diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 997a02c..1f0fe50 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -20,7 +20,7 @@ jobs: name: Full strategy: matrix: - platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse150, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004] + platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004] runs-on: ubuntu-latest if: contains(github.event.pull_request.labels.*.name, 'tests:full') steps: diff --git a/README.md b/README.md index 19744c5..ce53398 100644 --- a/README.md +++ b/README.md @@ -75,16 +75,18 @@ Linux distros below are tested with each release, but as this is a security prod - Debian 10 (Buster), 9 (Stretch), 8 (Jessie) - RHEL/CentOS 8.x (8.3.2011, 8.2.2004, 8.1.1911), 7.x (7.9.2009, 7.8.2003, 7.7.1908) - Ubuntu LTS 20.04, 18.04, 16.04, 14.04\* -- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\* +- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\*\* \*: Note that these versions have no out-of-the-box MFA support, as they lack packaged versions of `pamtester`, `pam-google-authenticator`, or both. Of course, you may compile those yourself. Any other so-called "modern" Linux version are not tested with each release, but should work with no or minor adjustments. +\*\*: OpenSUSE Leap 15.0 randomly hits a segfault when [updating system packages](https://bugzilla.opensuse.org/show_bug.cgi?id=1146027), we had to remove it from our automated tests workflow. + The following OS are also tested with each release: -- FreeBSD/HardenedBSD 12.1\*\* +- FreeBSD/HardenedBSD 12.1\*\*\* -\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1. +\*\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1. Other BSD variants partially work but are unsupported and discouraged as they have a severe limitation over the maximum number of supplementary groups (causing problems for group membership and restricted commands checks), no filesystem-level ACL support and missing MFA: