On 09/24/2012 04:33 PM, Sumit Bose wrote:
On Mon, Sep 24, 2012 at 05:01:25PM +0300, Alexander Bokovoy wrote:
Hi,
small patch, to make sure external members are listed when 'ipa
group-show' is called.
https://fedorahosted.org/freeipa/ticket/2975
ACK
bye,
Sumit
Pushed to master,
When DNS is being installed during ipa-{server,dns,replica}-install,
forward and reverse zone is created. However, reverse zone was always
created with default zonemgr even when a custom zonemgr was passed
to the installer as this functionality was missing in function
creating reverse zone.
Hi,
On adding new user, host-add tries to make it a member of default
user group. This, however, can raise AlreadyGroupMember when the
user is already member of this group due to automember rule or
default group configured. This patch makes sure AlreadyGroupMember
exception is caught in such
config-mod is capable of changing default SELinux user map order
and a default SELinux user. Validate the new config values to
prevent bogus default SELinux users to be assigned to IPA users.
https://fedorahosted.org/freeipa/ticket/2993
---
Note: I removed the previous validate construct:
-
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases, ProtectedEntryError
is being raised.
https://fedorahosted.org/freeipa/ticket/3098
Tomas
From 667031a12f7c2bc0b95573afc0a7cf572d64cb43 Mon Sep 17 00:00:00 2001
From: Tomas Babej
On 09/25/2012 02:22 PM, Tomas Babej wrote:
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases, ProtectedEntryError
is being raised.
https://fedorahosted.org/freeipa/ticket/3098
Tomas
Just based on a quick glance, I see
On 09/25/2012 02:31 PM, Martin Kosek wrote:
On 09/25/2012 02:22 PM, Tomas Babej wrote:
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases, ProtectedEntryError
is being raised.
https://fedorahosted.org/freeipa/ticket/3098
Tomas
Hi,
I did have bug filed against python-ldap in January and for some reason
my patch to accomodate two ways of making LDAP controls was not included
in March 2012 when I presented it as part of trusts, but yesterday we
found it is really needed for RHEL6 version of python-ldap.
Rather than
Dogtag opens not only the insecure port (8080 or 9180, for d10 or
d9 respectively), but also secure ports (8443 or 94439444).
Wait for them when starting.
Part of the fix for https://fedorahosted.org/freeipa/ticket/3084. I
found that if we don't wait for the secure port,
Hi,
Domain validator code in ipaserver/dcerpc.py verifies that a SID belongs
to one of our trusted domains. This verification was expecting that SID
is for some resource within trusted domain and ignored the case when it
is the SID of the trusted domain, i.e. when sid has form like
https://fedorahosted.org/freeipa/ticket/2941
Simo, do you remember how you configured resolv.conf and when you
pressed Ctrl+C? There's a lot of code called from ipa-replica-install
that could cause the bug.
Here I went for the most obvious places where we ignore
KeyboardInterrupt. I will
These 2 patches significantly limit the number of unindexed LDAP searches we do
in IPA. I used our unit test suite as a good source of different LDAP searches
run by our command suite.
Most of the remaining unindexed searches are produced either by our general
term search (ipa service-find TERM)
12 matches
Mail list logo