Package sssd: Information

    Source package: sssd
    Version: 2.9.3-alt1
    Build time:  Nov 23, 2023, 05:29 AM
    Category: System/Servers
    Report package bug
    License: GPLv3+
    Summary: System Security Services Daemon
    Description: 
    Provides a set of daemons to manage access to remote directories and
    authentication mechanisms. It provides an NSS and PAM interface toward
    the system and a pluggable backend system to connect to multiple different
    account sources. It is also the basis to provide client auditing and policy
    services for projects like FreeIPA.
    
    The sssd subpackage is a meta-package that contains the deamon as well as all
    the existing back ends.

    List of rpms provided by this srpm:
    libipa_hbac (mipsel)
    libipa_hbac-debuginfo (mipsel)
    libipa_hbac-devel (mipsel)
    libsss_autofs (mipsel)
    libsss_autofs-debuginfo (mipsel)
    libsss_certmap (mipsel)
    libsss_certmap-debuginfo (mipsel)
    libsss_certmap-devel (mipsel)
    libsss_idmap (mipsel)
    libsss_idmap-debuginfo (mipsel)
    libsss_idmap-devel (mipsel)
    libsss_nss_idmap (mipsel)
    libsss_nss_idmap-debuginfo (mipsel)
    libsss_nss_idmap-devel (mipsel)
    libsss_sudo (mipsel)
    libsss_sudo-debuginfo (mipsel)
    python3-module-ipa_hbac (mipsel)
    python3-module-ipa_hbac-debuginfo (mipsel)
    python3-module-sss (mipsel)
    python3-module-sss-debuginfo (mipsel)
    python3-module-sss-murmur (mipsel)
    python3-module-sss-murmur-debuginfo (mipsel)
    python3-module-sss_nss_idmap (mipsel)
    python3-module-sss_nss_idmap-debuginfo (mipsel)
    python3-module-sssd (mipsel)
    python3-module-sssdconfig (noarch)
    sssd (mipsel)
    sssd-ad (mipsel)
    sssd-ad-debuginfo (mipsel)
    sssd-client (mipsel)
    sssd-client-debuginfo (mipsel)
    sssd-dbus (mipsel)
    sssd-dbus-debuginfo (mipsel)
    sssd-debuginfo (mipsel)
    sssd-idp (mipsel)
    sssd-idp-debuginfo (mipsel)
    sssd-ipa (mipsel)
    sssd-ipa-debuginfo (mipsel)
    sssd-kcm (mipsel)
    sssd-kcm-debuginfo (mipsel)
    sssd-krb5 (mipsel)
    sssd-krb5-common (mipsel)
    sssd-krb5-common-debuginfo (mipsel)
    sssd-krb5-debuginfo (mipsel)
    sssd-ldap (mipsel)
    sssd-ldap-debuginfo (mipsel)
    sssd-nfs-idmap (mipsel)
    sssd-nfs-idmap-debuginfo (mipsel)
    sssd-pac (mipsel)
    sssd-pac-debuginfo (mipsel)
    sssd-passkey (mipsel)
    sssd-passkey-debuginfo (mipsel)
    sssd-proxy (mipsel)
    sssd-proxy-debuginfo (mipsel)
    sssd-tools (mipsel)
    sssd-tools-debuginfo (mipsel)
    sssd-winbind-idmap (mipsel)
    sssd-winbind-idmap-debuginfo (mipsel)

    Maintainer: Evgeny Sinelnikov


      1. findutils
      2. libdhash-devel >= 0.4.2
      3. libsasl2-devel
      4. libselinux-devel
      5. python3-devel
      6. libsemanage-devel
      7. libsmbclient-devel
      8. /dev/pts
      9. libssl-devel
      10. openssh
      11. libfido2-devel
      12. openssl
      13. pam_wrapper
      14. /proc
      15. libgnutls-devel
      16. rpm-build-python3
      17. adcli
      18. libhttp-parser-devel
      19. libini_config-devel >= 1.3.0
      20. bind-utils
      21. libjansson-devel
      22. libsystemd-devel
      23. libjose-devel
      24. po4a
      25. libtalloc-devel
      26. libtdb-devel >= 1.1.3
      27. libkeyutils-devel
      28. libtevent-devel
      29. libunistring-devel
      30. libkrb5-devel
      31. libuuid-devel
      32. cifs-utils-devel
      33. libldap-devel
      34. libldb-devel >= 1.3.3
      35. libcares-devel
      36. libcheck-devel
      37. libcmocka-devel >= 1.0.0
      38. libcollection-devel >= 0.5.1
      39. libcurl-devel
      40. libxml2-devel
      41. libdbus-devel
      42. libnfsidmap-devel >= 1:2.2.1-alt1
      43. libnl-devel
      44. libxslt
      45. samba-devel
      46. libnspr-devel
      47. softhsm
      48. libnss-devel
      49. samba-winbind
      50. libp11-kit-devel
      51. libpam-devel
      52. uid_wrapper
      53. xsltproc
      54. libpcre2-devel
      55. libpopt-devel
      56. xml-utils
      57. diffstat
      58. docbook-dtds
      59. docbook-style-xsl
      60. doxygen
      61. glib2-devel
      62. gnutls-utils
      63. nscd
      64. nss-utils
      65. nss_wrapper

    Last changed


    Nov. 20, 2023 Evgeny Sinelnikov 2.9.3-alt1
    - Update to latest 2.9 major release.
      + KCM: provide mechanism to purge expired credentials.
      + Default hardening - id_provider channel defaults unencrypted with starttls.
      + sssd-sudo missing debug statement in its .service file.
      + SSSD goes offline during initgroups of trusted user if a group is
        missing SID.
      + Incorrect handling of reverse IPv6 update results in update failure.
      + sssd-2.9.2 breaks smart card authentication (on el8).
    - The proxy provider is now able to handle certificate mapping and matching
      rules and users handled by the proxy provider can be configured for local
      Smartcard authentication.
    - Passkey doesn't fail when using FreeIPA server-side authentication and
      require-user-verification=false.
    - When adding a new credential to KCM and the user has already reached their
      limit, the oldest expired credential will be removed to free some space.
    Oct. 6, 2023 Evgeny Sinelnikov 2.9.2-alt1
    - Update to latest 2.9 major release.
    - sss_simpleifp library removed due it deprecated.
    - "Files provider" removed due it deprecated, using "Proxy provider" with
      proxy_lib_name = files instead.
    - New passkey functionality, which will allow the use of FIDO2 compliant devices
      to authenticate a centrally managed user locally.
    - Default value of cache_first option was changed to true.
    - sssctl cert-show and cert-show cert-eval-rule can now be run as non-root user.
    - certmap: Handle type change of x400Address (due to CVE-2023-0286).
    - New option local_auth_policy is added to control which offline authentication
      methods will be enabled by SSSD.
    - SSSD can be configured not to perform a DNS search during DNS name resolution.
      This behavior is governed by the new dns_resolver_use_search_list in the
      domain section. Default value is true (follows the system settings).
    July 28, 2023 Ivan A. Melnikov 2.8.1-alt3.1
    - NMU: Backport upstream commit to fix build with krb5 1.21*