On Tue, Jul 04, 2017 at 12:38:46AM +0300, Timo Aaltonen wrote:
> On 31.05.2017 10:53, Jakub Hrozek wrote:
> > On Wed, May 31, 2017 at 08:19:56AM +1000, Lachlan Musicman wrote:
> > > Hi all,
> > >
> > > I noticed a while ago that 1.15.3 was versioned in the repo but I've
not
> > > seen anything released? I'm mostly looking on the COPR
> > > (
> > >
https://pagure.io/SSSD/sssd/c/012ee7c3fe24a5e75d9b0465268c1bb8187b8337?br...
> > > )
> > >
> > > This is purely selfish - I love all that you do, and I'm aware that
there
> > > has been some fairly comprehensive infrastructural change.
> > >
> > > I'm just waiting on that one fix and have no roadmap visibility :)
> >
> > Sorry, I agree our roadmap is not entirely clear.
> >
> > 1.15.3 will be released during June, most fixes planned for that release
> > are either in or being reviewed.
>
> Freeipa 4.5.2 depends on a feature not available in 1.15.2, which feels
> a bit backwards as it's a point-release which I think should not depend
> on a not-yet-released features..
You are right and I didn't realize that there was this dependency.
The current status of 1.15.3 release is that we need to fix:
https://pagure.io/SSSD/sssd/issue/3441 - secondary group membership
resolution of AD user fails if user information from other trusted
domain is fetched first - this is a regression I would really not
like to see in a release
Currently the 1.15.3 milestone also contains
https://pagure.io/SSSD/sssd/issue/3420 which is quite important but I
wouldn't hold the release over this bug and
https://pagure.io/SSSD/sssd/issue/3406 which is also a regression, but
at the same time a bit of a corner case, so I'd be personally fine with
moving this to 1.15.4..
Not a corner case here, every suspend over night causes it.
The fix is so simple I am surprised you haven't done it yet, just
revert the KRB5KRB_AP_ERR_TKT_EXPIRED part of the offending commit.
That part was not not needed anyway as far as I can tell.