sssd - System Security Services Daemon

Property Value
Distribution openSUSE Leap 15.0
Repository openSUSE Oss all
Package filename sssd-1.16.1-lp150.1.1.x86_64.rpm
Package name sssd
Package version 1.16.1
Package release lp150.1.1
Package architecture x86_64
Package type rpm
Category System/Daemons
License GPL-3.0+ and LGPL-3.0+
Maintainer -
Download size 993.13 KB
Installed size 3.35 MB
Provides a set of daemons to manage access to remote directories and
authentication mechanisms. It provides an NSS and PAM interface toward
the system and a pluggable backend system to connect to multiple different
account sources. It is also the basis to provide client auditing and policy
services for projects like FreeIPA.


Package Version Architecture Repository
sssd-1.16.1-lp150.2.13.1.x86_64.rpm 1.16.1 x86_64 openSUSE Update Oss
sssd-1.16.1-lp150.2.9.1.x86_64.rpm 1.16.1 x86_64 openSUSE Update Oss
sssd-1.16.1-lp150.2.6.1.x86_64.rpm 1.16.1 x86_64 openSUSE Update Oss
sssd-1.16.1-lp150.2.3.1.x86_64.rpm 1.16.1 x86_64 openSUSE Update Oss
sssd - - -


Name Value - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
pam-config -
sssd-ldap = 1.16.1-lp150.1.1
systemd -


Name Value
config(sssd) = 1.16.1-lp150.1.1 - - - - - - - - - - -
libsss_sudo = 1.16.1-lp150.1.1 - - -
sssd = 1.16.1-lp150.1.1
sssd(x86-64) = 1.16.1-lp150.1.1
sssd-client = 1.16.1-lp150.1.1


Name Value
libsss_sudo < 1.16.1-lp150.1.1


Type URL
Binary Package sssd-1.16.1-lp150.1.1.x86_64.rpm
Source Package sssd-1.16.1-lp150.1.1.src.rpm

Install Howto

Install sssd rpm package:

# zypper install sssd




2018-04-27 -
- Update to new minor upstream release 1.16.1 (fate#323340):
New Features:
* A new option auto_private_groups was added. If this option is
enabled, SSSD will automatically create user private groups based
on user?s UID number. The GID number is ignored in this case.
* The SSSD smart card integration now supports a special type of PAM
conversation implemented by GDM which allows the user to select
the appropriate smrt card certificate in GDM.
* A new API for accessing user and group information was added.
This API is similar to the tradiional Name Service Switch API, but
allows the consumer to talk to SSSD directly as well as to
fine-tune the query with e.g. how cache should be evaluated.
* The sssctl command line tool gained a new command access-report,
which can generate who can access the client machine. Currently
only generating the report on an IPA client based on HBAC rules
is supported.
* The hostid provider was moved from the IPA specific code to
the generic LDAP code. This allows SSH host keys to be access by
the generic LDAP provider as well. See the ldap_host_* options in
the sssd-ldap manual page for more details.
* Setting the memcache_timeout option to 0 disabled creating
the memory cache files altogether. This can be useful in cases
there is a bug in the memory cache that needs working around.
2018-04-24 -
- Updated sssd.spec:
The IPA provider depends on AD provider's PAC executable, hence
introducing the package dependency. (bsc#1021441, bsc#1062124)
2018-02-27 -
- Remove package descriptions for the python 2 packages that are
no longer distributed:
* python-ipa_hbac
* python-sss-murmur
* python-sss_nss_idmap
* python-sssd-config
- Correct python version dependency of tools package. (bsc#1082108)
2017-12-04 -
- Correct dependency of sss_obfuscate command line program.
2017-12-01 -
- In an ongoing effort to reduce dependency on python version 2,
the following python libraries are no longer built. Nevertheless
their python3 counterparts remain in place:
* python-ipa_hbac
* python-sss-murmur
* python-sss_nss_idmap
* python-sssd-config
2017-10-23 -
- Update to new upstream release 1.16.0
Security fixes
* This release fixes CVE-2017-12173: Unsanitized input when searching in
local cache database. SSSD stores its cached data in an LDAP like local
database file using libldb. To lookup cached data LDAP search filters
like (objectClass=user)(name=user_name) are used. However, in
sysdb_search_user_by_upn_res(), the input was not sanitized and
allowed to manipulate the search filter for cache lookups. This would
allow a logged in user to discover the password hash of a different user.
New Features
* SSSD now supports session recording configuration through tlog. This
feature enables recording of everything specific users see or type
during their sessions on a text terminal. For more information, see
the sssd-session-recording(5) manual page.
* SSSD can act as a client agent to deliver
Fleet Commander <>
policies defined on an IPA server. Fleet Commander provides a
configuration management interface that is controlled centrally and
that covers desktop, applications and network configuration.
* Several new systemtap <> probes
were added into various locations in SSSD code to assist in
troubleshooting and analyzing performance related issues. Please see the
sssd-systemtap(5) manual page for more information.
* A new LDAP provide access control mechanism that allows to restrict
access based on PAM's rhost data field was added. For more details,
please consult the sssd-ldap(5) manual page, in particular the
options ldap_user_authorized_rhost and the rhost value of

See Also

Package Description
sssd-32bit-1.16.1-lp150.1.1.x86_64.rpm System Security Services Daemon
sssd-ad-1.16.1-lp150.1.1.x86_64.rpm The ActiveDirectory backend plugin for sssd
sssd-dbus-1.16.1-lp150.1.1.x86_64.rpm The D-Bus responder of sssd
sssd-ipa-1.16.1-lp150.1.1.x86_64.rpm FreeIPA backend plugin for sssd
sssd-krb5-1.16.1-lp150.1.1.x86_64.rpm The Kerberos authentication backend plugin for sssd
sssd-krb5-common-1.16.1-lp150.1.1.x86_64.rpm SSSD helpers needed for Kerberos and GSSAPI authentication
sssd-ldap-1.16.1-lp150.1.1.x86_64.rpm The LDAP backend plugin for sssd
sssd-proxy-1.16.1-lp150.1.1.x86_64.rpm The proxy backend plugin for sssd
sssd-tools-1.16.1-lp150.1.1.x86_64.rpm Commandline tools for sssd
sssd-wbclient-1.16.1-lp150.1.1.x86_64.rpm SSSD's implementation of the Winbind pipe protocol
sssd-wbclient-devel-1.16.1-lp150.1.1.x86_64.rpm Development files for SSSD winbind
sssd-winbind-idmap-1.16.1-lp150.1.1.x86_64.rpm idmap backend for Winbind
stack-1.5.0-lp150.1.25.x86_64.rpm The Haskell Tool Stack
staging-build-key-12.0-lp150.1.7.noarch.rpm The public gpg key for rpm package signature verification
stalonetray-0.8.3-lp150.2.1.x86_64.rpm Stand-alone system tray