On Wed, Feb 09, 2011 at 01:57:46PM -0500, Rob Crittenden wrote:
Disable nscd before starting sssd. We used to disable it after
configuring sssd which would cause a warning message to appear in
/var/log/messages from sssd. This was in effect bogus because we
killed nscd as the very next step
Pavel Zuna pz...@redhat.com wrote:
Fix #830
Pavel
ack
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Pavel Zuna pz...@redhat.com wrote:
This is a follow-up to my patches 69 and 71 (70 is garbage).
It prevents a crash when user misconfigures his locale settings.
Pavel
ack
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Pavel Zuna pz...@redhat.com wrote:
On 02/08/2011 01:06 PM, Pavel Zuna wrote:
The patch also corrects exception handling in some of the tools.
Fix #874
Pavel
Updated patch attached. Forgot to rename an identifier in exception
handling.
Pavel
ack
Jan
On Tue, Feb 08, 2011 at 10:27:57PM -0500, Rob Crittenden wrote:
The 389-ds replication plugin may not be installed on all platforms
and our replication version plugin will cause 389-ds to not start if
it is loaded and the replication plugin is not. So disable by
default.
When a replica is
On Tue, Feb 08, 2011 at 06:39:05PM +0100, Jan Cholasta wrote:
Fixing newbie mistake: included properly formated patch.
It was tested in mock.
Dne 8.2.2011 18:30, Jan Cholasta napsal(a):
Removed 2 unnecessary BuildRequires from freeipa.spec.in:
* e2fsprogs-devel: obsoleted by
makeapi script is used to check if ipalib API is consistent with the
known state in API.txt. When the API is changed, major API version
should be updated. However, when new options/arguments/outputs were
added to an ipalib command, `makeapi --validate' call did not capture
this.
This patch fixes
On Wed, Feb 09, 2011 at 05:04:57PM -0500, Rob Crittenden wrote:
The performance patch depended on self.env.mode != 'production'. env
and mode aren't guaranteed to exist in the object so check for those
and only skip the work if the mode is explicitly production.
rob
Ack
On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:
If /etc/krb5.conf doesn't exist or contains no default kerberos
realm then 389-ds won't start at all. This is a problem during
installation because we configure 389 first.
This patch will let the server come up, you just won't
https://fedorahosted.org/freeipa/ticket/930
I put there a value Dmitri suggested. Feel free to change it before pushing if
you think there should be the originally suggested 10 login attempts.
--
Thank you
Jan Zeleny
Red Hat Software Engineer
Brno, Czech Republic
From
This patch fixes behavior of ipa-dns-install, which does not
exit when an invalid configuration of /etc/hosts is detected.
https://fedorahosted.org/freeipa/ticket/736
From 0c75da337003e0660679534928a70b6b7317c3e8 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Thu, 10 Feb
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/930
I put there a value Dmitri suggested. Feel free to change it before pushing if
you think there should be the originally suggested 10 login attempts.
We want to increase krbPwdLockoutDuration too, to 600.
rob
This patch fixes ipactl to return non-zero value when something
goes wrong.
https://fedorahosted.org/freeipa/ticket/894
From 9142d27922d5d355b6e6921b9a03b01e6c98d2a5 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Thu, 10 Feb 2011 15:42:36 +0100
Subject: [PATCH] Fix return
One of the features of IPAv2 is it is much easier to delegate
permissions to perform tasks (add, delete, modify, etc).
This delegation is broken out into three pieces:
* permissions
* privileges
* roles
A permission is a very low-level object that says who can do what to
whom. These
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/930
I put there a value Dmitri suggested. Feel free to change it before
pushing if you think there should be the originally suggested 10 login
attempts.
We want to increase
Jan Zelený jzel...@redhat.com wrote:
Ok, I'm sending updated patch in attachment
Should I change it in class help then? That's where I copied this from.
I think so.
Ok, I'll send another patch, so me don't mix it together with this patch.
I'll do a review of the code in cli.py,
On 02/10/2011 09:42 PM, Rob Crittenden wrote:
One of the features of IPAv2 is it is much easier to delegate
permissions to perform tasks (add, delete, modify, etc).
This delegation is broken out into three pieces:
* permissions
* privileges
* roles
A permission is a very low-level object that
Rob Crittenden rcrit...@redhat.com wrote:
One of the features of IPAv2 is it is much easier to delegate
permissions to perform tasks (add, delete, modify, etc).
This delegation is broken out into three pieces:
* permissions
* privileges
* roles
A permission is a very low-level
Convert json strings to unicode when they are unmarshalled.
This patch removes some individual work-arounds of converting strings to
unicode, they only masked the problem. String values are not passed to
the validator or normalizers so things like adding the realm
automatically to services
The kw could contain another exception which was blowing up the
marshalling. It doesn't seem to be used anywhere and contains
information we've already saved in error as far as I can tell.
ticket 905
rob
freeipa-rcrit-712-json.patch
Description: application/mbox
Jan Zelený wrote:
Pavel Zunapz...@redhat.com wrote:
Fix #830
Pavel
ack
Jan
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 02/10/2011 01:11 PM, Jan Zeleny wrote:
Rob Crittendenrcrit...@redhat.com wrote:
One of the features of IPAv2 is it is much easier to delegate
permissions to perform tasks (add, delete, modify, etc).
This delegation is broken out into three pieces:
* permissions
* privileges
*
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 06:39:05PM +0100, Jan Cholasta wrote:
Fixing newbie mistake: included properly formated patch.
It was tested in mock.
Dne 8.2.2011 18:30, Jan Cholasta napsal(a):
Removed 2 unnecessary BuildRequires from freeipa.spec.in:
* e2fsprogs-devel:
Jakub Hrozek wrote:
On Wed, Feb 09, 2011 at 05:04:57PM -0500, Rob Crittenden wrote:
The performance patch depended on self.env.mode != 'production'. env
and mode aren't guaranteed to exist in the object so check for those
and only skip the work if the mode is explicitly production.
rob
Ack
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 10:27:57PM -0500, Rob Crittenden wrote:
The 389-ds replication plugin may not be installed on all platforms
and our replication version plugin will cause 389-ds to not start if
it is loaded and the replication plugin is not. So disable by
default.
Martin Kosek wrote:
This patch fixes behavior of ipa-dns-install, which does not
exit when an invalid configuration of /etc/hosts is detected.
https://fedorahosted.org/freeipa/ticket/736
I'm not positive but was the address info checking done within the try
to catch any possible exception?
Martin Kosek wrote:
This patch fixes ipactl to return non-zero value when something
goes wrong.
https://fedorahosted.org/freeipa/ticket/894
ack, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Rob Crittenden rcrit...@redhat.com wrote:
Just a really minor nit. Can you define a label for the argument?
Otherwise if you run: `ipa show-mappings` it will prompt for
command_name.
rob
Done, sending in attachment.
Jan
From fece796ab7894a591ef4e2fb4bb39f097c687cc1 Mon Sep 17 00:00:00 2001
On 02/10/2011 01:13 AM, Endi Sukma Dewata wrote:
On 2/9/2011 7:06 PM, Adam Young wrote:
A few comments:
1. The functionality seems to be working, but the layout is a bit
different. Previously the label (e.g. Filter) and the widget (e.g.
text field) occupy the same line. Right now they
On 02/10/2011 05:12 PM, Rob Crittenden wrote:
But what other roles do we need? The mind boggles and rather than
dictating what the initial ones will be I'm looking for some
guidance/suggestions.
thanks
rob
I'm actually wondering if we need to define many default roles in the
upstream
Last version was a little too zealos in remivng style info, and I
removed the code that hid the select boxthat chose the target. Added
that code back in here.
On 02/10/2011 03:02 PM, Adam Young wrote:
On 02/10/2011 01:13 AM, Endi Sukma Dewata wrote:
On 2/9/2011 7:06 PM, Adam Young wrote:
Jan Zeleny wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Just a really minor nit. Can you define a label for the argument?
Otherwise if you run: `ipa show-mappings` it will prompt for
command_name.
rob
Done, sending in attachment.
Jan
I made one minor change to the patch before
On 02/10/2011 03:09 PM, Adam Young wrote:
Last version was a little too zealos in remivng style info, and I
removed the code that hid the select boxthat chose the target. Added
that code back in here.
On 02/10/2011 03:02 PM, Adam Young wrote:
On 02/10/2011 01:13 AM, Endi Sukma Dewata
On 02/10/2011 03:05 PM, Jakub Hrozek wrote:
On 02/10/2011 05:12 PM, Rob Crittenden wrote:
But what other roles do we need? The mind boggles and rather than
dictating what the initial ones will be I'm looking for some
guidance/suggestions.
thanks
rob
I'm actually wondering if we need to
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:
If /etc/krb5.conf doesn't exist or contains no default kerberos
realm then 389-ds won't start at all. This is a problem during
installation because we configure 389 first.
This patch will let the server come
On 2/10/2011 3:27 PM, Adam Young wrote:
NACK. As discussed over IRC, the is_dirty functionality is not working
for permissions that have an object by type target.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Previously the add service dialog box shows a 'Principal:' label with
no text field next to it. It now has been removed. The dialog box
has been widened to avoid line wrapping of the buttons.
--
Endi S. Dewata
From 24d77795d7e73e4a0d91245c9603ef8ea8ffb4e9 Mon Sep 17 00:00:00 2001
From: Endi S.
From 2f6d37bab0064b7cab9ffb4f6976487afb3ff6a4 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Thu, 10 Feb 2011 16:48:17 -0500
Subject: [PATCH] column formatting
Allow optional formatting for columns
Provide Data formate for host modificaiton
On 2/10/2011 3:51 PM, Adam Young wrote:
Should we use one of these functions?
http://www.w3schools.com/jsref/jsref_tostring_date.asp
http://www.w3schools.com/jsref/jsref_tolocalestring.asp
http://www.w3schools.com/jsref/jsref_toutcstring.asp
--
Endi S. Dewata
Pushed this one-liner to fix reference to ipa.spec.in in BUILD.txt
ticket 859
diff --git a/BUILD.txt b/BUILD.txt
index d70351d..df029a5 100644
--- a/BUILD.txt
+++ b/BUILD.txt
@@ -5,7 +5,7 @@ Dependencies
The quickest way to get the dependencies needed for building is:
-# yum install
On 2/10/2011 5:00 PM, Adam Young wrote:
Should we use one of these functions?
http://www.w3schools.com/jsref/jsref_tostring_date.asp
http://www.w3schools.com/jsref/jsref_tolocalestring.asp
http://www.w3schools.com/jsref/jsref_toutcstring.asp
Our dates are not conisdered valid dates, so we
On 2/10/2011 5:02 PM, Adam Young wrote:
On 02/10/2011 04:42 PM, Endi Sukma Dewata wrote:
On 2/10/2011 3:27 PM, Adam Young wrote:
NACK. As discussed over IRC, the is_dirty functionality is not
working for permissions that have an object by type target.
Was worse than that, load was broken.
Dmitri Pal wrote:
On 02/10/2011 03:05 PM, Jakub Hrozek wrote:
On 02/10/2011 05:12 PM, Rob Crittenden wrote:
But what other roles do we need? The mind boggles and rather than
dictating what the initial ones will be I'm looking for some
guidance/suggestions.
thanks
rob
I'm actually wondering
Reset file ownership after calling update_file() and set_preference() in
installutils. Out of the blue these would change file ownership to
root:root which was breaking a dogtag profile.
This fixes the error from cert-request: FAILURE (Profile
caIPAserviceCert Not Found)
ticket 928
rob
Rob Crittenden wrote:
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:
If /etc/krb5.conf doesn't exist or contains no default kerberos
realm then 389-ds won't start at all. This is a problem during
installation because we configure 389 first.
This patch will
Yi found a tricky way to remove required attributes that aren't required
in the schema. The problem was we weren't enforcing parameter.required
in mods (because it was enforcing that every variable with required be
provided).
I added a new check routine that is executed after setattr/addattr
Hi Kyle,
I added the expand/collapse all link into the details page.
See the following demo:
http://edewata.fedorapeople.org/freeipa/install/ui/index.html#navigation=0identity=0user-facet=detailsuser-pkey=kfrog
Please let me know if this is sufficient for this ticket:
On Thu, 2011-02-10 at 13:58 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
This patch fixes behavior of ipa-dns-install, which does not
exit when an invalid configuration of /etc/hosts is detected.
https://fedorahosted.org/freeipa/ticket/736
I'm not positive but was the address info
48 matches
Mail list logo