Re: [Freeipa-devel] [PATCH] 233 Fix ipa-replica-manage TLS connection error

On Tue, 2012-03-13 at 16:08 -0400, Rob Crittenden wrote: Rich Megginson wrote: On 03/08/2012 05:33 AM, Martin Kosek wrote: New version of openldap (openldap-2.4.26-6.fc16.x86_64) changed its ABI and broke our TLS connection in ipa-replica-manage. This makes it impossible to connect for

Re: [Freeipa-devel] [PATCH] 105 Fixed checkbox value in table without pkey

On 03/09/2012 05:29 AM, Endi Sukma Dewata wrote: On 3/8/2012 3:47 AM, Petr Vobornik wrote: When a table is displaying a record set without entity's pkey attribute. A checkbox value isn't properly prepared. This patch adds the preparation (converts value to string).

Re: [Freeipa-devel] [PATCH] 104 Fixed mask validation in network_validator

On 03/09/2012 05:29 AM, Endi Sukma Dewata wrote: On 3/7/2012 10:15 AM, Petr Vobornik wrote: Attaching patch file. On 03/07/2012 05:10 PM, Petr Vobornik wrote: Network validator allowed invalid mask format: * leading zeros: 192.168.0.1/0024 * trailing chars: 192.168.0.1/24abcd It was fixed.

[Freeipa-devel] [PATCH] 18 Typos in FreeIPA messages

https://fedorahosted.org/freeipa/ticket/2526 Rebased patch sent by Yuri Chornoivan (yurc...@ukr.net). Fixes 'occured' and 'commond' typos in FreeIPA messages. Longtitude/Longitude typo was already corrected in patch for ticket #2382 https://fedorahosted.org/freeipa/ticket/2382. -- Regards,

Re: [Freeipa-devel] [PATCH] [WIP] Cross-realm trusts with AD

On Tue, 13 Mar 2012, Simo Sorce wrote: 2. samba4 4.0.0-102alpha18 has one minor bug in systemd service (https://fedorahosted.org/freeipa/ticket/2523), you'd need to add ExecStartPre=/bin/mkdir -p /run/samba before ExecStart= stanza to get it working with tmpfs-based /run in Fedora 17. This

Re: [Freeipa-devel] [PATCH] 924 display both hex and decimal serial numbers

On 13.3.2012 22:57, Rob Crittenden wrote: Jan Cholasta wrote: On 7.3.2012 17:12, Rob Crittenden wrote: Petr Vobornik wrote: On 03/06/2012 09:56 PM, Rob Crittenden wrote: Rob Crittenden wrote: Jan Cholasta wrote: Dne 18.1.2012 00:04, Rob Crittenden napsal(a): Jan Cholasta wrote: Dne

Re: [Freeipa-devel] [PATCH] 107 Fixed evaluating checkbox dirty status

ACK. I have some comments below. On 3/9/2012 11:20 AM, Petr Vobornik wrote: Problem: When value in checkbox is modified twice in a row (so it is at its original value) an 'undo' button is still visible even when it shouldn't be. Cause: IPA server sends boolean values as 'TRUE' or 'FALSE'

Re: [Freeipa-devel] [PATCH] 108 Better hbactest validation message

On 3/12/2012 8:22 AM, Petr Vobornik wrote: HBAC Test validation message now contains all missing values in form of list of links instead of general 'missing values' message and redirection to first missing value's facet. When a link is clicked user is redirected to value's facet.

Re: [Freeipa-devel] [PATCH] 924 display both hex and decimal serial numbers

On 3/7/2012 9:57 AM, Petr Vobornik wrote: On 03/06/2012 09:56 PM, Rob Crittenden wrote: UI portion added as well. ACK for the UI part. I attached a patch which extends UI static testing data - to keep things in solid state. ACK for Petr's patch #101. -- Endi S. Dewata

Re: [Freeipa-devel] [PATCH] [WIP] Cross-realm trusts with AD

On Wed, 2012-03-14 at 15:36 +0200, Alexander Bokovoy wrote: On Tue, 13 Mar 2012, Simo Sorce wrote: 2. samba4 4.0.0-102alpha18 has one minor bug in systemd service (https://fedorahosted.org/freeipa/ticket/2523), you'd need to add ExecStartPre=/bin/mkdir -p /run/samba before ExecStart=

Re: [Freeipa-devel] [PATCH] Fixed rpm build warning - extension.js listed twice

On 03/14/2012 03:40 PM, Petr Vobornik wrote: First, I have to say that I'm new to rpm specs and I don't like this patch but I don't have better solution. Problem: Building the ipa rpms returns this: warning: File listed twice: /usr/share/ipa/ui/extension.js Cause: This is because of a glob:

Re: [Freeipa-devel] [PATCH] Fixed rpm build warning - extension.js listed twice

On 03/14/2012 04:06 PM, Petr Viktorin wrote: On 03/14/2012 03:40 PM, Petr Vobornik wrote: First, I have to say that I'm new to rpm specs and I don't like this patch but I don't have better solution. Problem: Building the ipa rpms returns this: warning: File listed twice:

Re: [Freeipa-devel] [PATCH] 16 Netgroup nisdomain and hosts validation

On 03/09/2012 04:34 PM, Martin Kosek wrote: On Thu, 2012-03-08 at 14:52 +0100, Ondrej Hamada wrote: Netgroup nisdomain and hosts validation nisdomain validation: Added pattern to the 'nisdomain' parameter to validate the specified nisdomain name. According to most common use cases the same

[Freeipa-devel] [PATCH] 0027 Use valid argument names in tests

This patch depends on my patch 0024 (but I can rebase if it needs to be pushed earlied). It fixes some of the test bugs that would be found by a fix for https://fedorahosted.org/freeipa/ticket/2509 (Unknown Command arguments are allowed (and ignored)). As you can see it's quite easy,

[Freeipa-devel] Please review: take 2: Ticket #1891 - Rewrite IPA plugins to take advantage of the single transaction

freeipa-rmeggins-0004-Rewrite-IPA-plugins-to-take-advantage-of.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 982 tweak to no_init patch

Martin Kosek wrote: On Wed, 2012-03-07 at 16:50 -0500, Rob Crittenden wrote: I discovered today that cert-request was failing with an untrusted CA error. The problem had to do with the NSS no_init patch. We were setting dbdir in the connection object too soon so it was comparing itself to

Re: [Freeipa-devel] [PATCH] 0023 Don't crash when searching with empty relationship options

Petr Viktorin wrote: See commit message. https://fedorahosted.org/freeipa/ticket/2479 ACK, pushed to master and ipa-2-2 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] Please review: take 2: Ticket #1891 - Rewrite IPA plugins to take advantage of the single transaction

ack. Rich Megginson wrote: ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 983 add subject key identifier

Martin Kosek wrote: On Wed, 2012-03-07 at 17:49 -0500, Rob Crittenden wrote: Add subject key identifier to the dogtag server cert profile. This will add it on upgrades too and any new certs issued will have a subject key identifier set. If the user has customized the profile themselves then

[Freeipa-devel] [PATCH] 44 Add Automember Test to simulate logic decisions

This will be _very_ helpful for testing automember logic against potential users / hosts. This patch addes a new plugin to FreeIPA that tests automember logic decisions https://fedorahosted.org/freeipa/ticket/2535 ~ Jr Aquino | Sr. Information Security

Re: [Freeipa-devel] [PATCH] 924 display both hex and decimal serial numbers

Endi Sukma Dewata wrote: On 3/7/2012 9:57 AM, Petr Vobornik wrote: On 03/06/2012 09:56 PM, Rob Crittenden wrote: UI portion added as well. ACK for the UI part. I attached a patch which extends UI static testing data - to keep things in solid state. ACK for Petr's patch #101. Pushed both

Re: [Freeipa-devel] [PATCH] 981 set httpd_manage_ipa

Alexander Bokovoy wrote: On Mon, 12 Mar 2012, Rob Crittenden wrote: Rob Crittenden wrote: Alexander Bokovoy wrote: On Mon, 12 Mar 2012, Rob Crittenden wrote: Alexander Bokovoy wrote: On Wed, 07 Mar 2012, Rob Crittenden wrote: Set SELinux boolean httpd_manage_ipa so ipa_memcached will work

Re: [Freeipa-devel] [PATCH] 232 Treat UPGs correctly in winsync replication

Martin Kosek wrote: There are some test hints attached to the ticket. --- IPA winsync plugin failed to replicate users when default user group was non-posix even though User Private Groups (UPG) were enabled on the server. Both their uidNumber and gidNumber were empty and they missed essential