[Freeipa-users] Installing FreeIPA 3.1 -> 3.3 On RHEL
Alexander Bokovoy
abokovoy at redhat.com
Mon Feb 17 20:12:39 UTC 2014
On Mon, 17 Feb 2014, John Stein wrote:
>Hi all.
>The newest IPA version that exists in the RHN repository is 3.0.0-37. I
>would like to install IPA version greater then 3.0 on RHEL 6.x.
>How would you recommend installing newer versions? Using Fedora repository,
>EPEL or just download the tarball and build it?
RHEL 6.x lacks many of the dependencies required for IPA 3.3. Newer
MIT Kerberos (with API and ABI change for KDC database driver and many
other changes required for trusts and two-factor authentication), newer
Dogtag which relies on several dozens of Java packages and newer tomcat,
systemd (we use socket activation and tmpfiles.d a lot), newer SSSD.
Kerberos ccache stored in the kernel space (KEYRING ccache type)
requires changes at kernel level which are also needed for kerberized
NFSv4 for trusts as AD users have large Kerebros tickets when they are
members of many groups and so on.
There are many dependencies and not all of them could be satisfied
through a simple recompile.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list