-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/09/2010 03:54 PM, Simo Sorce wrote:
On Thu, 09 Dec 2010 15:00:21 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/07/2010 05:53 PM, Simo Sorce wrote:
With this patch we stop relying on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/09/2010 12:52 AM, Simo Sorce wrote:
When we are creating a selfsign file based CA, do it at the same time
we would do the dogtag CA creation instead of doing it within the
dsinstance.
Also move around or changes some other related minor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2010 11:53 PM, Rob Crittenden wrote:
There were some missing labels in config-show --all, I've added them.
I also moved the aci one level higher so it doesn't show (it was
confusing).
I've made the cert subject base read-only. This
On Fri, 10 Dec 2010 12:43:59 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/09/2010 03:54 PM, Simo Sorce wrote:
On Thu, 09 Dec 2010 15:00:21 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 10 Dec 2010 14:03:08 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/08/2010 01:59 PM, Simo Sorce wrote:
On Wed, 8 Dec 2010 08:25:25 +0100
Jan Zelený jzel...@redhat.com wrote:
Simo Sorce sso...@redhat.com wrote:
This patch
On Fri, 10 Dec 2010 12:43:59 +0100
Jakub Hrozek jhro...@redhat.com wrote:
Other comments:
Since the ipactl script is written in Python and /sbin/service ipa
$action is called in %preun and %postun we also need to add
Requires(preun): python and Requires(postun): python.
Added
Also, I
On Fri, 10 Dec 2010 14:03:08 +0100
Jakub Hrozek jhro...@redhat.com wrote:
Two comments:
If I understand it correctly, only HTTP instance should now use the
cert in /usr/share/ipa/html/ca.crt, perhaps the CACERT variable in
ipaserver/install/dsinstance.py should be changed to point to
ACK. This is good to push.
- Adam Young ayo...@redhat.com wrote:
On 12/09/2010 05:22 PM, Kyle Baker wrote:
NACK. This has many problems.
- Adam Youngayo...@redhat.com wrote:
This is the proper patch. Majority of the work was done by Kyle
Baker.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/10/2010 03:59 PM, Simo Sorce wrote:
New patch attached.
Simo.
Ack
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
On Fri, 10 Dec 2010 17:30:34 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/10/2010 03:59 PM, Simo Sorce wrote:
New patch attached.
Simo.
Ack
Thanks,
pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel
On Fri, 10 Dec 2010 14:49:36 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/09/2010 12:52 AM, Simo Sorce wrote:
When we are creating a selfsign file based CA, do it at the same
time we would do the dogtag CA creation instead of doing it within
the dsinstance.
Also move around
On Fri, 10 Dec 2010 17:30:44 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/10/2010 04:00 PM, Simo Sorce wrote:
New patch attached.
Simo.
Ack
Thanks,
pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/01/2010 11:53 PM, Rob Crittenden wrote:
There were some missing labels in config-show --all, I've added them.
I also moved the aci one level higher so it doesn't show (it was
confusing).
I've made the cert subject base
Jan Zeleny wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
The problem was that the normalizer was returning each value as a tuple
which we were then appending to a list, so it looked like [(u'value1',),
(u'value2',),...]. If there
Jan Zeleny wrote:
This patch catches NotFound exception and calls handling function
which then sends exception with unified error message.
https://fedorahosted.org/freeipa/ticket/487
--
Jan
ack, pushed to master
rob
___
Freeipa-devel mailing list
Hi,
I installed today build. I can get to the static frame with green line
and rigt user name which indicates that I actually connected and
authenticated but for admin the rest of the screen was balnk.
When I added myself as an ordinary user and restarted FF I got the same
but now it showed dpal
Adjustment:
I've consolidated both patches into 1 and corrected a bug in the previous
patches.
There was a line missing from the ipa.spec.in file that was responsible
for sbin containing ipa-host-net-manage
Please utilize this patch in reference to
(https://fedorahosted.org/freeipa/ticket/543)
On 12/10/2010 02:01 PM, Dmitri Pal wrote:
Hi,
I installed today build. I can get to the static frame with green line
and rigt user name which indicates that I actually connected and
authenticated but for admin the rest of the screen was balnk.
When I added myself as an ordinary user and
Rob, Simo, what is your opinion?
Original Message
Subject:Re: [freeipa] #417: host-add --ipaddr shouldn't fail if
reverse zone isn't available
Date: Fri, 10 Dec 2010 18:33:32 -
From: freeipa free...@fedorahosted.org
Reply-To: nob...@fedoraproject.org
To:
The Managed Entries plugin will allow a user to be added even if a group
of the same name exists. This would leave the user without a private group.
We need to check for both the user and the group so we can do 1 of 3 things:
- throw an error that the group exists (but not the user)
- throw an
Don't import from ipaserver when not in a server context (bad things
happen).
Easy enough to test. Install on a client with just ipa-client,
ipa-python and ipa-admintools. The ipa tool should actually work and not
blow up.
ticket 579
From 41fad9bc3c438f01c7da9b41fbe635695ceeb6bb Mon Sep 17
On 12/10/10 12:49 PM, Rob Crittenden rcrit...@redhat.com wrote:
nack, found a couple of minor issues:
- The patch doesn't apply against the master branch (probably from
Simo's recent changes there)
- looks like you copied the man page from ipa-ldap-updater, needs a few
more updates (though kudos
Unfortunately my last patch was not properly tested with a dogtag
installation and quite a few spots needed minor adjustments.
This patch passed my install tests with dogtag.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From d06261a49b83a0d387bc395e84a2e6dc5556b30c Mon Sep 17 00:00:00 2001
The ipactl script didn't work properly in some cases.
This patch adds a few more error checks and fixes dirsrv restarts which
require an instance name to be passed in to work properly.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From a6852fee16e10ae5148ce0399b22829ca852b604 Mon Sep 17
permissions are a real group pointed to by an aci, managed by the same
plugin. Any given update can update one or both or neither. Do a better
job at determining what it is that needs to be updated and handle the
case where only the ACI is updated so that EmptyModList is not thrown.
ticket
Simo Sorce wrote:
Unfortunately my last patch was not properly tested with a dogtag
installation and quite a few spots needed minor adjustments.
This patch passed my install tests with dogtag.
Simo.
ack, pushed to master
rob
___
Freeipa-devel
On 12/10/2010 02:01 PM, Dmitri Pal wrote:
Hi,
I installed today build. I can get to the static frame with green line
and rigt user name which indicates that I actually connected and
authenticated but for admin the rest of the screen was balnk.
When I added myself as an ordinary user and
If the ticket is expired or otherwise unusable it should fall back to
the DM password. It was prompted for correctly but wasn't being passed on.
Note that there is a problem with the access controls that prevents
management, I opened ticket 617 for that.
ticket 549
rob
From
I pushed this under the 1-liner rule. Save the exception to a variable
so it can be pushed along.
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 281981d..80a9a51 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -297,7 +297,7 @@
We don't want people willy-nilly changing principal names. The proper
way to do this is to rename the user entry, so remove the option.
rob
From 87bfbee3afdb1c347e29c83a16cc575058832756 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Sat, 11 Dec 2010 01:07:20 -0500
30 matches
Mail list logo