ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-02-27 00:54:26 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #94 from ovh/opensuseleap150

Browse source 
Opensuseleap150
This commit is contained in:
Stéphane Lesimple 2020-12-15 17:04:12 +01:00 committed by GitHub
commit 2f1eb5a6b2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/tests.yml vendored
View file

@ -20,7 +20,7 @@ jobs:
name: Full
strategy:
matrix:
platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse150, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004]
platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004]
runs-on: ubuntu-latest
if: contains(github.event.pull_request.labels.*.name, 'tests:full')
steps:

8
README.md
View file

@ -75,16 +75,18 @@ Linux distros below are tested with each release, but as this is a security prod
- Debian 10 (Buster), 9 (Stretch), 8 (Jessie)
- RHEL/CentOS 8.x (8.3.2011, 8.2.2004, 8.1.1911), 7.x (7.9.2009, 7.8.2003, 7.7.1908)
- Ubuntu LTS 20.04, 18.04, 16.04, 14.04\*
- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\*
- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\*\*
\*: Note that these versions have no out-of-the-box MFA support, as they lack packaged versions of `pamtester`, `pam-google-authenticator`, or both. Of course, you may compile those yourself.
Any other so-called "modern" Linux version are not tested with each release, but should work with no or minor adjustments.
\*\*: OpenSUSE Leap 15.0 randomly hits a segfault when [updating system packages](https://bugzilla.opensuse.org/show_bug.cgi?id=1146027), we had to remove it from our automated tests workflow.
The following OS are also tested with each release:
- FreeBSD/HardenedBSD 12.1\*\*
- FreeBSD/HardenedBSD 12.1\*\*\*
\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1.
\*\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1.
Other BSD variants partially work but are unsupported and discouraged as they have a severe limitation over the maximum number of supplementary groups (causing problems for group membership and restricted commands checks), no filesystem-level ACL support and missing MFA: