[Freeipa-devel] [PATCH] 130 Drop support for OpenSSH versions before 6.2

[Petr Viktorin]

On 04/29/2013 08:58 PM, Rob Crittenden wrote:
> Jan Cholasta wrote:
>> On 19.4.2013 19:39, Rob Crittenden wrote:
>>> Jan Cholasta wrote:
>>>> Also, this does not fix SSH integration not working on Fedora 18, as
>>>> that is caused by backward incompatiblity in openssh-server-6.1p1-6 and
>>>> later (see https://bugzilla.redhat.com/show_bug.cgi?id=953534).
>>
>> FYI this bug was fixed.
>>
>>>
>>> This seems to work ok. Do we want to do this upgrade as an rpm scriptlet
>>> or is it better to handle this in ipa-upgradeconfig (it might be easier
>>> to maintain there)?
>>
>> As Martin pointed out, this needs to be done on the client and we don't
>> have client upgrade script yet, hence the scriptlet.
>>
>>>
>>> In any case, a condrestart of sssd is required to have it pick up the
>>> new config.
>>
>> Fixed.
>>
>>>
>>> Do you know if F-18 will get 6.2? Do we need to consider backporting
>>> this to 3.1?
>>
>> It won't, backport is not needed.
>>
>> Updated patch attached.
>>
>> Honza
>>
>
> Alexander pointed out that we can use the user nobody to run these
> commands rather than running as the user who requested it, %u.
>
> For the purposes of development, this is going to commit everyone to
> moving to F-19 now. Is that acceptable or do we want to wrap this with a
> conditional for some period?
>
> rob

The upcoming upgrade testing would be easier if we can just do f17→f18 
instead of f17→f18→f19 to look for issues with Dogtag-9 style instances.

-- 
Petr³