Пакет sssd-ad: Информация
Бинарный пакет: sssd-ad
Версия: 2.9.4-alt1
Архитектура: ppc64le
Собран: 20 февраля 2024 г. 20:56 в задании #335987
Исходный пакет: sssd
Категория: Система/Серверы
Сообщить об ошибке в пакетеЗагрузка: sssd-ad-2.9.4-alt1.ppc64le.rpm
Домашняя страница: https://pagure.io/SSSD/sssd
Лицензия: GPLv3+
О пакете: The AD back end of the SSSD
Описание:
Provides the Active Directory back end that the SSSD can utilize to fetch identity data from and authenticate against an Active Directory server.
Сопровождающий: Evgeny Sinelnikov
Список участников:
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Evgeny Sinelnikov
Ivan A. Melnikov
Sergey V Turchin
Stanislav Levin
Andrew A. Vasilyev
Alexey Shabalin
Alexey Sheplyakov
Sergey Bolshakov
Andrey Cherepanov
Последнее изменение
17 января 2024 г. Evgeny Sinelnikov 2.9.4-alt1
- Update to latest 2.9 major release in long-term maintenance (LTM) phase.
- Fixes from upstream:
+ A crash when PAM passkey processing incorrectly handles non-passkey data.
+ A workaround was implemented to handle gracefully misbehaving applications
that destroy internal state of SSSD client librarires.
+ An error when rotating KCM's logs was fixed.
+ Group membership handling when members are coming from different forest
domains and using ldap token groups is prohibited.
+ Files provider was erroneously taking into consideration local_auth_policy
config option, thus breaking smartcard authentication of local user in
setups that didn't explicitly specify this option.20 ноября 2023 г. Evgeny Sinelnikov 2.9.3-alt1
- Update to latest 2.9 major release.
+ KCM: provide mechanism to purge expired credentials.
+ Default hardening - id_provider channel defaults unencrypted with starttls.
+ sssd-sudo missing debug statement in its .service file.
+ SSSD goes offline during initgroups of trusted user if a group is
missing SID.
+ Incorrect handling of reverse IPv6 update results in update failure.
+ sssd-2.9.2 breaks smart card authentication (on el8).
- The proxy provider is now able to handle certificate mapping and matching
rules and users handled by the proxy provider can be configured for local
Smartcard authentication.
- Passkey doesn't fail when using FreeIPA server-side authentication and
require-user-verification=false.
- When adding a new credential to KCM and the user has already reached their
limit, the oldest expired credential will be removed to free some space.6 октября 2023 г. Evgeny Sinelnikov 2.9.2-alt1
- Update to latest 2.9 major release. - sss_simpleifp library removed due it deprecated. - "Files provider" removed due it deprecated, using "Proxy provider" with proxy_lib_name = files instead. - New passkey functionality, which will allow the use of FIDO2 compliant devices to authenticate a centrally managed user locally. - Default value of cache_first option was changed to true. - sssctl cert-show and cert-show cert-eval-rule can now be run as non-root user. - certmap: Handle type change of x400Address (due to CVE-2023-0286). - New option local_auth_policy is added to control which offline authentication methods will be enabled by SSSD. - SSSD can be configured not to perform a DNS search during DNS name resolution. This behavior is governed by the new dns_resolver_use_search_list in the domain section. Default value is true (follows the system settings).