Re: [Freeipa-devel] [PATCH] 271 Modified dialog to use sections.

On 09/21/2011 10:10 PM, Endi Sukma Dewata wrote: On 9/21/2011 6:50 AM, Petr Vobornik wrote: Fixed. The dialog fields don't need undo, so the text() needs to be overridden to disable undo. This can be improved again later. The override isn't necessary because it wasn't there before and all (at

Re: [Freeipa-devel] [PATCH] 125 Remove checks for ds-replication plugin

On Wed, 2011-09-21 at 10:29 -0400, Rob Crittenden wrote: Martin Kosek wrote: The replication plugin is no longer shipped as a separate package. Remove the code checking its existence. https://fedorahosted.org/freeipa/ticket/1815 ACK Pushed to master, ipa-2-1. Martin

Re: [Freeipa-devel] [PATCH] 44 Fix parameter validation

On Wed, 2011-09-21 at 15:31 -0400, Rob Crittenden wrote: Jan Cholasta wrote: On 25.8.2011 18:21, Jan Cholasta wrote: What this patch does: * Make sure arguments are validated and default values are filled in before calling a command. * Add new parameter flag validate_search to force

Re: [Freeipa-devel] Structured DNS record API proposal - summary

On Wed, 2011-09-21 at 11:22 +0200, Martin Kosek wrote: On Tue, 2011-09-20 at 11:22 -0500, Endi Sukma Dewata wrote: On 9/20/2011 6:15 AM, Martin Kosek wrote: ACK. Proposal looks like it will work fairly easily with the UI. We'll have to make some chagnes due to the Add doing something

Re: [Freeipa-devel] [PATCH] include stdint.h for uintptr_t

On Wed, 2011-09-21 at 10:28 -0400, Rob Crittenden wrote: Marko Myllynen wrote: Hi, stdint.h must be included for uintptr_t at least on Ubuntu Oneiric, without it ipa-client compilation fails. There is an ipa-client make target that should make things somewhat easier as it doesn't

Re: [Freeipa-devel] [PATCH] #1814 Enforce old password requirement in ldappasswd operations

Simo Sorce wrote: Although we were properly checking that the user successfully authenticated (either through a password bind or a GSSAPI bind) we were not enforcing the requirement to provide us with the old password, and this is better security hygiene. Fixes:

[Freeipa-devel] [PATCH] 881 don't log OTP in client install log

Obfuscate the one-time password in the client installer log. rob From e454f840460b6703d8327a235844adcbc310f48d Mon Sep 17 00:00:00 2001 From: Rob Crittenden rcrit...@redhat.com Date: Thu, 22 Sep 2011 11:52:58 -0400 Subject: [PATCH] Don't log one-time password in logs when configuring client.

Re: [Freeipa-devel] [PATCH] 279 Fixed problem enrolling member with the same name.

On 09/20/2011 02:19 AM, Endi Sukma Dewata wrote: The IPA.association_adder_dialog has been modified to use an exclusion list to hide entries that are already enrolled. The IPA.adder_dialog has been modified to store the columns directly in the available selected tables. Ticket #1797

Re: [Freeipa-devel] [PATCH] Don't remove /tmp when removing temp cert dir

Marko Myllynen wrote: Hi, If /tmp happens to be empty os.removedirs() happily removes it... Seen on Ubuntu Oneiric. Cheers, https://fedorahosted.org/freeipa/ticket/1843 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 279 Fixed problem enrolling member with the same name.

On 9/22/2011 11:14 AM, Petr Vobornik wrote: On 09/20/2011 02:19 AM, Endi Sukma Dewata wrote: The IPA.association_adder_dialog has been modified to use an exclusion list to hide entries that are already enrolled. The IPA.adder_dialog has been modified to store the columns directly in the

Re: [Freeipa-devel] [PATCH] 276 Fixed problem enabling/disabling DNS zone.

On 9/22/2011 6:59 AM, Petr Vobornik wrote: On 09/17/2011 12:18 AM, Endi Sukma Dewata wrote: The details facet for DNS zone has been modified to use dnszone- enable/disable for idnszoneactive and dnszone-mod for other fields. Ticket #1813 ACK Pushed to master and ipa-2-1. Btw it doesn't

Re: [Freeipa-devel] [PATCH] 871 add hostname regex

Rob Crittenden wrote: Rob Crittenden wrote: Alexander Bokovoy wrote: On Tue, 13 Sep 2011, Jan Cholasta wrote: What about IDN hosts? With this change we would require them to be always in Punycode? Oh, hadn't considered that, I was just following the relevent RFCs. Is there a way we can

Re: [Freeipa-devel] Structured DNS record API proposal - summary

On 9/22/2011 7:24 AM, Martin Kosek wrote: 2) Some DNS records may be pretty large. MX record data is small, but for example CERT records have an entire certificate stored in it. Wouldn't there be a problem if we place the large DNS record in URL? This is how the DNS record list page could be

Re: [Freeipa-devel] FreeIPA and per-machine views

On 09/21/2011 10:07 PM, Stephen Gallagher wrote: I've ben working on the multiple search base feature in SSSD and I've had some thoughts that might be relevant to the FreeIPA v3 core effort. The idea behind multiple search bases is fairly simple; instead of simply checking one subtree for

Re: [Freeipa-devel] Structured DNS record API proposal

On 09/22/2011 03:37 AM, Jakub Hrozek wrote: On Thu, Sep 22, 2011 at 08:25:01AM +0200, Jan Cholasta wrote: On 21.9.2011 23:55, Dmitri Pal wrote: On 09/21/2011 10:27 AM, Adam Young wrote: On 09/20/2011 11:11 AM, Martin Kosek wrote: On Tue, 2011-09-20 at 10:02 -0400, Adam Young wrote: This