Re: [Freeipa-users] gravatar image, IM fields
On 09/29/2014 12:35 PM, Martin Kosek wrote: On 09/29/2014 11:51 AM, Tamas Papp wrote: hi All, Is there a solution to integrate gravatar images and IPA? Something like a field for the gravatar url or actually I am not sure, what the right solution would be. Also is there a solution the add IM details to users, like skype id, hangouts id..etc? 10x tamas Hello Tamas, For the custom user fields, I think the best way will be to simply write a plugin extending the User object allowing these attribute in new objectClass. You can check an example with favoriteColorName in this presentation: http://www.freeipa.org/images/5/5b/FreeIPA33-extending-freeipa.pdf Thanks Martin. Is there any plan to officially integrate such a fields? Just out of curiosity any plan to add fields easier (from gui or with ipa command)? Can a plugin make a server future upgrade broken? Thanks, tamas -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
[Freeipa-users] Fedora 21 and 4.0.3
Hi, I'm new to IPA - and was trying out the newest version of 4.0.3 with Fedora Server 21 testing -- it continues to die during the install at: Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/26]: creating certificate server user [2/26]: configuring certificate server instance [3/26]: stopping certificate server instance to update CS.cfg [4/26]: backing up CS.cfg [5/26]: disabling nonces [6/26]: set up CRL publishing [7/26]: starting certificate server instance --- consistently dies at step 7 and checking install log show: 2014-09-29T21:14:30Z DEBUG wait_for_open_ports: localhost [8080, 8443] timeout 300 2014-09-29T21:19:31Z DEBUG File /usr/lib/python2.7/site-packages/ipaserver/install/installutils.py, line 639, in run_script return_value = main_function() File /usr/sbin/ipa-server-install, line 1095, in main dm_password, subject_base=options.subject) File /usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py, line 484, in configure_instance self.start_creation(runtime=210) File /usr/lib/python2.7/site-packages/ipaserver/install/service.py, line 367, in start_creation method() File /usr/lib/python2.7/site-packages/ipaserver/install/cainstance.py, line 490, in __start self.start() File /usr/lib/python2.7/site-packages/ipaserver/install/service.py, line 282, in start self.service.start(instance_name, capture_output=capture_output, wait=wait) File /usr/lib/python2.7/site-packages/ipaplatform/services.py, line 193, in start instance_name, capture_output=capture_output, wait=wait) File /usr/lib/python2.7/site-packages/ipaplatform/base/services.py, line 262, in start self.wait_for_open_ports(self.service_instance(instance_name)) File /usr/lib/python2.7/site-packages/ipaplatform/base/services.py, line 228, in wait_for_open_ports self.api.env.startup_timeout) File /usr/lib/python2.7/site-packages/ipapython/ipautil.py, line 1153, in wait_for_open_ports raise socket.timeout() Would anyone have any ideas on finding out what is going on here? I see the timeout of 5 minutes - but why waiting on ports that are not part of IPA? Thank you Janelle -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Fedora 21 and 4.0.3
On Tue, Sep 30, 2014 at 06:19:37AM -0700, Janelle wrote: Hi, I'm new to IPA - and was trying out the newest version of 4.0.3 with Fedora Server 21 testing -- it continues to die during the install at: Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/26]: creating certificate server user [2/26]: configuring certificate server instance [3/26]: stopping certificate server instance to update CS.cfg [4/26]: backing up CS.cfg [5/26]: disabling nonces [6/26]: set up CRL publishing [7/26]: starting certificate server instance --- consistently dies at step 7 and checking install log show: 2014-09-29T21:14:30Z DEBUG wait_for_open_ports: localhost [8080, 8443] timeout 300 [...] Would anyone have any ideas on finding out what is going on here? I see the timeout of 5 minutes - but why waiting on ports that are not part of IPA? I strongly suspect you are hitting https://bugzilla.redhat.com/show_bug.cgi?id=1117673 Is there a particular reason why you want to go with unreleased Fedora? -- Jan Pazdziora Principal Software Engineer, Identity Management Engineering, Red Hat -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Fedora 21 and 4.0.3
On Tue, 30 Sep 2014, Janelle wrote: Hi, I'm new to IPA - and was trying out the newest version of 4.0.3 with Fedora Server 21 testing -- it continues to die during the install at: Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/26]: creating certificate server user [2/26]: configuring certificate server instance [3/26]: stopping certificate server instance to update CS.cfg [4/26]: backing up CS.cfg [5/26]: disabling nonces [6/26]: set up CRL publishing [7/26]: starting certificate server instance --- consistently dies at step 7 You need to update selinux-policy to the latest one. https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-84.fc21 -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Fedora 21 and 4.0.3
On Tue, 30 Sep 2014, Rob Crittenden wrote: Jan Pazdziora wrote: On Tue, Sep 30, 2014 at 06:19:37AM -0700, Janelle wrote: Hi, I'm new to IPA - and was trying out the newest version of 4.0.3 with Fedora Server 21 testing -- it continues to die during the install at: Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds [1/26]: creating certificate server user [2/26]: configuring certificate server instance [3/26]: stopping certificate server instance to update CS.cfg [4/26]: backing up CS.cfg [5/26]: disabling nonces [6/26]: set up CRL publishing [7/26]: starting certificate server instance --- consistently dies at step 7 and checking install log show: 2014-09-29T21:14:30Z DEBUG wait_for_open_ports: localhost [8080, 8443] timeout 300 [...] Would anyone have any ideas on finding out what is going on here? I see the timeout of 5 minutes - but why waiting on ports that are not part of IPA? But it *is* part of IPA, hence we wait for it to come up and fail if it doesn't. The installer would just blow up later without dogtag running. Dogtag messes up with SELinux labels when copying CS.cfg to back it up, then SELinux AVC prevents it to do so, then a failure to copy causes Dogtag to complain but the code in /usr/share/pki/scripts/operations is syntactically incorrect and shell breaks its execution. This all results in dogtag not being able to start. I've filed a bug for the syntax error for pki-server and SELinux policy fix is on its way to updates-testing. With that fix (https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-84.fc21) you can get over the issue and never trigger the syntax error in the shell script. -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Fedora 21 and 4.0.3
On 30.9.2014 17:42, Janelle wrote: Hi again, Ok, so that fixed the issues with Fedora - and 4.0.3 is working fine. A related question - would the COPR repo have 4.0.3 for Fedora 20? Maybe that would be the way to go for more solid testing of supported IPA than running it on Alpha of Fedora? Your thoughts/suggestions? Feel free to use https://copr.fedoraproject.org/coprs/mkosek/freeipa/ Have a nice day! -- Petr^2 Spacek -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] gravatar image, IM fields
On 09/30/2014 04:59 AM, Tamas Papp wrote: On 09/29/2014 12:35 PM, Martin Kosek wrote: On 09/29/2014 11:51 AM, Tamas Papp wrote: hi All, Is there a solution to integrate gravatar images and IPA? Something like a field for the gravatar url or actually I am not sure, what the right solution would be. Also is there a solution the add IM details to users, like skype id, hangouts id..etc? 10x tamas Hello Tamas, For the custom user fields, I think the best way will be to simply write a plugin extending the User object allowing these attribute in new objectClass. You can check an example with favoriteColorName in this presentation: http://www.freeipa.org/images/5/5b/FreeIPA33-extending-freeipa.pdf Thanks Martin. Is there any plan to officially integrate such a fields? Just out of curiosity any plan to add fields easier (from gui or with ipa command)? Can a plugin make a server future upgrade broken? Thanks, tamas I think if you contribute the patch back we will be able to include it into the project. -- Thank you, Dmitri Pal Sr. Engineering Manager IdM portfolio Red Hat, Inc. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project