Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

sssd-passkey-2.9.4-6.el9_4 RPM for s390x

From AlmaLinux 9.4 BaseOS for s390x

Name: sssd-passkey Distribution: AlmaLinux
Version: 2.9.4 Vendor: AlmaLinux
Release: 6.el9_4 Build date: Tue Apr 30 23:22:44 2024
Group: Unspecified Build host: s390x-builder02.almalinux.org
Size: 85128 Source RPM: sssd-2.9.4-6.el9_4.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://github.com/SSSD/sssd/
Summary: SSSD helpers and plugins needed for authentication with passkey token
This package provides helper processes and Kerberos plugins that are required to
enable authentication with passkey token.

Provides

Requires

License

GPLv3+

Changelog

* Thu Apr 18 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-6
  - Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently [rhel-9.4.0]
* Mon Mar 25 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-5
  - Resolves: RHEL-28161 - Passkey cannot fall back to password
* Thu Mar 21 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-4
  - Resolves: RHEL-28161 - Passkey cannot fall back to password
* Wed Mar 13 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-3
  - Resolves: RHEL-22340 - socket leak
  - Resolves: RHEL-28161 - Passkey cannot fall back to password
* Mon Feb 12 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-2
  - Resolves: RHEL-12503 - AD users are unable to log in due to case sensitivity of user because the domain is found as an alias to the email address. 
  - Resolves: RHEL-22288 - ssh pubkey stored in ldap/AD no longer works to authenticate via sssd
  - Resolves: RHEL-22194 - gdm smartcard login fails with sssd-2.9.3 in case of multiple identities
* Fri Jan 12 2024 Alexey Tikhonov <atikhono@redhat.com> - 2.9.4-1
  - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4
  - Resolves: RHEL-18395 - latest sssd breaks logging in via XDMCP for LDAP/Kerberos users
  - Resolves: RHEL-17498 - New sssd.conf seems not to be backwards compatible (wrt SmartCard auth of local users using 'files provider') [rhel-9]
  - Resolves: RHEL-21079 - SSSD GPO lacks group resolution on hosts [rhel-9]
  - Resolves: RHEL-19211 - Excessive logging to sssd_nss and sssd_be in multi-domain AD forest [rhel-9]
* Mon Nov 13 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.3-2
  - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4
* Mon Nov 13 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.3-1
  - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4
  - Resolves: RHEL-14427 - Expected cn in RDN, got uid
  - Resolves: RHEL-12229 - HANA validation on RHEL 9.2 issue possibly related to libc/nss_sss behaviour
  - Resolves: RHEL-3925 - SSSD goes offline when, while reading a single user, misses a required attribute (i.e. SID)
  - Resolves: RHEL-2319 - Passkey authentication for centrally managed users
  - Resolves: RHEL-4146 - Incorrect handling of reverse IPv6 update results in update failure
  - Resolves: RHEL-4971 - sssd-kcm does not appear to expire Kerberos tickets (RFE: sssd_kcm should have the option to automatically delete the expired tickets)
* Thu Oct 05 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-2
  - Resolves: RHEL-2319 - Passkey authentication for centrally managed users
* Fri Sep 08 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.2-1
  - Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4
  - Resolves: RHEL-2319 - Passkey authentication for centrally managed users
  - Resolves: rhbz#2234829 - SSSD runs multiples lookup search for each NFS request (SBUS req chaining stopped working)
  - Resolves: rhbz#2236119 - dbus and crond getting terminated with SIGBUS in sss_client code
* Mon Jul 10 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.1-2
  - Resolves: rhbz#2218858 - [sssd] SSSD enters failed state after heavy load in the system
* Fri Jun 23 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.1-1
  - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3
  - Resolves: rhbz#2196816 - [RHEL9] [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed'
  - Resolves: rhbz#2162552 - sssd client caches old data after removing netgroup member on IDM
  - Resolves: rhbz#2189542 - [sssd] RHEL 9.3 Tier 0 Localization
  - Resolves: rhbz#2133854 - [RHEL9] In some cases when `sdap_add_incomplete_groups()` is called with `ignore_group_members = true`, groups should be treated as complete
  - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys
* Tue Jun 06 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-5
  - Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release
    Rebuild against rebased Samba libs.
* Tue May 30 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-4
  - Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release
    Rebuild against rebased Samba libs.
* Thu May 25 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-3
  - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3
* Mon May 15 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.9.0-1
  - Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3
  - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys
  - Resolves: rhbz#1913839 - filter_groups doesn't filter GID from 'id' output: AD + 'ldap_id_mapping = True' corner case
  - Resolves: rhbz#2100789 - [Improvement] sssctl config-check command does not show an error when we don't have id_provider in the domain section
  - Resolves: rhbz#2152177 - [RFE] Add support for ldapi:// URLs
  - Resolves: rhbz#2164852 - man page entry should make clear that a nested group needs a name
  - Resolves: rhbz#2166627 - Improvement: sss_client: add 'getsidbyusername()' and 'getsidbygroupname()' and corresponding python bindings
  - Resolves: rhbz#2166943 - kinit switches KCM away from the newly issued ticket
  - Resolves: rhbz#2167728 - [sssd] Auth fails if client cannot speak to forest root domain (ldap_sasl_interactive_bind_s failed)
* Mon Jan 16 2023 Alexey Tikhonov <atikhono@redhat.com> - 2.8.2-2
  - Resolves: rhbz#2160001 - Reference to 'sssd-ldap-attributes' man page is missing in 'sssd-ldap', etc man pages
  - Resolves: rhbz#2143159 - automount killed by SIGSEGV
* Fri Dec 16 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.8.2-1
  - Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2
  - Resolves: rhbz#1608496 - sssd failing to register dynamic DNS addresses against an AD server due to unnecessary DNS search
  - Resolves: rhbz#2110091 - SSSD doesn't handle changes in 'resolv.conf' properly (when started right before network service)
  - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level.
  - Resolves: rhbz#2139684 - [sssd] RHEL 9.2 Tier 0 Localization
  - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list
  - Resolves: rhbz#2142794 - SSSD: `sssctl analyze` command shouldn't require 'root' privileged
  - Resolves: rhbz#2144893 - changing password with ldap_password_policy = shadow does not take effect immediately
  - Resolves: rhbz#2148737 - UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around
* Fri Nov 04 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.8.1-1
  - Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2
  - Resolves: rhbz#1507035 - [RFE] SSSD does not support to change the user’s password when option ldap_pwd_policy equals to shadow in sssd.conf file
  - Resolves: rhbz#1766490 - Use negative cache better and domain checks for lookup by SIDs
  - Resolves: rhbz#1964121 - RFE: Add an option to sssd config to convert home directories to lowercase (or add a new template for the 'override_homedir' option)
  - Resolves: rhbz#2074307 - reduce debug level in case well_known_sid_to_name() fails
  - Resolves: rhbz#2096031 - SSSD: sdap_handle_id_collision_for_incomplete_groups debug message missing a new line
  - Resolves: rhbz#2103325 - Supported AD group types should be explained in the docs
  - Resolves: rhbz#2111388 - authenticating against external IdP services okta (native app) with OAuth client secret failed
  - Resolves: rhbz#2115171 - SSSD: duplicate dns_resolver_* option in man sssd.conf
  - Resolves: rhbz#2127492 - sssd timezone issues sudonotafter
  - Resolves: rhbz#2128840 - [RFE] provide dbus method to find users by attr
  - Resolves: rhbz#2128883 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict)
  - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level.
  - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list
* Fri Aug 26 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-4
  - Related: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs)
* Tue Aug 23 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-3
  - Resolves: rhbz#2116389 - rpc.gssd crash when access a same file on krb5 nfs mount with multiple uids simultaneously since sssd-2.7.3-2.el9
  - Resolves: rhbz#2119373 - sssctl analyze --logdir option requires sssd to be configured
  - Resolves: rhbz#2120657 - Incorrect request ID tracking from responder to backend
* Mon Aug 08 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-2
  - Resolves: rhbz#2106660 - [regression] sssd goes offline with forced ldaps configuration
  - Resolves: rhbz#2109451 - virsh command will hang after the host run several auto test cases
  - Resolves: rhbz#2098654 - cache_req_data_set_hybrid_lookup: cache_req_data should never be NULL
  - Resolves: rhbz#2106685 - [regression] sssctl analyze fails to parse PAM related sssd logs
* Tue Jul 05 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.3-1
  - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
  - Resolves: rhbz#1936551 - [Improvement] Provide user feedback when login fails due to blocked PIN
  - Resolves: rhbz#1978119 - [Improvement] avoid interlocking among threads that use `libsss_nss_idmap` API (or other sss_client libs)
  - Resolves: rhbz#2062665 - [sssd] RHEL 9.1 Tier 0 Localization
* Mon Jun 13 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-2
  - Resolves: rhbz#2073095 - Harden kerberos ticket validation (additional patch)
  - Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol (additional patch)
* Sat Jun 04 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.1-1
  - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
  - Resolves: rhbz#1893192 - sdap_nested_group_deref_direct_process() triggers internal watchdog for large data sets
  - Resolves: rhbz#1927553 - [Improvement] add SSSD support for more than one CRL PEM file name with parameters certificate_verification and crl_file
  - Resolves: rhbz#2089216 - pam_sss_gss ceased to work after upgrade to 8.6
  - Resolves: rhbz#2090776 - Add idp authentication indicator in man page of sssd.conf
  - Resolves: rhbz#1927195 - sssd runs out of proxy child slots and doesn't clear the counter for Active requests
  - Resolves: rhbz#2073095 - Harden kerberos ticket validation
  - Resolves: rhbz#2082455 - 'getent hosts' not return hosts if they have more than one CN in LDAP
  - Resolves: rhbz#2087581 - Regression "Missing internal domain data." when setting ad_domain to incorrect
* Wed May 11 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-2
  - Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd
* Wed Apr 20 2022 Alexey Tikhonov <atikhono@redhat.com> - 2.7.0-1
  - Resolves: rhbz#2069376 - Rebase SSSD for RHEL 9.1
  - Resolves: rhbz#2072640 - sssd_nss exiting (due to missing 'sssd' local user) making SSSD service to restart in a loop
  - Resolves: rhbz#2070189 - sssd error triggers backtrace : [write_krb5info_file_from_fo_server] (0x0020): [RID#73501] There is no server that can be written into kdc info file.
  - Resolves: rhbz#2070138 - SSSD authenticating to LDAP with obfuscated password produces Invalid authtoken type message causing sssd_be to go offline (cross inter_ference of different provider plugins options)
  - Resolves: rhbz#2065693 - [RHEL9] Ship new sub-package called sssd-idp into sssd
  - Resolves: rhbz#2065098 - Use right sdap_domain in ad_domain_info_send
  - Resolves: rhbz#2062716 - [Improvement] Add user and group version of sss_nss_getorigbyname()
  - Resolves: rhbz#2061795 - Unable to lookup AD user if the AD group contains '@' symbol
  - Resolves: rhbz#2056482 - [RFE] Add sssd internal krb5 plugin for authentication against external IdP via OAuth2
  - Resolves: rhbz#1937895 - SSSD update prompts for smartcard pin twice - After update to 7.9
  - Resolves: rhbz#1925559 - [RFE] Implement time logging for the LDAP queries and warning of high queries time
  - Resolves: rhbz#1915564 - sssd does not enforce smartcard auth for kde screen locker
  - Resolves: rhbz#1859751 - [RFE] Allow SSSD to use anonymous pkinit for FAST
  - Resolves: rhbz#1749279 - 2FA prompting setting ineffective
  - Resolves: rhbz#1661055 - sssd fails GPO-based access if AD have setup with Japanese language
  - Resolves: rhbz#1245367 - [RFE] Implement memory cache for SID requests to improve performance

Files

/etc/krb5.conf.d/sssd_enable_passkey
/usr/lib/.build-id
/usr/lib/.build-id/41
/usr/lib/.build-id/41/5d84c642e782376cac38a8b2d3dad47520185d
/usr/lib/.build-id/63
/usr/lib/.build-id/63/174f36db94e1f134544a7737b8e68a2aaa0bcc
/usr/lib64/sssd/modules/sssd_krb5_passkey_plugin.so
/usr/libexec/sssd/passkey_child
/usr/share/sssd/krb5-snippets/sssd_enable_passkey


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Nov 7 08:00:08 2024