2.4. SIMP Community Edition (CE) 6.3.3-0
Warning
Please see the SIMP Community Edition (CE) 6.2.0-0 Changelog for general information, upgrade guidance, and compatibility notes.
This is a bug fix release in the 6.3.X series of SIMP to address the following issues:
SIMP-6152: Change a new default that was introduced by a bug fix in SIMP Community Edition (CE) 6.3.2-0 to SSSD that caused accounts with old
shadowLastChange
entries in LDAP to be unable to login to systems.
2.4.1. Fixed Bugs
2.4.1.1. pupmod-simp-sssd
Change the
sssd::provider::ldap::ldap_access_order
defaults to['ppolicy','pwd_expire_policy_renew']
by default to prevent accidental system lockouts on upgrade.
2.4.2. Known Bugs
2.4.2.1. Upgrading from previous SIMP 6.X versions
There are known issues when upgrading from Puppet 4 to Puppet 5. Make sure you read the Upgrading SIMP before attempting an upgrade.
2.4.2.2. Tlog
Tlog currently has a bug where session information may not be logged. The
immediate mitigation to this is the fact that pam_tty_audit is the primary
mode of auditing with tlog
and/or sudosh
being in place for a better
overall tracking and behavior analysis experience.
Tlog has a second bug where the application fails if a user does not have a TTY.
This has been mitigated by the SIMP wrapper script simply bypassing tlog
if
a TTY is not present.