2.3. SIMP Community Edition (CE) 6.3.3-0¶
Warning
Please see the SIMP Community Edition (CE) 6.2.0-0 Changelog for general information, upgrade guidance, and compatibility notes.
This is a bug fix release in the 6.3.X series of SIMP to address the following issues:
- SIMP-6152: Change a new default that was introduced by a bug fix in SIMP Community Edition (CE) 6.3.2-0 to SSSD that caused accounts with old
shadowLastChange
entries in LDAP to be unable to login to systems.
2.3.1. Fixed Bugs¶
2.3.1.1. pupmod-simp-sssd¶
- Change the
sssd::provider::ldap::ldap_access_order
defaults to['ppolicy','pwd_expire_policy_renew']
by default to prevent accidental system lockouts on upgrade.
2.3.2. Known Bugs¶
2.3.2.1. Upgrading from previous SIMP 6.X versions¶
There are known issues when upgrading from Puppet 4 to Puppet 5. Make sure you read the Upgrading SIMP before attempting an upgrade.
2.3.2.2. Tlog¶
Tlog currently has a bug where session information may not be logged. The
immediate mitigation to this is the fact that pam_tty_audit is the primary
mode of auditing with tlog
and/or sudosh
being in place for a better
overall tracking and behavior analysis experience.
Tlog has a second bug where the application fails if a user does not have a TTY.
This has been mitigated by the SIMP wrapper script simply bypassing tlog
if
a TTY is not present.