sssd-polkit-rules-2.9.5-4.el9_5.1> M Mv ĉJ4!!%joLne)Ip-Bm5 ']g3f-releng@rockylinux.org p-Bm5 ']VZ4G3ǫ \0,D5IZ^B>!j1! j#V2J8R'xd"~"?{lz~R;*ypcQṁEѠY?VG~\фXes&FmV8I8$7(P LUڌTjV-tÄ*sUk3j+0`(?[ [7sYB6|ѕJ@]zBu1̱U^#R:Ď(yr) i:1-) ]-[<L~о)e6Qk~kq+XnET aXTE5qPyPX)'5|/Q#iNhBnU4#i{=&&ϛ =<'wf’# o읗Ap"4 ?S;jrjmP?9be6321034ac6920c0b0a5f7950ce23e0b754b46b65208e7fdb3842c184f79d25445af136f9583e3f9f09b688a2aa2763f772c27/qd۷V2u >:*?*}d $ J Wk     D\( 89x:*G'H'I'X'Y'\(](^(b(1d)e)f)l)t)u)v))))*8*<Csssd-polkit-rules2.9.54.el9_5.1Rules for polkit integration for SSSDProvides rules for polkit integration with SSSD. This is required for smartcard support.g3cMpb-e999b346-4e7b-4b32-9155-6376c2259010-b-x86-64Rocky Linux 9.5Rocky Enterprise Software FoundationGPLv3+Rocky Linux Build System (Peridot) Applications/Systemhttps://github.com/SSSD/sssd/linuxx86_64g3cjaa07dbae7abe641bcaec03c5b04da0695a4a49f2d01e486b4c5de61819ebcb70rootrootsssd-2.9.5-4.el9_5.1.src.rpmsssd-polkit-rulessssd-polkit-rules(x86-64)     polkitrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsZstd)sssd-common0.1063.0.4-14.6.0-14.0-15.4.18-12.9.5-4.el9_5.14.16.1.3ffffy_fE@f/f! @fg@e!@e@e@e)eReRe@d dd@ddu@doMdbc<@c]cdAlexey Tikhonov - 2.9.5-4.1Alexey Tikhonov - 2.9.5-4Alexey Tikhonov - 2.9.5-3Alexey Tikhonov - 2.9.5-2Alexey Tikhonov - 2.9.5-1Alexey Tikhonov - 2.9.4-7Alexey Tikhonov - 2.9.4-6Alexey Tikhonov - 2.9.4-5Alexey Tikhonov - 2.9.4-4Alexey Tikhonov - 2.9.4-3Alexey Tikhonov - 2.9.4-2Alexey Tikhonov - 2.9.4-1Alexey Tikhonov - 2.9.3-2Alexey Tikhonov - 2.9.3-1Alexey Tikhonov - 2.9.2-2Alexey Tikhonov - 2.9.2-1Alexey Tikhonov - 2.9.1-2Alexey Tikhonov - 2.9.1-1Alexey Tikhonov - 2.9.0-5Alexey Tikhonov - 2.9.0-4Alexey Tikhonov - 2.9.0-3Alexey Tikhonov - 2.9.0-1Alexey Tikhonov - 2.8.2-2Alexey Tikhonov - 2.8.2-1Alexey Tikhonov - 2.8.1-1- Resolves: RHEL-59876 - EL9/CentOS Stream 9 lost offline smart card authentication - Resolves: RHEL-50912 - possible regression of rhbz#2196521- Resolves: RHEL-49711 - SYSDB: remove index on dataExpireTimestamp - Resolves: RHEL-49811 - 2FA is being enforced after upgrading 2.9.1->2.9.4- Resolves: RHEL-40742 - passkey_child with wrong owner- Resolves: RHEL-40742 - passkey_child with wrong owner - Resolves: RHEL-41047 - sssd is skipping GPO evaluation with auto_private_groups - Resolves: RHEL-40570 - GPO access the wrong memory location- Resolves: RHEL-36586 - Rebase SSSD for RHEL 9.5 - Resolves: RHEL-27716 - SSSD fails to process AD groups with 'Global Scope' correctly causing incomplete group-membership on RHEL if cache is empty - Resolves: RHEL-17659 - [RfE] SSSD Failover Enhancements - Resolves: RHEL-35781 - Passkey errors when handling multiple altSecurityIdentities values - Resolves: RHEL-30142 - sssd_pac is crashing - Resolves: RHEL-22206 - Errors in krb5_child.log every time a user authenticates - Pre-authentication failed: No pkinit_anchors supplied - Resolves: RHEL-32595 - Excessive "Domain not found' messages logged to sssd_nss & sssd_be in multidomain AD forest - Resolves: RHEL-28666 - sssctl config-check is reporting false positive error msg - Resolves: RHEL-29454 - NULL dereference in inotify handling - Resolves: RHEL-1654 - Improve documentation for allowing e-mail address as username- Relates: RHEL-33645 - Rebase Samba to the latest 4.20.x release- Resolves: RHEL-27209 - Race condition during authorization leads to GPO policies functioning inconsistently [rhel-9.4.0]- Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-22340 - socket leak - Resolves: RHEL-28161 - Passkey cannot fall back to password- Resolves: RHEL-12503 - AD users are unable to log in due to case sensitivity of user because the domain is found as an alias to the email address. - Resolves: RHEL-22288 - ssh pubkey stored in ldap/AD no longer works to authenticate via sssd - Resolves: RHEL-22194 - gdm smartcard login fails with sssd-2.9.3 in case of multiple identities- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-18395 - latest sssd breaks logging in via XDMCP for LDAP/Kerberos users - Resolves: RHEL-17498 - New sssd.conf seems not to be backwards compatible (wrt SmartCard auth of local users using 'files provider') [rhel-9] - Resolves: RHEL-21079 - SSSD GPO lacks group resolution on hosts [rhel-9] - Resolves: RHEL-19211 - Excessive logging to sssd_nss and sssd_be in multi-domain AD forest [rhel-9]- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-14427 - Expected cn in RDN, got uid - Resolves: RHEL-12229 - HANA validation on RHEL 9.2 issue possibly related to libc/nss_sss behaviour - Resolves: RHEL-3925 - SSSD goes offline when, while reading a single user, misses a required attribute (i.e. SID) - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: RHEL-4146 - Incorrect handling of reverse IPv6 update results in update failure - Resolves: RHEL-4971 - sssd-kcm does not appear to expire Kerberos tickets (RFE: sssd_kcm should have the option to automatically delete the expired tickets)- Resolves: RHEL-2319 - Passkey authentication for centrally managed users- Resolves: RHEL-2632 - Rebase SSSD for RHEL 9.4 - Resolves: RHEL-2319 - Passkey authentication for centrally managed users - Resolves: rhbz#2234829 - SSSD runs multiples lookup search for each NFS request (SBUS req chaining stopped working) - Resolves: rhbz#2236119 - dbus and crond getting terminated with SIGBUS in sss_client code- Resolves: rhbz#2218858 - [sssd] SSSD enters failed state after heavy load in the system- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#2196816 - [RHEL9] [sssd] User lookup on IPA client fails with 's2n get_fqlist request failed' - Resolves: rhbz#2162552 - sssd client caches old data after removing netgroup member on IDM - Resolves: rhbz#2189542 - [sssd] RHEL 9.3 Tier 0 Localization - Resolves: rhbz#2133854 - [RHEL9] In some cases when `sdap_add_incomplete_groups()` is called with `ignore_group_members = true`, groups should be treated as complete - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys- Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs.- Related: rhbz#2190415 - Rebase Samba to the latest 4.18.x release Rebuild against rebased Samba libs.- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3- Resolves: rhbz#2167837 - Rebase SSSD for RHEL 9.3 - Resolves: rhbz#1765354 - [RFE] - Show password expiration warning when IdM users login with SSH keys - Resolves: rhbz#1913839 - filter_groups doesn't filter GID from 'id' output: AD + 'ldap_id_mapping = True' corner case - Resolves: rhbz#2100789 - [Improvement] sssctl config-check command does not show an error when we don't have id_provider in the domain section - Resolves: rhbz#2152177 - [RFE] Add support for ldapi:// URLs - Resolves: rhbz#2164852 - man page entry should make clear that a nested group needs a name - Resolves: rhbz#2166627 - Improvement: sss_client: add 'getsidbyusername()' and 'getsidbygroupname()' and corresponding python bindings - Resolves: rhbz#2166943 - kinit switches KCM away from the newly issued ticket - Resolves: rhbz#2167728 - [sssd] Auth fails if client cannot speak to forest root domain (ldap_sasl_interactive_bind_s failed)- Resolves: rhbz#2160001 - Reference to 'sssd-ldap-attributes' man page is missing in 'sssd-ldap', etc man pages - Resolves: rhbz#2143159 - automount killed by SIGSEGV- Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1608496 - sssd failing to register dynamic DNS addresses against an AD server due to unnecessary DNS search - Resolves: rhbz#2110091 - SSSD doesn't handle changes in 'resolv.conf' properly (when started right before network service) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139684 - [sssd] RHEL 9.2 Tier 0 Localization - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list - Resolves: rhbz#2142794 - SSSD: `sssctl analyze` command shouldn't require 'root' privileged - Resolves: rhbz#2144893 - changing password with ldap_password_policy = shadow does not take effect immediately - Resolves: rhbz#2148737 - UPN check cannot be disabled explicitly but requires krb5_validate = false' as a work-around- Resolves: rhbz#2127510 - Rebase SSSD for RHEL 9.2 - Resolves: rhbz#1507035 - [RFE] SSSD does not support to change the user’s password when option ldap_pwd_policy equals to shadow in sssd.conf file - Resolves: rhbz#1766490 - Use negative cache better and domain checks for lookup by SIDs - Resolves: rhbz#1964121 - RFE: Add an option to sssd config to convert home directories to lowercase (or add a new template for the 'override_homedir' option) - Resolves: rhbz#2074307 - reduce debug level in case well_known_sid_to_name() fails - Resolves: rhbz#2096031 - SSSD: sdap_handle_id_collision_for_incomplete_groups debug message missing a new line - Resolves: rhbz#2103325 - Supported AD group types should be explained in the docs - Resolves: rhbz#2111388 - authenticating against external IdP services okta (native app) with OAuth client secret failed - Resolves: rhbz#2115171 - SSSD: duplicate dns_resolver_* option in man sssd.conf - Resolves: rhbz#2127492 - sssd timezone issues sudonotafter - Resolves: rhbz#2128840 - [RFE] provide dbus method to find users by attr - Resolves: rhbz#2128883 - Cannot SSH with AD user to ipa-client (`krb5_validate` and `pac_check` settings conflict) - Resolves: rhbz#2136791 - Lower the severity of the log message for SSSD so that it is not shown at the default debug level. - Resolves: rhbz#2139837 - Analyzer: Optimize and remove duplicate messages in verbose list2.9.5-4.el9_5.12.9.5-4.el9_5.1sssd-pcsc.rules/usr/share/polkit-1/rules.d/-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64-v2 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protectioncpiozstd19x86_64-redhat-linux-gnuASCII textutf-81edf87673c3f3528154637a1487a8170a3b021a324b5e2c722d445e33cd096fd6426cf6b6f24d2d6c49bf8954d42ad7eb41ac9632cd3e8ad390fab1017fbe3c8?`(/h V>% V FfhB.X ǖ$K0͡O6h\l5/2vXӬׯrfp:tf+[ѠpH"O p@{ԠTvse#cxV1-'$7_iT!OBCRLcc tYs8ݣ5H M4" D4q2htgbnuGxBa-x%W.  @ :B}d)ɛG)G;B(H)xdU F, +$x).`