Name: | ipa-client |
---|---|
Version: | 4.9.8 |
Release: | 7.0.1.el9_0 |
Architecture: | aarch64 |
Group: | Unspecified |
Size: | 344323 |
License: | GPLv3+ |
RPM: | ipa-client-4.9.8-7.0.1.el9_0.aarch64.rpm |
Source RPM: | ipa-4.9.8-7.0.1.el9_0.src.rpm |
Build Date: | Mon May 09 2022 |
Build Host: | build-ol9-aarch64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.freeipa.org/ |
Summary: | IPA authentication for use on clients |
Description: | IPA is an integrated solution to provide centrally managed Identity (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access control, SELinux user roles, services). The solution provides features for further integration with Linux based clients (SUDO, automount) and integration with Active Directory based infrastructures (Trusts). If your network uses IPA for authentication, this package should be installed on every client machine. This package provides command-line tools for IPA administrators. |
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
- Resolves: rhbz#2057471 Consequences of FIPS crypto policy tightening in RHEL 9 - KRB instance: make provision to work with crypto policy without SHA-1 HMAC types - tests: ensure AD-SUPPORT subpolicy is active - ipatests: extend AES keyset to SHA2-based ones - freeipa.spec: bump crypto-policies dependency for CentOS 9 Stream - Kerberos instance: default to AES256-SHA2 for master key encryption - test_otp: do not use paramiko unless it is really needed - test_krbtpolicy: skip SPAKE-related tests in FIPS mode - Support AES for KRA archival wrapping - Set AES as default for KRA archival wrapping
- Resolves: rhbz#2057467 Backport latest test fixes in python3-ipatests - ipatests: Tests for Autoprivate group. - mark xfail for test_idoverride_with_auto_private_group[hybrid] - Mark xfail test_gidnumber_not_corresponding_existing_group[true,hybrid]
- Resolves: rhbz#2053025 - add IPA test suite fixes
- Resolves: rhbz#2053586 IPA LDAP plugin ipa-cldap memory leak - fix memory leak in CLDAP responder
- Resolves: rhbz#2050540 Unable to join RHEL 8.5 Replica to RHEL 7.9 Master for migration purposes - Don't always override the port in import_included_profiles - Resolves: rhbz#2051582 Enable ipa-ccache-sweep.timer during server installation - Test ipa-ccache-sweep.timer enabled by default during installation - Enable the ccache sweep timer during installation - Resolves: rhbz#2051844 ipa-join tests are failing due to changes in expected output - Remove ipa-join errors from behind the debug option
- Resolves: rhbz#2040619 - Changing default pac type to 'nfs:NONE and MS-PAC' doesnot display error 'ipa: ERROR: no modifications to be performed' - Config plugin: return EmptyModlist when no change is applied - config plugin: add a test ensuring EmptyModlist is returned - Resolves: rhbz#2048510 - [rhel-9.0] Backport latest test fixes in python3-ipatests - ipatests: webui: Tests for subordinate ids. - ipatests: webui: Use safe-loader for loading YAML configuration file - ipatests: Fix test_ipa_cert_fix.py::TestCertFixReplica teardown - Test cases for ipa-replica-conncheck command - PEP8 Fixes - ipatests: Test empty cert request doesn't force certmonger to segfault - ipatests: Test default value of nsslapd-sizelimit. - Extend test to see if replica is not shown when running `ipa-replica-manage list -v <FQDN>` - Added test automation for SHA384withRSA CSR support - Resolves: rhbz#2049104 - User can't log in after ipa-user-mod --user-auth-type=hardened - ipa-kdb: do not remove keys for hardened auth-enabled users - ipatests: add case for hardened-only ticket policy - Resolves: rhbz#2049174 - KRA GetStatus service blocked by IPA proxy - ipa-pki-proxy.conf: provide access to /kra/admin/kra/getStatus
- Resolves: rhbz#2015608 - [Rebase] Rebase ipa to latest 4.9.x release RHEL9 - Resolves: rhbz#1825010 - Concerns regarding 'ipa pwpolicy-mod --minlife 24 --maxlife 1' - Resolves: rhbz#1966289 - Info about searchrecordslimit set search limit to 10,000 after upgrade - Resolves: rhbz#1980356 - reinstalling samba client causes winbindd coredump - Resolves: rhbz#1986054 - fix automountlocation-tofiles output - Resolves: rhbz#2020205 - Missing bind-pkcs11-utils causing failures in OpenDNSSec - Resolves: rhbz#2021445 - CVE-2020-25719 ipa: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets - ipa-kdb: issue PAC_REQUESTER_SID only for TGTs - ipa-kdb: fix requester SID check according to MS-KILE and MS-SFU updates
- Resolves: rhbz#2010701 ipa-server-install fails while 'configuring certificate server instance' - Parse getStatus as JSON not XML - Parse cert chain as JSON not XML - Specify PKI installation log paths - Make Dogtag return XML for ipa cert-find
- Resolves: rhbz#2005864 ipa cert-request replaces user certificate instead of adding - Don't store entries with a usercertificate in the LDAP cache - ipatests: Test that a user can be issued multiple certificates