On Thu, 2012-02-23 at 14:32 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2012-02-20 at 12:46 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Tue, 2012-02-14 at 09:10 -0500, Rob Crittenden wrote:
Simo Sorce wrote:
On Tue, 2012-02-14 at 12:09 +0100, Martin Kosek wrote:
A
On Thu, 2012-02-23 at 16:10 -0500, Rob Crittenden wrote:
John Dennis wrote:
This works great, particularly with patch 63. The only thing I wasn't
able to test at all is logout. Is there a way to test that as-is or will
the UI guys need to make some changes too?
rob
I noticed
On 02/23/2012 04:08 PM, Jan Cholasta wrote:
Can't you just re-escape the values before forwarding the call? That
would be a fairly straightforward fix and it would remove the need for
all the _forwarded_call hackery.
All right, I'll do that once we decide on how to escape. Self-NACK for
the
On 02/24/2012 11:09 AM, Petr Viktorin wrote:
On 02/23/2012 04:08 PM, Jan Cholasta wrote:
Can't you just re-escape the values before forwarding the call? That
would be a fairly straightforward fix and it would remove the need for
all the _forwarded_call hackery.
All right, I'll do that
On Fri, 2012-02-24 at 11:09 +0100, Petr Viktorin wrote:
...
You need four backslashes for a literal backslash, three to escape a
comma. I think 2.1 clients are already broken, and the backwards
incompatibility would only affect workarounds.
Yes, but CSV values without escaping works. And
On 02/24/2012 11:09 AM, Petr Viktorin wrote:
As far as I can see the Web UI is tied to the server version, so
changing the JSON communication shouldn't be a problem?
Anyway, since the JSON code for this is scattered across the codebase,
we need to introduce a common JS function first, and only
On 02/24/2012 12:09 PM, Martin Kosek wrote:
On Fri, 2012-02-24 at 11:09 +0100, Petr Viktorin wrote:
...
You need four backslashes for a literal backslash, three to escape a
comma. I think 2.1 clients are already broken, and the backwards
incompatibility would only affect workarounds.
Yes,
Hello,
this patch is documentation improvement configuration check for
situations, where persistent search and zone refresh are enabled at same
time. (Which is not allowed.)
It's related to fix https://fedorahosted.org/bind-dyndb-ldap/ticket/43 -
hold bind and plugin global settings in
Simo Sorce wrote:
On Thu, 2012-02-23 at 22:05 -0500, Rob Crittenden wrote:
We noticed that older client machines couldn't join FreeIPA 2.1.90
servers running KDC 1.90. It was failing to return a ticket for DES so
the whole keytab request was failing.
I changed it so failures are acceptable as
Petr Viktorin wrote:
On 02/24/2012 12:09 PM, Martin Kosek wrote:
On Fri, 2012-02-24 at 11:09 +0100, Petr Viktorin wrote:
...
You need four backslashes for a literal backslash, three to escape a
comma. I think 2.1 clients are already broken, and the backwards
incompatibility would only affect
On 02/23/2012 10:10 PM, Rob Crittenden wrote:
John Dennis wrote:
This works great, particularly with patch 63. The only thing I wasn't
able to test at all is logout. Is there a way to test that as-is or will
the UI guys need to make some changes too?
rob
I just created a WIP logout
On 02/24/2012 03:08 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 02/24/2012 12:09 PM, Martin Kosek wrote:
On Fri, 2012-02-24 at 11:09 +0100, Petr Viktorin wrote:
...
Old clients *already send* plain arrays; but the server currently
errorneously parses each part again. Maybe a better
SSH public key support includes a feature to automatically add/update
client SSH fingerprints in SSHFP records. However, the update won't
work for zones created before this support was added as they don't
allow clients to update SSHFP records in their update policies.
This patch lets dns upgrade
On Feb 22, 2012, at 11:26 AM, Rob Crittenden wrote:
We include memberof when doing a total sync so there is no need to re-run the
memberOf task in ipa-replica-manage re-initialize unless the agreement
doesn't set nsDS5ReplicatedAttributeListTotal.
rob
ACK
Patch tested and clean
rebased patch against current ipa-2-2 branch
--
John Dennis jden...@redhat.com
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
From 39296b1e77d3b1d8c1d085e463906d1af6bb6816 Mon Sep 17 00:00:00 2001
From: John Dennis jden...@redhat.com
Date: Wed, 15 Feb 2012 10:26:42 -0500
Subject:
On 02/24/2012 01:18 PM, John Dennis wrote:
* Move the existing /ipa/login URL to /ipa/session/login_kerberos. The
URL change is to be consistent with the above new URL. The URL change
reflects the fact it is only used to initialize a session when the user
already has a valid kerberos ticket. As
John Dennis wrote:
On 02/24/2012 01:18 PM, John Dennis wrote:
* Move the existing /ipa/login URL to /ipa/session/login_kerberos. The
URL change is to be consistent with the above new URL. The URL change
reflects the fact it is only used to initialize a session when the user
already has a valid
Martin Kosek wrote:
Do not accept invalid GID values in IPA user/group plugins.
https://fedorahosted.org/freeipa/ticket/2335
ACK, pushed to master and ipa-2-2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Limit the characters in a netgroup name to alpha, digits, -, _ and .
rob
From 2b48a0ec3ac1b0fe2753754d1f431930c9d9581d Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Fri, 24 Feb 2012 14:39:56 -0500
Subject: [PATCH] Limit allowed characters in a netgroup name to alpha,
What should the ownership/permissions be on /var/run/dirsrv and
/var/lock/dirsrv?
Original Message
Subject:Re: [389-users] systemd warning message
Date: Fri, 24 Feb 2012 22:18:58 +0100
From: Marco Pizzoli marco.pizz...@gmail.com
Reply-To: General discussion list
Add Requires oddjob-mkhomedir on the client subpackage. This will avoid
SELinux issues if mkhomedir is configured.
rob
From b90626fcf46cc83350455c8ff6ae9085c7ae1e4c Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Fri, 24 Feb 2012 16:42:37 -0500
Subject: [PATCH] Add
ACK. Feel free to push once the required server piece is ready.
On 2/23/2012 7:06 AM, Petr Vobornik wrote:
3. When adding an A/ record and checking the 'create reverse'
option, if the reverse zone doesn't exist it will show an error dialog
box saying it cannot create the reverse record. The
On 02/22/2012 10:45 PM, Rob Crittenden wrote:
Does anyone have a BNF for or know the legal characters in a netgroup
name?
All I could find was an ancient SunOS document saying only lower-case
characters and digits were allowed. This doesn't sound right.
thanks
rob
Dmitri Pal wrote:
On 02/22/2012 10:45 PM, Rob Crittenden wrote:
Does anyone have a BNF for or know the legal characters in a netgroup
name?
All I could find was an ancient SunOS document saying only lower-case
characters and digits were allowed. This doesn't sound right.
thanks
rob
On Feb 24, 2012, at 3:22 PM, Simo Sorce wrote:
On Fri, 2012-02-24 at 23:09 +, JR Aquino wrote:
ipa-replica-manage del causes tombstone entries to remain in 389 DS. This has
proven to be problematic.
We can automatically perform the cleanup task at the deletion time to minimize
orphans and
On 02/24/2012 04:37 PM, JR Aquino wrote:
On Feb 24, 2012, at 3:22 PM, Simo Sorce wrote:
On Fri, 2012-02-24 at 23:09 +, JR Aquino wrote:
ipa-replica-manage del causes tombstone entries to remain in 389 DS. This has
proven to be problematic.
We can automatically perform the cleanup task at
On Feb 24, 2012, at 3:09 PM, JR Aquino wrote:
ipa-replica-manage del causes tombstone entries to remain in 389 DS. This
has proven to be problematic.
We can automatically perform the cleanup task at the deletion time to
minimize orphans and ghosts in the directory.
This patch runs the
27 matches
Mail list logo