On Mon, 2017-07-10 at 16:04 +0200, Jakub Hrozek wrote: > On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote: > > On 31.05.2017 10:53, Jakub Hrozek wrote: > > > On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote: > > > > Hi all, > > > > > > > > I noticed a while ago that 1.15.3 was versioned in the repo but I've not > > > > seen anything released? I'm mostly looking on the COPR > > > > ( > > > > https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?branch=master > > > > ) > > > > > > > > This is purely selfish - I love all that you do, and I'm aware that > > > > there > > > > has been some fairly comprehensive infrastructural change. > > > > > > > > I'm just waiting on that one fix and have no roadmap visibility :) > > > > > > Sorry, I agree our roadmap is not entirely clear. > > > > > > 1.15.3 will be released during June, most fixes planned for that release > > > are either in or being reviewed. > > > > Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels > > a bit backwards as it's a point-release which I think should not depend > > on a not-yet-released features.. > > You are right and I didn't realize that there was this dependency. > > The current status of 1.15.3 release is that we need to fix: > https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership > resolution of AD user fails if user information from other trusted > domain is fetched first - this is a regression I would really not > like to see in a release > > Currently the 1.15.3 milestone also contains > https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I > wouldn't hold the release over this bug and > https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but > at the same time a bit of a corner case, so I'd be personally fine with > moving this to 1.15.4..
Not a corner case here, every suspend over night causes it. The fix is so simple I am surprised you haven't done it yet, just revert the KRB5KRB_AP_ERR_TKT_EXPIRED part of the offending commit. That part was not not needed anyway as far as I can tell. _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
