Bug 3586 - [UPDATE REQUEST] [UPSTREAM UPDATE] sssd
: [UPDATE REQUEST] [UPSTREAM UPDATE] sssd
Status: RESOLVED FIXED
Product: Server Bugs
Classification: ROSA Server
Component: Main Packages
: unspecified
: All Linux
: Normal normal
: ---
Assigned To: Andrew Lukoshko
: ROSA Server Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-01-13 15:49 MSK by Andrew Lukoshko
Modified: 2014-01-21 19:00 MSK (History)
1 user (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
andrew.lukoshko: published_server+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Lukoshko 2014-01-13 15:49:55 MSK
* When the SSSD daemon was acting as a client of an IPA server that established a trust relationship with an Active Directory server, creating system accounts using the shadow-utils programs took a long time. This was caused by the shadow-utils package examining the whole UID or GID space and SSSD was unable to filter these requests out. This bug has been fixed and creating system accounts now takes significantly less time.

* Previously, if the SSSD daemon was configured with a proxy back end and an Lightweight Directory Access Protocol (LDAP) authentication, the LDAP back end was unable to look up the Distinguished Name (DN) of the authenticated user. This update adds the possibility to look up the user DN during authentication.

* Previously, if the "default_domain_suffix" option was specified in the sssd.conf file, all automounter maps were fully qualified, which disrupted the automounter integration. This bug has been fixed and sssd can now successfully retrieve autofs maps from an IPA domain.

* Previously, the SSSD daemon did not free per-client allocated memory when netgroups were requested. As a consequence, if netgroups were used by a long-running application, the sssd_nss process grew large in memory consumption. This bug has been fixed and sssd_nss memory footprint no longer grows significantly in this scenario.

http://rhn.redhat.com/errata/RHBA-2014-0005.html

https://abf.rosalinux.ru/build_lists/1513334
https://abf.rosalinux.ru/build_lists/1513335
Comment 1 Vladimir Potapov 2014-01-15 17:33:27 MSK
sssd-1.9.2-129.res6.4
********************** RHEL Advisory ***************************
* When the SSSD daemon was acting as a client of an IPA server that established a trust relationship with an Active Directory server, creating system accounts using the shadow-utils programs took a long time. This was caused by the shadow-utils package examining the whole UID or GID space and SSSD was unable to filter these requests out. This bug has been fixed and creating system accounts now takes significantly less time.

* Previously, if the SSSD daemon was configured with a proxy back end and an Lightweight Directory Access Protocol (LDAP) authentication, the LDAP back end was unable to look up the Distinguished Name (DN) of the authenticated user. This update adds the possibility to look up the user DN during authentication.

* Previously, if the "default_domain_suffix" option was specified in the sssd.conf file, all automounter maps were fully qualified, which disrupted the automounter integration. This bug has been fixed and sssd can now successfully retrieve autofs maps from an IPA domain.

* Previously, the SSSD daemon did not free per-client allocated memory when netgroups were requested. As a consequence, if netgroups were used by a long-running application, the sssd_nss process grew large in memory consumption. This bug has been fixed and sssd_nss memory footprint no longer grows significantly in this scenario.
******************************************************************
QA Verified