Hello! FreeIPA team has recently released 4.2.0 version which adds a number of features community members were asking for:
- User certificates - Vault to store user secrets - One-way trust to Active Directory - User life-cycle management for integration with external process workflows - [many other enhancements and improvements] Development of these features required coordinating changes across multiple projects. We have provided the packages for Fedora through our COPR repository. The repository includes multiple packages, and relies on multiple others updated in Fedora repositories since Fedora 22. FreeIPA and other teams at Red Hat are currently working on integrating FreeIPA 4.2 release into Red Hat Enterprise Linux 7 update. While traditionally CentOS users had to wait for a Red Hat Enterprise Linux release, in time for 7.1 update we tried something new with a COPR repository providing FreeIPA 4.1 for CentOS before Red Hat Enterprise Linux 7.1 was released. The repository proved to be a success -- both for quality of bug reports we've got and ability to reach out to you. With COPR repository for CentOS 7 we've also got experience to manage expectations of support and maintenance for the FreeIPA 4.1 packages in the view of upcoming Red Hat Enterprise Linux release. The packages in the COPR repository would expire when the Red Hat Enterprise Linux update comes to CentOS and to people who used the repository it would mean a need to handle upgrades. We are considering to repeat COPR experiment with FreeIPA 4.2 for CentOS 7. However, this time we also are relying on updated packages which are beyond the maintenance of FreeIPA, SSSD, Dogtag, and 389-ds teams. Some of the updates in those packages include ABI changes. Maintaining our own rebuilds of these packages in the COPR repository would put additional burden on the upstream developers and later on you -- when CentOS 7 updated versions of those packages would come through the official channels. Thus, we would like to ask you, whether having a separate COPRrepository for FreeIPA 4.2 would make sense for CentOS 7 users.
The repository will expire with the release of CentOS 7 updates and no upgrade path would be provided for the bits. Of course, FreeIPA replication should work and to move forward you would need to deploy replicas with formal CentOS bits into the same environment and phase out the replicas running bits coming from the COPR repository. This path is intended but not guaranteed. It might happen that further development would reveal issues and bugs that might make such migration path broken and impossible to fix. In this case upstream will make reasonable efforts but would provide no guarantee that the issue will be addressed. Does it make sense and worth proceeding with creating a CentOS COPR repo with upstream bits? Tell us!  http://www.freeipa.org/page/Releases/4.2.0  https://copr.fedoraproject.org/coprs/mkosek/freeipa-4.2 -- / Alexander Bokovoy
Description: PGP signature
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project