Comments
martinpitt
I confirm that this fixes the TLS handshake regression, and generally seems to work. Thanks!
Install & upgrade went fine. I went through all the pages, they work as expected.
Regression detected against servers running GnuTLS: https://gitlab.com/gnutls/gnutls/issues/530
This might also explain the reported regressions above with "oracle website" and Freenode IRC.
Packages install and upgrade. I went through all Cockpit pages, they work as expected.
Tested install and upgrade, tested client & server, these all work fine. Now the duplicate /etc/motd is gone, it still shows it once, plus motd.d/. Great, thank you!
Upgrade, server, client, and motd all work well.
Install worked fine, all pages work.
Install & upgrade worked fine. I went through all the pages, everything works.
Installs and upgrades fine. I went through all pages and they work as intended.
Indeed, sorry. I bisected it down to upgrading authselect{,-compat,-libs} from 0.4-3 to 0.4-1. This new FreeIPA package depends on that version, so it cannot be tested in isolation. +1'ing to offset my -1 from above. I filed https://bugzilla.redhat.com/show_bug.cgi?id=1582111 about it.
This seems to break sudo rules. I installed this on a Fedora 28 client, enrolled into a COCKPIT.LAN domain (into a server running freeipa-server-4.6.90.pre1-6.1.fc28, i. e. not with this update), added a sudo rule:
ipa sudorule-add --hostcat=all --cmdcat=all All && ipa sudorule-add-user --groups=admins All
But it doesn't work:
[admin@cockpit.lan@x0 ~]$ id
uid=953000000(admin@cockpit.lan) gid=953000000(admins@cockpit.lan) groups=953000000(admins@cockpit.lan) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ ipa sudorule-show All
Rule name: All
Enabled: TRUE
Host category: all
Command category: all
User Groups: admins
$ sudo whoami
[sudo] password for admin@cockpit.lan:
admin@cockpit.lan is not in the sudoers file. This incident will be reported.
Same with unqualified users:
$ id
uid=953000000(admin) gid=953000000(admins) groups=953000000(admins) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
$ sudo whoami
[sudo] password for admin:
admin is not in the sudoers file. This incident will be reported.
I didn't notice a regression, but tang is still exactly as broken as before.
This makes virt-builder work again, thanks muchly!
Upgrades and installs fine, all pages work.
Upgrades and works fine, thank you!
Still the same size assertion crash with this version.
Installs & upgrades fine. All pages work as expected.
Hm, my previous update skipped the karma.
I confirm this fixes the ostree regression: https://bugzilla.redhat.com/show_bug.cgi?id=1571264
Packages install and upgrade fine. I went through all the pages, they work.