yandex-cauth (1.7.7) precise; urgency=low

  * CAUTH-2370: Удалить относящийся к libnss-extrausers код из cauth (#52)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 18 Mar 2021 16:16:40 +0000

yandex-cauth (1.7.6) precise; urgency=low

  * Bugfix/hostman 878 fix racy status files management (#51)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 18 Mar 2021 09:04:48 +0000

yandex-cauth (1.7.5) precise; urgency=low

  * Feature/hostman 879 fix logging for user keys errors (#50)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 18 Mar 2021 07:10:30 +0000

yandex-cauth (1.7.4) precise; urgency=medium

  * CAUTH-2211 add cassandra to filter_users 

 -- Taisiya Malikova <tmalikova@yandex-team.ru>  Thu, 08 Oct 2020 15:20:43 +0300

yandex-cauth (1.7.3) precise; urgency=low

  * CAUTH-2078: Поздний патчинг sshd_config (#47)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 30 Jul 2020 15:14:34 +0300

yandex-cauth (1.7.2) precise; urgency=low

  * CAUTH-2100: Очистка extrausers nsswitch.conf

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 30 Jul 2020 12:36:02 +0300

yandex-cauth (1.7.1) precise; urgency=low

  * CAUTH-1889: Мониторинг yandex-cauth-cache на mtime (#46)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Tue, 21 Jul 2020 16:10:18 +0300

yandex-cauth (1.7.0) precise; urgency=low

  * CAUTH-1889: Чистим sss из sudoers (#45)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Fri, 10 Jul 2020 14:26:57 +0300

yandex-cauth (1.6.12) precise; urgency=low

  * CAUTH-1889: Сохраняем данные passwd и groups в extrausers (#44)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Tue, 07 Jul 2020 16:22:05 +0300

yandex-cauth (1.6.11) precise; urgency=low

  * CAUTH-1426: Проблема с присутствием в CAuth логина consul (#43) 

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 03 Oct 2019 19:27:51 +0300

yandex-cauth (1.6.10) precise; urgency=low

  * CAUTH-1742: поправил конфиг cron #42 

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 15 Aug 2019 13:59:47 +0300

yandex-cauth (1.6.9) precise; urgency=low

  * CAUTH-1732: Клиентские скрипты спамят в стандартный вывод

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Mon, 05 Aug 2019 19:58:45 +0300

yandex-cauth (1.6.8) precise; urgency=low

  * CAUTH-1642: nulltime@: Вывод cron.d, вывод agent.sh в /tmp/cauth.state и /tmp/cauth.out

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 25 Apr 2019 14:25:03 +0300

yandex-cauth (1.6.7) precise; urgency=low

  * CAUTH-1447: sssd-watchdog.sh должен проверять nss

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Mon, 08 Apr 2019 20:52:37 +0300

yandex-cauth (1.6.6) precise; urgency=low

  * CAUTH-1515: убраны кавычки, потому что экранирование в bash - НЁХ (Vitaly Sopov <v-sopov@yandex-team.ru>)

 -- Vitaly Sopov <v-sopov@yandex-team.ru>  Thu, 27 Dec 2018 18:51:48 +0300
 
yandex-cauth (1.6.5) precise; urgency=low

  * CAUTH-1515: добавлено прокидывание user agent во всех ручках (info) (Vitaly Sopov <v-sopov@yandex-team.ru>)

 -- Vitaly Sopov <v-sopov@yandex-team.ru>  Wed, 26 Dec 2018 12:55:04 +0300

yandex-cauth (1.6.4) precise; urgency=low

  * CAUTH-1515 sources filter for cauth-info (Vitaly Sopov <v-sopov@yandex-team.ru>)

 -- Vitaly Sopov <v-sopov@yandex-team.ru>  Fri, 21 Dec 2018 19:55:58 +0300

yandex-cauth (1.6.3) precise; urgency=low

  * CAUTH-1308 - custom homedir permissions (Eugene Atroshkin <eatroshkin@yandex-team.ru>)

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 01 Nov 2018 13:31:18 +0300

yandex-cauth (1.6.2) precise; urgency=low

  * CAUTH-1377: Выпустить новую версию клиентских скриптов с обновленной цепочкой

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Thu, 20 Sep 2018 19:19:16 +0300

yandex-cauth (1.6.1-0) precise; urgency=low

  * CAUTH-1194: Shell для роботного пользователя

 -- Vladimir Kutyavin <zivot@yandex-team.ru>  Fri, 06 Jul 2018 12:29:02 +0300

yandex-cauth (1.6.0) precise; urgency=low

  * CAUTH-1194: Remove /bin/false and /bin/nologin from allowed_shells, so they don’t fallback to shell_fallback if they are set for the user (#21)

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 22 May 2018 13:33:12 +0300

yandex-cauth (1.5.0) precise; urgency=low

  * CAUTH-1067: new info

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 16 Jan 2018 18:27:11 +0300

yandex-cauth (1.4.0) precise; urgency=low

  * CAUTH-1049: Do not remove serveradmins group at postinstall

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 05 Dec 2017 19:32:41 +0300

yandex-cauth (1.3.9) precise; urgency=low

  [ Boris Zhmurov ]
  * CAUTH-950: don't touch "initgroups" paremeter in nsswitch.conf (#17)

 -- Alexey Boriskin (uruz) <uruz@yandex-team.ru>  Wed, 22 Nov 2017 16:35:48 +0300

yandex-cauth (1.3.8) precise; urgency=low

  * CAUTH-1035: do not rewrite yandex-deny.conf at package upgrade (#18

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Wed, 15 Nov 2017 18:04:00 +0300

yandex-cauth (1.3.7) precise; urgency=low

  * bugfix

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Wed, 08 Nov 2017 18:42:05 +0300

yandex-cauth (1.3.6) precise; urgency=low

  * Update agent.sh: Check unbound hostnames (#15)

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Wed, 01 Nov 2017 11:58:25 +0300

yandex-cauth (1.3.5) precise; urgency=low

  * CAUTH-1021: switch from p_err to p_warn in get-keys.sh (#16)

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 31 Oct 2017 15:58:48 +0300

yandex-cauth (1.3.4) precise; urgency=low

  * CAUTH-997: don't touch users dotfiles while fixing $HOME rights

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Mon, 23 Oct 2017 15:21:38 +0300

yandex-cauth (1.3.3) precise; urgency=low

  * CAUTH-985 pass "sources=" as is to cauth-info

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Fri, 20 Oct 2017 17:23:14 +0300

yandex-cauth (1.3.2) precise; urgency=low

  * CAUTH-985: pass "sources" to CAuth API as is

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 19 Oct 2017 15:47:27 +0300

yandex-cauth (1.3.1) precise; urgency=low

  * CAUTH-979: Заменить source на "." в клиентских скриптах

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 05 Oct 2017 16:30:44 +0300

yandex-cauth (1.3.0) precise; urgency=low

  * CAUTH-945: handle sources query string

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 28 Sep 2017 15:24:39 +0300

yandex-cauth (1.2.3) precise; urgency=low

  * CAUTH-946: приезжают чужие sshpubkeys к пользователю

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Fri, 01 Sep 2017 13:08:45 +0300

yandex-cauth (1.2.2) precise; urgency=low

  * CAUTH-940: get-keys.sh не исправляет владельца authorized_keys, если он неправильный

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 22 Aug 2017 21:18:52 +0300

yandex-cauth (1.2.1) precise; urgency=low

  * CAUTH-935 set sssd max_id to 0 (no limit)

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 17 Aug 2017 18:54:21 +0300

yandex-cauth (1.2.0) precise; urgency=low

  * 1.2.0 install upstart config only for upstart-like Ubuntu's

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 03 Aug 2017 21:01:52 +0300

yandex-cauth (1.1.15) precise; urgency=low

  * 1.1.15 Toolsup 20987

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 03 Aug 2017 20:13:31 +0300

yandex-cauth (1.1.14) precise; urgency=low

  * 1.1.14 CAUTH-911 CAUTH пускает всех пользователей домена через TTY

 -- Ilya Peterov <ipeterov@yandex-team.ru>  Thu, 20 Jul 2017 15:05:35 +0300

yandex-cauth (1.1.13) precise; urgency=low

  * 1.1.13 CAUTH-883 clean_on_err() не работает на Precise

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 06 Jul 2017 18:15:26 +0300

yandex-cauth (1.1.12) precise; urgency=low

  * CAUTH-814: clean tmp files if it cannot be validated

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 21 Mar 2017 13:43:14 +0300

yandex-cauth (1.1.11) precise; urgency=low

  * CAUTH-800 add bin/sh to su

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Wed, 22 Feb 2017 18:34:02 +0300

yandex-cauth (1.1.10) precise; urgency=low

  * fix sshd_config patching

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 17 Jan 2017 20:13:39 +0300

yandex-cauth (1.1.9) precise; urgency=low

  * CAUTH-790 fix agent.sh: line 72: my_hostname: unbound variable

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 10 Jan 2017 14:57:07 +0300

yandex-cauth (1.1.8) precise; urgency=low

  * patch sshd_config even more carefully

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Fri, 30 Dec 2016 14:19:35 +0300

yandex-cauth (1.1.7) precise; urgency=low

  * IS-2308 fix unbound variable usage

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Mon, 26 Dec 2016 20:57:17 +0300

yandex-cauth (1.1.6) precise; urgency=low

  * IS-2308 Privilege escalation в get-keys.sh

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Mon, 26 Dec 2016 19:56:07 +0300

yandex-cauth (1.1.5) precise; urgency=low

  * bugfixes

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 13 Dec 2016 22:31:53 +0300

yandex-cauth (1.1.4) precise; urgency=low

  * add diffutils to Pre-Depends, as of cauth-patch-sshd.sh uses diff/cmp

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 13 Dec 2016 19:07:22 +0300

yandex-cauth (1.1.3) precise; urgency=low

  * CAUTH-764 regexp bugfix

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Tue, 13 Dec 2016 16:28:16 +0300

yandex-cauth (1.1.2) precise; urgency=low

  * CAUTH-764 add home field

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Mon, 12 Dec 2016 21:17:51 +0300

yandex-cauth (1.1.1) precise; urgency=low

  * CAUTH-700 group min_id fix

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 27 Oct 2016 16:16:53 +0300

yandex-cauth (1.1.0) precise; urgency=low

  * CAUTH-761 добавил запуск regenerate-monrun-tasks в postins

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Mon, 24 Oct 2016 15:16:25 +0300

yandex-cauth (1.0-170) precise; urgency=low

  * CAUTH-696 Добавил пакет с hexdump в зависимости

 -- Alexander Lavrukov <lavrukov@yandex-team.ru>  Thu, 30 Jun 2016 19:46:07 +0300

yandex-cauth (1.0-169) precise; urgency=low

  * CAUTH-622 fixed bash-isms
  * CAUTH-622 do not allow root with password
  * CAUTH-622 do not use IO when unneeded

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 30 Jun 2016 17:02:31 +0300

yandex-cauth (1.0-168) precise; urgency=low

  * CAUTH-622 Актуальный список сертификатов с комментариями
  * CAUTH-622 Более аккуратный патчинг sshd_config
  * CAUTH-622 Мониторинг кэша ldap

 -- Andrey Bulgakov <abulgakov@yandex-team.ru>  Wed, 01 Jun 2016 14:02:22 +0300

yandex-cauth (1.0-167) unstable; urgency=low

  * Add yandex-deny.conf, add pam_limits.so

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 19 May 2016 18:57:43 +0300

yandex-cauth (1.0-165) unstable; urgency=low

  * Adding cauth-client-caching/scripts to provide/replace section
  * Removing cauth-client-rechown from conflicts


 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 19 May 2016 18:56:53 +0300

yandex-cauth (1.0-164) unstable; urgency=low

  * "hostname -A" is limited to 46 symbols FQDN, rewrite it with hostname -I
  * require dnsutils and hostname

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 05 May 2016 12:51:25 +0300

yandex-cauth (1.0-162) unstable; urgency=low

  * use "hostname -A" to detect own FQDN harder, even if it is short name
    in /etc/hostname and there is no right domain in /etc/resolv.conf

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Fri, 22 Apr 2016 21:19:37 +0300

yandex-cauth (1.0-161) unstable; urgency=low

  * clean old orphaned sudoers from other cauth packages

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 21 Apr 2016 19:06:41 +0300

yandex-cauth (1.0-160) unstable; urgency=low

  * use "hostname -f" instead of "uname -n"

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Tue, 19 Apr 2016 20:13:11 +0300

yandex-cauth (1.0-159) unstable; urgency=low

  * run agent.sh at postinst script, not get-{access,keys,sudoers}.sh

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Wed, 02 Mar 2016 13:44:41 +0300

yandex-cauth (1.0-158) unstable; urgency=low

  * add agent.sh to install file

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Tue, 01 Mar 2016 16:03:00 +0300

yandex-cauth (1.0-157) unstable; urgency=low

  * drop pam_ssh_agent_auth.so usage, as it is not needed anymore

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Tue, 01 Mar 2016 00:47:37 +0300

yandex-cauth (1.0-156) unstable; urgency=low

  * implement agent.sh, it runs get-{access,keys,sudoers}.sh and checks FQDN matching
  * CAuth-client now logs all its actions to syslog with AUTH facility
  * patch sshd_config in agent.sh, not in postinst script
  * remove local group "serveradmins" in postinst

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Tue, 01 Mar 2016 00:27:51 +0300

yandex-cauth (1.0-155) unstable; urgency=low

  * fix situation, when get-sudoers.sh returned "1" even when everything is fine
  * fix path to yandex-cauth-ssh-agent in /etc/sudoers.d
  * fix some debian lintian warnings

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Fri, 26 Feb 2016 17:45:28 +0300

yandex-cauth (1.0-154) unstable; urgency=low

  * add /etc/sudoers.d/yandex-cauth with env_keep+=SSH_AUTH_SOCK

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Fri, 26 Feb 2016 15:14:37 +0300

yandex-cauth (1.0-153) unstable; urgency=medium

  * add some filter_users to sssd.conf
  * add allowed_shells and shell_fallback parameter
  * add sudo support

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Wed, 03 Feb 2016 18:40:26 +0300

yandex-cauth (1.0-152) unstable; urgency=low

  * fix permissions of /etc/cauth directory

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Mon, 14 Dec 2015 19:28:07 +0300

yandex-cauth (1.0-151) unstable; urgency=medium

  * move sssd to Pre-Depends

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Mon, 14 Dec 2015 15:10:55 +0300

yandex-cauth (1.0-150) unstable; urgency=medium

  * PermitRootLogin -> without-passwords
  * LogLevel -> VERBOSE

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 10 Dec 2015 21:44:15 +0300

yandex-cauth (1.0-149) unstable; urgency=medium

  * do not conflict with nscd

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 03 Dec 2015 21:11:51 +0300

yandex-cauth (1.0-148) unstable; urgency=low

  * pass User-Agent to CAUTH server

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Mon, 16 Nov 2015 14:48:59 +0300

yandex-cauth (1.0-147) unstable; urgency=low

  * get-{access,keys,sudoers} scripts should be used with root privileges

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 12 Nov 2015 14:05:51 +0300

yandex-cauth (1.0-146) unstable; urgency=medium

  * bump version to satisfy yandex-search-common dependencie

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Thu, 22 Oct 2015 15:18:04 +0300

yandex-cauth (1.0-0) unstable; urgency=medium

  * Initial build

 -- Boris Zhmurov <zhmurov@yandex-team.ru>  Mon, 12 Oct 2015 18:53:41 +0300
