Hi Jan,
You probably missed the last announcement for SSSD 2.7.0, or you were not
in the email list at that time, sorry about that.
Please find attached the announcement where Pavel disclosed this
information.
Let us know if you have any questions
Kindly
------------------------------------
André Boscatto
Product Owner
Red Hat <https://www.redhat.com/>
<https://www.redhat.com/>
On Thu, Jun 2, 2022 at 2:29 PM Jan Engelhardt <jeng...@inai.de> wrote:
>
> >The SSSD team is proud to announce the release of version 2.7.0 of the
> >System Security Services Daemon. The tarball can be downloaded from:
> > https://github.com/SSSD/sssd/releases/tag/2.7.1_
>
> New key and no word on it?
>
>
> $ gpg --list-keys | grep -A3 -B3 pb
> pub rsa2048/0xAFFE75DDE8508E12 2020-05-11 [SC]
> Key fingerprint = 1A41 DC67 505F 89A3 3082 8B66 AFFE 75DD E850 8E12
> uid [ unknown] Pavel Březina <pbrez...@redhat.com>
> sub rsa2048/0xD8286B7F47C317E5 2020-05-11 [E]
>
>
> $ gpg --verify *asc
> gpg: assuming signed data in 'sssd-2.7.1.tar.gz'
> gpg: Signature made Thu 02 Jun 2022 01:19:12 PM CEST
> gpg: using RSA key C13CD07FFB2DB1408E457A3CD3D21B2910CF6759
> gpg: Can't check signature: No public key
> $ gpg --recv-keys C13CD07FFB2DB1408E457A3CD3D21B2910CF6759
> gpg: key 0xD3D21B2910CF6759: new key but contains no user ID - skipped
> gpg: Total number processed: 1
> gpg: w/o user IDs: 1
> [keyserver hkps://keys.openpgp.org]
> _______________________________________________
> sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
> To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>
--- Begin Message ---
# SSSD 2.7.0
The SSSD team is proud to announce the release of version 2.7.0 of the
System Security Services Daemon. The tarball can be downloaded from:
https://github.com/SSSD/sssd/releases/tag/2.7.0
See the full release notes at:
https://sssd.io/release-notes/sssd-2.7.0.html
RPM packages will be made available for Fedora shortly.
## New pgp key
So far we have been signing each release with our personal keys.
Starting from this release (including) we have switched to the new
project key that is used to sign our release tarball.
- Key ID: C13CD07FFB2DB1408E457A3CD3D21B2910CF6759
- URL: https://github.com/SSSD/sssd/blob/2.7.0/contrib/pubkey.asc
- Keyserver: keys.openpgp.org
## Changes release process
We have switched to a more aggressive release process since the release
of 2.0, where we were trying to publish new features even on every .z
release. From now on, we want to switch the process again to prioritize
stabilization of each released version. Therefore .z releases will
rather focus more on publishing bug fixes and will receive none or only
very few carefully selected new features.
## Feedback
Please provide comments, bugs and other feedback via the sssd-devel
or sssd-users mailing lists:
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
https://lists.fedorahosted.org/mailman/listinfo/sssd-users
## Highlights
### New features
* Added a new krb5 plugin `idp` and a new binary `oidc_child` which
performs **OAuth2** authentication against FreeIPA. This, however, can
not be tested yet because this feature is still under development on
the FreeIPA server side. Nevertheless, we have decided to include this
in the release in order to enable the functionality on the clients
immediately when the FreeIPA project delivers this feature without the
need to update the clients.
### General information
* Better default for IPA/AD re_expression. Tunning for group names
containing '@' is no longer needed.
* A warning is added in the logs if an LDAP operation needs more than
80% of the configured timeout.
* A new debug level is added to show statistical and performance data.
Currently the duration of a backend request and of single LDAP
operations are recorded if debug_level is set to 9 or the bit 0x20000 is
set.
* Added support for anonymous PKINIT to get FAST credentials
* We have many warnings and errors from static analyzers
### Important fixes
* SSSD now correctly falls back to UPN search if the user was not found
even with `cache_first = true`.
### Packaging changes
* Added new configure option `--with-oidc-child` and
`--without-oidc-child` to control build of `oidc_child` (enabled by
default).
* Added new package `sssd-idp` that contains the `oidc_child` and krb5
`idp` plugin, this package is required by `sssd-ipa`.
_______________________________________________
sssd-users mailing list -- sssd-us...@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-us...@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--- End Message ---
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
