diffstat, lots of translation machinery updates.. Makefile.am | 172 Makefile.in | 2581 ++++++++-- README | 43 README.md | 28 config.h.in | 9 configure | 265 - configure.ac | 25 contrib/ci/deps.sh | 2 contrib/sssd.spec.in | 9 contrib/suse/sssd.spec.in | 2 debian/changelog | 18 debian/control | 2 debian/copyright | 2 debian/patches/ipa-terminate-if-view-name-fails.diff | 37 debian/rules | 2 debian/sssd-common.install | 6 debian/watch | 4 po/bg.po | 798 +-- po/ca.po | 798 +-- po/de.po | 798 +-- po/es.po | 798 +-- po/eu.po | 798 +-- po/fr.po | 798 +-- po/hu.po | 798 +-- po/id.po | 798 +-- po/it.po | 798 +-- po/ja.po | 798 +-- po/nb.po | 798 +-- po/nl.po | 798 +-- po/pl.po | 798 +-- po/pt.po | 798 +-- po/pt_BR.po | 798 +-- po/ru.po | 798 +-- po/sssd.pot | 798 +-- po/sv.po | 798 +-- po/tg.po | 798 +-- po/tr.po | 798 +-- po/uk.po | 798 +-- po/zh_CN.po | 798 +-- po/zh_TW.po | 798 +-- src/conf_macros.m4 | 13 src/confdb/confdb.c | 212 src/confdb/confdb.h | 11 src/confdb/confdb_setup.c | 208 src/config/SSSDConfig/__init__.py | 2 src/config/SSSDConfig/__init__.py.in | 2 src/config/SSSDConfigTest.py | 4 src/config/cfg_rules.ini | 9 src/config/etc/sssd.api.conf | 2 src/config/setup.py | 4 src/config/setup.py.in | 2 src/db/sysdb.h | 18 src/db/sysdb_ops.c | 93 src/db/sysdb_private.h | 1 src/db/sysdb_search.c | 7 src/db/sysdb_subdomains.c | 343 - src/db/sysdb_sudo.c | 17 src/examples/sssd.conf | 4 src/external/inotify.m4 | 2 src/external/libcurl.m4 | 38 src/lib/idmap/sss_idmap.pc.in | 2 src/lib/ipa_hbac/ipa_hbac.pc.in | 2 src/lib/sifp/sss_simpleifp.pc.in | 2 src/man/Makefile.am | 11 src/man/Makefile.in | 10 src/man/br/include/experimental.xml | 2 src/man/br/include/override_homedir.xml | 4 src/man/br/include/upstream.xml | 2 src/man/ca/include/experimental.xml | 2 src/man/ca/include/override_homedir.xml | 4 src/man/ca/include/upstream.xml | 4 src/man/ca/pam_sss.8.xml | 22 src/man/cs/include/experimental.xml | 2 src/man/cs/include/override_homedir.xml | 4 src/man/cs/include/upstream.xml | 4 src/man/de/include/experimental.xml | 4 src/man/de/include/override_homedir.xml | 4 src/man/de/include/upstream.xml | 4 src/man/es/include/experimental.xml | 4 src/man/es/include/override_homedir.xml | 4 src/man/es/include/upstream.xml | 2 src/man/eu/include/experimental.xml | 2 src/man/eu/include/override_homedir.xml | 4 src/man/eu/include/upstream.xml | 2 src/man/fr/include/experimental.xml | 4 src/man/fr/include/override_homedir.xml | 4 src/man/fr/include/upstream.xml | 4 src/man/fr/sssd.conf.5.xml | 2496 --------- src/man/include/experimental.xml | 2 src/man/include/override_homedir.xml | 4 src/man/include/upstream.xml | 2 src/man/ja/include/experimental.xml | 4 src/man/ja/include/override_homedir.xml | 4 src/man/ja/include/upstream.xml | 2 src/man/lv/include/experimental.xml | 2 src/man/lv/include/override_homedir.xml | 4 src/man/lv/include/upstream.xml | 2 src/man/nl/include/experimental.xml | 2 src/man/nl/include/override_homedir.xml | 4 src/man/nl/include/upstream.xml | 2 src/man/pam_sss.8.xml | 24 src/man/po/br.po | 1392 +++-- src/man/po/ca.po | 1472 +++-- src/man/po/cs.po | 1398 +++-- src/man/po/de.po | 1475 +++-- src/man/po/es.po | 1472 +++-- src/man/po/eu.po | 1388 +++-- src/man/po/fr.po | 1475 +++-- src/man/po/ja.po | 1470 +++-- src/man/po/lv.po | 1394 +++-- src/man/po/nl.po | 1390 +++-- src/man/po/po4a.cfg | 1 src/man/po/pt.po | 1410 +++-- src/man/po/pt_BR.po | 1410 +++-- src/man/po/ru.po | 1390 +++-- src/man/po/sssd-docs.pot | 1346 +++-- src/man/po/tg.po | 1390 +++-- src/man/po/uk.po | 1478 +++-- src/man/po/zh_CN.po | 1390 +++-- src/man/pt/include/experimental.xml | 2 src/man/pt/include/override_homedir.xml | 4 src/man/pt/include/upstream.xml | 2 src/man/pt_BR/include/experimental.xml | 2 src/man/pt_BR/include/override_homedir.xml | 4 src/man/pt_BR/include/upstream.xml | 2 src/man/ru/include/experimental.xml | 2 src/man/ru/include/override_homedir.xml | 4 src/man/ru/include/upstream.xml | 2 src/man/sssd-ad.5.xml | 15 src/man/sssd-files.5.xml | 88 src/man/sssd-ipa.5.xml | 15 src/man/sssd.conf.5.xml | 68 src/man/tg/include/experimental.xml | 2 src/man/tg/include/override_homedir.xml | 4 src/man/tg/include/upstream.xml | 2 src/man/uk/include/experimental.xml | 5 src/man/uk/include/override_homedir.xml | 4 src/man/uk/include/upstream.xml | 4 src/man/uk/pam_sss.8.xml | 22 src/man/uk/sssd-ad.5.xml | 971 --- src/man/uk/sssd-ipa.5.xml | 14 src/man/uk/sssd.conf.5.xml | 65 src/man/zh_CN/include/experimental.xml | 2 src/man/zh_CN/include/override_homedir.xml | 4 src/man/zh_CN/include/upstream.xml | 2 src/monitor/monitor.c | 538 -- src/monitor/monitor.h | 3 src/p11_child/p11_child_nss.c | 55 src/providers/ad/ad_common.c | 274 - src/providers/ad/ad_common.h | 22 src/providers/ad/ad_id.c | 1 src/providers/ad/ad_pac.c | 4 src/providers/ad/ad_subdomains.c | 33 src/providers/be_dyndns.c | 6 src/providers/data_provider.h | 6 src/providers/data_provider/dp.h | 14 src/providers/data_provider/dp_resp_client.c | 191 src/providers/data_provider_be.c | 4 src/providers/fail_over.c | 12 src/providers/files/files_id.c | 179 src/providers/files/files_init.c | 92 src/providers/files/files_ops.c | 806 +++ src/providers/files/files_private.h | 74 src/providers/ipa/ipa_id.c | 160 src/providers/ipa/ipa_subdomains_id.c | 8 src/providers/ipa/ipa_subdomains_server.c | 46 src/providers/ipa/ipa_sudo_conversion.c | 54 src/providers/krb5/krb5_auth.c | 19 src/providers/krb5/krb5_child.c | 290 + src/providers/krb5/krb5_child_handler.c | 8 src/providers/ldap/ldap_auth.c | 11 src/providers/ldap/ldap_child.c | 26 src/providers/ldap/ldap_id.c | 2 src/providers/ldap/sdap.c | 15 src/providers/ldap/sdap.h | 25 src/providers/ldap/sdap_async_initgroups.c | 28 src/providers/ldap/sdap_dyndns.c | 3 src/providers/ldap/sdap_idmap.c | 1 src/providers/proxy/proxy_auth.c | 8 src/providers/proxy/proxy_id.c | 154 src/python/pyhbac.c | 1 src/responder/common/cache_req/cache_req.c | 704 +- src/responder/common/cache_req/cache_req.h | 39 src/responder/common/cache_req/cache_req_data.c | 51 src/responder/common/cache_req/cache_req_plugin.h | 45 src/responder/common/cache_req/cache_req_private.h | 37 src/responder/common/cache_req/cache_req_result.c | 239 src/responder/common/cache_req/cache_req_search.c | 129 src/responder/common/cache_req/plugins/cache_req_common.c | 40 src/responder/common/cache_req/plugins/cache_req_enum_groups.c | 25 src/responder/common/cache_req/plugins/cache_req_enum_svc.c | 25 src/responder/common/cache_req/plugins/cache_req_enum_users.c | 25 src/responder/common/cache_req/plugins/cache_req_group_by_filter.c | 26 src/responder/common/cache_req/plugins/cache_req_group_by_id.c | 27 src/responder/common/cache_req/plugins/cache_req_group_by_name.c | 27 src/responder/common/cache_req/plugins/cache_req_host_by_name.c | 121 src/responder/common/cache_req/plugins/cache_req_initgroups_by_name.c | 27 src/responder/common/cache_req/plugins/cache_req_initgroups_by_upn.c | 26 src/responder/common/cache_req/plugins/cache_req_netgroup_by_name.c | 26 src/responder/common/cache_req/plugins/cache_req_object_by_id.c | 26 src/responder/common/cache_req/plugins/cache_req_object_by_name.c | 26 src/responder/common/cache_req/plugins/cache_req_object_by_sid.c | 25 src/responder/common/cache_req/plugins/cache_req_svc_by_name.c | 26 src/responder/common/cache_req/plugins/cache_req_svc_by_port.c | 26 src/responder/common/cache_req/plugins/cache_req_user_by_cert.c | 29 src/responder/common/cache_req/plugins/cache_req_user_by_filter.c | 26 src/responder/common/cache_req/plugins/cache_req_user_by_id.c | 27 src/responder/common/cache_req/plugins/cache_req_user_by_name.c | 58 src/responder/common/cache_req/plugins/cache_req_user_by_upn.c | 37 src/responder/common/iface/responder_domain.c | 73 src/responder/common/iface/responder_iface.c | 43 src/responder/common/iface/responder_iface.h | 42 src/responder/common/iface/responder_iface.xml | 19 src/responder/common/iface/responder_iface_generated.c | 118 src/responder/common/iface/responder_iface_generated.h | 84 src/responder/common/iface/responder_ncache.c | 41 src/responder/common/negcache.c | 92 src/responder/common/negcache.h | 6 src/responder/common/responder.h | 32 src/responder/common/responder_common.c | 111 src/responder/common/responder_dp.c | 81 src/responder/common/responder_dp_ssh.c | 155 src/responder/common/responder_get_domains.c | 30 src/responder/ifp/ifp_iface.c | 2 src/responder/ifp/ifp_iface.xml | 10 src/responder/ifp/ifp_iface_generated.c | 83 src/responder/ifp/ifp_iface_generated.h | 10 src/responder/ifp/ifp_users.c | 417 + src/responder/ifp/ifp_users.h | 10 src/responder/ifp/ifpsrv_cmd.c | 2 src/responder/nss/nss_cmd.c | 2 src/responder/nss/nss_iface.c | 44 src/responder/nss/nss_iface.xml | 6 src/responder/nss/nss_iface_generated.c | 39 src/responder/nss/nss_iface_generated.h | 15 src/responder/nss/nss_private.h | 4 src/responder/nss/nss_protocol.h | 6 src/responder/nss/nss_protocol_grent.c | 6 src/responder/nss/nss_protocol_pwent.c | 6 src/responder/nss/nss_protocol_sid.c | 15 src/responder/nss/nss_utils.c | 12 src/responder/pam/pamsrv.h | 13 src/responder/pam/pamsrv_cmd.c | 667 -- src/responder/pam/pamsrv_p11.c | 86 src/responder/secrets/secsrv.c | 5 src/responder/ssh/ssh_cmd.c | 256 src/responder/ssh/ssh_known_hosts.c | 329 + src/responder/ssh/ssh_private.h | 71 src/responder/ssh/ssh_protocol.c | 217 src/responder/ssh/ssh_reply.c | 333 + src/responder/ssh/sshsrv.c | 2 src/responder/ssh/sshsrv_cmd.c | 1211 ---- src/responder/ssh/sshsrv_dp.c | 156 src/responder/ssh/sshsrv_private.h | 69 src/sbus/sssd_dbus.h | 2 src/sbus/sssd_dbus_connection.c | 21 src/sbus/sssd_dbus_interface.c | 166 src/sbus/sssd_dbus_private.h | 16 src/sbus/sssd_dbus_signals.c | 60 src/sbus/sssd_dbus_utils.h | 7 src/sss_client/idmap/sss_nss_idmap.pc.in | 2 src/sss_client/libwbclient/wbclient_sssd.pc.in | 2 src/sss_client/pam_message.h | 2 src/sss_client/pam_sss.c | 126 src/sss_client/sss_cli.h | 6 src/sysv/systemd/journal.conf.in | 2 src/sysv/systemd/sssd-autofs.service.in | 1 src/sysv/systemd/sssd-autofs.socket.in | 4 src/sysv/systemd/sssd-nss.service.in | 2 src/sysv/systemd/sssd-nss.socket.in | 7 src/sysv/systemd/sssd-pac.service.in | 1 src/sysv/systemd/sssd-pac.socket.in | 4 src/sysv/systemd/sssd-pam-priv.socket.in | 4 src/sysv/systemd/sssd-pam.service.in | 1 src/sysv/systemd/sssd-pam.socket.in | 4 src/sysv/systemd/sssd-ssh.service.in | 1 src/sysv/systemd/sssd-ssh.socket.in | 4 src/sysv/systemd/sssd-sudo.service.in | 1 src/sysv/systemd/sssd-sudo.socket.in | 4 src/tests/cmocka/common_mock_resp_dp.c | 68 src/tests/cmocka/test_ad_common.c | 57 src/tests/cmocka/test_authtok.c | 107 src/tests/cmocka/test_fqnames.c | 2 src/tests/cmocka/test_inotify.c | 582 ++ src/tests/cmocka/test_iobuf.c | 195 src/tests/cmocka/test_ipa_dn.c | 7 src/tests/cmocka/test_negcache.c | 70 src/tests/cmocka/test_nss_srv.c | 51 src/tests/cmocka/test_pam_srv.c | 213 src/tests/cmocka/test_responder_cache_req.c | 34 src/tests/cmocka/test_responder_common.c | 12 src/tests/cmocka/test_sdap_initgr.c | 540 ++ src/tests/cmocka/test_sysdb_subdomains.c | 109 src/tests/cmocka/test_sysdb_sudo.c | 5 src/tests/cmocka/test_sysdb_ts_cache.c | 11 src/tests/cmocka/test_utils.c | 11 src/tests/common.h | 2 src/tests/common_dom.c | 6 src/tests/cwrap/Makefile.am | 17 src/tests/cwrap/Makefile.in | 736 ++ src/tests/dlopen-tests.c | 2 src/tests/intg/Makefile.am | 8 src/tests/intg/Makefile.in | 11 src/tests/intg/config.py.m4 | 1 src/tests/intg/ent_test.py | 14 src/tests/intg/files_ops.py | 159 src/tests/intg/sssd_group.py | 90 src/tests/intg/sssd_id.py | 14 src/tests/intg/sssd_ldb.py | 11 src/tests/intg/sssd_netgroup.py | 25 src/tests/intg/sssd_nss.py | 46 src/tests/intg/sssd_passwd.py | 168 src/tests/intg/test_enumeration.py | 10 src/tests/intg/test_files_ops.py | 84 src/tests/intg/test_files_provider.py | 850 +++ src/tests/intg/test_secrets.py | 172 src/tests/intg/test_ts_cache.py | 71 src/tests/intg/util.py | 14 src/tests/ipa_ldap_opt-tests.c | 32 src/tests/sysdb-tests.c | 55 src/tests/tcurl_test_tool.c | 230 src/tests/util-tests.c | 18 src/tools/sss_cache.c | 26 src/tools/sss_groupshow.c | 4 src/tools/sssctl/sssctl_cache.c | 4 src/tools/sssd_check_socket_activated_responders.c | 197 src/util/authtok-utils.c | 91 src/util/authtok-utils.h | 56 src/util/authtok.c | 320 + src/util/authtok.h | 84 src/util/domain_info_utils.c | 19 src/util/inotify.c | 562 ++ src/util/inotify.h | 61 src/util/murmurhash3.c | 3 src/util/sss_iobuf.c | 205 src/util/sss_iobuf.h | 118 src/util/sss_nss.c | 17 src/util/tev_curl.c | 933 +++ src/util/tev_curl.h | 111 src/util/util.c | 10 src/util/util_errors.c | 2 src/util/util_errors.h | 2 src/util/util_safealign.h | 6 version.m4 | 2 345 files changed, 41721 insertions(+), 27311 deletions(-)
** Description changed: Upstream has released two bugfix releases since 1.15.0: 1.15.1 https://www.redhat.com/archives/freeipa-interest/2017-March/msg00000.html 1.15.2 https://www.redhat.com/archives/freeipa-interest/2017-March/msg00005.html 1.15.1 did add a new feature in the 'files' provider (essentially replaces nscd), but it's not used by default so it's not risky to add. + Another new thing is sssd_check_socket_activated_responders helper, but + we don't use socket activation either, so not risky. Upstream bugfixes: 1.15.1: - * https://pagure.io/SSSD/sssd/issue/3112 - When sssd.conf is missing, create one with id_provider=files - * https://pagure.io/SSSD/sssd/issue/3220 - Improve successful Dynamic DNS update log messages - * https://pagure.io/SSSD/sssd/issue/3227 - sssd doesn't update PTR records if A/PTR zones are configured as non-secure and secure - * https://pagure.io/SSSD/sssd/issue/3230 - Use the same logic for matching GC results in initgroups and user lookups - * https://pagure.io/SSSD/sssd/issue/3260 - handle default_domain_suffix for ssh requests with default_domain_suffix - * https://pagure.io/SSSD/sssd/issue/3262 - Implement a files provider to mirror the contents of /etc/passwd and /etc/groups - * https://pagure.io/SSSD/sssd/issue/3270 - [RFE] Add PKINIT support to SSSD Kerberos proivder - * https://pagure.io/SSSD/sssd/issue/3298 - Socket activation of SSSD doesn't work and leads to chaos - * https://pagure.io/SSSD/sssd/issue/3299 - SSSD does not start if using only the local provider and services line is empty - * https://pagure.io/SSSD/sssd/issue/3300 - Avoid running two instances of the same service - * https://pagure.io/SSSD/sssd/issue/3309 - Coverity warns about an unused value in IPA sudo code - * https://pagure.io/SSSD/sssd/issue/3313 - cache_req should use an negative cache entry for UPN based lookups - * https://pagure.io/SSSD/sssd/issue/2984 - Don't prompt for password if there is already one on the stack - * https://pagure.io/SSSD/sssd/issue/1126 - Reuse cache_req() in responder code + * https://pagure.io/SSSD/sssd/issue/3112 - When sssd.conf is missing, create one with id_provider=files + * https://pagure.io/SSSD/sssd/issue/3220 - Improve successful Dynamic DNS update log messages + * https://pagure.io/SSSD/sssd/issue/3227 - sssd doesn't update PTR records if A/PTR zones are configured as non-secure and secure + * https://pagure.io/SSSD/sssd/issue/3230 - Use the same logic for matching GC results in initgroups and user lookups + * https://pagure.io/SSSD/sssd/issue/3260 - handle default_domain_suffix for ssh requests with default_domain_suffix + * https://pagure.io/SSSD/sssd/issue/3262 - Implement a files provider to mirror the contents of /etc/passwd and /etc/groups + * https://pagure.io/SSSD/sssd/issue/3270 - [RFE] Add PKINIT support to SSSD Kerberos proivder + * https://pagure.io/SSSD/sssd/issue/3298 - Socket activation of SSSD doesn't work and leads to chaos + * https://pagure.io/SSSD/sssd/issue/3299 - SSSD does not start if using only the local provider and services line is empty + * https://pagure.io/SSSD/sssd/issue/3300 - Avoid running two instances of the same service + * https://pagure.io/SSSD/sssd/issue/3309 - Coverity warns about an unused value in IPA sudo code + * https://pagure.io/SSSD/sssd/issue/3313 - cache_req should use an negative cache entry for UPN based lookups + * https://pagure.io/SSSD/sssd/issue/2984 - Don't prompt for password if there is already one on the stack + * https://pagure.io/SSSD/sssd/issue/1126 - Reuse cache_req() in responder code 1.15.2: - * <https://pagure.io/SSSD/sssd/issue/3317> - Newline characters (\n) must be sanitized before LDAP requests take place - * <https://pagure.io/SSSD/sssd/issue/3316> - sssd-secrets doesn't exit on idle - * <https://pagure.io/SSSD/sssd/issue/3314> - sssd ignores entire groups from proxy provider if one member is listed twice - * <https://pagure.io/SSSD/sssd/issue/3164> - when group is invalidated using sss_cache dataExpireTimestamp entry in the domain and timestamps cache are inconsistent - * <https://pagure.io/SSSD/sssd/issue/2668> - [RFE] Add more flexible templating for override_homedir config option - * <https://pagure.io/SSSD/sssd/issue/2599> - Make it possible to configure AD subdomain in the server mode - * <https://pagure.io/SSSD/sssd/issue/3322> - chown in ExecStartPre of sssd-nss.service hangs forever - * <https://pagure.io/SSSD/sssd/issue/843> - Login time increases strongly if more than one domain is configured - * <https://pagure.io/SSSD/sssd/issue/2320> - use the sss_parse_inp request in other responders than dbus + * <https://pagure.io/SSSD/sssd/issue/3317> - Newline characters (\n) must be sanitized before LDAP requests take place + * <https://pagure.io/SSSD/sssd/issue/3316> - sssd-secrets doesn't exit on idle + * <https://pagure.io/SSSD/sssd/issue/3314> - sssd ignores entire groups from proxy provider if one member is listed twice + * <https://pagure.io/SSSD/sssd/issue/3164> - when group is invalidated using sss_cache dataExpireTimestamp entry in the domain and timestamps cache are inconsistent + * <https://pagure.io/SSSD/sssd/issue/2668> - [RFE] Add more flexible templating for override_homedir config option + * <https://pagure.io/SSSD/sssd/issue/2599> - Make it possible to configure AD subdomain in the server mode + * <https://pagure.io/SSSD/sssd/issue/3322> - chown in ExecStartPre of sssd-nss.service hangs forever + * <https://pagure.io/SSSD/sssd/issue/843> - Login time increases strongly if more than one domain is configured + * <https://pagure.io/SSSD/sssd/issue/2320> - use the sss_parse_inp request in other responders than dbus ** Changed in: sssd (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680385 Title: FFE: sssd bugfix update 1.15.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1680385/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
