be the same.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
/structures?
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
literal and
there are exact format arguments passed.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
/index.php/MIT_Build
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
successfully rebuilt.
656 packages failed to rebuild.
Please fix any packages you maintain that failed to rebuild.
It looks like freeipa was not rebuilt and neither appears in failures.
Is there any reason why it wasn't rebuild?
--
/ Alexander Bokovoy
--
devel mailing list
devel
On Mon, 23 Jul 2012, Kevin Fenzi wrote:
On Mon, 23 Jul 2012 14:14:42 +0300
Alexander Bokovoy aboko...@redhat.com wrote:
On Sun, 22 Jul 2012, Kevin Fenzi wrote:
On Tue, 17 Jul 2012 07:39:31 -0500
Dennis Gilmore den...@ausil.us wrote:
it was requested in https://fedorahosted.org/rel-eng/ticket
On Mon, 23 Jul 2012, Kevin Fenzi wrote:
On Mon, 23 Jul 2012 14:14:42 +0300
Alexander Bokovoy aboko...@redhat.com wrote:
On Sun, 22 Jul 2012, Kevin Fenzi wrote:
On Tue, 17 Jul 2012 07:39:31 -0500
Dennis Gilmore den...@ausil.us wrote:
it was requested in https://fedorahosted.org/rel-eng/ticket
On Mon, 23 Jul 2012, Richard W.M. Jones wrote:
On Mon, Jul 23, 2012 at 02:14:42PM +0300, Alexander Bokovoy wrote:
On Sun, 22 Jul 2012, Kevin Fenzi wrote:
On Tue, 17 Jul 2012 07:39:31 -0500
Dennis Gilmore den...@ausil.us wrote:
it was requested in https://fedorahosted.org/rel-eng/ticket/5222
http://ausil.fedorapeople.org/f18-needsbuilt.html
are the lists of whats failed and what needs building yet. I'll update
them a few times a day.
Why freeipa is on the list of needsbuilt? I rebuilt it on Monday
already.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https
faster, OpenGL is accelerated.
When TC6 starts to graphic mode and gives first Anaconda screen, it
shows an error message box where the only button I could press is
'Quit':
http://lh4.googleusercontent.com/-A6BJjSaCLqQ/UW17Bl2RpoI/A_g/pqW9SAWqxLo/s1024/16.04.13+-+1
--
/ Alexander Bokovoy
.
I think realmd could detect that OTP is enabled for the user as it will
be visible in 'ipa' command line commands and in LDAP entry for the
user.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
-announce
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
--
/ Alexander Bokovoy
--
devel mailing list
devel
. :).
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
for appropriate signatures on the certificates.
How certificates are managed for sender and receiver parts?
Who generates them? Do you require explicit placement of the
certificates prior to enabling the service?
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https
On Mon, 14 Apr 2014, Zbigniew Jędrzejewski-Szmek wrote:
On Mon, Apr 14, 2014 at 05:19:17PM +0300, Alexander Bokovoy wrote:
How certificates are managed for sender and receiver parts?
By some external means... This could be automated, e.g. using
certmaster, but I don't want to tie to a specific
NSS and PAM
modules to work with these files.
It is deployed for years in OpenWall, ALT Linux, and a number of other
distributions.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http
in Fedora, which is kernel keyring).
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
by upstream right now.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
On Thu, 15 Jan 2015, Simo Sorce wrote:
On Thu, 15 Jan 2015 23:14:46 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
On Thu, 15 Jan 2015, Kevin Fenzi wrote:
On Thu, 15 Jan 2015 08:04:32 -0600
Bruno Wolff III br...@wolff.to wrote:
Are the rawhide compose failures being looked at? (I just
a reality around the world.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
libraries,
for example) which couldn't be launched with python3 interpreter.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
for a push ~14-15 hours after.
https://admin.fedoraproject.org/updates/freeipa-4.1.4-1.fc21,slapi-nis-0.54.2-1.fc21
https://admin.fedoraproject.org/updates/freeipa-4.1.4-1.fc22,slapi-nis-0.54.2-1.fc22
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https
On Fri, 27 Mar 2015, Kevin Fenzi wrote:
On Fri, 27 Mar 2015 10:42:07 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
Any way to get the push actually working? I've submitted yesterday a
security update mid day EST for F21 and F22 and it is not yet even
considered for a push ~14-15 hours
On Fri, 27 Mar 2015, Kevin Fenzi wrote:
On Fri, 27 Mar 2015 15:03:59 +0200
Alexander Bokovoy aboko...@redhat.com wrote:
My primary worry is CVE handling. These delays are not helping in
getting security fixes delivered. I'm not fighting for dropping
certain type of content but rather
on
the mirrorlist servers.
I believe there just was a small hick-ups, could you try again now to see if you
can still reproduce it?
I had similar issues couple weeks ago -- dnf was unable to work with a
repository while curl or wget from the same VM worked fine to the same
URLs.
--
/ Alexander
.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
/).
Then please send feedback to me (CC s...@isc.org).
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
t you will have to unblundle all wine versions and use system wine
version ...
The devil is in the details. If you want to package POL (which is Java
app, btw) anyway, follow guidelines for new packages. They were updated
and published recently.
--
/ Alexander Bokovoy
--
devel mai
On Mon, 12 Oct 2015, opensou...@till.name wrote:
zziplib orphan, thias1 weeks ago
I picked up zziplib as it is needed for texlive and by extension of
that, to krb5 builds.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https
rberos network authentication system ( master f23 f22 f21)
These two are already at Robbie's hands.
pam_krb5 -- A Pluggable Authentication Module for Kerberos 5 ( master
f23 f22 f21 )
Can we change this to rharwood too?
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
in our four
year quest to make it a reality.
Thanks to everyone!
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
s not only helpful from
following a spiritual part of Free Software movement, it actually has
practical reasoning by uncovering bugs in the tools that generate code
or documentation too.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/l
dependency of FreeIPA.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
almost every day. I've rebuilt
samba couple days ago after fixing your patch so we should be fine once
composes start working. The patch also merged upstream.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel
restored the GSSAPI support in the libcurl-minimal package:
http://pkgs.fedoraproject.org/cgit/rpms/curl.git/commit/?id=92700939
... and scheduled a new Copr build for that:
https://copr.fedorainfracloud.org/coprs/kdudka/curl-minimal/build/168860/
Thanks!
--
/ Alexander Bokovoy
--
de
On Thu, 17 Mar 2016, Kamil Dudka wrote:
On Thursday 17 March 2016 08:57:19 Alexander Bokovoy wrote:
On Wed, 16 Mar 2016, Dennis Gilmore wrote:
>On Wednesday, March 16, 2016 9:39:33 PM CDT Kamil Dudka wrote:
>> On Wednesday, March 16, 2016 16:19:23 Bill Nottingham wrote:
>> >
mpletely. There are many uses of that within kickstart or cloud-init
files.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
edoraproject.org/admin/lists/devel@lists.fedoraproject.org
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
/devel@lists.fedoraproject.org
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
y
default didn't — pam_winbind was putting creds in /tmp/krb5cc_$UID
still, and then they weren't consistently being found there.
It is a bug in winbindd. There is a patch on samba-technical@ which
attempts to fix this but I haven't yet looked into reviewing it,
y about it.
Kerberos credential cache is a fairly generic term. KCM is one type of a
Kerberos credential cache, FILE: is another, KEYRING is another..
It is Kerberos Cache Manager, as opposed to credentials cache or
credentials cache collections.
--
/ Alexander Bokovoy
g commonly
used in kerberos contexts too for awhile, so there may be no avoiding it. :(
Yep.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
it with other features. KCM
protocol in libkrb5 is the same one libkrb5 is already using on Mac OS
X, with a small change of doing Unix domain socket on the Linux and
doing a special kernel interface on Mac OS X.
--
/ Alexander Bokovoy
___
devel mailing list
act rather problematic.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On pe, 20 tammi 2017, Kai Engert wrote:
On Fri, 2017-01-20 at 18:40 +0200, Alexander Bokovoy wrote:
FreeIPA is broken when trying to install with nss 3.28.1. We reliably
reproduce this issue with
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e42b513012
It seems that new nss also breaks
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubsc
On pe, 20 tammi 2017, Hubert Kario wrote:
On Friday, 20 January 2017 18:40:13 CET Alexander Bokovoy wrote:
On pe, 20 tammi 2017, Kai Engert wrote:
>Hello,
>
>we are currently dealing with a tricky situation, that the NSS and Mozilla
>package maintainers have been discussing,
othing is explicitly requiring
or mentioning it in the code and the spec file. Looks like real issue is
somewhere in Python infra in Rawhide.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On to, 02 maalis 2017, Pierre-Yves Chibon wrote:
On Thu, Mar 02, 2017 at 10:10:21AM +0200, Alexander Bokovoy wrote:
On ke, 01 maalis 2017, Kevin Fenzi wrote:
> Greetings.
>
> Today we have retired fedorahosted.org.
>
> Please see the following wiki page for up to date informa
://bugzilla.redhat.com/show_bug.cgi?id=1426847 which I
now moved to python2 folks.
As it stands, this bug prevents FreeIPA from being installable in
Rawhide.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send
for making, reading and applying deltarpm packages (
master f25 f24 f23 )
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
--
/ Alexander Bokovoy
Remember History' mode is now allowing GSSAPI to work.
Private browse mode will not allow GSSAPI credentials to work, though,
as this is an information leak.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel
g the same state switch
and the other one, 'Never Remember History', was broken with GSSAPI
authentication because of this.
--
/ Alexander Bokovoy
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
On Wed, 24 Aug 2016, Robert Marcano wrote:
On 08/24/2016 12:29 AM, Alexander Bokovoy wrote:
On Tue, 23 Aug 2016, Dusty Mabe wrote:
I can't seem to get firefox-48.0-5.fc24.x86_64 to work with kerberos
single sign on in a private window. It works fine when using a
non-private window.
Any ideas
.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
are coming, according to Patrick.
Heimdal does not support MS-KKDCP spec, so you are left with direct
Kerberos communication over port 88/tcp or 88/udp, but these are enabled
in Fedora infrastructure, yes.
--
/ Alexander Bokovoy
___
devel mailing list -- devel
On su, 27 marras 2016, Ken Dreyer wrote:
On Wed, Nov 23, 2016 at 7:17 AM, Alexander Bokovoy <aboko...@redhat.com> wrote:
Heimdal does not support MS-KKDCP spec, so you are left with direct
Kerberos communication over port 88/tcp or 88/udp, but these are enabled
in Fedora infrastructur
On ma, 21 marras 2016, Florian Weimer wrote:
On 11/21/2016 04:03 PM, Alexander Bokovoy wrote:
Fedora infrastructure uses MS-KKDCP proxy with Fedora certificate to
tunnel Kerberos 5 traffic. If you have recent Fedora, you'll get it used
automatically with the help of DNS URI. For older clients
kinit vondr...@fedoraproject.org' to get
further.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
MS-KKDCP (RHEL 6, for example), you are back to use naked Kerberos 5
traffic.
Our effort is to get to SPAKE sooner than later.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le
We implemented HTTPS proxying of the Kerberos protocol, based on
MS-KKDCP specification. It is in MIT Kerberos 1.13+.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
will have ability to choose the
credentials cache automatically based on the realm of the target
service, regardless of what credentials cache is active right now in the
collection. The version in Fedora right now (1.11.0-1.fc25) is not yet
built with the patch to use python-gssapi.
--
/ Alexander
publicly.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
4/12/16 12:40:41
host/koji.fedoraproject@fedoraproject.org
renew until 20/12/16 12:40:41, Etype (skey, tkt):
aes256-cts-hmac-sha1-96, aes256-cts-hmac-sha1-96
Could you please show output of
KRB5_TRACE=/dev/stderr koji hello
--
/ Alexander Bokovoy
_
additional
communication/channels.
It is far away yet, may be Fedora 26/27 time frame, but this gives us
also time to improve other tooling around the user experience -- GNOME
Online accounts and the rest of tools not directly involved into a
system level logon flow.
--
/ Alexand
On ti, 13 joulu 2016, Daniel P. Berrange wrote:
On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
On ti, 13 joulu 2016, Alexander Bokovoy wrote:
> On ti, 13 joulu 2016, Vít Ondruch wrote:
> >
> >
> > Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
>
On ti, 13 joulu 2016, Alexander Bokovoy wrote:
On ti, 13 joulu 2016, Vít Ondruch wrote:
Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
On 12/12/2016 04:53 AM, Vít Ondruch wrote:
So several questions:
1) When I have 2 domains I login to with kerberos, how to really make it
work. I
On ti, 13 joulu 2016, Dan Horák wrote:
On Tue, 13 Dec 2016 12:29:57 +0200
Alexander Bokovoy <aboko...@redhat.com> wrote:
On ti, 13 joulu 2016, Daniel P. Berrange wrote:
>On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
>> On ti, 13 joulu 2016, Alexande
. ;)
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
?id=1401916
The problem is in the new CFLAGS enforced by rpm. They make Samba (and
libraries) configuration script to fail to recognize versioning and
build without it.
There are some patches upstream trying to deal with the issue, not
merged yet.
A mere rebuild will not help, sorry
://bugzilla.redhat.com/show_bug.cgi?id=1385596
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
.
I'm not sure how to get Nautilus to use SMB3 or if it even supports
it, or if it's ultimately using smbclient behind the scene.
It is using libsmb library which uses client options from smb.conf
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lis
On ke, 05 huhti 2017, Florian Weimer wrote:
On 04/05/2017 09:38 AM, Alexander Bokovoy wrote:
We discussed that some time ago upstream and decided still to keep NT1
as default. There are still too many servers running with NT1 variant --
almost all consumer class NAS servers from 5-7 years old
libcurl internally and we are not
yet migrated to OpenSSL fully (definitely not yet in F26). We also need
to look at what happens with certmonger.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email
s line and reboot (logging out and
logging back in does not fix it), now it's back. I've reproduced this
several times.
https://bugzilla.gnome.org/show_bug.cgi?id=780958
Thanks for filing it.
--
/ Alexander Bokovoy
___
devel mailing list --
a
base system. Unfortunately, with such an aggressive schedule it is
guaranteed to be a failure in OpenSSL migration.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
e whole desktop". Just restart your
session when the upgrade is done, no harm done. This kind of a mess does not
happen with routine updates.
Konversation gets routinely killed every time dbus daemon reloads its
configuration or restarts during updates. This is not even remotely
funny.
--
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
/install/ui/build/freeipa'
make[4]: *** [Makefile:463: all-recursive] Error 1
the latter excerpt is from
https://kojipkgs.fedoraproject.org//work/tasks/8844/20438844/build.log
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
understanding that it is not
being able to fully migrate to OpenSSL, including handling of updates
within F27 time frame, due to aggressive schedule F27 has.
So this change should be coordinated well.
--
/ Alexander Bokovoy
___
devel mailing list -- devel
On ma, 10 heinä 2017, Stephen Gallagher wrote:
On Mon, Jul 10, 2017 at 9:53 AM Tomasz Torcz <to...@pipebreaker.pl> wrote:
On Mon, Jul 10, 2017 at 03:30:02PM +0300, Alexander Bokovoy wrote:
> On la, 08 heinä 2017, Fedora Rawhide Report wrote:
> > [freeipa]
> > freeipa-
s also affected, as it uses pygpgme in the Python bindings.
That needs to be ported too.
Samba AD is affected as well as we use both gpgme and python2-pygpgme.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an
.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On la, 01 heinä 2017, Dario Lesca wrote:
Il giorno sab, 01/07/2017 alle 06.29 +0300, Alexander Bokovoy ha
scritto:
While there is no automatic upgrade to Samba AD is planned,
we'd like to ensure smooth distribution upgrade.
Does this mean?
I have on Fedora 25 + samba 4.5.x rebuild
On ma, 03 heinä 2017, Dario Lesca wrote:
Il giorno lun, 03/07/2017 alle 09.29 +0300, Alexander Bokovoy ha
scritto:
> When the firs (beta) F27 + samba 4.7 AD will be release, I will try
> the upgrade on a test virtual environment.
Sure!
Thanks!
I'll let you know
So, we pushed 4.7
ort in few years and now?
If you have a better way to manage this, please let us know!
--
Petr Viktorin
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
--
/ A
are tested
as part of upstream CI on F26+COPR, roughly corresponding to F27 state.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
issues with the structure of the file system
(does /usr/bin or /usr/lib64 still make sense?), but I won't go into
that.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
--
/ Alexander B
, to obtain a stronger
authenticate Kerberos tickets (although, with Anonymous PKINIT, it is
just one more kinit before the actual one). The latter can be seen as an
obstacle to more users than one could expect.
--
/ Alexander Bokovoy
___
devel mailing list
On pe, 29 syys 2017, Lukas Vrabec wrote:
On 09/29/2017 03:57 PM, Alexander Bokovoy wrote:
On pe, 29 syys 2017, Lukas Vrabec wrote:
I'm planning change the default value of httpd_graceful_shutdown
boolean in Fedora Rawhide because of improving SELinux
configuration. Rawhide builds
a bit confused: disabling httpd_graceful_shutdown will have or
wouldn't have an effect on httpd_can_network_connect being enabled?
Do I need to do anything in FreeIPA setup?
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproje
aps from clients that were defined in hosts.deny. Whether somebody
relies on this functionality or not, I'm not aware -- at least, I
haven't seen any bugs related to that within the FreeIPA NIS integration
context for last six or so years.
--
/ Alexander Bokovoy
_
he application side is OK if it would
have been not so useless in the Server installs.
--
/ Alexander Bokovoy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On pe, 01 syys 2017, Neal Gompa wrote:
On Fri, Sep 1, 2017 at 8:37 AM, Alexander Bokovoy <aboko...@redhat.com> wrote:
On pe, 01 syys 2017, Neal Gompa wrote:
On Fri, Sep 1, 2017 at 7:52 AM, Marius Vollmer
<marius.voll...@redhat.com> wrote:
Neal Gompa <ngomp...@gmail.com>
are welcome. :)
Sudo relies on netgroups which are provided by NIS.
FreeIPA/SSSD do not require NIS, they provide NIS server side and
implement its use for sudo and legacy clients which may require it.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
code that lead to data
corruptions on i686. They aren't seen on other 32-bit platforms Fedora
supports according to 389-ds developers.
FreeIPA has no choice as 389-ds-base was moved to exclude i686
architecture according to the process defined in Fedora.
--
/ Alexander Bokovoy
ter example?
krb5 internally links to openssl but krb5 consumers don't need to link
to openssl directly to use the crypto functionality provided by libkrb5.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finl
they are
SELinux-aware.
This is a fairly common use case. For example, Samba provides VFS
modules to use glusterfs. However, samba-devel does not provide nor
require any headers related to gluster.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat
this criterion. Other examples might include
installing packages from the wrong module stream, or failing to include
available updates from an enabled official repository."
Does that sound good to everyone? Thanks!
This looks good to me. "Appropriately" is a bit of odd word to choo
1 - 100 of 266 matches
Mail list logo