[ubuntu/jammy-proposed] adsys 0.8 (Accepted)
Didier Roche
didrocks at ubuntu.com
Mon Feb 7 10:40:16 UTC 2022
adsys (0.8) jammy; urgency=medium
[ Jean-Baptiste Lallement ]
[ Didier Roche ]
* Add new types of GPOs support, with ubuntu advantage subscription
integration. Recommends ubuntu-advantage-desktop-daemon.
* Privilege escalation: support for privilege escalation and gives
administrator access to users and groups registered in Active Directory.
The administrator can also prevent any kind of local administrator on
the machine.
* Scripts integration: support for scripts in GPO when the computer boots and
shuts down, and when the user logs on or off.
- The computer scripts are ran as root, on startup (or first AD user login
if we couldn’t fetch GPOs and had no cache)
- The user scripts are ran with systemd user session, as the user.
- A transactional state is handled: New versions of scripts or list of
scripts are only updated when a given session is not opened.
Said differently, the shutdown scripts for the machine will be the ones
downloaded and enabled when the start scripts were ran.
Similarly, the user logoff scripts will be the ones corresponding to
the time when the log on scripts were executed.
- Any failing scripts won’t stop the boot or log on. Similarly to Windows
script support, this is not a security feature.
* Support downloading assets from the Active Directory server. Those assets
are located in the <Distribution> named directory at SYSVOL root.
Those needs a GPT.INI, similarly to GPO, to control cache update.
* Internal changes on how policies and cached are handled. Those changes are
needed to enhance the model of caching with assets, while keeping
a transactional behaviour.
* Many new tests covering all the new and existing changes.
* General cleanups:
- More debugging and info messages.
- In templates, policies define personalized notes and descriptions.
Those are now used to generate the description of the policy.
- Modernize, fix bugs and workarounds now that we are on at min Go 1.16,
and prepare for 1.17 and new vendored dependencies versions.
- Add more linting support and fix discovered issues.
- Rewrite integration tests containers mimicking system services in python
for better reliability and support via dbus-mock. Upgraded to a newer
version.
- Adapt to new GitHub infrastructure changes with new container repository,
and change workflows adjustements by new linting rules.
- Discare deprecated dconf keys for those releases.
* Updated vendored go dependencies:
- bluemonday
- cobra
- color
- glamour
- go-dbus
- golangci-lint
- grpc
- ini
- viper
Date: Mon, 07 Feb 2022 09:37:45 +0100
Changed-By: Didier Roche <didrocks at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/adsys/0.8
-------------- next part --------------
Format: 1.8
Date: Mon, 07 Feb 2022 09:37:45 +0100
Source: adsys
Built-For-Profiles: noudeb
Architecture: source
Version: 0.8
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Didier Roche <didrocks at ubuntu.com>
Changes:
adsys (0.8) jammy; urgency=medium
.
[ Jean-Baptiste Lallement ]
[ Didier Roche ]
* Add new types of GPOs support, with ubuntu advantage subscription
integration. Recommends ubuntu-advantage-desktop-daemon.
* Privilege escalation: support for privilege escalation and gives
administrator access to users and groups registered in Active Directory.
The administrator can also prevent any kind of local administrator on
the machine.
* Scripts integration: support for scripts in GPO when the computer boots and
shuts down, and when the user logs on or off.
- The computer scripts are ran as root, on startup (or first AD user login
if we couldn’t fetch GPOs and had no cache)
- The user scripts are ran with systemd user session, as the user.
- A transactional state is handled: New versions of scripts or list of
scripts are only updated when a given session is not opened.
Said differently, the shutdown scripts for the machine will be the ones
downloaded and enabled when the start scripts were ran.
Similarly, the user logoff scripts will be the ones corresponding to
the time when the log on scripts were executed.
- Any failing scripts won’t stop the boot or log on. Similarly to Windows
script support, this is not a security feature.
* Support downloading assets from the Active Directory server. Those assets
are located in the <Distribution> named directory at SYSVOL root.
Those needs a GPT.INI, similarly to GPO, to control cache update.
* Internal changes on how policies and cached are handled. Those changes are
needed to enhance the model of caching with assets, while keeping
a transactional behaviour.
* Many new tests covering all the new and existing changes.
* General cleanups:
- More debugging and info messages.
- In templates, policies define personalized notes and descriptions.
Those are now used to generate the description of the policy.
- Modernize, fix bugs and workarounds now that we are on at min Go 1.16,
and prepare for 1.17 and new vendored dependencies versions.
- Add more linting support and fix discovered issues.
- Rewrite integration tests containers mimicking system services in python
for better reliability and support via dbus-mock. Upgraded to a newer
version.
- Adapt to new GitHub infrastructure changes with new container repository,
and change workflows adjustements by new linting rules.
- Discare deprecated dconf keys for those releases.
* Updated vendored go dependencies:
- bluemonday
- cobra
- color
- glamour
- go-dbus
- golangci-lint
- grpc
- ini
- viper
Checksums-Sha1:
15e9a919706bba02e86c262083672bbaa2f7b685 1294 adsys_0.8.dsc
a392a56b2f6319206313d5094b5c3c50f611a33d 6702168 adsys_0.8.tar.xz
f2093d9cb428adc03a7f9788dbc8ebc50f3df085 13578 adsys_0.8_source.buildinfo
Checksums-Sha256:
4fba7d62a4ad28929974cdb0f4fa8fe8bc153652deeece0c7e103a3ed85514d7 1294 adsys_0.8.dsc
ec10214bf4cae26a9fd8ce8c038a3b7de9e45a5cec7ba990bf9c6b18d314a726 6702168 adsys_0.8.tar.xz
bd124f46156c73f2f3cec5139db723519bbdb573b7cde152b8dd21f60ccb2fee 13578 adsys_0.8_source.buildinfo
Files:
33b9a220dcd1a469dfffb83c272b1cf2 1294 admin optional adsys_0.8.dsc
1f4ffffdd394a518b604c73cb395a6d6 6702168 admin optional adsys_0.8.tar.xz
8b11da9aafaf66468b540b77dd8a4e86 13578 admin optional adsys_0.8_source.buildinfo
More information about the jammy-changes
mailing list