[Freeipa-interest] [SSSD] Announcing SSSD 1.9.1

Fri Oct 5 18:16:23 UTC 2012

                      === SSSD 1.9.1 ===

The SSSD team is proud to announce the release of version 1.9.1 of
the System Security Services Daemon.

As always, the source is available from https://fedorahosted.org/sssd

RPM packages will be made available for Fedora shortly, initially for F-18
and rawhide and later also backported to F-17.

== Feedback ==

Please provide comments, bugs and other feedback via the sssd-devel
or sssd-users mailing lists:
    https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
    https://lists.fedorahosted.org/mailman/listinfo/sssd-users

== Highlights ==

 * The distribution tarball was fixed to include a missing file, which
   prevented "make rpms" from running correctly.
 * Handle gracefully the situation where the namingContext is zero-length,
   such as when connected to the Novell eDirectory server.
 * A new option default_domain_suffix was added. This option is mainly
   useful for environments whose users come from a trusted domain so that
   the user doesn't have to specify that trusted domain with every user lookup.
 * Many man page fixes that were held from the 1.9.0 release during the
   string freeze
 * The entries in the generated known_hosts file are now expired preventing
   the file from growing indefinitely
 * The PID file is now created after all the SSSD services start up to
   avoid notifying the user via the init system before SSSD is able to
   handle requests.

== Tickets Fixed ==

https://fedorahosted.org/sssd/ticket/1303
    SSSD is slow at startup
https://fedorahosted.org/sssd/ticket/1357
    Init script reports complete before sssd is actually working
https://fedorahosted.org/sssd/ticket/1471
    Range Retrieval: Unable to retrieve all members when filter is used
    in search base.
https://fedorahosted.org/sssd/ticket/1483
    Mention ldap_schema types on newlines or comma separate them.
https://fedorahosted.org/sssd/ticket/1494
    ldap_chpass_update_last_change is not included in the manual page
https://fedorahosted.org/sssd/ticket/1525
    Explain default re_expression in IPA and AD provider man pages
https://fedorahosted.org/sssd/ticket/1529
    [RFE] Login with users from a trusted domain always requires a FQ name
https://fedorahosted.org/sssd/ticket/1533
    Improve recreating new ccache file when the old one is not accessible
    any more
https://fedorahosted.org/sssd/ticket/1535
    Flip the default value of ldap_initgroups_use_matching_rule_in_chain
https://fedorahosted.org/sssd/ticket/1537
    Fix sssd-ad id ranges
https://fedorahosted.org/sssd/ticket/1540
    [man sssd-ldap] 'ldap_access_filter' description needs to be updated
https://fedorahosted.org/sssd/ticket/1541
    Manpage has ldap_autofs_search_base as experimental feature
https://fedorahosted.org/sssd/ticket/1542
    User authentication using LDAP doesn't work
https://fedorahosted.org/sssd/ticket/1546
    sss_seed "-h" and "--help" options should output similar results
https://fedorahosted.org/sssd/ticket/1548
    User authentication fails when password is read from a file using -p
    option of SSS_SEED tool.
https://fedorahosted.org/sssd/ticket/1549
    Providing invalid UID/GID values, terminates sss_seed tool without
    any error message
https://fedorahosted.org/sssd/ticket/1554
    sss_seed should not allow blank passwords
https://fedorahosted.org/sssd/ticket/1562
    Domains overlap in range 1 - 4294967295
https://fedorahosted.org/sssd/ticket/1563
    Document the need to restart autofs service.

== Detailed Changelog ==

Jakub Hrozek (11):
 * Bumping the version to 1.9.1 release
 * Document ldap_chpass_update_last_change
 * sudo and autofs search bases should not be marked experimental
 * Flip the default value of ldap_initgroups_use_matching_rule_in_chain
 * Include param_help_py.xml in the list of po4a sources
 * Note that Range Retrieval is not supported when filter is used in the search base.
 * Change the log level of two DEBUG messages in check_domain_ranges
 * Remove unused variable
 * Check for existing pidfile before starting the providers
 * man: Note that automounter must be restarted to re-read the master map
 * Updating the translations for 1.9.1 release

Jan Cholasta (2):
 * SSH: Refactor sysdb and related code
 * SSH: Expire hosts in known_hosts

Michal Zidek (7):
 * Change option to display help message in man pages.
 * sss_seed: Option --debug did not work in sss_seed tool.
 * sss_seed: Show error message when interactive input fails.
 * sss_seed: Make only first line of password file valid.
 * sss_seed: Passwords longer then PASS_MAX not allowed.
 * sss_seed: Improved error message when the domain does not exist.
 * Variable in sdap_sudo_rules_refresh_send could be used, uninitialized.

Ondrej Kos (4):
 * sssd-ldap manpage: ldap_scheme formatting
 * Log possibly non-randomizable ccache file template
 * Slices calculation is alway wrong for default values
 * Fix default upper limit of slices

Pavel Březina (5):
 * Fix few coding style issues
 * monitor: create pid file after all responders are started
 * remove left over principal selection
 * manpage: ldap_access_filter is not always mandatory
 * do not create pid file twice

Stephen Gallagher (2):
 * LDAP: Handle empty namingContexts values safely
 * BUILD: Include the patch file in the tarball

Sumit Bose (4):
 * Add new option default_domain_suffix
 * Use flat name for master domain as well
 * sysdb_master_domain_get_info: fix copy-and-paste error
 * Add man page section about provider specific re_expression