| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: ipa-client-epn | Distribution: CentOS |
| Version: 4.10.1 | Vendor: CentOS |
| Release: 6.el9 | Build date: Wed Feb 22 12:30:10 2023 |
| Group: System Environment/Base | Build host: ppc64le-02.stream.rdu2.redhat.com |
| Size: 49891 | Source RPM: ipa-4.10.1-6.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://www.freeipa.org/ | |
| Summary: Tools to configure Expiring Password Notification in IPA | |
This package provides a service to collect and send expiring password notifications via email (SMTP).
GPLv3+
* Wed Feb 22 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-6
- Resolves: rhbz#2169632 Backport latest test fixes in python3-ipatests
* Mon Feb 13 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-5
- Resolves: rhbz#2162656 Passwordless (GSSAPI) SSH not working for subdomain
- Resolves: rhbz#2166326 Removing the last DNS type for ipa-ca does not work
- Resolves: rhbz#2167473 RFE - Add a warning note about possible performance impact of the Auto Member rebuild task
- Resolves: rhbz#2168244 requestsearchtimelimit=0 doesn't seems to be work with ipa-acme-manage pruning command
* Mon Feb 06 2023 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-4
- Resolves: rhbz#2161284 'ERROR Could not remove /tmp/tmpbkw6hawo.ipabkp' can be seen prior to 'ipa-client-install' command was successful
- Resolves: rhbz#2164403 ipa-trust-add with --range-type=ipa-ad-trust-posix fails while creating an ID range
- Resolves: rhbz#2162677 RFE: Implement support for PKI certificate and request pruning
- Resolves: rhbz#2167312 - Backport latest test fixes in python3-ipatests
* Wed Dec 21 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.10.1-3
- Rebuild against krb5 1.20.1 ABI
- Resolves: rhbz#2155425
* Fri Dec 09 2022 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-2
- Resolves: rhbz#2148887 MemberManager with groups fails
- Resolves: rhbz#2150335 idm:client is missing dependency on krb5-pkinit
* Fri Nov 25 2022 Florence Blanc-Renaud <flo@redhat.com> - 4.10.1-1
- Resolves: rhbz#2141315 [Rebase] Rebase ipa to latest 4.10.x release for RHEL 9.2
- Resolves: rhbz#2094673 ipa-client-install should just use system wide CA store and do not specify TLS_CACERT in ldap.conf
- Resolves: rhbz#2117167 After leapp upgrade on ipa-client ipa-server package installation failed. (`REQ_FULL_WITH_MEMBERS` returns object from wrong domain)
- Resolves: rhbz#2127833 Password Policy Grace login limit allows invalid maximum value
- Resolves: rhbz#2143224 [RFE] add certificate support to ipa-client instead of one time password
- Resolves: rhbz#2144736 vault interoperability with older RHEL systems is broken
- Resolves: rhbz#2148258 ipa-client-install does not maintain server affinity during installation
- Resolves: rhbz#2148379 Add warning for empty targetattr when creating ACI with RBAC
- Resolves: rhbz#2148380 OTP token sync always returns OK even with random numbers
- Resolves: rhbz#2148381 Deprecated feature idnssoaserial in IdM appears when creating reverse dns zones
- Resolves: rhbz#2148382 Introduction of URI records for kerberos breaks location functionality
* Tue Oct 25 2022 Rafael Jeffman <rjeffman@redhat.com> - 4.10.0-7
- Resolves: rhbz#2124547 Attempt to log in as "root" user with admin's password in Web UI does not properly fail
- Resolves: rhbz#2137555 Attempt to log in as "root" user with admin's password in Web UI does not properly fail [rhel-9.1.0.z]
* Fri Aug 19 2022 Florence Blanc-Renaud <flo@redhat.com> - 4.10.0-6
- Resolves: rhbz#2110014 ldap bind occurs when admin user changes password with gracelimit=0
- Resolves: rhbz#2112901 RFE: Allow grace login limit to be set in IPA WebUI
- Resolves: rhbz#2115495 group password policy by default does not allow grace logins
- Resolves: rhbz#2116966 ipa-replica-manage displays traceback: Unexpected error: 'bool' object has no attribute 'lower'
* Thu Jul 28 2022 Francisco Trivino <ftrivino@redhat.com> - 4.10.0-5
- Resolves: rhbz#2109645
- Rebuild for samba-4.16.3-101.el9
* Thu Jul 21 2022 Francisco Trivino <ftrivino@redhat.com> - 4.10.0-4
- Resolves: rhbz#2109645
- Rebuild for samba-4.16.3-100.el9
* Fri Jul 15 2022 Florence Blanc-Renaud <flo@redhat.com> - 4.10.0-3
- Resolves: rhbz#2105294 IdM WebUI Pagination Size should not allow empty value
* Thu Jun 30 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.10.0-2
- Resolves: rhbz#2091988 [RFE] Add code to check password expiration on ldap bind
* Thu Jun 30 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.10.0-1
- Resolves: rhbz#747959 [RFE] Support random serial numbers in IPA certificates
- Resolves: rhbz#2100227 [UX] Preserving a user account produces output saying it was deleted
* Fri Jun 17 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.10-1
- Resolves: rhbz#2079469 [Rebase] Rebase ipa to latest 4.9.x release
- Resolves: rhbz#2012911 named journalctl logs shows 'zone testrealm.test/IN: serial (serialnumber) write back to LDAP failed.'
- Resolves: rhbz#2069202 [RFE] add support for authenticating against external IdP services using OAUTH2 preauthenticaiton mechanism provided by SSSD
- Resolves: rhbz#2083218 ipa-dnskeysyncd floods /var/log/messages with DEBUG messages
- Resolves: rhbz#2089750 RFE: Improve error message with more detail for ipa-replica-install command
- Resolves: rhbz#2091988 [RFE] Add code to check password expiration on ldap bind
- Resolves: rhbz#2094400 [RFE] ipa-client-install should provide option to enable subid: sss in /etc/nsswitch.conf
- Resolves: rhbz#2096922 secret in ipa-pki-proxy.conf is not changed if new requiredSecret value is present in /etc/pki/pki-tomcat/server.xml
* Wed Apr 06 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-8
- Resolves: rhbz#2067971 Consequences of FIPS crypto policy tightening in RHEL 9
- tests: ensure AD-SUPPORT subpolicy is active in more cases
- ipatests: fix check for AD topology being present
* Thu Mar 24 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-7
- Resolves: rhbz#2067971 Consequences of FIPS crypto policy tightening in RHEL 9
- KRB instance: make provision to work with crypto policy without SHA-1 HMAC types
- tests: ensure AD-SUPPORT subpolicy is active
- ipatests: extend AES keyset to SHA2-based ones
- freeipa.spec: bump crypto-policies dependency for CentOS 9 Stream
- Kerberos instance: default to AES256-SHA2 for master key encryption
- test_otp: do not use paramiko unless it is really needed
- test_krbtpolicy: skip SPAKE-related tests in FIPS mode
- Support AES for KRA archival wrapping
- Set AES as default for KRA archival wrapping
* Thu Feb 24 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-6
- Resolves: rhbz#2057467 Backport latest test fixes in python3-ipatests
- ipatests: Tests for Autoprivate group.
- mark xfail for test_idoverride_with_auto_private_group[hybrid]
- Mark xfail test_gidnumber_not_corresponding_existing_group[true,hybrid]
* Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-5
- Resolves: rhbz#2053025
- add IPA test suite fixes
* Mon Feb 14 2022 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.8-4
- Resolves: rhbz#2053586 IPA LDAP plugin ipa-cldap memory leak
- fix memory leak in CLDAP responder
* Fri Feb 11 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-3
- Resolves: rhbz#2050540 Unable to join RHEL 8.5 Replica to RHEL 7.9 Master for migration purposes
- Don't always override the port in import_included_profiles
- Resolves: rhbz#2051582 Enable ipa-ccache-sweep.timer during server installation
- Test ipa-ccache-sweep.timer enabled by default during installation
- Enable the ccache sweep timer during installation
- Resolves: rhbz#2051844 ipa-join tests are failing due to changes in expected output
- Remove ipa-join errors from behind the debug option
* Thu Feb 03 2022 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-2
- Resolves: rhbz#2040619 - Changing default pac type to 'nfs:NONE and MS-PAC' doesnot display error 'ipa: ERROR: no modifications to be performed'
- Config plugin: return EmptyModlist when no change is applied
- config plugin: add a test ensuring EmptyModlist is returned
- Resolves: rhbz#2048510 - [rhel-9.0] Backport latest test fixes in python3-ipatests
- ipatests: webui: Tests for subordinate ids.
- ipatests: webui: Use safe-loader for loading YAML configuration file
- ipatests: Fix test_ipa_cert_fix.py::TestCertFixReplica teardown
- Test cases for ipa-replica-conncheck command
- PEP8 Fixes
- ipatests: Test empty cert request doesn't force certmonger to segfault
- ipatests: Test default value of nsslapd-sizelimit.
- Extend test to see if replica is not shown when running `ipa-replica-manage list -v <FQDN>`
- Added test automation for SHA384withRSA CSR support
- Resolves: rhbz#2049104 - User can't log in after ipa-user-mod --user-auth-type=hardened
- ipa-kdb: do not remove keys for hardened auth-enabled users
- ipatests: add case for hardened-only ticket policy
- Resolves: rhbz#2049174 - KRA GetStatus service blocked by IPA proxy
- ipa-pki-proxy.conf: provide access to /kra/admin/kra/getStatus
* Thu Dec 02 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.8-1
- Resolves: rhbz#2015608 - [Rebase] Rebase ipa to latest 4.9.x release RHEL9
- Resolves: rhbz#1825010 - Concerns regarding 'ipa pwpolicy-mod --minlife 24 --maxlife 1'
- Resolves: rhbz#1966289 - Info about searchrecordslimit set search limit to 10,000 after upgrade
- Resolves: rhbz#1980356 - reinstalling samba client causes winbindd coredump
- Resolves: rhbz#1986054 - fix automountlocation-tofiles output
- Resolves: rhbz#2020205 - Missing bind-pkcs11-utils causing failures in OpenDNSSec
- Resolves: rhbz#2021445 - CVE-2020-25719 ipa: samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets
- ipa-kdb: issue PAC_REQUESTER_SID only for TGTs
- ipa-kdb: fix requester SID check according to MS-KILE and MS-SFU updates
* Tue Oct 05 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-9
- Resolves: rhbz#2010701 ipa-server-install fails while 'configuring certificate server instance'
- Parse getStatus as JSON not XML
- Parse cert chain as JSON not XML
- Specify PKI installation log paths
- Make Dogtag return XML for ipa cert-find
* Fri Sep 17 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-8
- Resolves: rhbz#2005864 ipa cert-request replaces user certificate instead of adding
- Don't store entries with a usercertificate in the LDAP cache
- ipatests: Test that a user can be issued multiple certificates
* Fri Sep 10 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-7
- Resolves: rhbz#2003005 AVC denied { read } comm="ipa-custodia" on aarch64 during installation of ipa-server
- selinux policy: allow custodia to access /proc/cpuinfo
- Resolves: rhbz#2003004 extdom: LDAP_INVALID_SYNTAX returned instead of LDAP_NO_SUCH_OBJECT
- extdom: return LDAP_NO_SUCH_OBJECT if domains differ
- Resolves: rhbz#2003003 subid: subid-match displays the DN of the owner, not its UID.
- subid: subid-match: display the owner's ID not DN
- Resolves: rhbz#2013116 ipa migrate-ds command fails to warn when compat plugin is enabled
- migrate-ds: workaround to detect compat tree
* Thu Aug 26 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-6
- Resolves: rhbz#1998098 - Backport latest test fixes in python3-ipatests
- ipatests: Test unsecure nsupdate.
- ipatests: Fix TestAJPSecretUpgrade tests on systems without pkiuser
- ipatests: test_ipahealthcheck: Verify permissions for /var/log/ files
- ipatests: test to renew certs on replica using ipa-cert-fix
- ipatests: wait while http/ldap/pkinit cert get renew on replica
- ipatests: refactor test_ipa_cert_fix with tasks
- ipatests: use whole date for journalctl --since
* Tue Aug 17 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-5
- Resolves: rhbz#1988383 Do SRV discovery in ipa-getkeytab if -s and -H aren't provided
- ipa-getkeytab: add option to discover servers using DNS SRV
- ipa-getkeytab: fix compiler warnings
- ipatests: test ipa-getkeytab server option
- Resolves: rhbz#1986329 ipa-server install failure without DNS
- Fix ldapupdate.get_sub_dict() for missing named user
- Resolves: rhbz#1980734 Remove python3-pexpect as dependency for ipatests pkg
- freeipa.spec.in: remove python3-pexpect from Requires
- Resolves: rhbz#1992538 Backport recent test fixes in python3-ipatests
- ipatests: use whole date when calling journalctl --since
- ipatests: Fix for test_source_ipahealthcheck_ipa_host_check_ipahostkeytab
- ipatests: test_ipahealthcheck: print a message if a system is healthy
- ipatests: test_installation: move tracking_reqs dependency to ipalib constants ipaserver: krainstance: utilize moved tracking_reqs dependency
- webui tests: close notification when revoking cert
- ipatests: Test ipa-cert-fix warns when startup directive is missing from CS.cfg
- webui tests: fix algo for finding available idrange
- ipatests: smbclient "-k" => "--use-kerberos=desired"
- test_acme: refactor with tasks
- test_acme: make password renewal more robust
- tasks.py: fix flake8-reported issues
- ipatests: Test for OTP when the LDAP connection timed out.
- ipatests: verify that getcert output includes the issued date
- ipatests: Look for warning into stderr instead of stdout
- ipatests: use krb5_trace in TestIpaAdTrustInstall
- ipatests: Test ldapsearch with base scope works with compat tree.
- ipatests: skip test_basesearch_compat_tree on fedora.
- ipatests: Refactor test_check_otpd_after_idle_timeout
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4.9.6-4.1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Jul 23 2021 Rob Crittenden <rcritten@redhat.com> - 4.9.6-4
- Use new method in check to prevent removal of last KRA (#1985072)
- ipatests: NAMED_CRYPTO_POLICY_FILE not defined for RHEL (#1982952)
- Fix index definition for memberOf (#1952028)
* Thu Jul 15 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-3
- Resolves: rhbz#1979629 Add checks to prevent assigning authentication indicators to internal IPA services
- Resolves: rhbz#1982212 ipa-trust-add fails with "not enough quota"
- Resolves: rhbz#1952028 [RFE] Add support for managing subuids and subgids in FreeIPA
- Resolves: rhbz#1981789 [man page] contradiction in ipa-server-upgrade command's man page and usage
* Fri Jul 09 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-2
- Resolves: rhbz#1955440 ipa installation fails to configure chrony
- Resolves: rhbz#1976761 Package python3-ipatests (from CRB repo) Requires python3-coverage
- Resolves: rhbz#1979609 Unable to set ipaUserAuthType with stageuser-add
- Resolves: rhbz#1979629 Add checks to prevent assigning authentication indicators to internal IPA services
* Wed Jun 30 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.6-1
- Resolves: rhbz#1969351 Rebase IPA to latest 4.9.x version
- Resolves: rhbz#1976288 ansible-freeipa automember test fails with `automember_add_condition: testgroup: 'objectclass'` due to ldap cache
- Resolves: rhbz#1975139 Upgrade error: Add failure missing required attribute "objectclass"
- Resolves: rhbz#1973024 CA_less ipa-server-install fails if CA cert subject contains non ascii chars
- Resolves: rhbz#1966101 [RFE] - IDM - Allow specifying permanent logging settings for BIND
- Resolves: rhbz#1962570 IPA in c9s should not require redhat-logos-ipa as a runtime package
- Resolves: rhbz#1957736 [RFE] IPA to allow configuring auto-private-groups at idrange level
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 4.9.3-2.1
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Tue Apr 20 2021 Florence Blanc-Renaud <frenaud@redhat.com> - 4.9.3-2
- RHEL 9 Beta mass rebuild. Resolves: rhbz#1951304
* Wed Mar 31 2021 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.3-1
- Upstream release FreeIPA 4.9.3
* Fri Feb 26 2021 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.2-4
- Rebuild against 389-ds and PKI to fix https://github.com/389ds/389-ds-base/issues/4609
* Tue Feb 23 2021 Alexander Bokovoy <abokovoy@redhat.com> - 4.9.2-3
- Only use python-platform on RHEL 8
/etc/ipa/epn /etc/ipa/epn.conf /etc/ipa/epn/expire_msg.template /usr/lib/systemd/system/ipa-epn.service /usr/lib/systemd/system/ipa-epn.timer /usr/sbin/ipa-epn /usr/share/doc/ipa-client-epn /usr/share/doc/ipa-client-epn/Contributors.txt /usr/share/doc/ipa-client-epn/README.md /usr/share/licenses/ipa-client-epn /usr/share/licenses/ipa-client-epn/COPYING /usr/share/man/man1/ipa-epn.1.gz /usr/share/man/man5/epn.conf.5.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed May 31 03:09:59 2023