sssd-2.9.5-4.el9_5.1> M Mv ĉJ4!!%joLne)Ip-Bm5 ']g3f releng@rockylinux.org p-Bm5 ']+MU^fy@/KL|A:P)y*+n!sEoTZ t5Iؔ3ӄ}7(Ҭ48OT ^GAj} ǧl%A xU)B]"Hݩ\' iSfFYo}x58U!"9Q;lBpW~RsL+xyNE>9p5ສ,lˀj$TV\Ŭ/n~Hݘ(c+JU*m#ZYi6 tu=,?,d   7 0U\     * ,4>Hhp  M (89<: G)H)I)X)Y)\)])^)b*d+ue+zf+l+t+u+v++++,,,",d,hCsssd2.9.54.el9_5.1System Security Services DaemonProvides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy services for projects like FreeIPA. The sssd subpackage is a meta-package that contains the daemon as well as all the existing back ends.g3cpb-c6f38e83-dab8-4168-8f84-a38b4f3fa084-b-s390xKRocky Linux 9.5Rocky Enterprise Software FoundationGPLv3+Rocky Linux Build System (Peridot) Unspecifiedhttps://github.com/SSSD/sssd/linuxs390xKA큤g3efE8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903rootrootrootrootsssd-2.9.5-4.el9_5.1.src.rpmsssdsssd(s390-64)    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsZstd)sssd-adsssd-commonsssd-ipasssd-krb5sssd-ldapsssd-proxy3.0.4-14.6.0-14.0-15.4.18-12.9.5-4.el9_5.12.9.5-4.el9_5.12.9.5-4.el9_5.12.9.5-4.el9_5.12.9.5-4.el9_5.12.9.5-4.el9_5.14.16.1.3ffffy_fE@f/f! @fg@e!@e@e@e)eReRe@d dd@ddu@doMdbc<@c]cdAlexey Tikhonov - 2.9.5-4.1Alexey Tikhonov - 2.9.5-4Alexey Tikhonov - 2.9.5-3Alexey Tikhonov - 2.9.5-2Alexey Tikhonov - 2.9.5-1Alexey Tikhonov - 2.9.4-7Alexey Tikhonov - 2.9.4-6Alexey Tikhonov - 2.9.4-5Alexey Tikhonov - 2.9.4-4Alexey Tikhonov - 2.9.4-3Alexey Tikhonov - 2.9.4-2Alexey Tikhonov - 2.9.4-1Alexey Tikhonov - 2.9.3-2Alexey Tikhonov - 2.9.3-1Alexey Tikhonov - 2.9.2-2Alexey Tikhonov - 2.9.2-1Alexey Tikhonov - 2.9.1-2Alexey Tikhonov - 2.9.1-1Alexey Tikhonov - 2.9.0-5Alexey Tikhonov - 2.9.0-4Alexey Tikhonov - 2.9.0-3Alexey Tikhonov - 2.9.0-1Alexey Tikhonov - 2.8.2-2Alexey Tikhonov - 2.8.2-1Alexey Tikhonov - 2.8.1-1- Resolves: RHEL-59876 - EL9/CentOS Stream 9 lost offline smart card authentication - Resolves: RHEL-50912 - possible regression of rhbz#2196521- Resolves: RHEL-49711 - SYSDB: remove index on dataExpireTimestamp - Resolves: RHEL-49811 - 2FA is being enforced after upgrading 2.9.1->2.9.4- Resolves: RHEL-40742 - passkey_child with wrong owner- Resolves: RHEL-40742 - passkey_child with wrong owner - Resolves: RHEL-41047 - sssd is skipping GPO evaluation with auto_private_groups - Resolves: RHEL-40570 - GPO access the wrong memory location- Resolves: RHEL-36586 - Rebase SSSD for RHEL 9.5 - Resolves: RHEL-27716 - SSSD fails to process AD groups with 'Global Scope' correctly causing incomplete group-membership on RHEL if cache is empty - Resolves: RHEL-17659 - [RfE] SSSD Failover Enhancements - Resolves: RHEL-35781 - Passkey errors when handling multiple altSecurityIdentities values - Resolves: RHEL-30142 - sssd_pac is crashing - Resolves: RHEL-22206 - Errors in krb5_child.log every time a user authenticates - Pre-authentication failed: No pkinit_anchors supplied - Resolves: RHEL-32595 - Excessive "Domain not found' messages logged to sssd_nss & sssd_be in multidomain AD forest - Resolves: RHEL-28666 - sssctl config-check is reporting false positive error msg - Resolves: RHEL-29454 - NULL dereference in inotify handling - Resolves: RHEL-1654 - Improve documentation for allowing e-mail address as username- Relates: RHEL-33645 - Rebase Samba to the latest 4.20.x release- Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently [rhel-9.4.0]- Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-22340 - socket leak - Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-12503 - AD users are unable to log in due to case sensitivity of user because the domain is found as an alias to the email address. - Resolves: RHEL-22288 - ssh pubkey stored in ldap/AD no longer works to authenticate via sssd - Resolves: RHEL-22194 - gdm smartcard login fails with sssd-2.9.3 in case of multiple identities- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-18395 - latest sssd breaks logging in via XDMCP for LDAP/Kerberos users - Resolves: RHEL-17498 - New sssd.conf seems not to be backwards compatible (wrt SmartCard auth of local users using 'files provider') [rhel-9] - Resolves: RHEL-21079 - SSSD GPO lacks group resolution on hosts [rhel-9] - Resolves: RHEL-19211 - Excessive logging to sssd_nss and sssd_be in multi-domain AD forest [rhel-9]- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-14427 - Expected cn in RDN, got uid - Resolves: RHEL-12229 - HANA validation on RHEL 9.2 issue possibly related to libc/nss_sss behaviour - Resolves: RHEL-3925 - SSSD goes offline when, while reading a single user, misses a required attribute (i.e. SID) - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: RHEL-4146 - Incorrect handling of reverse IPv6 update results in update failure - Resolves: RHEL-4971 - sssd-kcm does not appear to expire Kerberos tickets (RFE: sssd_kcm should have the option to automatically delete the expired tickets)- Resolves: RHEL-2319 - Passkey authentication for centrally managed users- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: rhbz#2234829 - SSSD runs multiples lookup search for each NFS request (SBUS req chaining stopped working) - Resolves: rhbz#2236119 - dbus and crond getting terminated with SIGBUS in sss_client code- Resolves: rhbz#2218858 - [sssd] SSSD enters failed state after heavy load in the system- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#2196816 - [RHEL9] [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed' - Resolves: rhbz#2162552 - sssd client caches old data after removing netgroup member on IDM - Resolves: rhbz#2189542 - [sssd] RHEL 9.3 Tier 0 Localization - Resolves: rhbz#2133854 - [RHEL9] In some cases when `sdap_add_incomplete_groups()` is called with `ignore_group_members = true`, groups should be treated as complete - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys- Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs.- Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs.- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys - Resolves: rhbz#1913839 - filter_groups doesn't filter GID from 'id' output: AD + 'ldap_id_mapping = True' corner case - Resolves: rhbz#2100789 - [Improvement] sssctl config-check command does not show an error when we don't have id_provider in the domain section - Resolves: rhbz#2152177 - [RFE] Add support for ldapi:// URLs - Resolves: rhbz#2164852 - man page entry should make clear that a nested group needs a name - Resolves: rhbz#2166627 - Improvement: sss_client: add 'getsidbyusername()' and 'getsidbygroupname()' and corresponding python bindings - Resolves: rhbz#2166943 - kinit switches KCM away from the newly issued ticket - Resolves: rhbz#2167728 - [sssd] Auth fails if client cannot speak to forest root domain (ldap_sasl_interactive_bind_s failed)- Resolves: rhbz#2160001 - Reference to 'sssd-ldap-attributes' man page is missing in 'sssd-ldap', etc man pages - Resolves: rhbz#2143159 - automount killed by SIGSEGV- Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1608496 - sssd failing to register dynamic DNS addresses against an AD server due to unnecessary DNS search - Resolves: rhbz#2110091 - SSSD doesn't handle changes in 'resolv.conf' properly (when started right before network service) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139684 - [sssd] RHEL 9.2 Tier 0 Localization - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list - Resolves: rhbz#2142794 - SSSD: `sssctl analyze` command shouldn't require 'root' privileged - Resolves: rhbz#2144893 - changing password with ldap_password_policy = shadow does not take effect immediately - Resolves: rhbz#2148737 - UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around- Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1507035 - [RFE] SSSD does not support to change the user’s password when option ldap_pwd_policy equals to shadow in sssd.conf file - Resolves: rhbz#1766490 - Use negative cache better and domain checks for lookup by SIDs - Resolves: rhbz#1964121 - RFE: Add an option to sssd config to convert home directories to lowercase (or add a new template for the 'override_homedir' option) - Resolves: rhbz#2074307 - reduce debug level in case well_known_sid_to_name() fails - Resolves: rhbz#2096031 - SSSD: sdap_handle_id_collision_for_incomplete_groups debug message missing a new line - Resolves: rhbz#2103325 - Supported AD group types should be explained in the docs - Resolves: rhbz#2111388 - authenticating against external IdP services okta (native app) with OAuth client secret failed - Resolves: rhbz#2115171 - SSSD: duplicate dns_resolver_* option in man sssd.conf - Resolves: rhbz#2127492 - sssd timezone issues sudonotafter - Resolves: rhbz#2128840 - [RFE] provide dbus method to find users by attr - Resolves: rhbz#2128883 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list2.9.5-4.el9_5.12.9.5-4.el9_5.1sssdCOPYING/usr/share/licenses//usr/share/licenses/sssd/-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=z14 -mtune=z15 -fasynchronous-unwind-tables -fstack-clash-protectioncpiozstd19s390x-redhat-linux-gnudirectoryASCII textlogrotatepython3-sssdconfigsssd-dbus2.9.5-4.el9_5.12.9.5-4.el9_5.1utf-87b7f240ed8e6f88decbea1cfb324fcbc98bbf793f437f862661a002db444eddee23dd8458ae706c4514415afd0d12746f706a6b714e85d351c78b7bd0691230d?0(/hڗ,h}L"Jvw.ӶS0$qRV xtϦMH|f}Hmj^d/ULIqܢǘn86]Ȥ;e68t>J\"8%@W_EݜfQ/66Fm=]6XueS¤{gv4G\>yvԼ+)vnf@.a!PUfIwoXݹ6 T\~SUZt_YsO'dLcp,.#e6kH47!r@% nYSC'AQ, \TP0`qAA%D4@7ll=8"0h`*!"@8H 3$MUν.2 O8lwȵY\.'e |rd KN8G PL q*$܅ IբzCiv%QjuJj;9|Ry>S^^Q[0+wŵs k|g[$I ROM1fwK|,R̥8Bv.m5L[m=SKBq.wǵX.EO壑]**5[َg\6ZNg5J2 ʠek(hXNx |?5_:^ ~:/G9JhsGQ6MjrfkaQ -xRE}[L+,α 7EPk5I8ڴD %&eoh#oHQFxJnEʕ۫'DKQ~sWkkO!٭Y-.#Pg{fF>e>*Յ2GS|1?rN 䣵T5K|K}m@x|Vr; (ĕ@׼N%#-\$7H[`*E`cՒcJ9èR9R8S6\x8IJvvd,&Cw$TڰV>\r"b2hۥ&C%'IPKR[}C*Q7}:hA6SIѶ%KO>ʔbFA)aÕy1.A 6Cpdj+J0?#hb읏Xs)%yԹYT\:`@ ꍧA<64Pq;!/>k17Iio00U]O4ƊFqx'K?Vn!FsfJl*LbC%xyCޯw?"t$Q\EQTb7}!)3jŵںN!)66E zޟ{mp1ɬiX |_Xi:"!E!ّ̌7<%>/LxݶOә ع-CaxY⢣g>9]&T.{r*7$),J4.~sץ#d`TT (5W%.gWA( 4O}q ?AL Z:,ԽMXe M ,LnZ2{˞Μ7l1@a pD .l4/_4U0Fl9PS{Oʶ:V;! O؈ltQqY"zDH;^!0z>+M k>!_ NJ%#LG;`5tbvڙۦJ^KMLu6 B9oQl)(ڟGmtS0B ȏ'fV_ 7RTs Mh'}0anvn84I^kFRCvy* Bfp$aa^oTcԆ\ɮfݲfꁗUGL5Y㛃Yκq1>`uqJ t|Bna]dx&dpWҔs|శh "\F+]] &Hgnv U{ A~i7zv~ϕB3 2ʽ$xnJ\Nwx<PDGfq;o!93C̔@M#1:,]0qHa4 )Gμh0%E&op %~& J}Ю"%#;% 5B$TC\v2t9LTf о@:lO%")&#M)j [E%ѣ̡J~ٔ"!R֧]wKn3 в5LfyK~3G2F{e0><| XAc~jȝnqx#ԁHj#-(4Jݡ&V-|Tōv6B *5Woy(Sc 6 L8$ D{n|M9!Ch|i._BN+Y JɏSԨw%O~;dCJME/ W~>J^xXʤȊuA vN`1eD& /k`8Nc]`4k&\haȯT9M2i?!/n`7ekՅ:ț[*C g@c۵ f8G{mk]d gқz4Y}0͓>d9nS.5.CV[!ts74Ki [TdjE7t㨻 u*OT:- T?@4h% 76 YZU:^]s ,NeikDZF ƉByR%#ėJ%DDZEEx @ƅ"O& "(ۃX.F)Ty /DKdT# \|&}bcU{`#kd+<b҈BmĺW{&L16k{Hꋬjj2~r}2@-ϤTsWGX=[%=5DUF'5|u8F3Ћ |m4+F,gLߥIq͢L7z`I bQ{ &Ĩ [>6~iIwT{G8݀QKTS$`xe;""?=$g(DTk\">>h;*ISgU}~"~'6Hez:kp𞉲}A4t] W8at#tG[lrĊj̃y0u":ck(Z4_0z OiEdyWV)*.>H B[^νz,{ӟ-F%f 2S+ndx@ʔZ:rgXgc!Q ܜP)#QJGDǀ_H_[56pNٗ+oSC| $7#@5dx/"B27 ƿ!F>sz,;h"L*l SS/g6jTo<0#⤺n' n6o EL q8eqnV3MLj/$07LP͈pTGZXvlM|^O,0lfs> NӃdlf {7?n5Y5C-ެE#itʼx nqQMw!ǰ/ K&se\% '( ZI Y*5!. [+^y#s/XհjU*n2BhR|t]ݬj&8Exp2w2ap5O ve{N93^ꊋ"eZFk9^5)+ԪjfS*pJ޾J%ׇ\ȋb2Z)/zgLWD_Q }F\ղS$%ފZgh{QҌ)ֹTΌL~dB dcQ_FMf3|a\R)گhWn/'|L>q*⸀@ cاsc*_ESӕURP +]fMҍ*c07N%r􂅢n 4PҪS q; vBk嫾+'ŕsZI3,S-|dd~讓33pũS%lj²|i>A_|Q$3dѲUgշ0rJ%NF3va׏tpeqN%םzpGAƃhM\{׀ MX;Γ`t'<8Mq"z=8A$sOb8kk8hcxI DDv"(%͑0#=GO<`@aI򜖠YC0XA^9yYyzX@I"r'5҃&E'-Es 9H D7$=t'Ep ҠFBHOI4tA @D4L pa?%W֝+k}؋ ODœ8-PwuI BJhI 5YQ]UEүvKƢ&ɸ{Xf` F<4RBey_K^+12k}%35儬[ %$e3}/om|z'0 Íйȃ׳Nlt%;xq?'?,:) l"ȵD%Xg;j|SM$4g1/j" ѼmlXoJݵyjvCD0dXM93e6MT;zT0%),/>?}7HnKYzҵ}fW!\1t9s Fp k6zW~E֒Xt%͊T>Z8\l&\z(x55J8SGFi:nNbƱ9gjs<5c&|1W,k"mmې">v=Iwu)&rulF`hws9m̵+)3c<ʾXM"t ,?\*cA%9{@+ʵUP7aBjOљ~W.vS& |58"46w643_=hc"a-U} jTI'f攏d'͈ԔoHW nc7vUP`Ug=]#W/=(SUȸGIҀ֓VB;^!]:+4 aU?D*cC$hM9 0.j3aʼGe'],| #ATw7P[hڄL5g0Xuo#}+#.<.H,xQl=,0(zo(5Lnu nJ0wu/Z{@~9T/,B2RBk~r# N7Hޔ#p8IkLCͮ2_ 3Π/ƶk)@Fy@*Ps(nNQL!;gG+R_\&sUwLMq-tg ; sjjTL ^9L\|?36癠•]3d?jӄmNz )>*nn_ I- wV-U)Zj]$"q!:5A*'X=xR6 C˔(9hQ\V&|E .w↮9͜,R%-<;bYQ B藱B﵋XT04U{',Y %&x GAzJE=xEtn&19Խ^ylq:Z#n[<.Z|b"D _T%J4bA.rIHo!JQIDt|lȜ!Me@H|p\AZm-m2EO>xƨ2 [E 3!a NjS+gU`6clOkƁht÷Ƒf93X<%On~.8\ 0p*-pӸ^`M QUŨɠ*2)|2"*y}SfƹK nSC&ˆ̆We POL'ʉɢ2sST k$Ϯc]<_Xh@d#Y禍мkЫuHq (8U$3C=p zg1&"J"\ف}<Pfǹ#.o bYhu&jAopYsB#ucI&_Lge;a&A8cbc78~3E58]*9\BM׬$REIoH*Joa^V;747vcV7ұ ^w}4ڸG\K. ؇Og4H&*9 V5E@"g=؆Yz P;_){vXGȨRXg_="f[F;G\z[e{O 4;ξ2vrZ0)lfla=M/MſΙ c(tK*%C9.cqgh 8{x_(|\Cp5vG+$0$60ni :F]ogXRf4|_:XJ4HVgFv?wP\F()L6Wo"u-`ڎs6]eτMC+ s t+;_zP: B)G Ŧ-fȫFE=,$B:p;N.s\ .6@2FTm >\R0Tَm1F+>/ Wu&h"{i`vD $nQqGv+F2 Va<̫D!i\BN%wM.u0lyfj`lz, C]f):,jyİCPX~fհ}Q5}@g]Y78bKqb $ \dI$c],%heoέ獺 s2C&ec+#n1e~~:մcw,= y1ÑMRwGSn䁗YAq.s`~$=xyS k-Cz%kN nu׀F f{%|R\E!ltV'`A P#f[nV@Z-P?C7 bHN59""& ݮ_Fbuzv+l(WLubA/ &immDm>vЦ{׮(4X YIt B|FU}nh;O BHD6Mշ5 ݓ6?Z9#>݁Zc+p87-ɝs81#5K c&,+ٞ/w|T˩=q $L$Y63j)=9mMQf} (=DR{1zx=BVFU7-%#aR4o5#c`"au u iXMRzb8{u\{"j:jȹ$_J?iu9_syG:%UlB < 9n )sle6N@aynwɒJdw0jHUCe22܄GU2]|O!CH"#؀s2 NdXnox֤3{_1է9얡?/&a ;0exMk'mL"I0O~oD-^HITWhU7yx߲]Aq<0!x`0lLC`38t aCõvy:Jt&WBmmILi}BZebQYF,;TA1$K-qJX"H=qTxp %͠?o$* 1X.e΍w3Z:Вu {Fsw*uB8WZ Tޕg~˞I)[W~ }e-C{4[_v4xVXKEt "Pu31X+B DK) Q:V* *_(^x@ɰ$VT'UjVs!<dzr[>_iM흅a#0se!55z{Cv[ʌ g @]h뤵VkPZcRez V:P $"- G_B#ޟ`)J/+n3Zԥ:SJMGүѩ1`yz7u]o-u#BIgy bUTc0{*B[k}#'qZWwn-NiPi r46]3`Uǰ@!~L_ȣ ,q!0:, ֢d%tC}YEX:}"&c{('q29M*V7)[VF@