[ubuntu/jammy-proposed] adsys 0.8 (Accepted)

Didier Roche didrocks at ubuntu.com
Mon Feb 7 10:40:16 UTC 2022 

adsys (0.8) jammy; urgency=medium

  [ Jean-Baptiste Lallement ]
  [ Didier Roche ]
  * Add new types of GPOs support, with ubuntu advantage subscription
    integration. Recommends ubuntu-advantage-desktop-daemon.
  * Privilege escalation: support for privilege escalation and gives
    administrator access to users and groups registered in Active Directory.
    The administrator can also prevent any kind of local administrator on
    the machine.
  * Scripts integration: support for scripts in GPO when the computer boots and
    shuts down, and when the user logs on or off.
    - The computer scripts are ran as root, on startup (or first AD user login
      if we couldn’t fetch GPOs and had no cache)
    - The user scripts are ran with systemd user session, as the user.
    - A transactional state is handled: New versions of scripts or list of
      scripts are only updated when a given session is not opened.
      Said differently, the shutdown scripts for the machine will be the ones
      downloaded and enabled when the start scripts were ran.
      Similarly, the user logoff scripts will be the ones corresponding to
      the time when the log on scripts were executed.
    - Any failing scripts won’t stop the boot or log on. Similarly to Windows
      script support, this is not a security feature.
  * Support downloading assets from the Active Directory server. Those assets
    are located in the <Distribution> named directory at SYSVOL root.
    Those needs a GPT.INI, similarly to GPO, to control cache update.
  * Internal changes on how policies and cached are handled. Those changes are
    needed to enhance the model of caching with assets, while keeping
    a transactional behaviour.
  * Many new tests covering all the new and existing changes.
  * General cleanups:
    - More debugging and info messages.
    - In templates, policies define personalized notes and descriptions.
      Those are now used to generate the description of the policy.
    - Modernize, fix bugs and workarounds now that we are on at min Go 1.16,
      and prepare for 1.17 and new vendored dependencies versions.
    - Add more linting support and fix discovered issues.
    - Rewrite integration tests containers mimicking system services in python
      for better reliability and support via dbus-mock. Upgraded to a newer
      version.
    - Adapt to new GitHub infrastructure changes with new container repository,
      and change workflows adjustements by new linting rules.
    - Discare deprecated dconf keys for those releases.
  * Updated vendored go dependencies:
    - bluemonday
    - cobra
    - color
    - glamour
    - go-dbus
    - golangci-lint
    - grpc
    - ini
    - viper

Date: Mon, 07 Feb 2022 09:37:45 +0100
Changed-By: Didier Roche <didrocks at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/adsys/0.8
-------------- next part --------------
Format: 1.8
Date: Mon, 07 Feb 2022 09:37:45 +0100
Source: adsys
Built-For-Profiles: noudeb
Architecture: source
Version: 0.8
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Didier Roche <didrocks at ubuntu.com>
Changes:
 adsys (0.8) jammy; urgency=medium
 .
   [ Jean-Baptiste Lallement ]
   [ Didier Roche ]
   * Add new types of GPOs support, with ubuntu advantage subscription
     integration. Recommends ubuntu-advantage-desktop-daemon.
   * Privilege escalation: support for privilege escalation and gives
     administrator access to users and groups registered in Active Directory.
     The administrator can also prevent any kind of local administrator on
     the machine.
   * Scripts integration: support for scripts in GPO when the computer boots and
     shuts down, and when the user logs on or off.
     - The computer scripts are ran as root, on startup (or first AD user login
       if we couldn’t fetch GPOs and had no cache)
     - The user scripts are ran with systemd user session, as the user.
     - A transactional state is handled: New versions of scripts or list of
       scripts are only updated when a given session is not opened.
       Said differently, the shutdown scripts for the machine will be the ones
       downloaded and enabled when the start scripts were ran.
       Similarly, the user logoff scripts will be the ones corresponding to
       the time when the log on scripts were executed.
     - Any failing scripts won’t stop the boot or log on. Similarly to Windows
       script support, this is not a security feature.
   * Support downloading assets from the Active Directory server. Those assets
     are located in the <Distribution> named directory at SYSVOL root.
     Those needs a GPT.INI, similarly to GPO, to control cache update.
   * Internal changes on how policies and cached are handled. Those changes are
     needed to enhance the model of caching with assets, while keeping
     a transactional behaviour.
   * Many new tests covering all the new and existing changes.
   * General cleanups:
     - More debugging and info messages.
     - In templates, policies define personalized notes and descriptions.
       Those are now used to generate the description of the policy.
     - Modernize, fix bugs and workarounds now that we are on at min Go 1.16,
       and prepare for 1.17 and new vendored dependencies versions.
     - Add more linting support and fix discovered issues.
     - Rewrite integration tests containers mimicking system services in python
       for better reliability and support via dbus-mock. Upgraded to a newer
       version.
     - Adapt to new GitHub infrastructure changes with new container repository,
       and change workflows adjustements by new linting rules.
     - Discare deprecated dconf keys for those releases.
   * Updated vendored go dependencies:
     - bluemonday
     - cobra
     - color
     - glamour
     - go-dbus
     - golangci-lint
     - grpc
     - ini
     - viper
Checksums-Sha1:
 15e9a919706bba02e86c262083672bbaa2f7b685 1294 adsys_0.8.dsc
 a392a56b2f6319206313d5094b5c3c50f611a33d 6702168 adsys_0.8.tar.xz
 f2093d9cb428adc03a7f9788dbc8ebc50f3df085 13578 adsys_0.8_source.buildinfo
Checksums-Sha256:
 4fba7d62a4ad28929974cdb0f4fa8fe8bc153652deeece0c7e103a3ed85514d7 1294 adsys_0.8.dsc
 ec10214bf4cae26a9fd8ce8c038a3b7de9e45a5cec7ba990bf9c6b18d314a726 6702168 adsys_0.8.tar.xz
 bd124f46156c73f2f3cec5139db723519bbdb573b7cde152b8dd21f60ccb2fee 13578 adsys_0.8_source.buildinfo
Files:
 33b9a220dcd1a469dfffb83c272b1cf2 1294 admin optional adsys_0.8.dsc
 1f4ffffdd394a518b604c73cb395a6d6 6702168 admin optional adsys_0.8.tar.xz
 8b11da9aafaf66468b540b77dd8a4e86 13578 admin optional adsys_0.8_source.buildinfo

More information about the jammy-changes mailing list