On Mon, Jul 14, 2014 at 2:02 PM, Jitse Klomp <jitseklomp at gmail.com> wrote: > > >> I certainly don't want to run Fedora in production - and I don't want >> to do the backport for such a complicated piece of software myself. >> > > RH will *not* do a backport of 3.3 to RHEL 6.x. > > Alexander Bokovoy (from Red Hat) on the freeipa-users list (feb. 17): > "RHEL 6.x lacks many of the dependencies required for IPA 3.3. Newer > MIT Kerberos (with API and ABI change for KDC database driver and many > other changes required for trusts and two-factor authentication), newer > Dogtag which relies on several dozens of Java packages and newer tomcat, > systemd (we use socket activation and tmpfiles.d a lot), newer SSSD. > Kerberos ccache stored in the kernel space (KEYRING ccache type) > requires changes at kernel level which are also needed for kerberized > NFSv4 for trusts as AD users have large Kerebros tickets when they are > members of many groups and so on." Isn't that the sort of thing that 'software collections' are intended to provide? It would be encouraging to see something actually built on top of them. -- Les Mikesell lesmikesell at gmail.com