On 07/07/2015 04:31 PM, Alexander Bokovoy wrote:
> On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
>> attached are patches to introduce one-way trust support and few more to
>> fix currently outstanding trust-related bugs.
>> More details are in the commit messages.
>> For oddjobd-activated helper, if you want to test the one-way trust
>> setup, you need to put SELinux into permissive. We have bugs for both
>> Fedora and RHEL to add the policy
>> (https://bugzilla.redhat.com/show_bug.cgi?id=1238163 for RHEL7), it is
>> in works.
> Updated patch 0181 after discussion with Simo and Sumit about empty rid
Works fine for me, thanks. ACK.
Pushed to master: 5017726ebaf6eea3dedb1325efe00c0d6c4b6187
During review, I also pushed the attached oneliner.
From d011ca36f1db5d0cb76ab53ef07a33bec54d9003 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Wed, 8 Jul 2015 01:24:10 +0200
Subject: [PATCH] dcerpc: Raise ACIError correctly
ipaserver/dcerpc.py | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index bc75a60265de241f01b7e22c0274dc8a8523eeec..a1da0a641064f59a79639d97489ff73181787a4a 100644
@@ -1093,9 +1093,11 @@ class TrustDomainInstance(object):
if self.validation_attempts < 10:
- raise errors.ACIError(reason=_('IPA master denied trust validation requests from AD DC '
- '%(count)d times. Most likely AD DC contacted a replica '
- 'that has no trust information replicated yet.' % (self.validation_attempts)))
+ raise errors.ACIError(
+ info=_('IPA master denied trust validation requests from AD DC '
+ '%(count)d times. Most likely AD DC contacted a replica '
+ 'that has no trust information replicated yet.')
+ % dict(count=self.validation_attempts))
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code