SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for authconfig-lang-7.0.1-2.1.noarch.rpm :

* Thu Jun 29 2017 astiegerAATTsuse.com- import from Fedora
* Tue May 16 2017 tmrazAATTredhat.com- fix CVE-2017-7488 incorrect PAM configuration with SSSD (#1441604) (if you use configuration with pam_sss, use authconfig --updateall to fix the PAM configuration)- support locking accounts after multiple authentication failures via pam_faillock- enable SSSD smartcard support if module sssd is used
* Mon Feb 27 2017 tmrazAATTredhat.com- dropped authconfig-gtk (system-config-authentication) (no GTK3 support)- dropped authconfig-tui (deprecated long ago)- dropped IPA domain join support (conflicts with the recommended way to install IPA client on a machine)- dropped support for Hesiod, Wins, AFS, and other obsolete cruft
* Fri Feb 20 2015 tmrazAATTredhat.com- allow multiple LDAP URIs in the setting again- winbind modules are now in samba-winbind package- add support for keeping myhostname in nsswitch.conf hosts entry- do not misinterpret comment for realm in krb5.conf- warn about unsupported locale, do not bail out with exception- python 3 compatibility for authconfig command line
* Fri Jul 25 2014 tmrazAATTredhat.com- support screensaver lock handling by GDM- fix pam_pkcs11 options- enable/disable/restart only services that are affected by the configuration changes- do not overwrite special ldap base values- display error message if winbind or IPA domain join fails- fix invocation of IPA domain join from GUI- translation updates
* Fri Nov 01 2013 tmrazAATTredhat.com- detect invalid LDAP uri and report error- fix handling of IPA domain join errors and uninstall- add support for winbind authentication over Kerberos 5- set umask=077 by default for pam_mkhomedir and pam_oddjob_mkhomedir- better error checking for password quality options
* Fri Aug 23 2013 tmrazAATTredhat.com- samba-winbind-clients package contains the nsswitch and pam modules (#919117)- do not drop sss from nsswitch.conf on --update (#980861)- writing out smartcard/fingerprint auth policy to dconf (original patch by Ray Strode) (#990625)- document other possible return codes from authconfig invocation (#991804)- print error message if config file save fails (#994596)- never stop rpcbind (#990788)- do not disable sssd.service when --enablesssd is used (#953851)- revert use_first_pass addition to pam_sss in password stack (#953116)
* Thu Mar 28 2013 tmrazAATTredhat.com- add use_first_pass to pam_sss in password stack- more robust initialization of sssdConfig- check whether base DN value is a real base DN- use non-deprecated pam_pwquality option authtok_type= instead of type=- update lastlog for su
* Wed Dec 05 2012 tmrazAATTredhat.com- fix missing cache_credentials option when saving sssd.conf- do not try to start/restart sssd with incomplete default domain- add autofs to sssd.conf activated services- add pam_winbind to session pam modules
* Tue Sep 25 2012 tmrazAATTredhat.com- backup also passwd and friends when toggling enableshadow (#853074)- use the new smb.conf idmap config range syntax (#850824)- use local_users_only with pam_pwquality (#849072)- enable the authlogin_nsswitch_use_ldap SELinux boolean when enabling LDAP (#846084)- preserve the value of cache_credentials in sssd.conf- do not fail PAM session if pam_lastlog module fails- use sssd also for automount map (#847823)- enable deferred_kinit if cache_credentials is enabled (#814384)
* Thu Jul 19 2012 tmrazAATTredhat.com- fix missing linkage to libresolv- add missing requires of openssl binary for cacertdir_rehash- install missing packages via PackageKit (original patch by Stef Walter)- add pam_lastlog to postlogin PAM configuration to display failed login attempts- enable the allow_ypbind SELinux boolean when enabling NIS- try to preserve the dns_lookup_kdc and dns_lookup_realm settings- do not use cached_login in password stack for pam_winbind
* Tue Mar 27 2012 tmrazAATTredhat.com- use the new --noac option with ipa-client-install- add sss to the services entry in nsswitch.conf- call res_init() to reread resolv.conf before res_send()- updated translations
* Sat Feb 18 2012 tmrazAATTredhat.com- fix traceback in the command-line ui (#794900)- updated translations
* Thu Feb 16 2012 tmrazAATTredhat.com- add support for password requirements settings- add support for joining IPAv2 domains
* Thu Nov 24 2011 tmrazAATTredhat.com- fix wrong exit value of --savebackup action- do not crash on broken SSSD configuration- use pam_pwquality instead of pam_cracklib
* Mon Sep 12 2011 tmrazAATTredhat.com- fix broken --help output for languages without spaces (#734355)- enable translation of the --help option description (#734303)- updated translations from Transifex
* Fri Jul 22 2011 tmrazAATTredhat.com- add support for reading UID_MIN from login.defs (#717112)- use systemctl if available instead of chkconfig/service (#696490)- mention the /usr/sbin/authconfig in the manual page (#698377)- drop the no longer touched files from authconfig manual page add the newly touched ones (#708850)
* Tue May 17 2011 tmrazAATTredhat.com- new hi-res icon (#702666)- use krb5_server instead of krb5_kdcip (#677766)- print error message if authconfig-gtk is not run within proper X environment
* Tue Feb 08 2011 tmrazAATTredhat.com- support for postlogin PAM configuration and pam_ecryptfs patch by Paolo Bonzini
* Thu Dec 23 2010 tmrazAATTredhat.com- give proper warnings on missing packages if configuration supported by SSSD (#663882)- do not delete mdns4_minimal from nsswitch.conf (#645295)- updated translations from Transifex
* Wed Oct 06 2010 tmrazAATTredhat.com- do not restart services when configuration did not change- dissallow setting identity or authentication services with missing installed files (#590447)- eliminate unnecessary updates of PAM config files and sssd.conf (#639978)- updated translations from Transifex
* Fri Sep 17 2010 tmrazAATTredhat.com- netgroups are now supported by sssd- updated translations from Transifex
* Wed Sep 15 2010 tmrazAATTredhat.com- removed support for setting up pam_smb_auth authentication - long ago deprecated- added code for better synchronization of files with duplicate settings such as login.defs, libuser.conf and system-auth-ac (#565521)
* Tue Aug 10 2010 tmrazAATTredhat.com- add pam_systemd to the PAM configuration (#612712)- fix force smarcard setting read when Kerberos enabled (#620475)- fix duplication of dialogs when the revert is cancelled (#621632)- add --enable/disableforcelegacy option (#605857)
* Thu Jul 15 2010 tmrazAATTredhat.com- fix startup of NIS services (#614856)- fix packages for LDAP id and auth in authconfig-tui
* Thu Jun 10 2010 tmrazAATTredhat.com- remove superfluous space in nsswitch.conf (#595265)- always write to \'default\' domain in sssd.conf only (#598558)- update pam and nsswitch config only when needed
* Wed May 19 2010 tmrazAATTredhat.com- fix FreeIPA configuration (#589751)- disable the krb5 inputs if using dns discovery (#591681)- fix GUI crash on revert- add pam_sss to password-auth password stack (#592872)
* Tue May 04 2010 tmrazAATTredhat.com- set the new icon also for the windows (#583330)- updated translations- disable non-smartcard PAM stacks if require smart card for authentication- remove pam_pkcs11 from the password PAM stack- set smartcard action also in gconf- properly set the options for pam_pkcs11- do not write pam_password option to nslcd.conf (#585953)
* Wed Apr 07 2010 tmrazAATTredhat.com- manual page improvements (#578258, #526164)- use ldap instead of sss for nsswitch maps unsupported by sssd (#578325)- call cacertdir_rehash also in case ldaps: server uri is used (#578219)- ldap_uri must be comma separated (#579881)- updated translations- new icon (#540249)
* Mon Mar 29 2010 tmrazAATTredhat.com- fix SSSD provider change (#577263)- drop LDAP authentication from FreeIPA choice- updated translations- use pam_oddjob_mkhomedir if the appropriate package is installed (#552485)
* Fri Mar 19 2010 tmrazAATTredhat.com- added credential caching enablement for SSSD- added msgarea for LDAP authentication requirements- fix spurious missing modules warnings and other minor changes
* Thu Mar 18 2010 tmrazAATTredhat.com- new very much simplified GUI- use SSSD instead of legacy ldap/krb5 if the configuration is supported- drop krb4 config file write (#569612)- handle exception when running with insufficient priviledges (#572534)- support RFC2307bis LDAP schema
* Tue Feb 02 2010 tmrazAATTredhat.com- fix regression from the nss_ldap/pam_ldap nslcd split
* Thu Jan 14 2010 tmrazAATTredhat.com- do not try to write smartcard settings if pam_pkcs11 is not installed (#528458)- make position of sss in nsswitch consistent with position in system-auth (#552501)- support nss_ldap/pam_ldap split and nslcd
* Thu Dec 10 2009 tmrazAATTredhat.com- support for SSSD enabling/disabling and basic support for SSSD domain setup- safe atomic overwrites of the config files
* Wed Nov 11 2009 tmrazAATTredhat.com- fixed missing truncation in the backup restores (#533881)
* Fri Sep 25 2009 tmrazAATTredhat.com- updated translations
* Thu Sep 17 2009 tmrazAATTredhat.com- fixed indentation error (#523534)
* Mon Sep 14 2009 tmrazAATTredhat.com- updated translations (#522444)- silence failures when restarting services (#500385)
* Thu Apr 23 2009 tmrazAATTredhat.com- update PAM configuration when updating from old authconfig versions (#495924)
* Fri Apr 10 2009 tmrazAATTredhat.com- add support for multiple PAM auth stacks (by Ray Strode) (#494874)
* Thu Apr 02 2009 tmrazAATTredhat.com- fix regression in authconfig-tui (#493576)
  
ICM