Comment 0 for bug 2059756

Revision history for this message
Jean-Baptiste Lallement (jibel) wrote :

[context]
ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules.

Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release.

Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases.

This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment.

[references]
LP: https://launchpad.net/ubuntu/+source/adsys
LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys
GitHub: https://github.com/ubuntu/adsys/
GH Bugs: https://github.com/ubuntu/adsys/issues
Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/
Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html

[changes]
Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog
 * New features
   * New policies:
     - Add mount / network shares policy manager
     - Add AppArmor policy manager
     - Support multiple AD backends and implement Winbind support
     - Add system proxy policy manager
     - Add certificate policy manager for machines
     - Add adsysctl policy purge command to purge applied policies
     - Full documentation
     - Full end to end automated test suite.

 * Enhancements
  * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine
  * Expose Ubuntu Pro status in the "status" command
  * Update scripts manager creation
  * List Pro policy types in service status output
  * Warn when Pro-only rules are configured
  * Use systemd via D-Bus instead of systemctl commands
  * Add placeholder notes for entry types
  * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos
  * Rework policy application sync strategy
  * Print logs when policies are up to date
  * Update policy definitions to include dconf key for dark mode background
  * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061)
  * Allow sssd backend to work without ad_domain being set (LP: #2054445)
  * Update apport hook to include journal errors and package logs

 * Bug fixes
  * Fix policy update failing when GPT.INI contains no version key
  * Fix object lookup for users having a FQDN as their hostname
  * Support special characters in domains when parsing sssd configuration
  * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf
  * Ensure empty state for dconf policy
  * Handle case mismatches in GPT.INI file name
  * Ensure GPO URLs contain the FQDN of the domain controller
  * Add runtime dependency on nfs-common

 * Other
  * Updates to latest versions of Go (fixing known Go vulnerabilities)
  * Updates to latest versions of the Go dependencies
  * Updates and improvements to CI and QoL
  * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version