sssd (2.8.1-2)
[PTS] [DDPO]
NEW: VCS has unreleased changes: 2.8.2-1 > 2.8.1-2
- Git: https://salsa.debian.org/sssd-team/sssd.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 214376448
- Browser: https://salsa.debian.org/sssd-team/sssd
- Last scan: 2023-01-26 07:17:23+00
- Next scan: 2023-02-03 15:45:00+00
- Merge requests: 4
- CI pipeline status: failed
- Debian changelog in Git:
sssd (2.8.2-1) UNRELEASED; urgency=medium
* New upstream release.
-- Timo Aaltonen <tjaalton@debian.org> Tue, 10 Jan 2023 16:43:10 +0200
- This branch is 53 commits ahead of tag debian/2.8.1-2
- Git log:
commit 44da1a91519f74f0b691b988a8faac832f9c06e2
Author: Sam Morris <sam@robots.org.uk>
Date: Thu Jan 12 13:03:45 2023 +0000
Ship libsubid_sss.so in sssd-common package
commit b6953e55729ee21e8caaa6cbf45494815026c896
Author: Timo Aaltonen <tjaalton@debian.org>
Date: Tue Jan 10 16:43:44 2023 +0200
version bump
commit ffcadcd184ef06a3ac69656ec3415a00f5659335
Merge: edc62ebea 796b6daee
Author: Timo Aaltonen <tjaalton@debian.org>
Date: Tue Jan 10 16:43:04 2023 +0200
Merge branch 'upstream'
commit 796b6daee338bc600e5757d4804a17687106a7e1
Author: Pavel Březina <pbrezina@redhat.com>
Date: Fri Dec 9 13:39:40 2022 +0100
Release sssd-2.8.2
commit 37f934f2762b9bd67b286a1ada2cb5d8d7c451ee
Author: Pavel Březina <pbrezina@redhat.com>
Date: Fri Dec 9 13:38:26 2022 +0100
pot: update pot files
commit 5d4f9dfd6c3d0e7285414b9e006f1799dfee7e5a
Author: Weblate <noreply@weblate.org>
Date: Fri Dec 9 13:27:56 2022 +0100
po: update translations
(Chinese (Simplified) (zh_CN)) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/zh_CN/
po: update translations
(Ukrainian) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/uk/
po: update translations
(Korean) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ko/
po: update translations
(Korean) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ko/
po: update translations
(Japanese) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ja/
po: update translations
(French) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/fr/
po: update translations
(Ukrainian) currently translated at 100.0% (704 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/uk/
po: update translations
(Korean) currently translated at 96.4% (679 of 704 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ko/
commit 16c814adecb97b41dd8d0c5022c1037adf9bd633
Author: aborah-sudo <aborah@redhat.com>
Date: Mon Sep 26 13:43:22 2022 +0530
Tests: port proxy_provider/rfc2307bis
https://gitlab.cee.redhat.com/sssd/sssd-qe/-/tree/RHEL8.6/client/proxy_provider/rfc2307bis
Reviewed-by: Madhuri Upadhye <mupadhye@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 4a658e6ccf7a3b2cd5fb9d1827d0caec6b8dc961)
commit 5b7a4b4fef47edfc1658dfac5df12d027e6cd60b
Author: Madhuri Upadhye <mupadhye@redhat.com>
Date: Thu Dec 8 13:26:30 2022 +0530
Tests: Minor fixes for alltests
Enable files domain.
Signed-off-by: Madhuri Upadhye <mupadhye@redhat.com>
Reviewed-by: Anuj Borah <aborah@redhat.com>
(cherry picked from commit 81eb0606d5ea1ce79c0fdd1d71784bb01a682e03)
commit 98412a4ec5f86cd20f3b508465462612abc4a7ff
Author: Alejandro López <allopez@redhat.com>
Date: Thu Dec 8 10:33:57 2022 +0100
BACKEND: Reload resolv.conf after initialization
Once the backend initialization is finished, in particular after D-Bus
is initialized, reload the resolv.conf file to retrieve any change
signaled through D-Bus before its initialization.
Resolves: https://github.com/SSSD/sssd/issues/6383
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 34d55884c6349d2c576a625bfbfcbfbc4f3c146f)
commit 20037ae5354a874f04802844c930c6b52704c5c7
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Dec 5 17:46:52 2022 +0100
p11: fix size of argument array
Currently 19 options can be set for p11_child and the a NULL at the end
the array must have 20 elements.
Resolves: https://github.com/SSSD/sssd/issues/6479
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
(cherry picked from commit aac303e84b71325d3c45fa7a22f83f7f54d4b7a2)
commit a8b6be403cf7af10effcba6433a6bd98f9138955
Author: Dan Lavu <dlavu@redhat.com>
Date: Mon Oct 31 15:53:26 2022 -0400
Adding Ported DynDNS Testcases
This is merged branch of two following PRs, 6363 and 6344 which are now closed.
6344 Add the tests but are unreliable.
6363 contains the following changes, rewriting the suite.
* change_hostname fixture would revert back to the hostname in /etc/hostname, updated fixture
* disabled DNS recursion, lookups were being forwarded to authoritative servers resulting in false passing tests
* removed ipv6 address about part of the del_record, would result in passing but the wrong thing be searched
* created a DNSAD object to search for records directly on the DNS server, stabling results and skipping any cache
* cleaned up the functions and code for readability
Signed-off-by: Dan Lavu <dlavu@redhat.com>
commit 99d46b2fa33754d3c35e32f1f842b1fc4f1644a4
Author: Tomas Halman <thalman@redhat.com>
Date: Wed Nov 2 17:35:57 2022 +0100
RESOLV: Configuration option for DNS search
DNS search may increase the time of name resolution significantly.
Particularly when SSSD is misconfigured or the DNS server is
unreachable.
With this patch SSSD can avoid DNS search and the list
of domains from resolv.conf is ignored. To avoid DNS search in
kerberos library SSSD appends the dot to the server names before
they are written into KDC info file.
:relnote: SSSD can be configured not to perform a DNS search
during DNS name resolution. This behavior is governed by the
new dns_resolver_use_search_list. This parameter can
be used in the domain section. Default value is true - that
means that SSSD follows the system settings.
Resolves: https://github.com/SSSD/sssd/issues/5390
Reviewed-by: Alejandro Lopez <allopez@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 2fda8e7b7e71dd5ebdc7297449d3afc52ac9eb03)
commit f17bb003c85dbf962c2b868a969a14302ec464bc
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Thu Dec 1 21:22:54 2022 +0100
BUILD: deprecate `--enable-files-domain` build option
:relnote:`--enable-files-domain` configure option is deprecated and
will be removed in one of the next versions of SSSD.
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 714ababe8c96cd3a43d3c114cf853ce4a259fd0f)
commit be569b0cb393582e428e606518824f5368834188
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Mon Dec 5 11:25:36 2022 +0100
Updated .pot/.po files
commit 64c9905533811cbf5d193690d85220a9a8df38aa
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Fri Dec 2 18:28:50 2022 +0100
Translations: add missing `tools/sssctl/sssctl_cert.c` and macros
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 8b09c9387e55b177d6b1ec65afe65e354e19b96b)
commit 464c78beb529e29368412805f5b12b650d4f100b
Author: Shridhar Gadekar <sgadekar@redhat.com>
Date: Fri Dec 2 01:40:03 2022 +0530
Test: gssapi test fix
minor flake8 fixes
Reviewed-by: Jakub Vávra <jvavra@redhat.com>
Reviewed-by: Madhuri Upadhye <mupadhye@redhat.com>
(cherry picked from commit 664a436e9ce758554938183d1475e7353020e495)
commit 0b4679616d63a854548cb8bc2bf871e0b531e2de
Author: 김인수 <simmon@nplob.com>
Date: Sun Nov 20 17:19:54 2022 +0000
po: update translations
(Korean) currently translated at 100.0% (663 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ko/
commit f1dc6cddecb14d4385899e0951b593fef2bd66cb
Author: Temuri Doghonadze <temuri.doghonadze@gmail.com>
Date: Sat Nov 12 09:08:36 2022 +0000
po: update translations
(Georgian) currently translated at 7.8% (52 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ka/
commit 0909e8a15bfc6af1ebebccb8188364ea1a0e08d7
Author: Yuri Chornoivan <yurchor@ukr.net>
Date: Sun Oct 9 10:54:32 2022 +0000
po: update translations
(Ukrainian) currently translated at 100.0% (663 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/uk/
commit 8290b0e7e69bd15a9b5f82b4e97327a3d9556d39
Author: Elena Mishina <lepata@basealt.ru>
Date: Mon Oct 10 10:56:09 2022 +0000
po: update translations
(Russian) currently translated at 100.0% (663 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ru/
commit 5bd2aa9b8b7f654dd8c170cb84f094b633da9cf2
Author: Piotr Drąg <piotrdrag@gmail.com>
Date: Sun Oct 9 10:52:10 2022 +0000
po: update translations
(Polish) currently translated at 100.0% (663 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/pl/
commit 72eed034953843a66db485c153a5208e1b0fceba
Author: 김인수 <simmon@nplob.com>
Date: Sun Oct 9 12:40:09 2022 +0000
po: update translations
(Korean) currently translated at 100.0% (663 of 663 strings)
Translation: SSSD/SSSD-2-8
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-2-8/ko/
commit 12e39a45613a5b5d1236d911386cf28edd96f147
Author: Sumit Bose <sbose@redhat.com>
Date: Thu Nov 24 18:22:05 2022 +0100
certmap: Add documentation for some internal functions
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit b0bdf712eb632f94e9925d32fb703bdfd574e11d)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 925d8a9f1281f984ebfacc5d00ba561de54366b6
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:21:08 2022 +0200
certmap: add LDAPU1 rules to man page
This patch adds the new LDAPU1 mapping rule templates to the sss-certmap
man page.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 882f560e68a881a95d7f66745a3530176bdd0a66)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 17142068c58255b2809a4cdb3c8feb43d5393cdb
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:20:13 2022 +0200
certmap: add tests for new attributes and LDAPU1 rules
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 4ac53fb5ef95cd2c94f076299aa4d3213c3c9be6)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 698d56882477753de37e078f7b1647aea6016f65
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:19:21 2022 +0200
certmap: add LDAPU1 mapping rules
Add mapping rule templates for the new discovered attributes, templates
for certificate hashes and templates to select individual DN components.
To avoid issues with older versions of the library the new templates
must use the prefix LDAPU1.
:feature: New mapping template for serial number, subject key id, SID,
certificate hashes and DN components are added to
libsss_certmap.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 1303c6241bb27ef902787dcd526aeaae3417063a)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 8a6a874ba4cb3d245160dba967aa32173041a3d8
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:15:59 2022 +0200
certmap: dump new attributes in sss_cert_dump_content()
Add the newly discovered certificate values, i.e. serial number, subject
key id and SID to the output of sss_cert_dump_content() which is used
e.g. by 'sssctl cert-show'.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 0a906107322fffc17757480f9e540796f9f181ce)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 3f336da42d87fa86749264343f5933485c4bd973
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:11:59 2022 +0200
certmap: add get_digest_list() and get_hash()
Add support to calculate hash/digest values of binary data, e.g. of a
certificate.
Resolves: https://github.com/SSSD/sssd/issues/6404
(cherry picked from commit 3676a4fba473b93df2b32fb143ef0b261d04d9f6)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 9a45e6162760c6d6b1e94644e5eb51d87b0d49c6
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 13:03:51 2022 +0200
sssctl: add cert-eval-rule sub-command
The new 'cert-eval-rule' sub-command of sssctl show the results of given
matching and mapping rules on a given certificate. This should help to
find suitable mapping and matching rules and to understand why given
certificate is matched or not.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 11483f1ec046f1062df68f1544e49fd59473084e)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 6ad29f9999324b951d4ae7b214558cc8e26636a9
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 12:55:12 2022 +0200
certmap: add bin_to_hex() helper function
This patch adds a helper function to format hexadecimal strings of
binary data.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit c4085c9a7d1ec54c1b830583128148a0c7b807d8)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 8d8e3c7c616a347e2de8d7a1117e5a4ebd996a2d
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 12:49:34 2022 +0200
certmap: fix for SAN URI
The URI was not added to the list of subject alternative names.
(cherry picked from commit f293507d9f6efda9908a3ec971ce7f4eac284ae1)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 47f3408e9ea122fab7c1f847b5ffcd1839f5b4b1
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 12:46:45 2022 +0200
certmap: add support for SID extension
Check if the SID extension is available, read the SID and make it
available.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 9e1b711b2611e7390bcbcd4a9682dd18e71c3d72)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit a2bca35c7f7b0d7b1f5a633284d54be15ed4858b
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 12:45:02 2022 +0200
certamp: add support for subject key id
Read the subject key id from the certificate and make it available.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 10d977a3675a8145314edea0bebd7b9ac01eda89)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit cca0233ef16fd7be5ebc931b0f673486a52130fd
Author: Sumit Bose <sbose@redhat.com>
Date: Mon Oct 24 12:41:59 2022 +0200
certmap: add support for serial number
Read the serial number of the certificate and make it available.
Resolves: https://github.com/SSSD/sssd/issues/6403
(cherry picked from commit 3f8bc8720ff871490c6a6233b1a21bc1d2018cf1)
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit cd1a94e58f64770d40bb995f35a8cab8c6f44ae9
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Wed Nov 16 21:22:12 2022 +0100
SYSDB: pre-existence of MPG group in the cache isn't an error
Addition to 71466a8dbdb1d755ace15680cc2b4b11b68a0573
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit e4dd11f2c2cd59031f904a1e30ed5b67edbdd54f)
commit 65e944bd577a1ea5772135db583725ca4e73c8cc
Author: aborah-sudo <aborah@redhat.com>
Date: Fri Nov 25 08:58:53 2022 +0530
Tests: fix test_sssctl_local.py::Testsssctl::test_0002_bz1599207
test_sssctl_local.py::Testsssctl::test_0002_bz1599207 is affcted by
disable "implicit files provider"
Reviewed-by: Madhuri Upadhye <mupadhye@redhat.com>
Reviewed-by: Shridhar Gadekar <sgadekar@redhat.com>
(cherry picked from commit ad0a8c6a33ea5bbad8058112b95bef00bb76d5c9)
commit 35a28524e407bf4b05a17c7c7f0b48799a18e8bf
Author: Sumit Bose <sbose@redhat.com>
Date: Tue Nov 22 14:43:21 2022 +0100
pac: relax default check
To avoid issues with the UPN check during PAC validation when
'ldap_user_principal' is set to a not existing attribute to skip reading
user principals a new 'pac_check' option, 'check_upn_allow_missing' is
added to the default options. With this option only a log message is
shown but the check will not fail.
Resolves: https://github.com/SSSD/sssd/issues/6451
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 51b11db8b99a77ba5ccf6f850c2e81b5a6ee9f79)
commit a3304cc6b27b2f0678d0dcb4130865aa09442f5d
Author: Sumit Bose <sbose@redhat.com>
Date: Tue Nov 22 13:39:26 2022 +0100
ipa: do not add guessed principal to the cache
Currently on IPA clients a calculated principal based on the user name
and the Kerberos realm is added to the cached user object. This code is
quite old and might have been necessary at times when sub-domain support
was added to SSSD. But since quite some time SSSD is capable of
generating the principal on the fly during authentication if nothing is
stored in the cache.
Removing the code makes the cache more consistent with other use-cases,
e.g. with the IPA server where this attribute is empty, and allows to
properly detect a missing UPN, e.g. during the PAC validation.
Resolves: https://github.com/SSSD/sssd/issues/6451
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit b3d7a4f6d4e1d4fa1bd33b296cd4301973f1860c)
commit b00c72d29b172a91b3eac5bc7b8ed275b883ec61
Author: Sumit Bose <sbose@redhat.com>
Date: Wed Nov 16 09:28:54 2022 +0100
PAC: allow to disable UPN check
Currently it was not possible to skip the UPN check which checks if the
UPN in the PAC and the one stored in SSSD's cache are different.
Additionally the related debug message will show both principals if they
differ.
Resolves: https://github.com/SSSD/sssd/issues/6451
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 91789449b7a8b20056e1edfedd8f8cf92f7a0a2a)
commit ece9434865a1b0a5c782f6bfb622f261920a155e
Author: Cole Robinson <crobinso@redhat.com>
Date: Sun Nov 27 10:29:18 2022 -0500
MAN: Fix option typo on sssd-kcm.8
The option is called krb5_renewable_lifetime, not krb5_renew_lifetime
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
(cherry picked from commit 340691fae95a2fc66c85d5da8db14f227b2c88a8)
commit 765fe3de67e3c27665f90fd0df626bf801f8a31c
Author: Jakub Vavra <jvavra@redhat.com>
Date: Thu Nov 24 20:58:26 2022 +0100
Tests: Fix automount OU removal from AD.
Reviewed-by: Shridhar Gadekar <sgadekar@redhat.com>
(cherry picked from commit fc3fad982e39d560a80c1a8b922455a190718cb7)
commit 0253f7c3f5433f1853bc14af5b736a6382e945f5
Author: Justin Stephenson <jstephen@redhat.com>
Date: Fri Nov 18 11:21:24 2022 -0500
CI: Update core github actions
Update dependent actions to address:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 4a6eb258c33c8adeb78c053aa8401729f0f6bbec)
commit 77ef7b256d2fd0d4565c01462dc12f0acfda91a9
Author: Iker Pedrosa <ipedrosa@redhat.com>
Date: Thu Nov 24 13:20:38 2022 +0100
ci: fix codeql
libsemanage1-dev renamed to libsemanage-dev in debian and its
derivatives.
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 336b1facdc043f21aab7e67e46c3c736fa64d303)
commit 8c4da49374d0f94c8d8d0600ec50a0bab2a07aa6
Author: Pavel Březina <pbrezina@redhat.com>
Date: Fri Nov 25 11:15:52 2022 +0100
ci: install correct python development package
The package name has changed on new Ubuntu.
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
(cherry picked from commit ae614c17b3874862200b78e57c158554b62a8273)
commit dc71321f72ab9962259660f52001319ea6724fb7
Author: Pavel Březina <pbrezina@redhat.com>
Date: Thu Nov 24 18:41:02 2022 +0100
ci: make /dev/shm writable
We build SSSD in /dev/shm which is mounted on read-only file system on
new podman version. We need to mount it as tmpfs to make it writable.
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
(cherry picked from commit f5c0e7b391879782b0e93fe02265c3bef7cb9edf)
commit 49b107175e817ec38d8ffbc7fea4052327bb3cae
Author: Justin Stephenson <jstephen@redhat.com>
Date: Mon Nov 14 11:08:23 2022 -0500
SSSCTL: Add debug option to help message
Reviewed-by: Alejandro López <allopez@redhat.com>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
(cherry picked from commit 2f99cd31bc43406a9d400129260654ebd6bccc15)
commit e3be45977f34ab34de6734388cdc0217ea55c8c3
Author: Jakub Vavra <jvavra@redhat.com>
Date: Tue Nov 22 10:58:51 2022 +0100
Tests: Update fixture using adcli to handle password from stdin.
Adcli changed handling password dialog for bz2124030 so
the automation needs to be updated to work properly.
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 14748ff981ac5825a55c06350db05dce23732299)
commit a34b4f5e87a9c9a66c72eb6d5a1c1813f530bd52
Author: Steeve Goveas <sgoveas@redhat.com>
Date: Mon Oct 17 11:39:00 2022 +0530
Tests: Cannot SSH with AD user to ipa-client with invalid keytab
`krb5_validate` and `pac_check` settings conflict. Setting krb5_validate
to false skips the pac_check enabling the login
Verifies:
#6355
https://bugzilla.redhat.com/show_bug.cgi?id=2127822
https://bugzilla.redhat.com/show_bug.cgi?id=2128902
Reviewed-by: Anuj Borah <aborah@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit 790e7a779f4385b8ad95878ee79a44fdaac46325)
commit 581617c099ae9df3ac9920955887908b3b9dd404
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Thu Nov 10 22:18:06 2022 +0100
SSSCTL: don't require 'root' for "analyze" cmd
:relnote: `sssctl analyze` tool doesn't require anymore to be run under root.
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 99791400bec1054cf0081884e013a3cbed75fe8a)
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit bb97f89ab3e9cdf394f9daa72e520611938a21de
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Sun Nov 6 12:25:37 2022 +0100
TOOLS: fixed handling of init error
Before execution of `tool_cmd_init()` `init_err` wasn't set,
so `sss_tools_handles_init_error()` check was a no-op.
Consequently, a proper check after `tool_cmd_init()` was missing.
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 7af46ba0e925da61b7b4003c3fa6d51c05c1116e)
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 541cd6772a3b57ee252053e2dde4db21a85b159f
Author: Alexey Tikhonov <atikhono@redhat.com>
Date: Sun Nov 6 11:22:22 2022 +0100
TOOLS: don't export internal helpers
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 6ef3aade0394e32540242f902c9f21bb8d6c41f2)
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
commit 7d0c70cc44a04e113dcd21f5248e1157a78f20da
Author: Justin Stephenson <jstephen@redhat.com>
Date: Tue Nov 15 12:47:51 2022 -0500
Analyzer: Ensure parsed id contains digit
In analyzer list verbose output, we parse the last field of cache_req_search_send() lines.
Certain log messages need to be filtered out by ensuring the parsed field is
a digit, such as the last line below.
[cache_req_search_send] (0x0400): [CID#1] CR #1: Looking up GID:1031401119@testrealm.test
[cache_req_search_send] (0x0400): [CID#1] CR #1: Looking up GID:1031401119@testrealm.test
[cache_req_search_send] (0x0400): [CID#1] CR #1: Looking up GID:1031401119@domain-zflo.com
[cache_req_search_send] (0x0400): [CID#1] CR #1: Returning [GID:1031401119@domain-zflo.com] from cache
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit bfa8d50c479cf8ef7b299eb5848309a3a9ea7f12)
commit 19fd96f1dfa02931a90e72bbc2ccb5333d45822e
Author: aborah-sudo <aborah@redhat.com>
Date: Mon Nov 14 21:25:54 2022 +0530
Tests: fix test_bz1368467
This test was failing due to login error.
Reviewed-by: Madhuri Upadhye <mupadhye@redhat.com>
Reviewed-by: Shridhar Gadekar <sgadekar@redhat.com>
(cherry picked from commit 285f1703194fa260b4886133d9bcd79de70f24ff)