[Pkg-sssd-devel] sssd: Changes to 'debian-experimental'
Timo Aaltonen
tjaalton-guest at alioth.debian.org
Tue Feb 5 23:35:45 UTC 2013
debian/changelog | 60 ++-----------------------------------------------------
debian/rules | 3 ++
2 files changed, 6 insertions(+), 57 deletions(-)
New commits:
commit ea8eeb679964edfdee06bdc2a424cd9f1a40c47a
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Wed Feb 6 00:42:13 2013 +0200
rules: Pass --datadir, so the path in autogenerated python files is correctly substituted. (LP: #1079938)
diff --git a/debian/changelog b/debian/changelog
index b7d10f9..c67dfa8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -36,6 +36,8 @@ sssd (1.9.4-1) UNRELEASED; urgency=low
* libsss-sudo*, control: Remove the soname from the library, move .so to
the libsss-sudo, Replaces old libsss-sudo-dev. Drop the pkgconfig file
from the -dev package.
+ * rules: Pass --datadir, so the path in autogenerated python files is
+ correctly substituted. (LP: #1079938)
-- Timo Aaltonen <tjaalton at ubuntu.com> Thu, 24 May 2012 14:46:39 +0300
diff --git a/debian/rules b/debian/rules
index 083174f..1383c91 100755
--- a/debian/rules
+++ b/debian/rules
@@ -24,6 +24,7 @@ endif
override_dh_auto_configure:
dh_auto_configure -- --enable-krb5-locator-plugin \
+ --datadir=/usr/share/ \
--with-ldb-lib-dir=/usr/lib/$(DEB_HOST_MULTIARCH)/ldb/modules/ldb \
--with-krb5-plugin-path=/usr/lib/$(DEB_HOST_MULTIARCH)/krb5/plugins/krb5 \
--enable-nsslibdir=/lib/$(DEB_HOST_MULTIARCH) \
commit 42afeed16b04a70ae64d495fa1b869478c478001
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Wed Feb 6 00:27:09 2013 +0200
really install sss-password
diff --git a/debian/rules b/debian/rules
index 4e8a6c6..083174f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -41,6 +41,8 @@ override_dh_install:
mkdir -p $(CURDIR)/debian/libpam-sss/usr/share/pam-configs
install -m644 debian/libpam-sss.pam-auth-update \
$(CURDIR)/debian/libpam-sss/usr/share/pam-configs/sss
+ install -m644 debian/libpam-sss.pam-auth-update-password \
+ $(CURDIR)/debian/libpam-sss/usr/share/pam-configs/sss-password
install -m644 -D $(CURDIR)/debian/apparmor-profile \
$(CURDIR)/debian/sssd/etc/apparmor.d/usr.sbin.sssd
commit 7038d22613ddedd28787019c2f3610a3e52a737d
Author: Timo Aaltonen <tjaalton at ubuntu.com>
Date: Wed Jan 30 11:43:02 2013 +0200
drop the highlights
diff --git a/debian/changelog b/debian/changelog
index b40950e..b7d10f9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,62 +1,6 @@
sssd (1.9.4-1) UNRELEASED; urgency=low
- * New upstream release 1.9.4. Highlights:
- - Add native support for autofs to the IPA provider
- - Support for ID-mapping when connecting to Active Directory
- - Support for handling very large (> 1500 users) groups in Active
- Directory
- - Support for sub-domains (will be used for dealing with trust
- relationships)
- - Add a new fast in-memory cache to speed up lookups of cached data
- on repeated requests
- - Add support for the Kerberos DIR cache for storing multiple TGTs
- automatically
- - Major performance enhancement when storing large groups in the cache
- - Major performance enhancement when performing initgroups() against
- Active Directory
- - SSSDConfig data file default locations can now be set during
- configure for easier packaging
- - Add a new PAC responder for dealing with cross-realm Kerberos trusts
- - Terminate idle connections to the NSS and PAM responders
- - Switch from libunistring to glib2 for unicode support
- - Add a new AD provider to improve integration with Active Directory
- 2008 R2 or later servers
- - SUDO integration was completely rewritten. The new implementation
- works with multiple domains and uses an improved refresh mechanism to
- download only the necessary rules
- - The IPA authentication provider now supports subdomains
- - Fixed regression for setups that were setting default_tkt_enctypes
- manually by reverting a previous workaround.
- - Many fixes for the support for setting default SELinux user context
- from FreeIPA, most notably fixed the specificity evaluation
- - Fixed an incorrect default in the krb5_canonicalize option of the AD
- provider which was preventing password change operation
- - The shadowLastChange attribute value is now correctly updated with the
- number of days since the Epoch, not seconds
- - A new option, override_shell was added. If this option is set, all
- users managed by SSSD will have their shell set to its value.
- - Many fixes for the support for setting default SELinux user context
- from FreeIPA. Most notably, the SELinux mappings can now link to HBAC
- rules as the source of users and hosts they apply to.
- - Fixed a regression introduced in beta 5 that prevented LDAP SASL binds
- from working unless the value of ldap_sasl_minssf was explicitly
- specified.
- - The SSSD supports the concept of a Primary Server and a Back Up
- Server. Certain servers in the fail over list can be marked as back up
- only. If the SSSD switches to a back up server because a primary server
- is not available, it would later try to re-establish a connection to the
- primary server. This feature would mainly benefit users who configure
- fail over servers from different data centers or geographies.
- - A new command-line tool sss_seed is available. This tool is able to
- prime the internal cache with a user record and a cached password to
- support the scenario when a user needs to log in to the client before
- the network connection to the centralized identity source is established,
- such as the first log in to a new machine.
- - In scenarios, where the SSSD is acting as an IPA client, it is able to
- discover and save the DNS domain-Kerberos realm mappings between an IPA
- server and a trusted Active Directory server.
- - When the SSSD is unable to resolve a host name, it tries the next
- configured server now instead of going offline
+ * New upstream release 1.9.4.
* Update the packaging for the new version, thanks Esko Järnfors!
- Add libsss-idmap0, libsss-idmap-dev packages
- Add sssd Depends on libsss-idmap0
More information about the Pkg-sssd-devel
mailing list