The FreeIPA Project is proud to announce the latest bugfix release of
the FreeIPA. As always, the latest tarball can be found at
http://freeipa.org/
== Highlights ==
* Fixed a number of issues uncovered by pylint in preparation for
executing it as part of the freeIPA build process.
* Changed the algorithm used for determining indirect membership
resulting in significant performance improvement.
* Added index for memberHost and memberUser.
* Fixed problems in ipa-compat-manage and ipa-nis-manage.
* Improved detection of current installation status for both client
and server.
* The --gidnumber option for users has been fixed.
* postalCode is now a string intead of an integer. Older clients will
still send this as an Int so upgrade your clients if you need this.
* Fix 389-ds crash issue in installer. We could try to shut down the
server while it was trying to create an index.
* The default groups we create should have ipaUniqueId set
== Detailed Changelog ==
Endi S. Dewata (1):
* Fixed undefined label in permission adder dialog box.
Jan Cholasta (10):
* Fix wording of error message.
* Add note about ipa-dns-install to ipa-server-install man page.
* Fix typo in ipa-server-install.
* Fix uninitialized variables.
* Fix double definition of output_for_cli.
* Add lint script for static code analysis.
* Fix lint false positives.
* Remove unused classes.
* Fix some minor issues uncovered by pylint.
* Fix uninitialized attributes.
Jr Aquino (4):
* Escape LDAP characters in member and memberof searches
* Add memberHost and memberUser to default indexes
* Optimize and dynamically verify group membership
* Delete the sudoers entry when disabling Schema Compat
Martin Kosek (12):
* Inconsistent error message for duplicate user
* Replica installation fails for self-signed server
* Password policy commands do not include cospriority
* Improve DNS PTR record validation
* IPA replica is not started after the reboot
* Improve Directory Service open port checker
* Log temporary files in ipa-client-install
* Prevent uninstalling client on the IPA server
* pwpolicy-mod doesn't accept old attribute values
* Forbid reinstallation in ipa-client-install
* ipa-client-install uninstall does not work on IPA server
* LDAP Updater may crash IPA installer
Pavel Zuna (1):
* Fix gidnumber option of user-add command.
Rob Crittenden (18):
* Allow a client to enroll using principal when the host has a OTP
* Make retrieval of the CA during DNS discovery non-fatal.
* Cache the value of get_ipa_config() in the request context.
* Change default gecos from uid to first and last name.
* Fix ORDERING in some attributetypes and remove other unnecessary
elements.
* postalCode should be a string not an integer.
* Fix traceback in ipa-nis-manage.
* Suppress --on-master from ipa-client-install command-line and man page.
* Sort entries returned by *-find by the primary key (if any).
* The default groups we create should have ipaUniqueId set
* Always ask members in LDAP*ReverseMember commands.
* Provide attributelevelrights for the aci components in permission_show.
* Wait for memberof task and DS to start before proceeding in
installation.
* Convert manager from userid to dn for storage and back for displaying.
* Modify the default attributes shown in user-find to match the UI design.
* Ensure that the zonemgr passed to the installer conforms to IA5String.
* Handle principal not found errors when converting replication agreements
Simo Sorce (2):
* Fix resource leaks.
* ipautil: Preserve environment unless explicitly overridden by caller.
rob
_______________________________________________
Freeipa-interest mailing list
Freeipa-interest@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-interest
