Re: [Freeipa-devel] [PATCH] 0042-0048 AD trusts support (master)

On Thu, 2012-06-07 at 10:56 +0300, Alexander Bokovoy wrote: On Thu, 07 Jun 2012, Martin Kosek wrote: It may have been an issue on my side. I will open a ticket if I hit a unit test error again. I did a next round of review for your patches, I did not find any show-stopper why not to push

[Freeipa-devel] [PATCH 0022] fix crash during zone unload when NS is not resolvable

Hello, this patch fixes https://fedorahosted.org/bind-dyndb-ldap/ticket/77: bind-dyndb-ldap crashes during zone unload when NS is not resolvable. During investigation I found other two suspicious places. This patch adds only comment near to them. Any changes (as necessary) will be in

Re: [Freeipa-devel] [PATCH] 262-265 Enable psearch by default

On 06/05/2012 09:32 AM, Martin Kosek wrote: Thanks for digging out the traceback, I already reported this error to bind-dyndb-ldap: https://bugzilla.redhat.com/show_bug.cgi?id=827401 Petr, what's the status of this bug? I guess we cannot push this set of patches to enable the psearch by default

Re: [Freeipa-devel] [PATCH 0022] fix crash during zone unload when NS is not resolvable

On Thu, Jun 07, 2012 at 04:03:46PM +0200, Martin Kosek wrote: On Thu, 2012-06-07 at 15:33 +0200, Petr Spacek wrote: Hello, this patch fixes https://fedorahosted.org/bind-dyndb-ldap/ticket/77: bind-dyndb-ldap crashes during zone unload when NS is not resolvable. During investigation

Re: [Freeipa-devel] [PATCH] 0058 Prevent deletion of the last admin

Petr Viktorin wrote: On 06/05/2012 11:43 PM, Rob Crittenden wrote: Petr Viktorin wrote: Raise an error when trying to delete the last user from the 'admins' group The 'admin' group name seems like something that shouldn't be hardcoded, but that's how it's done in the webui and some of our

Re: [Freeipa-devel] Allowing existing IPA hosts to be used for installing a replica

Dmitri Pal wrote: On 06/07/2012 09:20 AM, Simo Sorce wrote: On Thu, 2012-06-07 at 09:16 -0400, Rob Crittenden wrote: Simo Sorce wrote: On Wed, 2012-06-06 at 23:08 -0400, Rob Crittenden wrote: Scott Poore wrote: Running this by the mailing list to see if I should open an RFE. Should we have

Re: [Freeipa-devel] [PATCH] 0057 Only allow root to run update plugins

Petr Viktorin wrote: On 06/05/2012 06:53 PM, Petr Viktorin wrote: On 06/05/2012 04:18 PM, Rob Crittenden wrote: Petr Viktorin wrote: On 06/05/2012 03:00 PM, Rob Crittenden wrote: Petr Viktorin wrote: On 06/05/2012 10:06 AM, Martin Kosek wrote: On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce

Re: [Freeipa-devel] [PATCH] 274 Password change capability for form-based auth

Martin Kosek wrote: You can use the attached script (changepw.py) to test the PW change interface from command line (on IPA server). --- IPA server web form-based authentication allows logins for users which for some reason cannot use Kerberos authentication. However, when a password for such

Re: [Freeipa-devel] [PATCH] 275 Do not crash in Decimal parameter conversion

Martin Kosek wrote: When invalid data is passed, an unhandled decimal exception could be raised in Decimal number conversion. Handle the exception more gracefully and report proper ipalib.errors.ConversionError. https://fedorahosted.org/freeipa/ticket/2705 I'm being pedantic but I think the

Re: [Freeipa-devel] [PATCH] 1024 add client session support

Rob Crittenden wrote: Rob Crittenden wrote: This adds client session support. The session key is stored in the kernel key ring. Your first request should go to /ipa/session/xml where it should be rejected with a 401. The next will go to /ipa/xml which will be accepted. This should all be

Re: [Freeipa-devel] [PATCH] 274 Password change capability for form-based auth

On Thu, 2012-06-07 at 22:28 -0400, Rob Crittenden wrote: Martin Kosek wrote: You can use the attached script (changepw.py) to test the PW change interface from command line (on IPA server). --- IPA server web form-based authentication allows logins for users which for some reason