| Name: | ipa-client |
|---|---|
| Version: | 4.2.0 |
| Release: | 15.0.1.el7_2.6.1 |
| Architecture: | x86_64 |
| Group: | System Environment/Base |
| Size: | 460198 |
| License: | GPLv3+ |
| RPM: | ipa-client-4.2.0-15.0.1.el7_2.6.1.x86_64.rpm |
| Source RPM: | ipa-4.2.0-15.0.1.el7_2.6.1.src.rpm |
| Build Date: | Tue Apr 12 2016 |
| Build Host: | x86-ol7-builder-02.us.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.freeipa.org/ |
| Summary: | IPA authentication for use on clients |
| Description: | IPA is an integrated solution to provide centrally managed Identity (machine, user, virtual machines, groups, authentication credentials), Policy (configuration settings, access control information) and Audit (events, logs, analysis thereof). If your network uses IPA for authentication, this package should be installed on every client machine. |
- Drop redhat-access-plugin-ipa requires for OL7 Blank out header-logo.png product-name.png Replace login-screen-logo.png [20362818]
- Rebuild against newer Samba version - Related: #1322690
- Resolves: #1298103 ipa-server-upgrade fails if certmonger is not running - always start certmonger during IPA server configuration upgrade
- Resolves: #1298097 IPA server upgrade fails from RHEL 7.0 to RHEL 7.2 using "yum update ipa* sssd" - Set minimal required version for openssl
- Resolves: #1298097 IPA server upgrade fails from RHEL 7.0 to RHEL 7.2 using
"yum update ipa* sssd"
- Set minimal required version for openssl
- Resolves: #1298098 ipa-nis-manage does not update ldap with all NIS maps
- Upgrade: Fix upgrade of NIS Server configuration
- Resolves: #1298099 umask setting causes named-pkcs11 issue with directory
permissions on /var/lib/ipa/dnssec
- DNS: fix file permissions
- Explicitly call chmod on newly created directories
- Fix: replace mkdir with chmod
- Resolves: #1298100 Broken 7.2.0 to 7.2.z upgrade - flawed version comparison
- Fix version comparison
- use FFI call to rpmvercmp function for version comparison
- Resolves: #1298101 Sysrestore did not restore state if a key is specified in
mixed case
- Allow to used mixed case for sysrestore
- Resolves: #1298102 DNSSEC key purging is not handled properly
- DNSSEC: Improve error reporting from ipa-ods-exporter
- DNSSEC: Make sure that current state in OpenDNSSEC matches key state in
LDAP
- DNSSEC: Make sure that current key state in LDAP matches key state in BIND
- DNSSEC: remove obsolete TODO note
- DNSSEC: add debug mode to ldapkeydb.py
- DNSSEC: logging improvements in ipa-ods-exporter
- DNSSEC: remove keys purged by OpenDNSSEC from master HSM from LDAP
- DNSSEC: ipa-dnskeysyncd: Skip zones with old DNSSEC metadata in LDAP
- DNSSEC: ipa-ods-exporter: add ldap-cleanup command
- DNSSEC: ipa-dnskeysyncd: call ods-signer ldap-cleanup on zone removal
- DNSSEC: Log debug messages at log level DEBUG
- Resolves: #1298103 ipa-server-upgrade fails if certmonger is not running
- prevent crash of CA-less server upgrade due to absent certmonger
- Resolves: #1298104 The ipa -e skip_version_check=1 still issues
incompatibility error when called against RHEL 6 server
- ipalib: assume version 2.0 when skip_version_check is enabled
- Resolves: #1284052 IPA DNS Zone/DNS Forward Zone details missing after upgrade from RHEL 7.0 to RHEL 7.2 - Fix upgrade of forwardzones when zone is in realmdomains
- Resolves: #1283890 installer options are not validated at the beginning of installation - Fix incorrectly rebased patch 0144 - Resolves: #1284803 Default CA ACL rule is not created during ipa-replica-install - disconnect ldap2 backend after adding default CA ACL profiles - do not disconnect when using existing connection to check default CA ACLs
- Resolves: #1283882 IPA certificate auto renewal fail with "Invalid
Credential"
- cert renewal: make renewal of ipaCert atomic
- Resolves: #1283883 ipa upgrade causes vault internal error
- install: export KRA agent PEM file in ipa-kra-install
- Resolves: #1283884 ipa-kra-install: fails to apply updates
- suppress errors arising from adding existing LDAP entries during KRA
install
- Resolves: #1283890 installer options are not validated at the beginning of
installation
- install: fix command line option validation
- Resolves: #1283915 Caching of ipaconfig does not work in framework
- fix caching in get_ipa_config
- Resolves: #1284025 sshd_config change on ipa-client-install can prevent sshd
from starting up
- client install: do not corrupt OpenSSH config with Match sections
- Resolves: #1284052 IPA DNS Zone/DNS Forward Zone details missing after
upgrade from RHEL 7.0 to RHEL 7.2
- upgrade: fix migration of old dns forward zones
- Resolves: #1284803 Default CA ACL rule is not created during
ipa-replica-install
- TLS and Dogtag HTTPS request logging improvements
- Avoid race condition caused by profile delete and recreate
- Do not erroneously reinit NSS in Dogtag interface
- Add profiles and default CA ACL on migration
- Resolves: #1284811 ipa-cacert-manage renew fails on nonexistent ldap
connection
- ipa-cacert-renew: Fix connection to ldap.
- Resolves: #1284813 ipa-otptoken-import fails on nonexistent ldap connection
- ipa-otptoken-import: Fix connection to ldap.
- Resolves: #1252556 Missing CLI param and ACL for vault service operations - vault: fix private service vault creation
- Resolves: #1262996 ipa vault internal error on replica without KRA - upgrade: make sure ldap2 is connected in export_kra_agent_pem - Resolves: #1270608 IPA upgrade fails for server with CA cert signed by external CA - schema: do not derive ipaVaultPublicKey from ipaPublicKey