[Freeipa-devel] [PATCH] Do not create reverse zone by default
Prompt for creation of reverse zone, with the default for unattended installations being False. https://fedorahosted.org/freeipa/ticket/418 -- Jakub Hrozek Red Hat From 2e54c194bd40d59e7bf2625dd2beb6cb42cbd4bd Mon Sep 17 00:00:00 2001 From: Jakub Hrozek jhro...@redhat.com Date: Thu, 11 Nov 2010 19:27:27 +0100 Subject: [PATCH] Do not create reverse zone by default Prompt for creation of reverse zone, with the default for unattended installations being False. https://fedorahosted.org/freeipa/ticket/418 --- install/tools/ipa-dns-install |3 ++- install/tools/ipa-replica-install |3 ++- install/tools/ipa-server-install |3 ++- ipaserver/install/bindinstance.py | 12 ++-- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index 5604931..bf6679e 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -161,7 +161,8 @@ def main(): # Create a BIND instance bind = bindinstance.BindInstance(fstore, dm_password) -bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp, zonemgr=options.zonemgr) +create_reverse = bindinstance.create_reverse(options.unattended) +bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp, create_reverse, zonemgr=options.zonemgr) api.Backend.ldap2.connect(bind_dn=cn=Directory Manager, bind_pw=dm_password) bind.create_instance() diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index e4aae4a..2fee483 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -223,8 +223,9 @@ def install_bind(config, options): forwarders = () bind = bindinstance.BindInstance(dm_password=config.dirman_password) ip_address = resolve_host(config.host_name) +create_reverse = bindinstance.create_reverse(options.unattended) bind.setup(config.host_name, ip_address, config.realm_name, - config.domain_name, forwarders, options.conf_ntp) + config.domain_name, forwarders, options.conf_ntp, create_reverse) bind.create_instance() def check_dirsrv(): diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index f0c7a17..a709e18 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -763,7 +763,8 @@ def main(): # Create a BIND instance bind = bindinstance.BindInstance(fstore, dm_password) -bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders, options.conf_ntp, zonemgr=options.zonemgr) +create_reverse = bindinstance.create_reverse(options.unattended) +bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders, options.conf_ntp, create_reverse, zonemgr=options.zonemgr) if options.setup_dns: api.Backend.ldap2.connect(bind_dn=cn=Directory Manager, bind_pw=dm_password) diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py index 4e63e7e..ec74564 100644 --- a/ipaserver/install/bindinstance.py +++ b/ipaserver/install/bindinstance.py @@ -58,6 +58,11 @@ def check_inst(unattended): return True +def create_reverse(unattended): +if unattended: +return False +return ipautil.user_input(Do you want to configure the reverse zone?, False) + def dns_container_exists(fqdn, realm): Test whether the dns container exists. @@ -200,13 +205,14 @@ class BindInstance(service.Service): self.realm = None self.forwarders = None self.sub_dict = None +self.create_reverse = False if fstore: self.fstore = fstore else: self.fstore = sysrestore.FileStore('/var/lib/ipa/sysrestore') -def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp, named_user=named, zonemgr=None): +def setup(self, fqdn, ip_address, realm_name, domain_name, forwarders, ntp, create_reverse, named_user=named, zonemgr=None): self.named_user = named_user self.fqdn = fqdn self.ip_address = ip_address @@ -216,6 +222,7 @@ class BindInstance(service.Service): self.host = fqdn.split(.)[0] self.suffix = util.realm_to_suffix(self.realm) self.ntp = ntp +self.create_reverse = create_reverse if zonemgr: self.zonemgr = zonemgr.replace('@','.') @@ -247,7 +254,8 @@ class BindInstance(service.Service): if not dns_container_exists(self.fqdn, self.suffix): self.step(adding DNS container, self.__setup_dns_container) self.step(setting up our zone, self.__setup_zone) -self.step(setting up reverse zone, self.__setup_reverse_zone) +if self.create_reverse: +self.step(setting up reverse zone, self.__setup_reverse_zone) self.step(setting up kerberos principal, self.__setup_principal)
[Freeipa-devel] [PATCH] Make the migration plugin more configurable
This patch adds new options to the migration plugin: * the option to fine-tune the objectclass of users or groups being * imported * the option to select the LDAP schema (RFC2307 or RFC2307bis) https://fedorahosted.org/freeipa/ticket/429 From 88165ff6ea2d889150e8bdc882a7b6bec1ab0519 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek jhro...@redhat.com Date: Tue, 26 Oct 2010 16:10:42 -0400 Subject: [PATCH] Make the migration plugin more configurable This patch adds new options to the migration plugin: * the option to fine-tune the objectclass of users or groups being imported * the option to select the LDAP schema (RFC2307 or RFC2307bis) https://fedorahosted.org/freeipa/ticket/429 --- ipalib/plugins/migration.py | 86 ++- 1 files changed, 68 insertions(+), 18 deletions(-) diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 6dc9934..81e35e2 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -28,7 +28,7 @@ import logging import re from ipalib import api, errors, output -from ipalib import Command, List, Password, Str, Flag +from ipalib import Command, List, Password, Str, Flag, StrEnum from ipalib.cli import to_cli if api.env.in_server and api.env.context in ['lite', 'server']: try: @@ -44,8 +44,10 @@ from ipalib.text import Gettext # FIXME: remove once the other Gettext FIXME is _krb_err_msg = _('Kerberos principal %s already exists. Use \'ipa user-mod\' to set it manually.') _grp_err_msg = _('Failed to add user to the default group. Use \'ipa group-add-member\' to add manually.') +_supported_schemas = (u'RFC2307bis', u'RFC2307') -def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx): + +def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs): # get default primary group for new users if 'def_group_dn' not in ctx: def_group = config.get('ipadefaultprimarygroup') @@ -90,8 +92,8 @@ def _post_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx): # GROUP MIGRATION CALLBACKS AND VARS -def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx): -def convert_members(member_attr, overwrite=False): +def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs): +def convert_members_rfc2307bis(member_attr, overwrite=False): Convert DNs in member attributes to work in IPA. @@ -112,15 +114,36 @@ def _pre_migrate_group(ldap, pkey, dn, entry_attrs, failed, config, ctx): entry_attrs['member'] = [] entry_attrs['member'] += new_members +def convert_members_rfc2307(member_attr): + +Convert usernames in member attributes to work in IPA. + +new_members = [] +entry_attrs.setdefault(member_attr, []) +for m in entry_attrs[member_attr]: +memberdn = 'uid=%s,%s' % (m, api.env.container_user) +new_members.append(ldap.normalize_dn(memberdn)) +entry_attrs['member'] = new_members + +schema = kwargs.get('schema', None) entry_attrs['ipauniqueid'] = 'autogenerate' -convert_members('member', overwrite=True) -convert_members('uniquemember') +if schema == 'RFC2307bis': +convert_members_rfc2307bis('member', overwrite=True) +convert_members_rfc2307bis('uniquemember') +elif schema == 'RFC2307': +convert_members_rfc2307('memberuid') +else: +raise ValueError('Schema %s not supported' % schema) return dn # DS MIGRATION PLUGIN +def construct_filter(template, oc_list): +oc_subfilter = ''.join([ '(objectclass=%s)' % oc for oc in oc_list]) +return template % oc_subfilter + def validate_ldapuri(ugettext, ldapuri): m = re.match('^ldaps?://[-\w\.]+(:\d+)?$', ldapuri) if not m: @@ -152,14 +175,18 @@ class migrate_ds(Command): # # If pre_callback return value evaluates to False, migration # of the current object is aborted. -'user': ( -'((objectClass=person)(uid=*))', -_pre_migrate_user, _post_migrate_user -), -'group': ( - '((|(objectClass=groupOfUniqueNames)(objectClass=groupOfNames))(cn=*))', -_pre_migrate_group, None -), +'user': { +'filter_template' : '((|%s)(uid=*))', +'oc_option' : 'userobjectclass', +'pre_callback' : _pre_migrate_user, +'post_callback' : _post_migrate_user +}, +'group': { +'filter_template' : '((|%s)(cn=*))', +'oc_option' : 'groupobjectclass', +'pre_callback' : _pre_migrate_group, +'post_callback' : None +}, } migrate_order = ('user', 'group') @@ -196,6 +223,28 @@ class migrate_ds(Command): default=u'ou=groups', autofill=True, ), +List('userobjectclass?', +
Re: [Freeipa-devel] [PATCH] 0010 change uuid plugin to use libuuid
On Thu, Nov 11, 2010 at 10:21:15AM -0500, Simo Sorce wrote: Directory Server guys decided not to expose internal uuid functions so change the ipa uuid plugin to use libuuid. The code looks OK and seems to work fine. This changes the string format of the UUID records once again unfortunately ... I was about to ACK the patch, but I'm wondering, should I check some other parts of the server to see whether the new format does not break anything? I tested just with adding a user and checking the ipauniqueid: attribute looks good. Jakub ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 609 Reduce the number of attributes a host is allowed to write.
On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote: The list of attributes that a host bound as itself could write was overly broad. A host can now only update its description, information about itself such as OS release, etc, its certificate, password and keytab. https://fedorahosted.org/freeipa/ticket/416 rob Some of the changes in install/share/default-aci.ldif seem to not apply cleanly on top of the current master. Does this patch depend on another one? Jakub ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 602 verify --ip-address option during installation
On Tue, Nov 09, 2010 at 09:50:32AM -0500, Rob Crittenden wrote: Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/04/2010 10:00 PM, Rob Crittenden wrote: There was a corner case where the value of --ip-address was never verified if you were also setting up DNS. Added this bit of information to the man page too. ticket 399 rob Two questions: 1) is it intended to quit without printing an error message if verify_ip() fails? verify_ip_address() prints the message. Ah, sorry. I didn't see that. 2) I don't quite understand the manpage part - it says and --setup-dns is *not* selected - but the code checks for if options.setup_dns: You can only override the public IP address setting if you are setting up your own DNS server. Perhaps I should make the text say that... I don't have any very strong feeling about it, but maybe it would be clearer. I can ack both patches :-) Jakub ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0010 change uuid plugin to use libuuid
On Mon, 15 Nov 2010 13:48:51 +0100 Jakub Hrozek jhro...@redhat.com wrote: On Thu, Nov 11, 2010 at 10:21:15AM -0500, Simo Sorce wrote: Directory Server guys decided not to expose internal uuid functions so change the ipa uuid plugin to use libuuid. The code looks OK and seems to work fine. This changes the string format of the UUID records once again unfortunately ... I was about to ACK the patch, but I'm wondering, should I check some other parts of the server to see whether the new format does not break anything? I tested just with adding a user and checking the ipauniqueid: attribute looks good. No I don't think anything more is required, except the attached patch I forgot to send, which reverts the format being tested in the xmlrpc unit tests. If you can ack both together it would be nice. Simo. -- Simo Sorce * Red Hat, Inc * New York From c3f38a53748bcbc2f0549193102afdb4ef2ad634 Mon Sep 17 00:00:00 2001 From: Simo Sorce sso...@redhat.com Date: Thu, 11 Nov 2010 10:20:35 -0500 Subject: [PATCH] Revert tests code to use the old uuid format. --- tests/test_xmlrpc/xmlrpc_test.py |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test_xmlrpc/xmlrpc_test.py b/tests/test_xmlrpc/xmlrpc_test.py index a8074dace95410b90959e10c00b98a9aed544cc3..3a437d957229c2f9b070eb2be600eb846383cf3f 100644 --- a/tests/test_xmlrpc/xmlrpc_test.py +++ b/tests/test_xmlrpc/xmlrpc_test.py @@ -36,12 +36,12 @@ fuzzy_digits = Fuzzy('^\d+$', type=basestring) # Matches an ipauniqueid like u'784d85fd-eae7-11de-9d01-54520012478b' fuzzy_uuid = Fuzzy( -'^[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8}$' +'^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' ) # Matches netgroup dn fuzzy_netgroupdn = Fuzzy( -'ipauniqueid=[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8}-[0-9a-f]{8},cn=ng,cn=alt,%s' % api.env.basedn +'ipauniqueid=[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12},cn=ng,cn=alt,%s' % api.env.basedn ) try: -- 1.7.3.2 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] association buttons to action panel
Pushed under the one line rule: From dbd823c8d874fc54a3ad8a7061a784a39cea2488 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Mon, 15 Nov 2010 10:03:27 -0500 Subject: [PATCH] Push associate buttons to the action-panel --- install/static/associate.js |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/install/static/associate.js b/install/static/associate.js index eda85dc8cd961a495b15d30f9e504c656ad0e635..641409a8fb971265eb580700b7381bd9025c6504 100644 --- a/install/static/associate.js +++ b/install/static/associate.js @@ -259,7 +259,7 @@ function ipa_association_widget(spec) { that.superior_create(container); var div = $('#'+that.id, container); -var buttons = $('span[name=buttons]', div); +var buttons = $('span /').appendTo($('.action-panel')); //TODO replace with ipa_button $('input/', { 'type': 'button', @@ -455,4 +455,4 @@ function ipa_deleter_dialog_setup() { $('p/', { 'text': IPA.messages.search.delete_confirm }).appendTo(that.dialog); -} \ No newline at end of file +} -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] HBAC details page enhancement
On 11/13/2010 11:14 PM, Endi Sukma Dewata wrote: Hi, Please review the attached patch. Thanks! https://fedorahosted.org/reviewboard/r/107/ The HBAC details page has been enhanced to support Undo and Reset operations. The functionality is implemented in the base widget class so the behavior will be more consistent across widgets. A span tag now used to define the field boundary in the HTML doc. The tag contains the visual representation of the field which include the input tag and optionally the undo link. The Update method on HBAC details page has been modified so that it executes several operations using a batch command. The operations being executed depends on the changes made to the fields. These operations may include: - removing access time if access time is changed to any time This didn't seem to work. The rest of it was fine, but I still see the acces time I added - removing memberships if member category is changed to all - modifying rule attributes if description or rule type is changed - enabling/disabling the rule if rule status is changed The behavior of the Add Remove buttons also has been changed such that it adjust the category attribute properly in addition to adding the memberships using batch command. For example, if category is initially set to all, adding a new member will also change the category to empty. The ipa_command have been modified to store the on_success and on_error handlers as properties. When the command is executed as a part of batch operation, the result of each command will be passed to the appropriate handler. The unit tests and test data have been updated as well. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 609 Reduce the number of attributes a host is allowed to write.
Jakub Hrozek wrote: On Wed, Nov 10, 2010 at 04:25:18PM -0500, Rob Crittenden wrote: The list of attributes that a host bound as itself could write was overly broad. A host can now only update its description, information about itself such as OS release, etc, its certificate, password and keytab. https://fedorahosted.org/freeipa/ticket/416 rob Some of the changes in install/share/default-aci.ldif seem to not apply cleanly on top of the current master. Does this patch depend on another one? Maybe unreviewed patch 593 fix group objectclasses on detach rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] HBAC details page enhancement
On 11/15/2010 11:00 AM, Adam Young wrote: On 11/15/2010 10:58 AM, Adam Young wrote: On 11/13/2010 11:14 PM, Endi Sukma Dewata wrote: Hi, Please review the attached patch. Thanks! https://fedorahosted.org/reviewboard/r/107/ The HBAC details page has been enhanced to support Undo and Reset operations. The functionality is implemented in the base widget class so the behavior will be more consistent across widgets. A span tag now used to define the field boundary in the HTML doc. The tag contains the visual representation of the field which include the input tag and optionally the undo link. The Update method on HBAC details page has been modified so that it executes several operations using a batch command. The operations being executed depends on the changes made to the fields. These operations may include: - removing access time if access time is changed to any time This didn't seem to work. The rest of it was fine, but I still see the acces time I added - removing memberships if member category is changed to all - modifying rule attributes if description or rule type is changed - enabling/disabling the rule if rule status is changed The behavior of the Add Remove buttons also has been changed such that it adjust the category attribute properly in addition to adding the memberships using batch command. For example, if category is initially set to all, adding a new member will also change the category to empty. The ipa_command have been modified to store the on_success and on_error handlers as properties. When the command is executed as a part of batch operation, the result of each command will be passed to the appropriate handler. The unit tests and test data have been updated as well. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel BTW, I rebased and merged on top of my one line fix. Here's the updated. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] HBAC details page enhancement
On 11/15/2010 11:47 AM, Adam Young wrote: ACK Thanks. Pushed a new rebase to master. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] dmiyo-0088-HBAC-css-cleanup.
From e36f0a47317a3b4c185e78e695c35750a3f218cf Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Mon, 15 Nov 2010 13:43:10 -0500 Subject: [PATCH] HBAC css cleanup The additions to the search widget have to go one level deeper, as 'container' has both the action panel and the client area --- install/static/hbac.js | 11 --- install/static/hbacsvc.js | 13 + install/static/hbacsvcgroup.js |9 + 3 files changed, 22 insertions(+), 11 deletions(-) diff --git a/install/static/hbac.js b/install/static/hbac.js index 7a08db38d659a22890540f773c7be9381ccf759b..e7776a66a7ab67b6fdc5f413d03696722dddc082 100755 --- a/install/static/hbac.js +++ b/install/static/hbac.js @@ -115,10 +115,9 @@ function ipa_hbac_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Rules' }).appendTo(container); /* + // Not yet implemented var left_buttons = $('span/', { @@ -132,6 +131,7 @@ function ipa_hbac_search_facet(spec) { left_buttons.append(ipa_button({ 'label': 'Cull Disabled Rules' })); + */ var right_buttons = $('li/', { 'style': 'float: right;' @@ -157,9 +157,14 @@ function ipa_hbac_search_facet(spec) { } })); -container.append('br/br/'); that.superior_create(container); + +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Rules' })); +container.children().last().prepend('br/br/'); + }; return that; diff --git a/install/static/hbacsvc.js b/install/static/hbacsvc.js index 1ff5f0a867100de0d8014a6bad92fe230cd8b919..869622b0784ebd073922680da81ea07bf9f4433c 100755 --- a/install/static/hbacsvc.js +++ b/install/static/hbacsvc.js @@ -104,9 +104,6 @@ function ipa_hbacsvc_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Services' }).appendTo(container); - var right_buttons = $('li/', { 'style': 'float: right;' }).appendTo($('.action-panel ul')); @@ -131,9 +128,17 @@ function ipa_hbacsvc_search_facet(spec) { } })); -container.append('br/br/'); that.superior_create(container); + +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Services' })); +container.children().last().prepend('br/br/'); + + + + }; return that; diff --git a/install/static/hbacsvcgroup.js b/install/static/hbacsvcgroup.js index 979decdb714db7c6dee77dabc73bd265697fde72..bcfaa70e6c20d4ac7c172f5f32c8225b0d93ca5b 100755 --- a/install/static/hbacsvcgroup.js +++ b/install/static/hbacsvcgroup.js @@ -115,8 +115,6 @@ function ipa_hbacsvcgroup_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Service Groups' }).appendTo(container); var right_buttons = $('li/', { 'style': 'float: right;' @@ -142,9 +140,12 @@ function ipa_hbacsvcgroup_search_facet(spec) { } })); -container.append('br/br/'); - that.superior_create(container); +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Service Groups' })); +container.children().last().prepend('br/br/'); + }; return that; -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0010 change uuid plugin to use libuuid
On Mon, 15 Nov 2010 14:45:18 +0100 Jakub Hrozek jhro...@redhat.com wrote: On Mon, Nov 15, 2010 at 08:24:59AM -0500, Simo Sorce wrote: On Mon, 15 Nov 2010 13:48:51 +0100 Jakub Hrozek jhro...@redhat.com wrote: On Thu, Nov 11, 2010 at 10:21:15AM -0500, Simo Sorce wrote: Directory Server guys decided not to expose internal uuid functions so change the ipa uuid plugin to use libuuid. The code looks OK and seems to work fine. This changes the string format of the UUID records once again unfortunately ... I was about to ACK the patch, but I'm wondering, should I check some other parts of the server to see whether the new format does not break anything? I tested just with adding a user and checking the ipauniqueid: attribute looks good. No I don't think anything more is required, except the attached patch I forgot to send, which reverts the format being tested in the xmlrpc unit tests. If you can ack both together it would be nice. Simo. Ack to both. Pushed to master. Simo. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 0012 Fix #401 test.po creation fails in make test
On Mon, 15 Nov 2010 13:04:54 +0100 Jakub Hrozek jhro...@redhat.com wrote: On Fri, Nov 12, 2010 at 12:06:06PM -0500, Simo Sorce wrote: This patch fixes the errors caused by the creation of test.po in make test_lang under /install/po It seem make test ahs regressed though because as a whole it fails later on with various errors. So this patch strictly fixes only bug #401. Simo. This patch gets rid of error messages like: test.po:2636: `msgid' and `msgstr' entries do not both end with '\n' - ACK Pushed to master Simo. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] admiyo-0088-HBAC-css-cleanup.
On 11/15/2010 01:44 PM, Adam Young wrote: ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Rebased on top of 0877-2 From 16cc1e8a9558a9070e40277a08ad6de3cb1e6569 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Mon, 15 Nov 2010 15:15:47 -0500 Subject: [PATCH] HBAC css cleanup The additions to the search widget have to go one level deeper, as 'container' has both the action panel and the client area Conflicts: install/static/hbac.js install/static/hbacsvc.js install/static/hbacsvcgroup.js --- install/static/hbac.js | 10 -- install/static/hbacsvc.js | 12 +--- install/static/hbacsvcgroup.js |7 +-- 3 files changed, 22 insertions(+), 7 deletions(-) diff --git a/install/static/hbac.js b/install/static/hbac.js index eb02bf7..6b209dd 100755 --- a/install/static/hbac.js +++ b/install/static/hbac.js @@ -111,10 +111,9 @@ function ipa_hbac_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Rules' }).appendTo(container); /* + // Not yet implemented var left_buttons = $('span/', { @@ -128,6 +127,7 @@ function ipa_hbac_search_facet(spec) { left_buttons.append(ipa_button({ 'label': 'Cull Disabled Rules' })); + */ var ul = $('.action-panel ul'); @@ -154,6 +154,12 @@ function ipa_hbac_search_facet(spec) { }).appendTo(ul); that.superior_create(container); + +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Rules' })); +container.children().last().prepend('br/br/'); + }; return that; diff --git a/install/static/hbacsvc.js b/install/static/hbacsvc.js index a37c5dd..8f75add 100755 --- a/install/static/hbacsvc.js +++ b/install/static/hbacsvc.js @@ -98,9 +98,6 @@ function ipa_hbacsvc_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Services' }).appendTo(container); - var ul = $('.action-panel ul'); $('li/', { @@ -126,6 +123,15 @@ function ipa_hbacsvc_search_facet(spec) { }).appendTo(ul); that.superior_create(container); + +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Services' })); +container.children().last().prepend('br/br/'); + + + + }; return that; diff --git a/install/static/hbacsvcgroup.js b/install/static/hbacsvcgroup.js index 3a33655..e6845b9 100755 --- a/install/static/hbacsvcgroup.js +++ b/install/static/hbacsvcgroup.js @@ -109,8 +109,6 @@ function ipa_hbacsvcgroup_search_facet(spec) { var that = this; -// TODO: replace with IPA.metadata[that.entity_name].label -$('h2/', { 'html': 'HBAC Service Groups' }).appendTo(container); var ul = $('.action-panel ul'); @@ -137,6 +135,11 @@ function ipa_hbacsvcgroup_search_facet(spec) { }).appendTo(ul); that.superior_create(container); +// TODO: replace with IPA.metadata[that.entity_name].label +container.children().last().prepend( +$('h2/', { 'html': 'HBAC Service Groups' })); +container.children().last().prepend('br/br/'); + }; return that; -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] admiyo-0091-buttons-to-action-panel
From a975881d4c326a06317a22bd21217938440c20c3 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Mon, 15 Nov 2010 11:32:28 -0500 Subject: [PATCH] buttons to action panel puts the buttons as the top li in the action panel --- install/static/details.js |4 ++-- install/static/search.js |2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/install/static/details.js b/install/static/details.js index 49957a56d91646b18a9c1fe19229de7dc9f7b75e..ee61f0cfeba5e58fd9d601a2b1cf38bad7ca640b 100644 --- a/install/static/details.js +++ b/install/static/details.js @@ -457,9 +457,9 @@ function ipa_details_create(container) 'class': 'content' }).appendTo(container); -var buttons = $('div/', { +var buttons = $('li/', { 'class': 'details-buttons' -}).appendTo(details); +}).prependTo($('.action-panel ul')); buttons.append(ipa_button({ 'label': 'Reset', diff --git a/install/static/search.js b/install/static/search.js index 214208a27f607b9358fad36a5f5fa1c9970c0bf1..040508734ef0c392b5f82fe0851e1dbdda2d7c5d 100644 --- a/install/static/search.js +++ b/install/static/search.js @@ -64,7 +64,7 @@ function ipa_search_widget(spec) { 'click': function() { that.add(container); } }) ); -li.appendTo($('.action-panel ul')); +li.prependTo($('.action-panel ul')); search_controls.append('span class=search-buttons/span'); -- 1.7.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] admiyo-0088-HBAC-css-cleanup.
On 11/15/2010 2:17 PM, Adam Young wrote: ACK #90, #87-2, #88-2. Note: the font looks too big on my browser, but this can be addressed later. -- Endi S. Dewata ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel