From owner-freebsd-ports-bugs@freebsd.org Mon Oct 21 10:29:13 2019 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 52463153B7D for ; Mon, 21 Oct 2019 10:29:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 46xXtd1Wszz44bd for ; Mon, 21 Oct 2019 10:29:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 31F22153B7C; Mon, 21 Oct 2019 10:29:13 +0000 (UTC) Delivered-To: ports-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 31B04153B7B for ; Mon, 21 Oct 2019 10:29:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46xXtd0Z4Nz44bb for ; Mon, 21 Oct 2019 10:29:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CDA59229A6 for ; Mon, 21 Oct 2019 10:29:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x9LATC2q020210 for ; Mon, 21 Oct 2019 10:29:12 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x9LATCQt020209 for ports-bugs@FreeBSD.org; Mon, 21 Oct 2019 10:29:12 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 241347] security/sssd: Update to 1.16.4 Date: Mon, 21 Oct 2019 10:29:13 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: lukas.slebodnik@intrak.sk X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Oct 2019 10:29:13 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241347 --- Comment #6 from lukas.slebodnik@intrak.sk --- (In reply to Rick from comment #1) > Reconsider defining an explicit Samba dependency. This factored into LDB = conflicts between security/sssd and net/samba4* in the first place. Ports d= efines behavior for selecting the Samba version by setting a default that c= an be over-ridden via DEFAULT_VERSIONS, which puts greater control in the u= sers hands. Situation with LDB is different samba is more picky about version of ldb. sssd can work without recompilation with ldb 1.2, 1.3, 1.4, 1.5 The only exception is ldb-1.1.30 due to ABI breakage in ldb. > Explicit dependency mitigates current behavior, but when net/samba411 is = added to ports and users want to install 4.11 as opposed to 4.10, it requir= es overriding SMB_LIB_DEPENDS instead of using DEFAULT_VERSIONS like "DEFAU= LT_VERSIONS=3Dsamba=3D4.11". The tricky part is winbind_idmap_sss.so The might change ABI between versio= ns and thus you need to recompile the plugin and to "downgrade" version with --with-smb-idmap-interface-version=3D6 Sure that module needn't be used by anyone and ipa and ad provider would wo= rk. But it is dangeroups therefore I decided to stick with samna-4.10 > Addressing the current failing behavior is achievable through a note in M= akefile or UPDATING explaining net/samba410 to be the minimum Samba version= required for SMB support. So, users know to deploy a configuration similar= to that described in bug #238465. which changes do you suggest after my explanation? --=20 You are receiving this mail because: You are the assignee for the bug.=