As a Red Hat Customer utilizing Red Hat Identity Management, an unmodified installation should pass all Red Hat Insights Advisor Recommendations.
This host is running httpd-2.4.37-21.module+el8.2.0+5008+cca404a3 and using the following old directives (Order, Allow or Deny) which have been deprecated:
Configuration file /etc/httpd/conf.d/ipa.conf
Allow from all
Red Hat recommends that you replace the old directives ("Order", "Allow" and "Deny") with the new directive ("Require") in httpd-2.4. Please check the Upgrading to 2.4 from 2.2 guide for more information.
Red Hat Insights Advisor includes recommendation on the default IPA installation:
Red Hat Insights Advisor should have no recommendations related to a vanilla IPA installation.
$ cat /etc/redhat-release Red Hat Enterprise Linux release 8.2 (Ootpa) $ rpm -q ipa-server ipa-client 389-ds-base pki-ca krb5-server ipa-server-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64 ipa-client-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64 389-ds-base-1.4.2.4-8.module+el8.2.0+5959+cfcaedbd.x86_64 pki-ca-10.8.3-2.module+el8.2.0+6294+b7db4606.noarch krb5-server-1.17-18.el8.x86_64 $ rpm -qa | grep httpd httpd-tools-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64 httpd-filesystem-2.4.37-21.module+el8.2.0+5008+cca404a3.noarch httpd-2.4.37-21.module+el8.2.0+5008+cca404a3.x86_64
While I cannot identify any issues or problems related to the recommendation, the Insights Advisor should return a clean result.
Metadata Update from @cheimes: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/4634 - Issue priority set to: normal - Issue set to the milestone: FreeIPA 4.8.7
I'm trying to get rid of all deprecated directives from mod_access_compat but my PR broke some tests. It seems like the route /ipa/migration requires authentication although I set AuthType None and Require all granted.
/ipa/migration
AuthType None
Require all granted
master:
ipa-4-8:
Looks like this change is complete. Closing as fixed.
Metadata Update from @rcritten: - Issue close_status updated to: fixed - Issue set to the milestone: None (was: FreeIPA 4.8.7) - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.