Lukas, Thank you for responding. This particular issue was the one that was preventing us from using sssd 1.13 on RHEL 6.8.
https://www.redhat.com/archives/freeipa-users/2016-July/msg00163.html Basically no matter what I did HBAC seemed to randomly break on some systems. The systems were deployed from the same template, and from what I could tell had consistent configurations, all packages updated, etc. I honestly probably spent a week on this and upgrading to 1.14 was a very last resort. It immediately fixed the problem in all cases. We will discuss 1.14.1 internally and would be happy to provide any feedback on identified issues. Dan > On Aug 25, 2016, at 3:27 PM, Lukas Slebodnik <lsleb...@redhat.com> wrote: > > On (25/08/16 18:30), Sullivan, Daniel [AAA] wrote: >> Hi, >> >> I feel like I’ve been warned at least twice that sssd 1.14 has some known >> regressions that make it unstable. We’re in the process of rolling it out >> to our production environment (we can’t use 1.13 due to another issue); so >> far it seems pretty stable, although if possible I’d like any sort of highly >> informed advisement if it is really stupid or insane to move forward with >> 1.14. Specifically, we are implementing 1.14.0-3.el6. >> > May I know what is a blocker for using default version of sssd(1.13) in el6? > It is a stable version ready for production. > >> Similarly, is it safe to say that this is a comprehensive list of known >> issues or are there identified problems that aren’t documented in this >> report? >> >> https://fedorahosted.org/sssd/report/2 >> > https://fedorahosted.org/sssd/report/3 would be better > and look directly into the bucket "SSSD 1.14.2" > >> Any advise or recommendation that an expert in sssd 1.14 could provide would >> be appreciated (as I said before so far it seems pretty stable). >> > We fixed many bugs in 1.14.1 and copr repository was updated > https://copr.fedorainfracloud.org/coprs/g/sssd/sssd-1-14/ > I would say it si 99% ready for production. > > We will appreciate testing. And in case of any bugs, I can release > new version in copr immediately after fixing bug in upstream. > > LS ******************************************************************************** This e-mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this e-mail message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is prohibited. If you have received this e-mail in error, please notify the sender and destroy all copies of the transmittal. Thank you University of Chicago Medicine and Biological Sciences ******************************************************************************** -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project