From owner-freebsd-ports-bugs@freebsd.org Sun Oct 20 14:15:00 2019 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7FC39160464 for ; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46x1xc2vXvz3Htp for ; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 63998160463; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6361E160462 for ; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46x1xc238xz3Htn for ; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 25584D07C for ; Sun, 20 Oct 2019 14:15:00 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x9KEEx4k041430 for ; Sun, 20 Oct 2019 14:15:00 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x9KEExqi041429 for ports-bugs@FreeBSD.org; Sun, 20 Oct 2019 14:14:59 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 241347] security/sssd: Update to 1.16.4 Date: Sun, 20 Oct 2019 14:14:59 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: prj@rootwyrm.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Oct 2019 14:15:00 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241347 Phillip R. Jaenke changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |prj@rootwyrm.com --- Comment #3 from Phillip R. Jaenke --- Rick, not speaking for Lukas here obviously, but I am speaking as someone v= ery familiar with sssd. The "latest" is often "too latest." Frequently does not= do what it says on the tin, at best. It's focused on feature addition and the like. Hence, why they have LTMs. The LTMs are tied to RHEL. So from the FreeBSD side, the port should track what sssd version is in the current mainstream release of Red Hat. For 7.7, that's 1.16. I'm a large RH= EL customer at $dayjob and the in-house sssd expert there, so I'm reasonably familiar with this.=20 All that said, Lukas, can this build with python3.6+? FreeBSD is EOL'ing 2.7 much more aggressively than RH. So I would recommend building only with 3.x= if possible so it doesn't come up as broken in January. The other concern I have is around the security/krb5 and samba dependency. = We don't have a good way to enforce option dependencies in other ports. I think this can be worked around by depending on ${LOCALBASE}/lib/shared-modules/krb5/winbind_krb5_localauth.so and ${LOCALBASE}/lib/samba4/krb5/plugins/kdb/samba.so which are only present wh= en GSSAPI_MIT is selected in samba48+. That SHOULD prevent user foot-shooting = by installing a GSSAPI_BUILTIN samba48+ against sssd here. --=20 You are receiving this mail because: You are the assignee for the bug.=