Pro Custodibus Agent 1.4.1
Added
-----
* Support for writing WireGuard config to directories other than
/etc/wireguard.
* Installer support for Homebrew package manager and launchd supervisor.
Fixed
-----
* Fixed usage of ifconfig on macOS to determine interface address.
* Fixed errant SELinux error message on non-Linux platforms.
Pro Custodibus Agent 1.4.0
Requires Pro Custodibus API version 1.1 or newer.
Changed
-------
* Use server challenge for signature authentication (insteading of
signing an URL with a timestamp).
Pro Custodibus Agent 1.3.3
Added
-----
* Installer tests for Alpine 3.18, Debian Bookworm, Fedora 38, and Ubuntu Lunar.
Fixed
-----
* Installer now detects and fixes conf files with wrong SELinux context labels.
Pro Custodibus Agent 1.3.2
Added
-----
* Test execution for Python 3.11.
* Installer tests for Fedora 37 and Alpine 3.17.
Fixed
-----
* Installer now ensures libffi headers are installed on platforms where
they are needed to build PyNaCl.
* Installer now checks for Amazon Linux 2023 (was previously
Amazon Linux 2022).
Changed
-------
* Added timeout to Pro Custodibus API requests.
* Added additional hardening constraints to systemd service unit.
This will not be upgraded automatically -- see the below
"Manually Upgrade Systemd Hardening" section to apply.
Manually Upgrade Systemd Hardening
----------------------------------
The additional hardening constraints for the agent's systemd service
unit will only be installed automatically on fresh installs. It will not
be upgraded automatically. To apply the additional hardening manually,
copy the `etc/systemd.service` file from the agent tarball to the
`/etc/systemd/system/procustodibus-agent.service` file on the host,
reload the configuration, and restart the agent:
$ sudo cp etc/systemd.service /etc/systemd/system/procustodibus-agent.service
$ sudo systemctl daemon-reload
$ sudo systemctl restart procustodibus-agent
Pro Custodibus Agent 1.3.1
Added
-----
* Allow loop interval override in conf file.
* Installer warning that libsodium must be installed manually with Amazon Linux 2022.
* Installer tests for RHEL 9 and derivatives.
Changed
-------
* Require recent versions of package dependencies.
* Deprecate Python 3.6.
* Installer detect and recreate broken virtualenv.
* Installer upgrade pip and setuptools before install.
Pro Custodibus Agent 1.3.0
Added
-----
* Command-line interface for WireGuard multi-factor authentication.
* Installer support for Amazon Linux 2022.
* Installer tests for Ubuntu 22.04, Fedora 36, and Alpine 3.16.
Changed
-------
* Use latest PyNacl Python package,
and update installer to install OS packages to build it if necessary.
* Run daemons with `INFO` verbosity instead of `WARN`.
* Install Python 3.8 on RHEL 7.
Pro Custodibus Agent 1.2.6
Fixed installer upgrade with older versions of Python.
Pro Custodibus Agent 1.2.5
Added
-----
* Add a few minor hardening directives to systemd service definition.
Fixed
-----
* Fix endpoint restore with no preshared key.
Pro Custodibus Agent 1.2.4
Added
-----
* Add installer support for Rocky and AlmaLinux.
Fixed
-----
* Start up daemon even when API is not available; wait until API is
available to start pinging.
* Avoid having to build new PyNacl package on several older Linux
distros during install.
Pro Custodibus Agent 1.2.3
Fixed broken `procustodibus-credentials` command.