Releases: simp/pupmod-simp-sssd
Releases · simp/pupmod-simp-sssd
Release of 6.1.5
* Fri Feb 22 2019 Trevor Vaughan <[email protected]> - 6.1.5-0 - Change the sssd::provider::ldap::ldap_access_order defaults to ['ppolicy','pwd_expire_policy_renew'] by default to prevent accidental system lockouts on upgrade.
Release of 6.1.4
* Mon Jan 21 2019 Trevor Vaughan <[email protected]> - 6.1.4-0 - Generated a REFERENCE.md - Set the 'min_id' settings across the board to '1' to match the sssd defaults since they really have nothing to do with the target system's relationship with a centralized authentication service. - Update the sssd::provider::ldap::ldap_access_order parameter to support the ppolicy related options that were added in sssd 1.14.0 - ppolicy - pwd_expire_policy_reject - pwd_expire_policy_warn - pwd_expire_policy_renew
Release of 6.1.3
* Fri Oct 12 2018 Nick Miller <[email protected]> - 6.1.3-0 - Changed $sssd::install::package_ensure from 'latest' to 'installed' - It will also respect `simp_options::package_ensure` * Tue Sep 18 2018 Adam Yohrling <[email protected]> - 6.1.3-0 - Added OracleLinux to operating system check for 128 bit cipher work-around * Tue Aug 28 2018 Liz Nemsick <[email protected]> - 6.1.3-0 - Fixed a bug in which the ldap_account_expire_policy setting for the LDAP provider could not be configured to use the system default. Now, when sssd::provider::ldap::ldap_account_expire_policy is set to '', that configuration parameter will not be written to the sssd configuration file. This allows the system default to be applied. - Fixed a bug in which any boolean setting for the LDAP provider configuration could not be configured to be 'false'. - Fixed bugs in which sssd::provider::ldap::debug_timestamps and sssd::provider::ldap::ldap_search_timeout were erroneously typed to be strings, instead of a Boolean and an Integer, respectively. - Fixed bugs in which ad_enable_dns_sites, ad_enable_gc settings, dyndns_update, dyndns_update_ptr, krb5_use_enterprise_principal, and ldap_idmap_autorid_compat settings for the AD provider could not be configured to be 'false'. - Fixed bugs in which ad_gpo_map_interactive, ad_gpo_map_remote_interactive, ad_gpo_map_network, ad_gpo_map_batch, ad_gpo_map_service, ad_gpo_map_permit and ad_gpo_map_deny settings for the AD provider were incorrectly formatted. - Fixed a bug in which the dyndns_iface setting for the AD provider was not set from sssd::provider::ad::dyndns_ifaces. * Thu Aug 23 2018 Adam Yohrling <[email protected]> - 6.1.3-0 - Add support for Oracle Enterprise Linux - Add support for Puppet 5 * Fri Jul 13 2018 Adam Yohrling <[email protected]> - 6.1.3-0 - Added ldap_use_tokengroups, ldap_group_objectsid, ldap_user_objectsid to sssd::provider::ad - Updated required version of puppetlabs-stdlib to 4.19.0 since fact function is used
Release 6.1.2
* Update allowed auditd module range * Fixture and test updates * Avoid changing vendored RPM permissions * /etc/sssd/ owner is no longer managed * /etc/sssd/ permissions changed from 0640 to 0711 * /etc/init.d/ssd permissions changed from 0754 to 0755 on EL6
Release of 6.1.1
* Wed Mar 28 2018 Nick Miller <[email protected]> - 6.1.1-0 - sssd::provider::ad::ldap_schema should be a string, not a boolean - AD test cleanup
Release of 6.1.0
* Wed Mar 14 2018 Philippe Muller <[email protected]> - 6.1.0-0 - Allow passing ldap_tls_cacert to sssd::provider::ldap * Wed Feb 28 2018 Nick Miller <[email protected]> - 6.1.0-0 - Some template and concat changes to make debugging the module easier - Add headers to more easily diagnose where to stick params - Order the concat sections - Add some missing params from sssd::provider::ad - default_shell - dyndns_update - fallback_homedir - krb5_realm - krb5_store_password_if_offline - ldap_schema * Fri Jan 19 2018 Liz Nemsick <[email protected]> - 6.1.0-0 - Added sssd class option to automatically configure SSSD for an IPA domain, when the host is joined to an IPA domain. * Fri Dec 15 2017 Liz Nemsick <[email protected]> - 6.1.0-0 - Leveraged PR from Mark Fitch to add ima provider configuration * Wed Dec 13 2017 Trevor Vaughan <[email protected]> - 6.1.0-0 - Enforce limits set in /etc/login.defs for uid_min and uid_max by default and fall back to something sensible for SSSD
Release of 6.0.4
* Mon Sep 18 2017 Lucas Yamanishi <[email protected]> - 6.0.4-0 - Set minimum length on sssd::domains
Release of 6.0.3
* Mon Sep 11 2017 Judy Johnson <[email protected]> - 6.0.3-0 - Only enable 'try_inotify' if explicitly set * Wed Aug 30 2017 Nick Markowski <[email protected]> - 6.0.3-0 - Sssd::DebugLevel now handles all variants specfied in sssd.conf man page - All instances of debug_level are now typed as Sssd::DebugLevel
Release of 6.0.2
* Thu Jul 06 2017 Liz Nemsick <[email protected]> - 6.0.2-0 - Confine puppet version in metadata.json
6.0.1: (SIMP-2992) Work around for broken LDAP libs
(SIMP-2992) Work around for broken LDAP libs The client LDAP libraries are broken in EL6 such that, if any 128 bit ciphers are present in the cipher string, it will fall back to SSF=128 for connecting to an LDAP server. This is unacceptable to the SIMP default configuration (SSF=256). Also, fixed a bug in a template with regards to variables with prefaced underscores. SIMP-2992 #comment Update for SSSD