Publishing details
Changelog
sssd (2.2.3-3ubuntu0.4) focal; urgency=medium
[ Marco Trevisan ]
* debian/control:
- Add missing (test) dependencies as per libcrypto usage (LP: #1905790)
- Update Maintainer to Ubuntu devs
* debian/rules: Compile using libcrypto as crypto backend (LP: #1905790)
* debian/nss-database-pem-exporter: Add to sssd-common and run on postinst.
When upgrading from previous versions (that were compiled using the NSS
crypto backend) we need to migrate the trusted CA certificates that the
user may have added to the SSSD's NSS system database (that defaults to
/etc/pki/nssdb).
To do this, and not to introduce a new dependency on libnss3-tools
(which is not shipped by default, other than making the parsing not
working in some scenarios) I've added a small C tool that we compile and
install as part of the sssd-common package which is able to get all the
trusted CA certificates for a NSS database and export them in PEM
format.
The nss-database-pem-exporter is then used in the postinst script where
we now:
1. Read the SSSD settings
2. Convert all the certificates in the configured NSS databases
3. Store them all, appending them to the (new) default location
(/etc/sssd/pki/sssd_auth_ca_db.pem)
4. Disables the configured locations if pointing to NSS dbs (needed or
we'll leave the configuration with broken values).
At this point nss-database-pem-exporter is then the only binary in the
package that still depends on NSS libraries. (LP: #1905790)
* debian/patches:
- Get libsofthsm2 from right path for each architecture, this is now used
for real (wasn't before) to test p11k components with libcrypto and
p11-kit, also avoids a test build failure on armhf (LP: #1905790)
[ Valters Jansons ]
* Avoid sending malformed SYSLOG_IDENTIFIER to journald (LP: #1908065):
- d/rules: Set --with-syslog=journald in override_dh_auto_configure.
- d/p/lp-1908065-01-debug_prg_name-format.patch:
Upstream patch to clean up program names.
- d/p/lp-1908065-02-syslog_identifier-format.patch:
Upstream patch to include "sssd[]" identifier in program names.
- d/p/lp-1908065-03-remove-syslog_identifier.patch:
Upstream patch to remove custom SYSLOG_IDENTIFIER from Journald.
-- Sergio Durigan Junior <email address hidden> Wed, 10 Feb 2021 16:08:20 -0500
Builds
Built packages
-
libipa-hbac-dev
FreeIPA HBAC Evaluator library -- development files
-
libipa-hbac0
FreeIPA HBAC Evaluator library
-
libipa-hbac0-dbgsym
debug symbols for libipa-hbac0
-
libnss-sss
Nss library for the System Security Services Daemon
-
libnss-sss-dbgsym
debug symbols for libnss-sss
-
libpam-sss
Pam module for the System Security Services Daemon
-
libpam-sss-dbgsym
debug symbols for libpam-sss
-
libsss-certmap-dev
Certificate mapping library for SSSD -- development files
-
libsss-certmap0
Certificate mapping library for SSSD
-
libsss-certmap0-dbgsym
debug symbols for libsss-certmap0
-
libsss-idmap-dev
ID mapping library for SSSD -- development files
-
libsss-idmap0
ID mapping library for SSSD
-
libsss-idmap0-dbgsym
debug symbols for libsss-idmap0
-
libsss-nss-idmap-dev
SID based lookups library for SSSD -- development files
-
libsss-nss-idmap0
SID based lookups library for SSSD
-
libsss-nss-idmap0-dbgsym
debug symbols for libsss-nss-idmap0
-
libsss-simpleifp-dev
SSSD D-Bus responder helper library -- development files
-
libsss-simpleifp0
SSSD D-Bus responder helper library
-
libsss-simpleifp0-dbgsym
debug symbols for libsss-simpleifp0
-
libsss-sudo
Communicator library for sudo
-
libsss-sudo-dbgsym
debug symbols for libsss-sudo
-
libwbclient-sssd
SSSD libwbclient implementation
-
libwbclient-sssd-dbgsym
debug symbols for libwbclient-sssd
-
libwbclient-sssd-dev
SSSD libwbclient implementation -- development files
-
python3-libipa-hbac
Python3 bindings for the FreeIPA HBAC Evaluator library
-
python3-libipa-hbac-dbgsym
debug symbols for python3-libipa-hbac
-
python3-libsss-nss-idmap
Python3 bindings for the SID lookups library
-
python3-libsss-nss-idmap-dbgsym
debug symbols for python3-libsss-nss-idmap
-
python3-sss
Python3 module for the System Security Services Daemon
-
python3-sss-dbgsym
debug symbols for python3-sss
-
sssd
System Security Services Daemon -- metapackage
-
sssd-ad
System Security Services Daemon -- Active Directory back end
-
sssd-ad-common
System Security Services Daemon -- PAC responder
-
sssd-ad-common-dbgsym
debug symbols for sssd-ad-common
-
sssd-ad-dbgsym
debug symbols for sssd-ad
-
sssd-common
System Security Services Daemon -- common files
-
sssd-common-dbgsym
debug symbols for sssd-common
-
sssd-dbus
System Security Services Daemon -- D-Bus responder
-
sssd-dbus-dbgsym
debug symbols for sssd-dbus
-
sssd-ipa
System Security Services Daemon -- IPA back end
-
sssd-ipa-dbgsym
debug symbols for sssd-ipa
-
sssd-kcm
System Security Services Daemon -- Kerberos KCM server implementation
-
sssd-kcm-dbgsym
debug symbols for sssd-kcm
-
sssd-krb5
System Security Services Daemon -- Kerberos back end
-
sssd-krb5-common
System Security Services Daemon -- Kerberos helpers
-
sssd-krb5-common-dbgsym
debug symbols for sssd-krb5-common
-
sssd-krb5-dbgsym
debug symbols for sssd-krb5
-
sssd-ldap
System Security Services Daemon -- LDAP back end
-
sssd-ldap-dbgsym
debug symbols for sssd-ldap
-
sssd-proxy
System Security Services Daemon -- proxy back end
-
sssd-proxy-dbgsym
debug symbols for sssd-proxy
-
sssd-tools
System Security Services Daemon -- tools
-
sssd-tools-dbgsym
debug symbols for sssd-tools
Package files