To all freeipa-interest, freeipa-users and freeipa-devel list members,
The FreeIPA project team is pleased to announce the availability of the
Alpha 4 release of freeIPA 2.0 server [1]. Binaries are available for
F-12 and F-13.
This alpha is mostly a bug fix release over the previous alpha. We have
started the process of polishing so things should generally work more
smoothly and look better. There are no improvements in the UI, those
should appear in the next release.
Please do not hesitate to share feedback, criticism or bugs with us on
our mailing list: freeipa-us...@redhat.com
The changes in this release are:
- Moved our dogtag SELinux to be installed with the rpm instead of
during configuration.
- Fedora 13 moved to gpg2 and dropped gpg. Fix our invocation so we work
with either (this was preventing replica installations).
- Query remote server during replica installation to see if the replica
already exists. This prevents lots of really strange errors during
replica installation.
- Fixed SSL error in client enrollment.
- Changed the way services are handled in HBAC. There is now a separate
service and servicegroup object that you associate with HBAC rules. sssd
is already using this new mechanism.
- First pass at per-command documentation. It still needs a lot of work.
- Fix aci-mod command. It wasn't really working well in almost all cases.
- Add replication version checking. This is one step in better control
during updates.
- Don't try to convert a host's password into a keytab with bulk
enrollment (this was causing krbPasswordExpiration to be set).
- Add support for User-Private Groups.
- Worked on error handling in mod_wsgi. Now hopefully a shorter and less
scary backtrace will be thrown when things go bump in the night.
- Add new api to disable service and host principals.
- Significant cleanup of crypto code. Using python-nss for a lot more
(and more to come).
- Fixed some errirs in and made ipa-compat-manage and ipa-nis-manage
more bullet-proof.
- Fixed netgroups plugin, it was generating the wrong attributes.
- Other minor polish and bug fixes.
Known issues:
- The CA must be installed in the en_US locale (#588375)
rob
[1] http://www.freeipa.org/page/Downloads
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
