Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: sssd-tools | Distribution: AlmaLinux |
Version: 2.9.4 | Vendor: AlmaLinux |
Release: 6.el9_4 | Build date: Tue Apr 30 23:22:44 2024 |
Group: Unspecified | Build host: s390x-builder02.almalinux.org |
Size: 320903 | Source RPM: sssd-2.9.4-6.el9_4.src.rpm |
Packager: AlmaLinux Packaging Team <packager@almalinux.org> | |
Url: https://github.com/SSSD/sssd/ | |
Summary: Userspace tools for use with the SSSD |
Provides userspace tools for manipulating users, groups, and nested groups in SSSD when using id_provider = local in /etc/sssd/sssd.conf. Also provides several other administrative tools: * sss_debuglevel to change the debug level on the fly * sss_seed which pre-creates a user entry for use in kickstarts * sss_obfuscate for generating an obfuscated LDAP password * sssctl -- an sssd status and control utility
GPLv3+
* Thu Apr 18 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-6 - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently [rhel-9.4.0] * Mon Mar 25 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-5 - Resolves: RHEL-28161 - Passkey cannot fall back to password * Thu Mar 21 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-4 - Resolves: RHEL-28161 - Passkey cannot fall back to password * Wed Mar 13 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-3 - Resolves: RHEL-22340 - socket leak - Resolves: RHEL-28161 - Passkey cannot fall back to password * Mon Feb 12 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-2 - Resolves: RHEL-12503 - AD users are unable to log in due to case sensitivity of user because the domain is found as an alias to the email address. - Resolves: RHEL-22288 - ssh pubkey stored in ldap/AD no longer works to authenticate via sssd - Resolves: RHEL-22194 - gdm smartcard login fails with sssd-2.9.3 in case of multiple identities * Fri Jan 12 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-1 - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-18395 - latest sssd breaks logging in via XDMCP for LDAP/Kerberos users - Resolves: RHEL-17498 - New sssd.conf seems not to be backwards compatible (wrt SmartCard auth of local users using 'files provider') [rhel-9] - Resolves: RHEL-21079 - SSSD GPO lacks group resolution on hosts [rhel-9] - Resolves: RHEL-19211 - Excessive logging to sssd_nss and sssd_be in multi-domain AD forest [rhel-9] * Mon Nov 13 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.3-2 - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 * Mon Nov 13 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.3-1 - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-14427 - Expected cn in RDN, got uid - Resolves: RHEL-12229 - HANA validation on RHEL 9.2 issue possibly related to libc/nss_sss behaviour - Resolves: RHEL-3925 - SSSD goes offline when, while reading a single user, misses a required attribute (i.e. SID) - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: RHEL-4146 - Incorrect handling of reverse IPv6 update results in update failure - Resolves: RHEL-4971 - sssd-kcm does not appear to expire Kerberos tickets (RFE: sssd_kcm should have the option to automatically delete the expired tickets) * Thu Oct 05 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-2 - Resolves: RHEL-2319 - Passkey authentication for centrally managed users * Fri Sep 08 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-1 - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: rhbz#2234829 - SSSD runs multiples lookup search for each NFS request (SBUS req chaining stopped working) - Resolves: rhbz#2236119 - dbus and crond getting terminated with SIGBUS in sss_client code * Mon Jul 10 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.1-2 - Resolves: rhbz#2218858 - [sssd] SSSD enters failed state after heavy load in the system * Fri Jun 23 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.1-1 - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#2196816 - [RHEL9] [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed' - Resolves: rhbz#2162552 - sssd client caches old data after removing netgroup member on IDM - Resolves: rhbz#2189542 - [sssd] RHEL 9.3 Tier 0 Localization - Resolves: rhbz#2133854 - [RHEL9] In some cases when `sdap_add_incomplete_groups()` is called with `ignore_group_members = true`, groups should be treated as complete - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys * Tue Jun 06 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-5 - Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs. * Tue May 30 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-4 - Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs. * Thu May 25 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-3 - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 * Mon May 15 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-1 - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys - Resolves: rhbz#1913839 - filter_groups doesn't filter GID from 'id' output: AD + 'ldap_id_mapping = True' corner case - Resolves: rhbz#2100789 - [Improvement] sssctl config-check command does not show an error when we don't have id_provider in the domain section - Resolves: rhbz#2152177 - [RFE] Add support for ldapi:// URLs - Resolves: rhbz#2164852 - man page entry should make clear that a nested group needs a name - Resolves: rhbz#2166627 - Improvement: sss_client: add 'getsidbyusername()' and 'getsidbygroupname()' and corresponding python bindings - Resolves: rhbz#2166943 - kinit switches KCM away from the newly issued ticket - Resolves: rhbz#2167728 - [sssd] Auth fails if client cannot speak to forest root domain (ldap_sasl_interactive_bind_s failed) * Mon Jan 16 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.8.2-2 - Resolves: rhbz#2160001 - Reference to 'sssd-ldap-attributes' man page is missing in 'sssd-ldap', etc man pages - Resolves: rhbz#2143159 - automount killed by SIGSEGV * Fri Dec 16 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.8.2-1 - Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1608496 - sssd failing to register dynamic DNS addresses against an AD server due to unnecessary DNS search - Resolves: rhbz#2110091 - SSSD doesn't handle changes in 'resolv.conf' properly (when started right before network service) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139684 - [sssd] RHEL 9.2 Tier 0 Localization - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list - Resolves: rhbz#2142794 - SSSD: `sssctl analyze` command shouldn't require 'root' privileged - Resolves: rhbz#2144893 - changing password with ldap_password_policy = shadow does not take effect immediately - Resolves: rhbz#2148737 - UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around * Fri Nov 04 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.8.1-1 - Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1507035 - [RFE] SSSD does not support to change the user’s password when option ldap_pwd_policy equals to shadow in sssd.conf file - Resolves: rhbz#1766490 - Use negative cache better and domain checks for lookup by SIDs - Resolves: rhbz#1964121 - RFE: Add an option to sssd config to convert home directories to lowercase (or add a new template for the 'override_homedir' option) - Resolves: rhbz#2074307 - reduce debug level in case well_known_sid_to_name() fails - Resolves: rhbz#2096031 - SSSD: sdap_handle_id_collision_for_incomplete_groups debug message missing a new line - Resolves: rhbz#2103325 - Supported AD group types should be explained in the docs - Resolves: rhbz#2111388 - authenticating against external IdP services okta (native app) with OAuth client secret failed - Resolves: rhbz#2115171 - SSSD: duplicate dns_resolver_* option in man sssd.conf - Resolves: rhbz#2127492 - sssd timezone issues sudonotafter - Resolves: rhbz#2128840 - [RFE] provide dbus method to find users by attr - Resolves: rhbz#2128883 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list * Fri Aug 26 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-4 - Related: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs) * Tue Aug 23 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-3 - Resolves: rhbz#2116389 - rpc.gssd crash when access a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-2.el9 - Resolves: rhbz#2119373 - sssctl analyze --logdir option requires sssd to be configured - Resolves: rhbz#2120657 - Incorrect request ID tracking from responder to backend * Mon Aug 08 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2 - Resolves: rhbz#2106660 - [regression] sssd goes offline with forced ldaps configuration - Resolves: rhbz#2109451 - virsh command will hang after the host run several auto test cases - Resolves: rhbz#2098654 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL - Resolves: rhbz#2106685 - [regression] sssctl analyze fails to parse PAM related sssd logs * Tue Jul 05 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-1 - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1 - Resolves: rhbz#1936551 - [Improvement] Provide user feedback when login fails due to blocked PIN - Resolves: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs) - Resolves: rhbz#2062665 - [sssd] RHEL 9.1 Tier 0 Localization * Mon Jun 13 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-2 - Resolves: rhbz#2073095 - Harden kerberos ticket validation (additional patch) - Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol (additional patch) * Sat Jun 04 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-1 - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1 - Resolves: rhbz#1893192 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets - Resolves: rhbz#1927553 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file - Resolves: rhbz#2089216 - pam_sss_gss ceased to work after upgrade to 8.6 - Resolves: rhbz#2090776 - Add idp authentication indicator in man page of sssd.conf - Resolves: rhbz#1927195 - sssd runs out of proxy child slots and doesn't clear the counter for Active requests - Resolves: rhbz#2073095 - Harden kerberos ticket validation - Resolves: rhbz#2082455 - 'getent hosts' not return hosts if they have more than one CN in LDAP - Resolves: rhbz#2087581 - Regression "Missing internal domain data." when setting ad_domain to incorrect * Wed May 11 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-2 - Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd * Wed Apr 20 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-1 - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1 - Resolves: rhbz#2072640 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop - Resolves: rhbz#2070189 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file. - Resolves: rhbz#2070138 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options) - Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd - Resolves: rhbz#2065098 - Use right sdap_domain in ad_domain_info_send - Resolves: rhbz#2062716 - [Improvement] Add user and group version of sss_nss_getorigbyname() - Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol - Resolves: rhbz#2056482 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2 - Resolves: rhbz#1937895 - SSSD update prompts for smartcard pin twice - After update to 7.9 - Resolves: rhbz#1925559 - [RFE] Implement time logging for the LDAP queries and warning of high queries time - Resolves: rhbz#1915564 - sssd does not enforce smartcard auth for kde screen locker - Resolves: rhbz#1859751 - [RFE] Allow SSSD to use anonymous pkinit for FAST - Resolves: rhbz#1749279 - 2FA prompting setting ineffective - Resolves: rhbz#1661055 - sssd fails GPO-based access if AD have setup with Japanese language - Resolves: rhbz#1245367 - [RFE] Implement memory cache for SID requests to improve performance
/usr/lib/.build-id /usr/lib/.build-id/b4 /usr/lib/.build-id/b4/c7e5b05e7a18f857580baf6f71deae066be3f6 /usr/lib/.build-id/e5 /usr/lib/.build-id/e5/12de8dfb2d6e14ab18c2157c368aaab4d6dd62 /usr/lib/.build-id/f3 /usr/lib/.build-id/f3/3f8b0f7155c754e3944549abc768122660fcd0 /usr/lib/python3.9/site-packages/sssd /usr/lib/python3.9/site-packages/sssd/__init__.py /usr/lib/python3.9/site-packages/sssd/__pycache__ /usr/lib/python3.9/site-packages/sssd/__pycache__/__init__.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/__init__.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/parser.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/parser.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_files.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_files.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_journald.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_journald.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_reader.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/source_reader.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/sss_analyze.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/__pycache__/sss_analyze.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/modules /usr/lib/python3.9/site-packages/sssd/modules/__init__.py /usr/lib/python3.9/site-packages/sssd/modules/__pycache__ /usr/lib/python3.9/site-packages/sssd/modules/__pycache__/__init__.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/modules/__pycache__/__init__.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/modules/__pycache__/request.cpython-39.opt-1.pyc /usr/lib/python3.9/site-packages/sssd/modules/__pycache__/request.cpython-39.pyc /usr/lib/python3.9/site-packages/sssd/modules/request.py /usr/lib/python3.9/site-packages/sssd/parser.py /usr/lib/python3.9/site-packages/sssd/source_files.py /usr/lib/python3.9/site-packages/sssd/source_journald.py /usr/lib/python3.9/site-packages/sssd/source_reader.py /usr/lib/python3.9/site-packages/sssd/sss_analyze.py /usr/libexec/sssd/sss_analyze /usr/sbin/sss_debuglevel /usr/sbin/sss_obfuscate /usr/sbin/sss_override /usr/sbin/sss_seed /usr/sbin/sssctl /usr/share/licenses/sssd-tools /usr/share/licenses/sssd-tools/COPYING /usr/share/man/ca/man8/sss_obfuscate.8.gz /usr/share/man/ca/man8/sss_seed.8.gz /usr/share/man/de/man8/sss_obfuscate.8.gz /usr/share/man/de/man8/sss_seed.8.gz /usr/share/man/es/man8/sss_obfuscate.8.gz /usr/share/man/es/man8/sss_seed.8.gz /usr/share/man/fr/man8/sss_obfuscate.8.gz /usr/share/man/fr/man8/sss_seed.8.gz /usr/share/man/ja/man8/sss_obfuscate.8.gz /usr/share/man/man8/sss_debuglevel.8.gz /usr/share/man/man8/sss_obfuscate.8.gz /usr/share/man/man8/sss_override.8.gz /usr/share/man/man8/sss_seed.8.gz /usr/share/man/man8/sssctl.8.gz /usr/share/man/ru/man8/sss_debuglevel.8.gz /usr/share/man/ru/man8/sss_obfuscate.8.gz /usr/share/man/ru/man8/sss_override.8.gz /usr/share/man/ru/man8/sss_seed.8.gz /usr/share/man/ru/man8/sssctl.8.gz /usr/share/man/sv/man8/sss_debuglevel.8.gz /usr/share/man/sv/man8/sss_obfuscate.8.gz /usr/share/man/sv/man8/sss_override.8.gz /usr/share/man/sv/man8/sss_seed.8.gz /usr/share/man/sv/man8/sssctl.8.gz /usr/share/man/uk/man8/sss_debuglevel.8.gz /usr/share/man/uk/man8/sss_obfuscate.8.gz /usr/share/man/uk/man8/sss_override.8.gz /usr/share/man/uk/man8/sss_seed.8.gz /usr/share/man/uk/man8/sssctl.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 12 07:21:51 2024