#995337 sssd-krb5: Please backport upstream patch fixing offline ccache creation

Package:
sssd-krb5
Source:
sssd
Description:
System Security Services Daemon -- Kerberos back end
Submitter:
Thomas Walker
Date:
2021-11-18 18:36:04 UTC
Severity:
important
Tags:
#995337#5
Date:
2021-09-29 20:45:10 UTC
From:
To:
Dear Maintainer,

Upon upgrading from Debian Buster to Bullseye, I came across an sssd bug that was clearly upstream's, not Debian's.  I filed a bug report with them (https://github.com/SSSD/sssd/issues/5785) and they quickly identified a fix (https://github.com/sumit-bose/sssd/commit/9075925a362e77bebba895724312a0093d2997b5) which I verified against Debian's 2.4.1-2 and has subsequently been accepted upstream (https://github.com/SSSD/sssd/pull/5787).  Could this patch please be pulled back into Debian's build for Bullseye (and, I haven't tested, but it will also likely be needed in 2.5.2 in Bookworm and Sid, at least until the next upstream release anyway).

Please let me know if you need any additional information...

Thanks!

#995337#10
Date:
2021-11-18 18:24:08 UTC
From:
To:
Hi maintainers... I wanted to give this a bump as it has been a couple of months.  At the time that I opened the request, sssd had not had an official releaese with this patch included but it is now present in 2.6.0 (and 2.6.1).

I can, of course, carry this patch internally if need be, but I was hoping that Debian would include it as smartcard based auth when in offline mode will not work without it (it creates a ccache for the user owned by root).

Thank you!