On Sun, Jun 23, 2024 at 11:59 AM Miroslav Suchý <msuchy@xxxxxxxxxx> wrote: > > Dne 23. 06. 24 v 11:50 dop. Leigh Scott napsal(a): > > it has made kerberos login much harder > > Can you elaborate? > > I use Kerberos login without a problem. > > I'm considering ditching provenpackager rights if that is a condition. > > Or you can help us to improve the user experience. > What reasonable path do any of us have to improve that user experience? Most of the problems are tied up in FreeIPA. This is not exactly a system that any Fedora contributor is necessarily skilled in, and the complexity of the stack makes it difficult for a newcomer to grasp. It's not like the old FAS which was all in Python, even if it was custom. I've asked before about making GOA and KAccounts support Kerberos-FAS fully even with MFA, and I've been told that it's basically not possible as things currently stand. I've been against the move to MFA for the sole reason that there has been no effort around supporting it in GOA in a decade. What makes me think it would change now? -- 真実はいつも一つ!/ Always, there's only one truth! -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
