SSSD 2.9.4 Release Notes
Highlights
Important fixes
- Fixes a crash when PAM passkey processing incorrectly handles non-passkey data.
- A workaround was implemented to handle gracefully misbehaving applications that destroy internal state of SSSD client librarires. A particular example of such application is described in TigerVNC/tigervnc#1709.
- An error when rotating KCM's logs was fixed. When KCM's logs were rotated by logrotate, KCM would still use the old file (renamed sssd_kcm.log.1). Only after KCM was restarted (either manually or automatically) the new log file would be used. This problem is now solved and KCM uses the new file immediately.
- Fixed group membership handling when members are coming from different forest domains and using ldap token groups is prohibited.
- Files provider was erroneously taking into consideration
local_auth_policy
config option, thus breaking smartcard authentication of local user in setups that didn't explicitly specify this option. This is now fixed.