e sure you are doing so within a virtual
environment, e.g. with venv or similar constructs. This ensures whatever
was installed is self-consistent with regards to the source where it
came from.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
R
On la, 24 huhti 2021, Kevin Fenzi wrote:
On Sat, Apr 24, 2021 at 12:12:19PM +0300, Alexander Bokovoy wrote:
On Пт, 23 апр 2021, Kevin Fenzi wrote:
> On Fri, Apr 23, 2021 at 07:40:14AM +0200, Miroslav Suchý wrote:
> > I have been using 2FA with the new Fedora Account system a
am typically issuing Fedora tickets for a week-long
period, so I only need to run the kinit sequence once a week and then
SSSD/GNOME Accounts tools are refreshing it every 8 hours automatically.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red
/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
edoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
a bug so thanks
for filing one.
If I understand it correctly, you caught a state in the middle of
upgrades. Ipsilon IdP was actually reconfigured to use FreeIPA-provided
data and some of attribute mappings did change which required
modifications.
--
/ Alexander Bokovoy
Sr. Principal Software E
dy, including
administrators, is able to discover the user's password from a hashed
form.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedo
need to create a bodhi
update yourself for this side-tag.
This gives you back all the control but with an overhead of a side-tag.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
On to, 01 huhti 2021, Kevin Fenzi wrote:
On Thu, Apr 01, 2021 at 01:50:40PM +0300, Alexander Bokovoy wrote:
This split of fields in FreeIPA Web UI exists since FreeIPA 4.0 which
was part of early RHEL 7 deliveries (the code for separate OTP field was
added in 2014).
There is nothing specific
On ti, 30 maalis 2021, Kevin Fenzi wrote:
On Tue, Mar 30, 2021 at 09:30:33AM +0300, Alexander Bokovoy wrote:
Could you please explain where you want to do it? Noggin (Fedora
Accounts app) does handle the login itself, not FreeIPA. In the context
of what Fedora contributors interact
account is mandatory per:
https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Create_a_Bugzilla_Account
kir is maintainer of rpms/runc
Does anyone know how to contact kir?
Yes, I asked Kir to respond.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity
On ti, 02 maalis 2021, Zbigniew Jędrzejewski-Szmek wrote:
On Tue, Mar 02, 2021 at 11:29:21AM +0200, Alexander Bokovoy wrote:
On ma, 01 maalis 2021, Lennart Poettering wrote:
>On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
>
>>> 1. Dots (".") fo
On ma, 01 maalis 2021, Lennart Poettering wrote:
On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
> 1. Dots (".") for separating IPV4 address bytes
> 2. Colons (":") for separating IPv6 address parts, as well as separating
> port numbers fro
On ti, 02 maalis 2021, Ed Greshko wrote:
On 02/03/2021 06:03, Lennart Poettering wrote:
On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
Digital Ocean updates pushed with cloud-init use. Cloud-init does not
have any native support for systemd-resolved. It means it writes
was
that systemd-resolved considered invalid a DNS= line where addresses
were separated by a comma rather than space. Can systemd-resolved be
improved to allow common separators like both space and comma?
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management
On pe, 26 helmi 2021, Lennart Poettering wrote:
On Mi, 24.02.21 22:08, Alexander Bokovoy (aboko...@redhat.com) wrote:
I think one of the issues reported in the discussion you mention was
that systemd-resolved considered invalid a DNS= line where addresses
were separated by a comma rather than
Library implementation is rather
solid, I don't think it would need any changes, just timely rebuilds
until it is retired upstream.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
/issues
"""
How on earth are we supposed to figure out what annocheck doesn't like?
There's 185328 bytes of "Standard Output" that follows…
Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le..
secure than
relying on NTLM in SMB protocol.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email
we don't have any client-side integration
(sssd, gdm/sddm, etc.)
We are working on that part for SSSD and FreeIPA. Not production ready
yet but aim to have something testable later this year. In a prototype
we have it is possible to authenticate against a thing like Github or
Keycloak.
--
/ Alexa
it completely in future as
well.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le
HEL 9 and I'd like to keep NIS
part supported in Fedora as well for some time. This only requires
existence of libnsl2.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel ma
understanding is that this is an
intermediate step which should have better be done in a sidetag. So we
can expect broken FreeIPA in Rawhide until this issue is solved by
Dogtag team.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited
: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security
On ti, 21 joulu 2021, Miro Hrončok wrote:
On 21. 12. 21 15:33, Alexander Bokovoy wrote:
wsdl4j akurtakov, mizdebsk, orphan 2 weeks ago
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break
/find_unblocked_orphans.py
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le
On ke, 22 joulu 2021, Alexander Bokovoy wrote:
On ke, 22 joulu 2021, Mat Booth wrote:
On Tue, 21 Dec 2021 at 14:35, Alexander Bokovoy wrote:
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break.
Have you tried building
On ke, 22 joulu 2021, Mat Booth wrote:
On Tue, 21 Dec 2021 at 14:35, Alexander Bokovoy wrote:
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break.
Have you tried building tomcat without wsdl? I can't see where
g in effect in glibc, please do not treat a
user present in wheel group but missing in /etc/shadow as something
extra-ordinary. It is a normal situation when you have users in the
centralized identity store like FreeIPA or Samba AD.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security /
s is one
of those implementations which currently forced to use SHA-1 due to
interoperability issues and also due to compliance with RFCs.
In the context of Fedora development, for example, use of Anonymous
PKINIT requires usage of SHA-1 in PKINIT pre-authentication module in
MIT Kerberos. We have to su
On ke, 09 maalis 2022, Daniel P. Berrangé wrote:
On Wed, Mar 09, 2022 at 02:32:48PM +0200, Alexander Bokovoy wrote:
On ke, 09 maalis 2022, Daniel P. Berrangé wrote:
> On Wed, Mar 09, 2022 at 10:46:21AM +0100, Alexander Sosedkin wrote:
> > On Wed, Mar 9, 2022 at 10:20 AM Daniel P.
ing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Manage
://bugzilla.redhat.com/show_bug.cgi?id=2048909
I guess we need to fix krb5 this way too.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
evel@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
>
--
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_
*not* require the account to be listed in
maintainers or to have commit rights.
Same for ipa-maint account.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list
ipating in a joint development.
Perhaps, The Fedora Packager Dashboard could be extended to pick up
results of tests relevant to your packages and display them together?
This way FreeIPA maintainers can see an overview of all tests related to
FreeIPA in one place and see if any help is needed to res
server which moved to
GPLv3-or-later already for some years. The relicensing was agreed with
Red Hat legal for quite some time already, since Red Hat is the only
copyright owner.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited
On ti, 30 elo 2022, Adam Williamson wrote:
On Tue, 2022-08-30 at 09:39 +0300, Alexander Bokovoy wrote:
On ma, 29 elo 2022, Adam Williamson wrote:
> On Tue, 2022-08-30 at 00:32 -0400, DJ Delorie wrote:
> > It sounds to me like the problem is "how do we best use the available
>
e of integrating with
QEMU. This is far from being complete and user-friendly.
[1] https://www.token2.eu/shop/product/token2-t2f2-fido2-and-u2f-security-key
[2] https://github.com/google/OpenSK/issues/485
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identi
On ma, 05 syys 2022, Vitaly Zaitsev via devel wrote:
On 05/09/2022 17:05, Alexander Bokovoy wrote:
The site blocks access from outside of Russia.
Yes, you need RU proxy to read the original documents. But you can use
your favorite search engine to find "FSB notification" articles i
deployed in a containerized way, then probably
focusing on another feature rich open source IdP could be a better
option.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel
call __io_uring_get_cqe() either.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to deve
here are now two articles:
Part 1, where I am talking about Fedora infrastructure aspects:
https://vda.li/en/posts/2022/10/28/FreeIPA-Authentication-Improvements-and-Fedora-Infra/
Part 2, where FreeIPA-specific improvements and details discussed:
https://vda.li/en/posts/2022/10/28/FreeIPA-Authenticat
to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
On ke, 14 syys 2022, Stephen Smoogen wrote:
On Wed, 14 Sept 2022 at 05:28, Alexander Bokovoy
wrote:
Sadly, it cannot be just 'any' certificate, it has to be issued by a
certificate authority that is trusted by the KDC as well. For example,
by FreeIPA CA which is already ran by the Fedora
On to, 15 syys 2022, Kevin Fenzi wrote:
On Thu, Sep 15, 2022 at 09:26:36AM +0300, Alexander Bokovoy wrote:
Proven packagers seem to be a fair category to address. Also packagers
responsible for security-related bits of the distribution. Compilers?
Well, as others noted in this thread, any
On ke, 14 syys 2022, Kevin Fenzi wrote:
On Wed, Sep 14, 2022 at 05:47:46PM +0300, Alexander Bokovoy wrote:
On ke, 14 syys 2022, Stephen Smoogen wrote:
> On Wed, 14 Sept 2022 at 05:28, Alexander Bokovoy
> wrote:
>
> >
> > Sadly, it cannot be just 'any' certificate
):
- http://clsz.fsb.ru/clsz/in-out.htm
- http://clsz.fsb.ru/clsz/notif.htm
The site blocks access from outside of Russia.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel
ct.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/
/acme/css/assets/fonts/webfonts/fa-solid-900.woff
dogtag-pki-acme-11.1.0-1.fc36.noarch
# rpm -qf /usr/share/pki/common-ui/fonts/fontawesome-webfont.woff
dogtag-pki-theme-11.1.0-1.fc36.noarch
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat
will behave against 2.2.0.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le
ppen or never got any follow-up
on the thread to my comments.
This is an experience I want to avoid. If this is what Matthew is
proposing a Fedora development discussions to be, then sorry, this is
not an improvement.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Managem
19 Packages
Total download size: 1.6 M
Installed size: 2.4 M
Is this ok [y/N]:
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel
On ke, 26 huhti 2023, Gary Buhrmaster wrote:
On Wed, Apr 26, 2023 at 9:04 AM Alexander Bokovoy wrote:
Hi,
This morning I woke up to find that packages I maintain were orphaned
out of blue. Nobody contacted the maintainers, nobody raised any tickets
to releng, as far as I can see. Yet, releng
On to, 27 huhti 2023, Stephen Smoogen wrote:
On Wed, 26 Apr 2023 at 22:32, Alexander Bokovoy wrote:
On ke, 26 huhti 2023, Kevin Fenzi wrote:
>On Wed, Apr 26, 2023 at 07:23:10PM +0100, Chris Kelley wrote:
>> One thing I still don't understand is why all of our java packages are
On to, 27 huhti 2023, Alexander Bokovoy wrote:
On ke, 26 huhti 2023, Gary Buhrmaster wrote:
On Wed, Apr 26, 2023 at 9:04 AM Alexander Bokovoy wrote:
Hi,
This morning I woke up to find that packages I maintain were orphaned
out of blue. Nobody contacted the maintainers, nobody raised any
On to, 27 huhti 2023, Miro Hrončok wrote:
On 27. 04. 23 12:19, Alexander Bokovoy wrote:
The graph in the packager dashboard is showing that resteasy directly
depends on java-1.8.0-openjdk which is not true.
resteasy (maintained by: cfu, cipherboy, ckelley, edewata, jmagne,
mfargett, mharmsen
raised the issue https://pagure.io/releng/issue/11406 -- if you also
experienced a similar orphaning, please add your data.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
/
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code
ist Archives:
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red
(submit
support for provider vs engine to Linux kernel upstream).
- signing of shim, grub2, fwupd, and the kernel in the build system
- mokutil
mokutil does not use ENGINE_* APIs at all.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red
n a proper way, we
might reuse those to improve Fedora user experience.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
devel mailing list -- devel@lists.fedorap
plugins (multihost, sourceorder),
also add our own extensions.
I filed an upstream issue to track Pytest 8:
https://pagure.io/freeipa/issue/9571
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
rather make it obviously documented than denying support for
CNAME-based configurations.
--
/ Alexander Bokovoy
--
389-devel mailing list
389-devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-devel
idelines
List Archives:
https://lists.fedoraproject.org/archives/list/389-devel@lists.fedoraproject.org
--
Red Hat GmbH, http://www.de.redhat.com/, Sitz: Grasbrunn,
Handelsregister: Amtsgericht München, HRB 153243,
Geschäftsführer: Charles Cachera, Laurie Krebs, Michael O'Neill, Thomas Savage
--
/ A
201 - 265 of 265 matches
Mail list logo