[Freeipa-devel] Re: [DRAFT] FreeIPA 4.10.1 Release Notes

{{ReleaseDate|2022-11-03}} The FreeIPA team would like to announce FreeIPA 4.10.1 release! It can be downloaded from http://www.freeipa.org/page/Downloads. Builds for Fedora distributions will be available from the official repository soon. == Highlights in 4.10.1 == '''TODO RELEASE NOTES - put release notes (if any) to proper categories''' * 1539: [RFE] Add code to check password expiration on ldap bind :: User can no longer do LDAP BIND operation with expired password.

-------- * 2016: [RFE] Support random serial numbers in IPA certificates

-------- * 8404: Detect and fail if not enough memory is available for installation :: FreeIPA server now requires at least 1.2 GiB RAM for installation to prevent performance degradation.

-------- * 9150: Remove 'Remove' button from subid page :: subid ranges cannot be removed. A button in Web UI subid management page to remove the range was removed to not confuse users

-------- * 9159: [RFE] ipa-client-install should provide option to enable subid: sss in /etc/nsswitch.conf :: IPA installers now provide the ability to configure SSSD as datasource for subid

-------- * 9228: ipa-client-install does not maintain server affinity during installation :: ipa-client-install will use a single server for the duration of the installation process, either one discovered or provided on the command-line. Previously it would use a temporary configuration to do enrollment, then switch to a final one for the remaining operations. This could lead to the installer talking with multiple servers. If the client installer is faster than replication this could lead to errors. -------- * 9237: Show order in sudo rule list in web interface :: In the 'sudo rules' page, the WebUI is now displaying a 'sudo order' column so that the users can easily see which rules override other rules based on their order. -------- * 9258: Do not add TLS CA configuration to ldap.conf anymore :: FreeIPA client installer does not add explicit TLS CA configuration to OpenLDAP's ldap.conf anymore. Since OpenLDAP 2.4.45, explicit CA configuration is not required as OpenLDAP uses the default CA store provided by OpenSSL and IPA CA is installed in the default store by the installer already. -------- '''END TODO''' === Enhancements === === Known Issues === === Bug fixes === FreeIPA 4.10.1 is a stabilization release for the features delivered as a part of 4.10 version series. There are more than 40 bug-fixes since FreeIPA 4.10.0 release. Details of the bug-fixes can be seen in the list of resolved tickets below. == Upgrading == Upgrade instructions are available on [[Upgrade]] page. == Feedback == Please provide comments, bugs and other feedback via the freeipa-users mailing list ( https://lists.fedoraproject.org/archives/list/freeipa-users@lists.fedorah... ) or #freeipa channel on libera.chat. == Resolved tickets == * [https://pagure.io/freeipa/issue/1539 #1539] ([https://bugzilla.redhat.com/show_bug.cgi?id=782917 rhbz#782917]) [RFE] Add code to check password expiration on ldap bind

* [https://pagure.io/freeipa/issue/2016 #2016] ([https://bugzilla.redhat.com/show_bug.cgi?id=747959 rhbz#747959]) [RFE] Support random serial numbers in IPA certificates

* [https://pagure.io/freeipa/issue/8404 #8404] Detect and fail if not enough memory is available for installation

* [https://pagure.io/freeipa/issue/8951 #8951] Test for RFE ipa-healthcheck tool can include check to see if the system is FIPS enabled or not * [https://pagure.io/freeipa/issue/9062 #9062] [ipatests] SID generation and test_xmlrpc/test_user_plugin.py * [https://pagure.io/freeipa/issue/9083 #9083] Support MIT Kerberos KDB version 9 * [https://pagure.io/freeipa/issue/9127 #9127] ([https://bugzilla.redhat.com/show_bug.cgi?id=2062379 rhbz#2062379]) Use new getorigby{user|group}name() calls in extdom plugin

* [https://pagure.io/freeipa/issue/9150 #9150] ([https://bugzilla.redhat.com/show_bug.cgi?id=2063155 rhbz#2063155]) Remove 'Remove' button from subid page

* [https://pagure.io/freeipa/issue/9158 #9158] Internal error when setting dnsconfig or dnsforwardzone forwarders. * [https://pagure.io/freeipa/issue/9159 #9159] ([https://bugzilla.redhat.com/show_bug.cgi?id=2068088 rhbz#2068088]) [RFE] ipa-client-install should provide option to enable subid: sss in /etc/nsswitch.conf

* [https://pagure.io/freeipa/issue/9160 #9160] cryptography.utils.register_interface is scheduled for removal * [https://pagure.io/freeipa/issue/9161 #9161] Nightly test failure in test_selinuxusermap.py::test_selinuxusermap::test_misc * [https://pagure.io/freeipa/issue/9179 #9179] test_caless_TestServerCALessToExternalCA_RSN fails in teardown * [https://pagure.io/freeipa/issue/9188 #9188] ([https://bugzilla.redhat.com/show_bug.cgi?id=2098187 rhbz#2098187]) Add warning for empty targetattr when creating ACI with RBAC * [https://pagure.io/freeipa/issue/9192 #9192] ([https://bugzilla.redhat.com/show_bug.cgi?id=2094672 rhbz#2094672]) IdM WebUI Pagination Size should not allow empty value * [https://pagure.io/freeipa/issue/9198 #9198] [Tracker] nightly failure: after ipa trust-add, cred cache contains cifs/master.ipa.test(a)IPA.TEST instead of admin principal * [https://pagure.io/freeipa/issue/9204 #9204] [Tracker] In ipa-server-upgrade ca_upgrade_schema() results in unnecessary pki restarts * [https://pagure.io/freeipa/issue/9206 #9206] ([https://bugzilla.redhat.com/show_bug.cgi?id=2109236 rhbz#2109236]) ldap bind occurs when admin user changes password with gracelimit=0 * [https://pagure.io/freeipa/issue/9207 #9207] Failure in AzurePipeline.freeipa (GATING InstallDNSSECFirst_1_to_5) * [https://pagure.io/freeipa/issue/9208 #9208] ap: Doc build fails against Sphinx 5.1.0 * [https://pagure.io/freeipa/issue/9211 #9211] ([https://bugzilla.redhat.com/show_bug.cgi?id=2109243 rhbz#2109243]) RFE: Allow grace login limit to be set in IPA WebUI. * [https://pagure.io/freeipa/issue/9212 #9212] ([https://bugzilla.redhat.com/show_bug.cgi?id=2115475 rhbz#2115475]) Nightly test failure in test_user.py::test_user::test_password_expiration_notification * [https://pagure.io/freeipa/issue/9214 #9214] Nightly failure in webui test test_subid.py::test_subid::test_subid_range_deletion_not_allowed * [https://pagure.io/freeipa/issue/9216 #9216] [Tracker] Nightly failure: zone not signed

* [https://pagure.io/freeipa/issue/9218 #9218] ([https://bugzilla.redhat.com/show_bug.cgi?id=2116966 rhbz#2116966]) Random failure in test-winsyncmigrate * [https://pagure.io/freeipa/issue/9225 #9225] pytest library module rename from quarkus to keycloak * [https://pagure.io/freeipa/issue/9226 #9226] ([https://bugzilla.redhat.com/show_bug.cgi?id=2124547 rhbz#2124547]) Infinite redirect loop in the WebUI for user root * [https://pagure.io/freeipa/issue/9227 #9227] Need test for Keycloak Bridge authentication * [https://pagure.io/freeipa/issue/9228 #9228] ipa-client-install does not maintain server affinity during installation * [https://pagure.io/freeipa/issue/9230 #9230] build failure against gcc < 11 * [https://pagure.io/freeipa/issue/9231 #9231] /run/ipa/ccaches uses all available tmpfs space * [https://pagure.io/freeipa/issue/9234 #9234] [Tracker] Nightly failure (f37+) calling sssctl domain-status

* [https://pagure.io/freeipa/issue/9237 #9237] Show order in sudo rule list in web interface * [https://pagure.io/freeipa/issue/9238 #9238] Nightly test failure (rawhide) in test_ipahealthcheck.py::TestIpaHealthCheck::test_ds_configcheck_passwordstorage * [https://pagure.io/freeipa/issue/9243 #9243] ([https://bugzilla.redhat.com/show_bug.cgi?id=2127833 rhbz#2127833]) Password Policy Grace login limit allows invalid maximum value * [https://pagure.io/freeipa/issue/9244 #9244] Nightly test failure in test_commands.py::TestIPACommand::test_ipa_cacert_manage_prune * [https://pagure.io/freeipa/issue/9245 #9245] ([https://bugzilla.redhat.com/show_bug.cgi?id=2117167 rhbz#2117167]) `extdom` plugin can return object from a wrong domain. * [https://pagure.io/freeipa/issue/9246 #9246] Nightly test failure in test_user_permissions.TestInstallClientNoAdmin * [https://pagure.io/freeipa/issue/9248 #9248] ([https://bugzilla.redhat.com/show_bug.cgi?id=2124369 rhbz#2124369]) OTP token sync always returns OK even with random numbers * [https://pagure.io/freeipa/issue/9249 #9249] ([https://bugzilla.redhat.com/show_bug.cgi?id=2108630 rhbz#2108630]) Deprecated feature idnssoaserial in IdM appears when creating reverse dns zones * [https://pagure.io/freeipa/issue/9250 #9250] Add basic test for authenticating as Keycloak user on IPA client * [https://pagure.io/freeipa/issue/9252 #9252] ([https://bugzilla.redhat.com/show_bug.cgi?id=2129895 rhbz#2129895]) [DDF] The Examples in the RHEL ipa(1) man page show "ipa help commands" with content for "ipa halp topics" and "ipa hel * [https://pagure.io/freeipa/issue/9254 #9254] Exclude installed policy module file from RPM verification * [https://pagure.io/freeipa/issue/9255 #9255] ipapython.dn_ctypes is not compatible with libldap 2.6 * [https://pagure.io/freeipa/issue/9258 #9258] ([https://bugzilla.redhat.com/show_bug.cgi?id=2094673 rhbz#2094673]) Do not add TLS CA configuration to ldap.conf anymore == Detailed changelog since 4.10.0 == === Armando Neto (1) === * webui: Do not allow empty pagination size [https://pagure.io/freeipa/c/02d3fb8266d8199fd1ed983de6c57b269546df82 commit] [https://pagure.io/freeipa/issue/9192 #9192] === Alexander Bokovoy (10) === * ipa-kdb: fix comment to make sure we talk about krb5 1.20 or later [https://pagure.io/freeipa/c/d3c7a4faae8fd58a8d08bf6191d47fefe276ddba commit] * ipa-kdb: fix PAC requester check [https://pagure.io/freeipa/c/88c1293f3a92451b6d5d5f7cb1a81d55a789b793 commit] [https://pagure.io/freeipa/issue/9083 #9083] * ipa-kdb: handle empty S4U proxy in allowed_to_delegate [https://pagure.io/freeipa/c/1d4db340461298fed66607bde5fb0ca0f033c5aa commit] [https://pagure.io/freeipa/issue/9083 #9083] * ipa-kdb: handle cross-realm TGT entries when generating PAC [https://pagure.io/freeipa/c/a5ca25003da5906703e8bd12b0759d48bc52e6b2 commit] [https://pagure.io/freeipa/issue/9083 #9083] * ipa-kdb: add krb5 1.20 support [https://pagure.io/freeipa/c/e9ae0e350dcee5c9bbcd5a6932b4eb0daa90fea7 commit] [https://pagure.io/freeipa/issue/9083 #9083] * ipa-kdb: refactor MS-PAC processing to prepare for krb5 1.20 [https://pagure.io/freeipa/c/f0c72dcb87f86b9b00d0c087a959e64ce10eea98 commit] [https://pagure.io/freeipa/issue/9083 #9083] * ipaclient: do not set TLS CA options in ldap.conf anymore [https://pagure.io/freeipa/c/93b0e6a96a1aea45adc0d4c8bb26b226ce683573 commit] [https://pagure.io/freeipa/issue/9258 #9258] * Remove empty translation for 'si' which breaks linter [https://pagure.io/freeipa/c/41ba166c77ca8011a35f80f2791a211c429a271e commit] * fix canonicalization issue in Web UI [https://pagure.io/freeipa/c/a0928fe164712303a7c24ee61500ac7326bd9e4a commit] [https://pagure.io/freeipa/issue/9226 #9226] * ipa-otpd: initialize local pointers and handle gcc 10 [https://pagure.io/freeipa/c/9441d7ed1ac67dc74ca6177b474d10da97b06a2f commit] [https://pagure.io/freeipa/issue/9230 #9230] === Anuja More (1) === * ipatests : Test query to AD specific attributes is successful. [https://pagure.io/freeipa/c/db7cd79858ec8fad7d094ca883d8b7d82c7c1ac1 commit] [https://pagure.io/freeipa/issue/9127 #9127] === Andika Triwidada (1) === * Translated using Weblate (Indonesian) [https://pagure.io/freeipa/c/3885bd6fd75e984f990dc0e0f760f61815139181 commit] === Antonio Torres (1) === * Back to git snapshots [https://pagure.io/freeipa/c/c9d9fb3a3a63f66d60541f21f2f3466b6d9a89b3 commit] === Alexey Tikhonov (3) === * extdom: avoid sss_nss_getorigby*() calls when get*_r_wrapper() returns object from a wrong domain (performance optimization) [https://pagure.io/freeipa/c/1360c8b09f0862fe961fbb015f55d6b3cbd9aee9 commit] * extdom: make sure result doesn't miss domain part [https://pagure.io/freeipa/c/4685f9d881c09fa317cb68fba1b94c29e48a7a8b commit] [https://pagure.io/freeipa/issue/9245 #9245] * extdom: internal functions should be static [https://pagure.io/freeipa/c/113cb8d715cf7bed8bcc36845940acc20fed8e60 commit] === Carla Martinez (7) === * Update API and VERSION [https://pagure.io/freeipa/c/48b9cc3345f8596904bce14d580cd4b19bfbda15 commit] [https://pagure.io/freeipa/issue/9249 #9249] * webui: Set 'SOA serial' field as read-only [https://pagure.io/freeipa/c/9b274bc5d01c58806f18e549b566d93e25b40214 commit] [https://pagure.io/freeipa/issue/9249 #9249] * ipatest: Remove warning message for 'idnssoaserial' [https://pagure.io/freeipa/c/3d34673b8c04c9ec849f8276876fd8bbd4fe2234 commit] [https://pagure.io/freeipa/issue/9249 #9249] * Set 'idnssoaserial' to deprecated [https://pagure.io/freeipa/c/242ed2e500510f33f4595fb1b29adb25b1517982 commit] [https://pagure.io/freeipa/issue/9249 #9249] * webui: Show 'Sudo order' column [https://pagure.io/freeipa/c/54b81617674be79577b8c3abf0949725d9a428c7 commit] [https://pagure.io/freeipa/issue/9237 #9237] * Set pkeys in test_selinuxusermap.py::test_misc::delete_record [https://pagure.io/freeipa/c/ea792e11eb85a5b05b2b78f0215c147a52d2d265 commit] [https://pagure.io/freeipa/issue/9161 #9161] * webui: Allow grace login limit [https://pagure.io/freeipa/c/7a1e1d9f1cb13679c28f12d05b156a08bcc4d856 commit] [https://pagure.io/freeipa/issue/9211 #9211] === Jan Kuparinen (14) === * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/d4b9203376115508f596c6469c9c3be24d719ff2 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/242a0dadcf86bb27efccdc1be1946c39f0ba2931 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/98e80985bae7fa7104d8dd621c73c2b848630417 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/2b0c9d91285282df5f545fc6c331b5b9a219048e commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/dbe49df1b3d2fb254315ed26190792c8aaf89c38 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/0caffa37c01a7a77301368413854473520e5e055 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/63fceacb176162210cd5d64f73ecf10b1bf8d402 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/606ce6d52aa4b29e1af787c7830d30d6846c932e commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/10a51197f27d90fab78bdf6a4a0cae6779589299 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/1c1187beedb23f91614f131fda15c6c6f6264556 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/a1c0031c9044135ae00ac9f3e22beb22bd5fbb07 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/bcc5819830e23867a5c1471f3a37576d705ce8d8 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/3452c6fcf0730351b45ecbeb7d89ff318319f7c0 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/a4202264936dca51b476178f5061692cd569373b commit] === David Pascual (2) === * ipatest: fix prci checker target masked return code & add pylint [https://pagure.io/freeipa/c/51f1321b9c2263edd3f725abe3f90e56678adf94 commit] * ipatests: Checker script for prci definitions [https://pagure.io/freeipa/c/3d827979d2688607bd5376501ef71c2b63124603 commit] === Erik (1) === * ipatests: healthcheck: test if system is FIPS enabled [https://pagure.io/freeipa/c/c55185d3dc3c6cd2ffebab77fbf8caa40a32bcd1 commit] [https://pagure.io/freeipa/issue/8951 #8951] === Endi Sukma Dewata (1) === * Remove pki_restart_configured_instance [https://pagure.io/freeipa/c/79f765586e8f18e37f3dbe036b12715bef49e442 commit] === Florence Blanc-Renaud (15) === * Spec file: bump the selinux-policy version [https://pagure.io/freeipa/c/4e201ec97e5c54ad8d5fa02285e628d1a36d9ea7 commit] [https://pagure.io/freeipa/issue/9198 #9198] * webui tests: fix test_subid suite [https://pagure.io/freeipa/c/9936379c9f0d6c888785ccca8766ed7074054270 commit] [https://pagure.io/freeipa/issue/9214 #9214] * ipatests: mark xfail tests using dnssec [https://pagure.io/freeipa/c/3d093c66f21c57afeb8cfc242390d0d032509ab3 commit] [https://pagure.io/freeipa/issue/9216 #9216] * ipatests: mark xfail tests using sssctl domain-status [https://pagure.io/freeipa/c/40b9c6fc4746cfa32d8bf7c2038745cc037c673b commit] [https://pagure.io/freeipa/issue/9234 #9234] * Tests: test on f37 and f36 [https://pagure.io/freeipa/c/a6485d6325585d0f80b659c473b3675728556ce1 commit] * ipa man page: format the EXAMPLES section [https://pagure.io/freeipa/c/1546c0b206e02902b4aba631ee83f2f7ba5acb1f commit] [https://pagure.io/freeipa/issue/9252 #9252] * ipatests: add negative test for otptoken-sync [https://pagure.io/freeipa/c/d9f33b7cd7e336be90d889e2db4c4bce18753918 commit] [https://pagure.io/freeipa/issue/9248 #9248] * ipa otptoken-sync: return error when sync fails [https://pagure.io/freeipa/c/221768f882784755c6449ff70f291fab780cce16 commit] [https://pagure.io/freeipa/issue/9248 #9248] * ipa-cacert-manage prune: remove all expired certs [https://pagure.io/freeipa/c/c5bcaab8f1e09ab7a0464f5a532f154d43ffcadb commit] [https://pagure.io/freeipa/issue/9244 #9244] * gitignore: add install/oddjob/org.freeipa.server.config-enable-sid [https://pagure.io/freeipa/c/458dcebd2542de70c987ca89fe49f15d3f40ee82 commit] * ipatests: Fix expected object classes [https://pagure.io/freeipa/c/b6520bef2ef05dd87636d8b57e3247d451af81d8 commit] [https://pagure.io/freeipa/issue/9062 #9062] * check_repl_update: in progress is a boolean [https://pagure.io/freeipa/c/2003eb6b3d4a27a5de5eaa79418f115dd99886cd commit] [https://pagure.io/freeipa/issue/9218 #9218] * azure tests: disable TestInstallDNSSECFirst [https://pagure.io/freeipa/c/eb9f606ffd1ad3ccd846173c152c52a171be8f86 commit] [https://pagure.io/freeipa/issue/9216 #9216] * Nightly tests: fix template for nightly_ipa-4-10_latest.yaml [https://pagure.io/freeipa/c/4499c7379b5531501bb1a5ea58ab575bf3b08907 commit] * ipatests: add nightly definitions for ipa-4-10 branch [https://pagure.io/freeipa/c/6c6a43c9090b5f61726512182a36958cbdafc9a4 commit] === Fraser Tweedale (2) === * install: suggest --skip-mem-check when mem check fails [https://pagure.io/freeipa/c/cebfb8792006af1a41c4c26c49372f0ea822dbaf commit] [https://pagure.io/freeipa/issue/8404 #8404] * man: add --skip-mem-check to man pages [https://pagure.io/freeipa/c/e7bee5b668fee083d8ada167f307857761c25d80 commit] [https://pagure.io/freeipa/issue/8404 #8404] === Jesse Sandberg (1) === * Fix ipa-ccache-sweeper activation timer and clean up service file [https://pagure.io/freeipa/c/f6a661bdaf0560eac99ca63ffb25ec739281a19a commit] [https://pagure.io/freeipa/issue/9231 #9231] === Nikola Knazekova (1) === * Exclude installed policy module file from RPM verification [https://pagure.io/freeipa/c/ad7bdd46fb64c3fbb8104a9599459795fc193389 commit] [https://pagure.io/freeipa/issue/9254 #9254] === Weblate (5) === * Update translation files [https://pagure.io/freeipa/c/357dd550ce3568e37edebd4bb3394a706eb81182 commit] * Update translation files [https://pagure.io/freeipa/c/c8c4e93fd64329df76b4754f74d70cfceed6c452 commit] * Update translation files [https://pagure.io/freeipa/c/921fdd2ca879b8d6c1e601a17eb3eb9b197f9797 commit] * Update translation files [https://pagure.io/freeipa/c/3500d05f8904d7bab84d950c81563d9bfb6d1474 commit] * Update translation files [https://pagure.io/freeipa/c/d0b336025fd0408e1f81811330cac6682ba0bed6 commit] === Piotr Drąg (2) === * Translated using Weblate (Polish) [https://pagure.io/freeipa/c/31f7860d089a628a4ccfaf8db507ecadfaa75805 commit] * Translated using Weblate (Polish) [https://pagure.io/freeipa/c/f9419bdad41a87aa4454fcb1d725988b27c634a1 commit] === Rob Crittenden (10) === * Move client certificate request after krb5.conf is created [https://pagure.io/freeipa/c/f3c861b9fcbf7815161b46e5eab582813c1021dc commit] [https://pagure.io/freeipa/issue/9246 #9246] * Defer creating the final krb5.conf on clients [https://pagure.io/freeipa/c/3cbf2b25422100cc4105dfb09ee8c7bf87232198 commit] [https://pagure.io/freeipa/issue/9228 #9228] * Fix upper bound of password policy grace limit [https://pagure.io/freeipa/c/3c4386ce057a0fd50c7494db43c71405c9674b8f commit] [https://pagure.io/freeipa/issue/9243 #9243] * Set default on group pwpolicy with no grace limit in upgrade [https://pagure.io/freeipa/c/de6f074538f6641fd9d84bed204a3d4d50eccbe5 commit] [https://pagure.io/freeipa/issue/9212 #9212] * Set default gracelimit on group password policies to -1 [https://pagure.io/freeipa/c/45e6d49b94da78cd82eb016b3266a17a1359a087 commit] [https://pagure.io/freeipa/issue/9212 #9212] * doc: Update LDAP grace period design with default values [https://pagure.io/freeipa/c/1aa39529cda4ab9620539dbad705cedd23c21b42 commit] [https://pagure.io/freeipa/issue/9212 #9212] * upgrades: Don't restart the CA on ACME and profile schema change [https://pagure.io/freeipa/c/459b81b196b7bf36100aa2f4e5c4d36b1e4526f6 commit] [https://pagure.io/freeipa/issue/9204 #9204] * Disabling gracelimit does not prevent LDAP binds [https://pagure.io/freeipa/c/1bb4ff9ed2313fb3c2bd1418258c5bcec557b6a5 commit] [https://pagure.io/freeipa/issue/9206 #9206] * Warn for permissions with read/write/search/compare and no attrs [https://pagure.io/freeipa/c/499f71729b8689d40608d9c99db703eb2c00a934 commit] [https://pagure.io/freeipa/issue/9188 #9188] * Only calculate LDAP password grace when the password is expired [https://pagure.io/freeipa/c/33cd62e0daa68fa6a9b3ca495d97ac5ce8713349 commit] [https://pagure.io/freeipa/issue/1539 #1539] === Ricky Tigg (3) === * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/67c54ce7a9b7c11a56475e1d8de586b18abce228 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/86f828a7e52ee09ae6e666dce11183c0dd091540 commit] * Translated using Weblate (Finnish) [https://pagure.io/freeipa/c/4b10b6dab45c87472bb1fe0baeeee987ae1b23ba commit] === Sumit Bose (1) === * ipa-kdb: do not fail if certmap rule cannot be added [https://pagure.io/freeipa/c/ae445f72a009d14135e11ff932eded2dc2dc9c86 commit] === 김인수 (4) === * Translated using Weblate (Korean) [https://pagure.io/freeipa/c/d5ea8d6c9f7208a2ae8b5379c88ae36e7c4f62e6 commit] * Translated using Weblate (Korean) [https://pagure.io/freeipa/c/4ea9b5ef0f3ee1361a59622e4d6c3274cf2e7ad4 commit] * Translated using Weblate (Korean) [https://pagure.io/freeipa/c/9d1541f17d44cbb38bc9a477c5e88eaee71ce6d8 commit] * Added translation using Weblate (Korean) [https://pagure.io/freeipa/c/f420c19bb62fb3c735563cb462fd6be7b8018691 commit] === Stanislav Levin (6) === * ipapython: Support openldap 2.6 [https://pagure.io/freeipa/c/51c31e0ad3387c07aad1035f00871bdcc201812a commit] [https://pagure.io/freeipa/issue/9255 #9255] * x509: Replace removed register_interface with subclassing [https://pagure.io/freeipa/c/a7beaa0b4de6b6b00ee1b5b770f0d2e72fad58df commit] [https://pagure.io/freeipa/issue/9160 #9160] * ap: Constrain supported docutils [https://pagure.io/freeipa/c/e5f7356e7e83b605a821ece9f242ac924925f27e commit] [https://pagure.io/freeipa/issue/9208 #9208] * ap: Rearrange overloaded jobs [https://pagure.io/freeipa/c/8ff0c1a5ee33946202031a8bc83e855216cd0c95 commit] [https://pagure.io/freeipa/issue/9207 #9207] * ap: Disable azure's security daemon [https://pagure.io/freeipa/c/acd1d127938aa9feefbbc7ee325963a2e44ef3c3 commit] [https://pagure.io/freeipa/issue/9207 #9207] * ap: Raise dbus timeout [https://pagure.io/freeipa/c/260d6378ec59d244e5f247f4af81f7ae8c72ac87 commit] [https://pagure.io/freeipa/issue/9207 #9207] === Scott Poore (4) === * ipatests: add keycloak user login to ipa test [https://pagure.io/freeipa/c/e197c743f3ea1a98d444c0eb01339cc22eab64d5 commit] [https://pagure.io/freeipa/issue/9250 #9250] * ipatests: add prci definitions for test_sso jobs [https://pagure.io/freeipa/c/db1d05176d8072b05fea179af2ac97caaeb65dd1 commit] * ipatests: add Keycloak Bridge test [https://pagure.io/freeipa/c/ac776987d30ecd3444a9b25f49a714fddc3c4232 commit] [https://pagure.io/freeipa/issue/9227 #9227] * ipatests: Rename create_quarkus to create_keycloak [https://pagure.io/freeipa/c/a0a104a42c2ccd89394e48c2375bb0eb95183c5b commit] [https://pagure.io/freeipa/issue/9225 #9225] === Sumedh Sidhaye (3) === * With the commit #99a74d7, 389-ds changed the message returned in ipa-healthcheck. [https://pagure.io/freeipa/c/5477a07d91ef2c506cc943699612e5e27d0c93e4 commit] [https://pagure.io/freeipa/issue/9238 #9238] * Additional tests for RSN v3 [https://pagure.io/freeipa/c/bfe074ed478c20a9537dc2a714bba50dbc2cd34f commit] [https://pagure.io/freeipa/issue/2016 #2016] * Added a check while removing 'cert_dir'. The teardown method is called even if all the tests are skipped since the required PKI version is not present. The teardown is trying to remove a non-existent directory. [https://pagure.io/freeipa/c/aca97507cd119ad55e0c3c18ca65087cb5576c82 commit] [https://pagure.io/freeipa/issue/9179 #9179] === Sudhir Menon (2) === * ipatests: ipa-client-install --subid adds entry in nsswitch.conf [https://pagure.io/freeipa/c/a39af6b7228d8ba85b9e97aa5decbc056d081c77 commit] [https://pagure.io/freeipa/issue/9159 #9159] * ipatests: WebUI: do not allow subid range deletion [https://pagure.io/freeipa/c/38e5bcf719a0e7c7550837ffb14300db8efe09e4 commit] [https://pagure.io/freeipa/issue/9150 #9150] === Temuri Doghonadze (4) === * Translated using Weblate (Georgian) [https://pagure.io/freeipa/c/3379aa0aa85ca40fbce94f9d2307c6b501054c5a commit] * Translated using Weblate (Georgian) [https://pagure.io/freeipa/c/054bd14bcfe999e7722c812e7509c31e6f012bb3 commit] * Translated using Weblate (Georgian) [https://pagure.io/freeipa/c/a1e66f5c050d8c9226f23af9b7d0c68bfd32a4d9 commit] * Added translation using Weblate (Georgian) [https://pagure.io/freeipa/c/a30db2030c730d835e28ceb8cdc3c64d18edb4f9 commit] === Thomas Woerner (1) === * DNSResolver: Fix use of nameservers with ports [https://pagure.io/freeipa/c/6c5530c509793f66a162ed4153d5425a0eda02d6 commit] [https://pagure.io/freeipa/issue/9158 #9158] === Viacheslav Sychov (1) === * fix: Handle /proc/1/sched missing error [https://pagure.io/freeipa/c/7aa845730999951c8f340f43ed5872c54458c6a3 commit] === Yuri Chornoivan (6) === * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/6846b953361bc96b322734e23e566c93a1879046 commit] * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/867a38a4636915df62a28b61855780b02ff55d56 commit] * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/6de25a0f201f0591bc551503b95f8d22c79fe7aa commit] * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/63d332ff9ebbdd59fac65748025f8eea4270704d commit] * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/d6d7c5d28bcf7ed341f0a5d4e1b0f167a195a4c2 commit] * Translated using Weblate (Ukrainian) [https://pagure.io/freeipa/c/a21bf7fe8213c6b041ab500ab533e2a5888d1c3e commit] _______________________________________________ FreeIPA-devel mailing list -- freeipa-devel(a)lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-leave(a)lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedoraho... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue