2014-07-14 21:33 GMT+02:00 Les Mikesell <lesmikesell at gmail.com>: > On Mon, Jul 14, 2014 at 2:02 PM, Jitse Klomp <jitseklomp at gmail.com> wrote: > > > > >> I certainly don't want to run Fedora in production - and I don't want > >> to do the backport for such a complicated piece of software myself. > >> > > > > RH will *not* do a backport of 3.3 to RHEL 6.x. > > > > Alexander Bokovoy (from Red Hat) on the freeipa-users list (feb. 17): > > "RHEL 6.x lacks many of the dependencies required for IPA 3.3. Newer > > MIT Kerberos (with API and ABI change for KDC database driver and many > > other changes required for trusts and two-factor authentication), newer > > Dogtag which relies on several dozens of Java packages and newer tomcat, > > systemd (we use socket activation and tmpfiles.d a lot), newer SSSD. > > Kerberos ccache stored in the kernel space (KEYRING ccache type) > > requires changes at kernel level which are also needed for kerberized > > NFSv4 for trusts as AD users have large Kerebros tickets when they are > > members of many groups and so on." > > Isn't that the sort of thing that 'software collections' are intended > to provide? It would be encouraging to see something actually built > on top of them. True, but FreeIPA ≥ 3.2 depends on systemd. I don't think it's possible to put that into SCL... - Jitse