTBFS related to -Werror=format-security
Simo Sorce (1):
* Use neutral name for functions used by both pam and nss
Stephen Gallagher (10):
* Bumping version to 1.5.16
* RESPONDER: Ensure that all input strings are v
t correctly
Simo Sorce (1):
* Set more strict permissions on keyring
Stephen Gallagher (74):
* Bumping version to 1.7.0
* Revert "Allow LDAP to decide when an expiration warning is warranted"
* Rename sssd.conf to sssd-example.conf
* Include the configuration file as a %ghost entr
unused macro
* nsssrv: add string manipulation helper
* nsssrv: use sized_string in fill_pwent
* nsssrv: use sized_string in fill_grent
* util: add murmurhash3 hash function
* Add a random + identity test for murmurhash3
* util: Fix murmurhash3 on machines with old glibc
Stephen Gallagher (4
Rawhide/17 coming later today.
== Highlights ==
* Fix two minor manpage bugs
* Include the IPA AutoFS provider
== Detailed Changelog ==
Jakub Hrozek (3):
* Fix SSH compilation on RHEL5
* AUTOFS: IPA provider
* Two sssd-ldap manual pages fixes
Stephen Gallagher (2):
* Updating translations
in sysdb_sudo_check_time()
* SUDO responder: check if the input is a UTF-8 string
* Refactor sss_result into sss_sudo_result
Stephen Gallagher (13):
* Remove dead code
* Fix missing NULL check after malloc
* Avoid uninitialized value comparison
* Add missing breaks to switch statements
* Fix
y test for murmurhash3
* util: Fix murmurhash3 on machines with old glibc
* nss_group: Cache the result from sssd when the glibc provided buffer
is too small.
* pam_sss: keep selinux optional
Stephen Gallagher (73):
* Bump version to 1.8.0
* Add compatibility layer for Heimdal Kerberos i
table for pending requests
Stephen Gallagher (20):
* Bump version to 1.8.1
* Fix typo in autofs option description
* Include the debug_level upgrade tool in the tarball
* Include new manpages in translations
* Updating translations for SSSD 1.8.1
* Fix typo in script name
* Handle cases where
e DNS lookup in
sss_ssh_knownhostsproxy
* SSH: Fix infinite loop in sss_ssh_knownhostsproxy
Stephen Gallagher (10):
* Bumping version to 1.8.2
* IPA: Allow service lookups
* SYSDB: Save only lowercased aliases in case-insensitive domains
* LDAP: Errors retrieving the RootDS
group members in case-insensitive domains
* Read sysdb attribute name, not LDAP attribute map name
Marco Pizzoli (1):
* Two manual pages fixes
Pavel Březina (1):
* sudo api: check sss_status instead of errnop in
sss_sudo_send_recv_generic()
Stef Walter (1):
* Fix erronous reference to the
For quite some time, we have used the sssd-devel mailing list for
development and user configuration issue discussions. As the project has
grown, it becomes more and more clear that we need to separate these
topics into their own lists.
So as of today, we now have a new mailing list for user quest
us failure message in find_principal_in_keytab
Stephen Gallagher (7):
Bump version to 1.8.4
murmurhash: Relax inline requirement
RPM: Allow running 'make rpms' on RHEL 5 machines
NSS: Expire in-memory netgroup cache before the nowait timeout
KRB5: Avoid NULL-dereferen
45 matches
Mail list logo