rpms/sssd/F-11 .cvsignore, 1.11, 1.12 sources, 1.11, 1.12 sssd.spec, 1.22, 1.23
Stephen Gallagher
sgallagh at fedoraproject.org
Fri Oct 23 20:03:33 UTC 2009
- Previous message (by thread): rpms/sssd/F-12 .cvsignore, 1.11, 1.12 sources, 1.12, 1.13 sssd.spec, 1.24, 1.25 0001-Tighten-up-permission.patch, 1.2, NONE
- Next message (by thread): rpms/gdb/F-12 .cvsignore, 1.43, 1.44 gdb-archer.patch, 1.34, 1.35 gdb.spec, 1.395, 1.396 sources, 1.42, 1.43
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: sgallagh
Update of /cvs/pkgs/rpms/sssd/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14923
Modified Files:
.cvsignore sources sssd.spec
Log Message:
Dmitri Pal (10):
* COLLECTION Adding item comparison and sorting
* COLLECTION Realigning collection code
* COLLECTION Making iterations pinnable
* COLLECTION Enhancing hashing and iteration functions
* ELAPI Event resolver
* ELAPI Resolving message attribute
* ELAPI Fixing warnings in the example
* ELAPI Rename variables and functions not to use word template
* ELAPI Fixed the host name resolution
* ELAPI Compatibility code for getifaddr()
Jakub Hrozek (3):
* Fix python sync operations and mem hierarchy
* Fix error messages in tools
* User home directories management
Martin Nagy (7):
* Use correct talloc context in sss_names_init()
* Fix potential memory leaks in the data provider
* Resolver: Use talloc_get_type() for type safety
* Use talloc to copy data from c-ares
* Add a new set of helpful common functions for tests
* Various improvements to the resolv test suite
* Delete sssd-i18n.h and put it's old contents into util.h
Piotr Dr?g (1):
* Update polish translation for 0.6.0
Ralf Haferkamp (2):
* LDAP provider needs to link against krb libraries
* SUSE specific init script
Simo Sorce (21):
* Tighten up permission.
* Initial implementation of sasl bind support
* Fix tools sync operations and mem hierarchy
* Fix long timeout on ldap operation
* Make dp requests more robust
* Differentiate between search and network timeouts
* Remove DP process
* Start responders predictably after providers
* Remove magicPrivateGroups option
* Fix services startup when only LOCAL is configured
* Make options parser available to all providers
* Move ldap provider configuration into its own file
* Fix offline authentication
* Return the dp error from the providers
* Move all ldap provider init functions
* Move all krb5 provider init functions
* Add first basic IPA provider
* Always list inputs before outputs
* Start implementing ipa specific options.
* Better offline/enumeration behavior
* Fix setting the schema in the ipa provider
Stephen Gallagher (24):
* Update version to 0.6.0
* Fix infinite loop with empty group enumeration
* Updating release script to use the VERSION file
* Change requirement on libldb to libldb >= 0.9.3
* INI Add config_from_fd() to ini_config
* Remove unused btreemap code
* Add new SSSDConfig python API
* Add plugin configuration schema for proxy provider
* Package SSSDConfig API
* Clean up warnings in pysss.c
* Remove warnings caused by 5e2301b8a75d10e5cbbe11e26e5192b894af6ad7
* Remove two unused functions.
* Fix segfault when using SSS tools with no local provider
* Do not allow setting auth, access or chpass providers for LOCAL
* Add krb5_common.h to the list of headers to 'make dist'
* Use Python 3-compatible sitearch and sitelib
* Better detect installed language files
* Clean up rpmlint errors and warnings in sssd-client package
* Set the Default-Stop LSB option for the SSSD sysv init script
* Fix RPM builds on older versions of rpmbuild
* Bring SSSDConfig API options up-to-date
* Add pam_ctx (similar to nss_ctx) for storing global PAM config
* Add support for offline auth cache timeout
* Update version to 0.7.0
Sumit Bose (28):
* update sysdb tests to new config file version
* add utility call check_and_open_readonly
* more documentation and test for sssd.conf
* handle expired password during authentication
* move password handling into subroutines
* ask for new password if password is expired
* remove redundant talloc_free
* add description of chpass_provider option to sssd.conf man page
* add support for server side LDAP password policies
* add syslog message similar to pam_unix
* use the correct kerberos context for each target
* fix a wrong argument to unpack_buffer
* add -Werror-implicit-function-declaration to default gcc flags
* add a replacement if ldap_control_create is missing
* use PYTHON_PREFIX to install SSSDConfig python API
* add missing %defattr to the filelist of the client package
* make sdap_id_connect_* independent of sdap_id_ctx
* send a message if a backend target is not configured
* use old password if available during password change
* set chpass_provider implicit if not set explicit
* more implicit provider target settings
* enable debugging of krb5_child
* Check for expired passwords in LDAP provider
* added generic LDAP search sdap_get_generic_send/_recv
* add store/search/delete interface for custom sysdb objects
* update krb5 option handling to new option scheme
* update ipa auth options to new option scheme
* fix a compiler warning about redefinition of DEBUG
Detailed changes since 0.5.0
Dmitri Pal (8):
* ELAPI sinks and providers
* ELAPI Adding file provider and CSV format
* ELAPI Laying foundation for the async processing
* COLLECTION Copy collection flat with concatenated names
* COLLECTION Improvements to copy functions
* COLLECTION Functions to deal with hash
* ELAPI Better separation from collection internals.
* INI Error handling and interface cleanup
Jakub Hrozek (17):
* Remove shadow-utils support from tools
* Small changes to the example config and manpage
* Add copyright notices
* ELAPI: Fix dispatcher structure initialization
* Add binaries and backup files to .gitignore
* Refactor tools code
* Decouple synchronous sysdb interface from tools
* Provide python bindings for sysdb
* Use syslog for logging error conditions in SSSD
* ELAPI: fix varargs call, update unit tests
* ELAPI: Ticket 161: Initialize structures with calloc instead of enumerating members
* Allow entering parent groups as FQDN
* Remove provider=files
* Manpages update
* script to upgrade config to v2
* Send debug messages to logfile
* Convert the example config to v2 format, upgrade config on update only
Jeff Schroeder (1):
* Add documentation for installing build dependencies
Piotr Drąg (1):
* Add pl translation
Ralf Haferkamp (2):
* Fix initgroups search filter when using rfc2307bis
* Avoid crash when timestamp is NULL
Simo Sorce (30):
* Use the correct structure.
* Initial support for multiple schema types
* Always save using member/memberOf
* Fix group replies when using member/memberof
* Upgrade database to 0.2
* Remove redunant function and always pass attrs.
* Make enumeration an independent task
* Speed-up enumerations.
* Correctly handle !DbusWatch behavior.
* Turn enumeration into a boolean value
* Honor enumerate option in ldap_id
* Fix proxy enumeration
* Fix two possible uninitialized values
* Split database in multiple files
* Tools are allowed to touch only the 'local' domain
* Fix Ldap id backend offline code
* Fix memory mishandling.
* Fix ldap enumeration async task
* Fix getgrnam and getgrgid calls
* Complete the removal of "legacy" option.
* Update documentation and examples
* Make the offline status backend-global
* Turn ldap driver options into multitype
* Fix copy&paste error.
* Better handle groups w/o members
* Fix copy&paste of wrong structure
* Don't try to use initgroups_dyn if not available
* Handle suspend cases
* Split out an sssd-clients package
* Let backend respond while fetching large results
Stephen Gallagher (26):
* Move RPM specfiles into contrib/
* Consolidate cache lookups in the NSS
* Add support for the !EntryCacheNoWaitRefreshTimeout
* Check for valid min and max IDs in confdb_get_domains
* Update manpage to reflect new syntax for enumerate
* Add strtoint32 and strtouint32 convenience functions
* Properly detect negative/invalid values for the minId and maxId
* Remove unused event context argument from confdb_init
* Read the configuration parsing before daemonization
* Fix first-time confdb generation
* Add 'make tests' target
* Add strtoint32 and strtouint32 tests
* Print error message when connection to the config db fails
* Exit if the sssd is launched as a user other than root
* Include m4 directories in tarball
* Allow rerunning autoreconf from the tarball
* Add PRERELEASE_VERSION variable for use in sssd.spec.in
* Add missing updates to LINGUAS for pl translation
* Add missing reference to sssd-ldap(5) in sssd.conf(5) manpage
* Include groupSearchBase in sssd-ldap(5) manpage
* Several fixes and enhancements for config file processing
* Make configure script compatible with older python versions
* Revert "Use syslog for logging error conditions in SSSD"
* Temporarily disable automatic config file reread
* Upgrade confdb to version 2
* Update version to 0.6.0
Sumit Bose (31):
* removed unused header file
* do not show server messages to user
* fix internal order of ldap user mapping options
* add configure check for errno_t
* send SSSD_REALM and SSSD_KDCIP environment to the client
* check if gid attribute is empty
* stop processing a domain if no provider is given
* check if libpcre version is above or below 7
* remove the concept of a backend name
* configure cleanups
* fix libdbus configure check
* initialize sockaddr_in structure
* add change password target to krb5 backend
* use fork+exec for kerberos helper
* Let the PAM client send its PID
* remove unused client locale from PAM protocol
* make cli_pid mandatory and increase version number of pam protocol
* add krb5ccache_dir and krb5ccname_template option
* fix the wrong usage of an offset
* added child timeout handler
* Check if SSL/TLS handler is already in place
* use getaddrinfo to resolve IP address of KDC
* add a man page for pam_sss
* toggle debug output of sssd_krb5_locator_plugin with an environment variable
* add new config options ldap_tls_cacert and ldap_tls_cacertdir
* fix possible short reads in kerberos provider
* remove krb5_try_simple_upn option and make it a default fallback
* add defines for large file support to standard CFLAGS
* more fixes for older libpcre versions
* Cleanups for library linking
* added support for older MIT kerberos versions
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/F-11/.cvsignore,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- .cvsignore 24 Aug 2009 21:13:27 -0000 1.11
+++ .cvsignore 23 Oct 2009 20:03:33 -0000 1.12
@@ -1 +1 @@
-sssd-0.5.0.tar.gz
+sssd-0.7.0.tar.gz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/F-11/sources,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- sources 24 Aug 2009 21:13:27 -0000 1.11
+++ sources 23 Oct 2009 20:03:33 -0000 1.12
@@ -1 +1 @@
-7566dcac75e7248ca99b4dd0bb49c1ee sssd-0.5.0.tar.gz
+403945c70c902302e5d8babecb24b096 sssd-0.7.0.tar.gz
Index: sssd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sssd/F-11/sssd.spec,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -p -r1.22 -r1.23
--- sssd.spec 24 Aug 2009 21:13:27 -0000 1.22
+++ sssd.spec 23 Oct 2009 20:03:33 -0000 1.23
@@ -1,9 +1,11 @@
+%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib(1))")}
+%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import *; import sys; sys.stdout.write(get_python_lib())")}
+
Name: sssd
-Version: 0.5.0
-Release: 0%{?dist}
+Version: 0.7.0
+Release: 1%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
-
# The entire source code is GPLv3+ except replace/ which is LGPLv3+
License: GPLv3+ and LGPLv3+
URL: http://fedorahosted.org/sssd
@@ -17,7 +19,8 @@ BuildRoot: %(mktemp -ud %{_tmppath}/%{na
Requires: libldb >= 0.9.3
Requires: libtdb >= 1.1.3
-
+Requires: sssd-client = 0.7.0
+Requires(post): python
Requires(preun): initscripts chkconfig
Requires(postun): /sbin/service
@@ -32,7 +35,8 @@ BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: m4
-BuildRequires: popt-devel
+%{?fedora:BuildRequires: popt-devel}
+%{?rhel:BuildRequires: popt}
BuildRequires: libtalloc-devel
BuildRequires: libtevent-devel
BuildRequires: libtdb-devel
@@ -49,6 +53,7 @@ BuildRequires: libxml2
BuildRequires: docbook-style-xsl
BuildRequires: krb5-devel
BuildRequires: c-ares-devel
+BuildRequires: python-devel
%description
Provides a set of daemons to manage access to remote directories and
@@ -57,6 +62,14 @@ the system and a pluggable backend syste
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.
+%package client
+Summary: SSSD Client libraries for NSS and PAM
+Group: Applications/System
+
+%description client
+Provides the libraries needed by the PAM and NSS stacks to connect to the SSSD
+service.
+
%prep
%setup -q
@@ -75,6 +88,16 @@ rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT
+# Prepare language files
+/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_daemon
+/usr/lib/rpm/find-lang.sh $RPM_BUILD_ROOT sss_client
+
+mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
+install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
+
+install -m400 server/config/etc/sssd.api.conf $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.conf
+install -m400 server/config/etc/sssd.api.d/* $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.api.d/
+
# Remove .la files created by libtool
rm -f \
$RPM_BUILD_ROOT/%{_lib}/libnss_sss.la \
@@ -83,15 +106,20 @@ rm -f \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_ldap.la \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_proxy.la \
$RPM_BUILD_ROOT/%{_libdir}/sssd/libsss_krb5.la \
- $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la
+ $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.la \
+ $RPM_BUILD_ROOT/%{python_sitearch}/pysss.la
-mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/sssd
-install -m600 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sssd/sssd.conf
+if test -e $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so
+then
+ # Apppend this file to the sss_daemon.lang
+ # Older versions of rpmbuild can only handle one -f option
+ echo %{_libdir}/krb5/plugins/libkrb5/sssd_krb5_locator_plugin.so >> sss_daemon.lang
+fi
%clean
rm -rf $RPM_BUILD_ROOT
-%files
+%files -f sss_daemon.lang
%defattr(-,root,root,-)
%doc COPYING
%attr(755,root,root) %{_initrddir}/%{name}
@@ -105,23 +133,45 @@ rm -rf $RPM_BUILD_ROOT
%{_libexecdir}/%{servicename}/
%{_libdir}/%{name}/
%{_libdir}/ldb/memberof.so
-%{_libdir}/krb5/plugins/libkrb5/*
%dir %{sssdstatedir}
%attr(700,root,root) %dir %{dbpath}
%attr(755,root,root) %dir %{pipepath}
%attr(700,root,root) %dir %{pipepath}/private
-%dir %{_sysconfdir}/sssd
+%attr(750,root,root) %dir %{_var}/log/%{name}
+%attr(700,root,root) %dir %{_sysconfdir}/sssd
%config(noreplace) %{_sysconfdir}/sssd/sssd.conf
+%config %{_sysconfdir}/sssd/sssd.api.conf
+%attr(700,root,root) %dir %{_sysconfdir}/sssd/sssd.api.d
+%config %{_sysconfdir}/sssd/sssd.api.d/
+%{_mandir}/man5/sssd.conf.5*
+%{_mandir}/man5/sssd-ipa.5*
+%{_mandir}/man5/sssd-krb5.5*
+%{_mandir}/man5/sssd-ldap.5*
+%{_mandir}/man8/sssd.8*
+%{_mandir}/man8/sss_groupadd.8*
+%{_mandir}/man8/sss_groupdel.8*
+%{_mandir}/man8/sss_groupmod.8*
+%{_mandir}/man8/sss_useradd.8*
+%{_mandir}/man8/sss_userdel.8*
+%{_mandir}/man8/sss_usermod.8*
+%{_mandir}/man8/sssd_krb5_locator_plugin.8*
+%{python_sitearch}/pysss.so
+%{python_sitelib}/*.py*
+%{?fedora:%{python_sitelib}/*.egg-info}
+
+%files client -f sss_client.lang
+%defattr(-,root,root,-)
/%{_lib}/libnss_sss.so.2
/%{_lib}/security/pam_sss.so
-%{_mandir}/man5/*
-%{_mandir}/man8/*
-%{_datadir}/locale/*/LC_MESSAGES/sss_client.mo
-%{_datadir}/locale/*/LC_MESSAGES/sss_daemon.mo
+%{_mandir}/man8/pam_sss.8*
%post
/sbin/ldconfig
/sbin/chkconfig --add %{servicename}
+if [ $1 -ge 2 ] ; then
+# a one-time upgrade from confdb v1 to v2, only if upgrading
+ python %{_libexecdir}/%{servicename}/upgrade_config.py
+fi
%preun
if [ $1 = 0 ]; then
@@ -135,14 +185,41 @@ if [ $1 -ge 1 ] ; then
/sbin/service %{servicename} condrestart 2>&1 > /dev/null
fi
+%post client -p /sbin/ldconfig
+
+%postun client -p /sbin/ldconfig
+
%changelog
+* Fri Oct 23 2009 Stephen Gallagher <sgallagh at redhat.com> - 0.7.0-1
+- New upstream release 0.7.0
+
+* Thu Oct 15 2009 Stephen Gallagher <sgallagh at redhat.com> - 0.6.1-2
+- Fix missing file permissions for sssd-clients
+
+* Tue Oct 13 2009 Stephen Gallagher <sgallagh at redhat.com> - 0.6.1-1
+- Add SSSDConfig API
+- Update polish translation for 0.6.0
+- Fix long timeout on ldap operation
+- Make dp requests more robust
+
+* Tue Sep 29 2009 Stephen Gallagher <sgallagh at redhat.com> - 0.6.0-1
+- Ensure that the configuration upgrade script always writes the config
+ file with 0600 permissions
+- Eliminate an infinite loop in group enumerations
+
+* Mon Sep 28 2009 Sumit Bose <sbose at redhat.com> - 0.6.0-0
+- New upstream release 0.6.0
+
* Mon Aug 24 2009 Simo Sorce <ssorce at redhat.com> - 0.5.0-0
- New upstream release 0.5.0
-* Wed Jul 29 2009 Jakub Hrozek <jhrozek at redhat.com> - 0.4.1-3
+* Wed Jul 29 2009 Jakub Hrozek <jhrozek at redhat.com> - 0.4.1-4
- Fix for CVE-2009-2410 - Native SSSD users with no password set could log in
without a password. (Patch by Stephen Gallagher)
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.4.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
* Mon Jun 22 2009 Simo Sorce <ssorce at redhat.com> - 0.4.1-2
- Fix a couple of segfaults that may happen on reload
@@ -154,15 +231,6 @@ fi
- latest upstream release.
- also add a patch that fixes debugging output (potential segfault)
-* Tue Apr 29 2009 Simo Sorce <ssorce at redhat.com> - 0.3.3-3
-- Add use_first_pass option to fix pam stack problems
-
-* Tue Apr 28 2009 Simo Sorce <ssorce at redhat.com> - 0.3.3-1
-- Add patches to fix password caches when offline
-
-* Mon Apr 27 2009 Simo Sorce <ssorce at redhat.com> - 0.3.3-0
-- Version 0.3.3
-
* Mon Apr 20 2009 Simo Sorce <ssorce at redhat.com> - 0.3.2-2
- release out of the official 0.3.2 tarball
- Previous message (by thread): rpms/sssd/F-12 .cvsignore, 1.11, 1.12 sources, 1.12, 1.13 sssd.spec, 1.24, 1.25 0001-Tighten-up-permission.patch, 1.2, NONE
- Next message (by thread): rpms/gdb/F-12 .cvsignore, 1.43, 1.44 gdb-archer.patch, 1.34, 1.35 gdb.spec, 1.395, 1.396 sources, 1.42, 1.43
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list