{"update": {"autokarma": false, "autotime": false, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Rebase to the lastest upstream release:\n\nSee release notes here:\n\nhttps://sssd.io/release-notes/sssd-2.10.1.html", "type": "unspecified", "status": "stable", "request": null, "severity": "unspecified", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": "core critical-path-server", "close_bugs": true, "date_submitted": "2024-12-10 15:39:12", "date_modified": null, "date_approved": "2024-12-27 15:01:45", "date_testing": "2024-12-21 01:43:50", "date_stable": "2024-12-28 02:57:16", "alias": "FEDORA-2024-5afdb12065", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2024-12-28 02:57:16", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5afdb12065", "title": "sssd-2.10.1-1.fc41", "version_hash": "6566865355177e99a7aba175e5c64c7946938089", "release": {"name": "F41", "long_name": "Fedora 41", "version": "41", "id_prefix": "FEDORA", "branch": "f41", "dist_tag": "f41", "stable_tag": "f41-updates", "testing_tag": "f41-updates-testing", "candidate_tag": "f41-updates-candidate", "pending_signing_tag": "f41-signing-pending", "pending_testing_tag": "f41-updates-testing-pending", "pending_stable_tag": "f41-updates-pending", "override_tag": "f41-override", "mail_template": "fedora_errata_template", "state": "current", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2025-11-11", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "pbrezina", "email": "pbrezina@redhat.com", "id": 4061, "avatar": "https://seccdn.libravatar.org/avatar/8d8e5f1357fae74aeca0486138f1fa2576e344b1961d790fb23a70016830b88f?s=24&d=retro", "openid": "pbrezina.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "authselect"}, {"name": "sssd-maintainers"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by pbrezina. ", "timestamp": "2024-12-10 15:39:12", "update_id": 675479, "user_id": 91, "id": 3863139, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-12-10 15:39:14", "update_id": 675479, "user_id": 91, "id": 3863140, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-12-10 15:39:14", "update_id": 675479, "user_id": 91, "id": 3863141, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2024-12-10 16:39:33", "update_id": 675479, "user_id": 91, "id": 3863207, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "This is some kind of real failure, but I'm on PTO today and don't have time to look into it in detail right now. Will look later.", "timestamp": "2024-12-10 17:29:05", "update_id": 675479, "user_id": 302, "id": 3863256, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.", "timestamp": "2024-12-10 17:29:05", "update_id": 675479, "user_id": 91, "id": 3863257, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "I'm not familiar with those tests, but clicking around:\n```\n(2024-12-10 11:35:37): [be[test.openqa.fedoraproject.org]] [selinux_child_done] (0x0020): [RID#8] Error in selinux_child: [1][Operation not permitted]\n```\nat least some of those tests are due to https://github.com/fedora-selinux/selinux-policy/issues/2455", "timestamp": "2024-12-10 19:17:46", "update_id": 675479, "user_id": 6419, "id": 3863296, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Some looks like infra failure?\n```\n(12:36:28): [be_resolve_server_process] (0x0200): Found address for server ipa001.test.openqa.fedoraproject.org: [172.16.2.100] TTL 1109\n(12:36:28): [sssd_async_socket_init_send] (0x4000): Using file descriptor [22] for the connection.\n(12:36:28): [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout [ldap_network_timeout] for connecting\n(12:36:34): [sssd_async_connect_timeout] (0x0100): The connection timed out [ldap_network_timeout]\n(12:36:34): [sssd_async_socket_init_done] (0x0040): sdap_async_sys_connect request failed: [110]: Connection timed out [ldap_network_timeout].\n```", "timestamp": "2024-12-10 19:22:06", "update_id": 675479, "user_id": 6419, "id": 3863302, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2024-12-11 01:43:09", "update_id": 675479, "user_id": 91, "id": 3863557, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Works (not giving +1 because of test failures).", "timestamp": "2024-12-11 03:07:28", "update_id": 675479, "user_id": 198, "id": 3863729, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "I'm not sure whether I'm imagining things here, but it seems that _downgrading_ to previous version of sssd breaks things. Apparently, something about permissions of the ini file not being right. This causes sssd and its minions like kcm to fail when starting, which then promptly breaks user DB (in my case LDAP/krb5).", "timestamp": "2024-12-11 05:26:48", "update_id": 675479, "user_id": 198, "id": 3863802, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Stuff like this on downgrade:\n```\nDec 11 16:09:55 systemd[1]: Starting sssd.service - System Security Services Daemon...\nDec 11 16:09:56 sssd[906]: [sssd] [sss_ini_read_sssd_conf] (0x0020): Permission check on config file failed.\nDec 11 16:09:56 sssd[906]: Can't read config: 'File ownership and permissions check failed'\nDec 11 16:09:56 systemd[1]: sssd.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED\nDec 11 16:09:56 systemd[1]: sssd.service: Failed with result 'exit-code'.\nDec 11 16:09:56 systemd[1]: Failed to start sssd.service - System Security Services Daemon.\n```", "timestamp": "2024-12-11 05:28:50", "update_id": 675479, "user_id": 198, "id": 3863803, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "The openQA test is not designed to do any kind of downgrade (and only would if the package versions were incorrect somehow). See https://bodhi.fedoraproject.org/updates/FEDORA-2024-61dea2e6ce#comment-3863847 for what I found, looking around the logs in the failure on the Rawhide update.", "timestamp": "2024-12-11 07:21:27", "update_id": 675479, "user_id": 302, "id": 3863848, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}, {"karma": 0, "karma_critpath": 0, "text": "@atikhonov there is no \"infra\" to speak of here, ipa001.test.openqa.fedoraproject.org is not really part of fedora infra, it is just another job in the openQA cluster. if communication to it weren't working, the test would've failed earlier in different ways, most likely (enrolling the client would not have worked at all).", "timestamp": "2024-12-11 07:23:46", "update_id": 675479, "user_id": 302, "id": 3863850, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "adamwill", "email": "awilliam@redhat.com", "id": 302, "avatar": "https://seccdn.libravatar.org/avatar/51720fbb2ec5dfd2bc005ac374a3bfd3190cb8f45f3bb8d6bdf35fb6a051d03b?s=24&d=retro", "openid": "adamwill.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "qa-tools-sig"}, {"name": "fedora-contributor"}, {"name": "news"}, {"name": "gittriage"}, {"name": "sysadmin"}, {"name": "gitspin-kickstarts"}, {"name": "signed_fpca"}, {"name": "gitgeneric-release"}, {"name": "yak_farmers"}, {"name": "triagers"}, {"name": "qa"}, {"name": "sysadmin-qa"}, {"name": "fedorabugs"}, {"name": "ipausers"}, {"name": "gitmkinitrd"}, {"name": "qa-admin"}, {"name": "aws-qa"}, {"name": "change-wranglers"}, {"name": "fedora-ci-admins"}, {"name": "common-issues-triage"}, {"name": "sysadmin-main"}, {"name": "program-management"}, {"name": "gitfedora-project-schedule"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Thanks @adamwill. The downgrade was something I did locally (by accident, to be honest). Maybe the config file had 0600 before and is now 0640, which upsets the previous version.", "timestamp": "2024-12-11 07:35:43", "update_id": 675479, "user_id": 198, "id": 3863857, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "in `upgrade_realmd_client` I can see time desync between the client and the server:\n\n```\n   *  (2024-12-10 13:06:32): [krb5_child[2211]] [check_fast_ccache] (0x0200): [RID#58] FAST TGT is still valid.\n...\n   *  (2024-12-10 13:06:32): [krb5_child[2211]] [tgt_req_child] (0x1000): [RID#58] Attempting to get a TGT\n   *  (2024-12-10 13:06:32): [krb5_child[2211]] [get_and_save_tgt] (0x0400): [RID#58] Attempting kinit for realm [TEST.OPENQA.FEDORAPROJECT.ORG]\n   *  (2024-12-10 13:06:32): [krb5_child[2211]] [get_and_save_tgt] (0x0020): [RID#58] 2352: [-1765328351][Error constructing AP-REQ armor: Ticket not yet valid]\n```\n", "timestamp": "2024-12-11 07:39:58", "update_id": 675479, "user_id": 1242, "id": 3863859, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "abbra", "email": "abokovoy@redhat.com", "id": 1242, "avatar": "https://seccdn.libravatar.org/avatar/3f3c51cb81fb43e685e65ff696d895ac268ff71949128c02b81dec65a4405a0a?s=24&d=retro", "openid": "abbra.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "bind-dyndb-ldap"}, {"name": "gitfreeipa"}, {"name": "gitslapi-nis"}, {"name": "gitfreeipa-docs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "> Maybe the config file had 0600 before and is now 0640, which upsets the previous version.\n\nRight: https://github.com/SSSD/sssd/commit/8472777ec472607ea450ddb4c4666017bd0de704", "timestamp": "2024-12-11 08:44:25", "update_id": 675479, "user_id": 6419, "id": 3863901, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Wrt failing 'rpminspect': https://github.com/rpminspect/rpminspect-data-fedora/pull/61", "timestamp": "2024-12-11 09:15:06", "update_id": 675479, "user_id": 6419, "id": 3863914, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "https://github.com/fedora-selinux/selinux-policy/pull/2469 was merged upstream and should be included in Fedora soon.", "timestamp": "2024-12-11 12:49:27", "update_id": 675479, "user_id": 6419, "id": 3864026, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 1, "karma_critpath": 0, "text": "ok", "timestamp": "2024-12-12 02:38:42", "update_id": 675479, "user_id": 124, "id": 3864824, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "filiperosset", "email": "rosset.filipe@gmail.com", "id": 124, "avatar": "https://seccdn.libravatar.org/avatar/f4394b8fb4c9a99c4b534dc724912fe75a5b87fe15048985ece8388c2441d0ca?s=24&d=retro", "openid": "filiperosset.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "trust admins"}, {"name": "signed_fpca"}, {"name": "fedora-contributor"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "ipausers"}, {"name": "fedora-br"}, {"name": "fedorabugs"}, {"name": "ambassadors"}]}}, {"karma": -1, "karma_critpath": 0, "text": "In Cockpit's nightly updates-testing run we also encountered test failures related to selinux\n\n https://cockpit-logs.us-east-1.linodeobjects.com/pull-0-35090b74-20241212-013206-fedora-41-updates-testing/TestIPA-testClientCertAuthentication-fedora-41-127.0.0.2-2401-FAIL-1.log.gz", "timestamp": "2024-12-12 09:51:14", "update_id": 675479, "user_id": 6903, "id": 3865278, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "jelly", "email": "jvanderw@redhat.com", "id": 6903, "avatar": "https://seccdn.libravatar.org/avatar/a72e65939d409d2735939d32d0e6a4d1307bcaa846d4b8e966e39e076600cc2b?s=24&d=retro", "openid": "jelly.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been unpushed.", "timestamp": "2024-12-12 13:55:50", "update_id": 675479, "user_id": 5517, "id": 3865413, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "ipedrosa", "email": "ipedrosa@redhat.com", "id": 5517, "avatar": "https://seccdn.libravatar.org/avatar/42a20a29562aab1c9733bfa4a0a158ef12a5cd869d4af2f5ee6c2aaa43e97519?s=24&d=retro", "openid": "ipedrosa.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "I'm unpushing the changes. Once SELinux policy is fixed we'll try again. Thank you everybody for the feedback.", "timestamp": "2024-12-12 13:59:24", "update_id": 675479, "user_id": 5517, "id": 3865416, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "ipedrosa", "email": "ipedrosa@redhat.com", "id": 5517, "avatar": "https://seccdn.libravatar.org/avatar/42a20a29562aab1c9733bfa4a0a158ef12a5cd869d4af2f5ee6c2aaa43e97519?s=24&d=retro", "openid": "ipedrosa.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "@pbrezina, you may want to include a scriptlet that reverts ini file permissions to 0600 on downgrade below 2.10.1 to avoid breaking existing machines.", "timestamp": "2024-12-12 20:40:28", "update_id": 675479, "user_id": 198, "id": 3865912, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "@pbrezina, looks like SELinux policy update has been queued. Didn't check whether it includes a fix for sssd.", "timestamp": "2024-12-18 19:53:42", "update_id": 675479, "user_id": 198, "id": 3872188, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "> looks like SELinux policy update has been queued. Didn't check whether it includes a fix for sssd.\n\nIt does contain fix for SSSD. We'll re-push the build once selinux policy update in the compose.", "timestamp": "2024-12-18 20:02:32", "update_id": 675479, "user_id": 6419, "id": 3872202, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "atikhonov", "email": "atikhono@redhat.com", "id": 6419, "avatar": "https://seccdn.libravatar.org/avatar/467f882fad951f202d3d5771e9cf992a817b104e38e0cc1f4852089addbbde56?s=24&d=retro", "openid": "atikhonov.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitsssd"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "Hi @bojan,\n\nThank you for the heads-up. Once the SELinux policy update is stabilized I'll take care of pushing back this build for testing.", "timestamp": "2024-12-19 09:26:35", "update_id": 675479, "user_id": 5517, "id": 3873163, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "ipedrosa", "email": "ipedrosa@redhat.com", "id": 5517, "avatar": "https://seccdn.libravatar.org/avatar/42a20a29562aab1c9733bfa4a0a158ef12a5cd869d4af2f5ee6c2aaa43e97519?s=24&d=retro", "openid": "ipedrosa.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sssd-maintainers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by ipedrosa. ", "timestamp": "2024-12-20 14:01:09", "update_id": 675479, "user_id": 91, "id": 3874443, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "I still think that this package should revert permissions of sssd.conf to 0600 on downgrade to a version below itself. Without that, it can break authentication for anyone rolling back a set of updates. Think about doing something like that at scale. It could render a whole fleet of machines inaccessible.", "timestamp": "2024-12-20 14:44:08", "update_id": 675479, "user_id": 198, "id": 3874461, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-12-20 20:32:53", "update_id": 675479, "user_id": 91, "id": 3874748, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2024-12-20 21:11:26", "update_id": 675479, "user_id": 91, "id": 3874778, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-12-21 01:29:30", "update_id": 675479, "user_id": 91, "id": 3874989, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2024-12-21 01:45:08", "update_id": 675479, "user_id": 91, "id": 3874993, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2024-12-21 01:52:52", "update_id": 675479, "user_id": 91, "id": 3875024, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-12-21 02:48:33", "update_id": 675479, "user_id": 5881, "id": 3875072, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-12-21 06:15:08", "update_id": 675479, "user_id": 198, "id": 3875387, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-12-23 07:34:24", "update_id": 675479, "user_id": 91, "id": 3876772, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2024-12-23 11:14:11", "update_id": 675479, "user_id": 91, "id": 3877585, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works great!  LGTM!  =)", "timestamp": "2024-12-27 14:59:57", "update_id": 675479, "user_id": 206, "id": 3880711, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "besser82", "email": "besser82.fpo@gmail.com", "id": 206, "avatar": "https://seccdn.libravatar.org/avatar/28bacfa3be75032390ac2c7a34599aeb825c3b62b2c55ef64821d2fc023b56cb?s=24&d=retro", "openid": "besser82.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "designteam"}, {"name": "shogun-ca"}, {"name": "alt-gtk-de-sig"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2024-12-27 15:01:45", "update_id": 675479, "user_id": 91, "id": 3880712, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by atikhonov. ", "timestamp": "2024-12-27 15:05:56", "update_id": 675479, "user_id": 91, "id": 3880714, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2024-12-28 02:58:17", "update_id": 675479, "user_id": 91, "id": 3881070, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "sssd-2.10.1-1.fc41", "signed": true, "release_id": 80, "type": "rpm", "epoch": 0}], "bugs": [], "updateid": "FEDORA-2024-5afdb12065", "karma": 2, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}