On 20.12.2013 13:06, Petr Viktorin wrote:
I now have a failing test in test_permission_rollback. Let's think about
this case for a moment:
The permission system has rollback: if an ACI update fails, the entry
is rolled back. Currently it works (for ipapermlocation changes) like this:
- The old
Original patch for ticket #3803 implemented support to resolve SIDs
through SSSD. However, it also broke hbactest for external users. The
result of the updated external member group search must be local
non-external groups, not the external ones. Otherwise the rule is not
matched.
On Fri, 10 Jan 2014, Martin Kosek wrote:
Original patch for ticket #3803 implemented support to resolve SIDs
through SSSD. However, it also broke hbactest for external users. The
result of the updated external member group search must be local
non-external groups, not the external ones.
On 01/09/2014 10:25 PM, Nathaniel McCallum wrote:
On Thu, 2014-01-02 at 09:58 +0100, Petr Viktorin wrote:
On 12/23/2013 06:54 PM, Nathaniel McCallum wrote:
Attached.
config.in.h~ is a product of your specfific editor, right? You should
add it to your personal ignore list, e.g. with:
$ echo
On 01/09/2014 03:37 PM, Simo Sorce wrote:
On Thu, 2014-01-09 at 15:27 +0100, Martin Kosek wrote:
On 01/09/2014 03:12 PM, Simo Sorce wrote:
On Thu, 2014-01-09 at 09:04 -0500, Simo Sorce wrote:
On Thu, 2014-01-09 at 09:51 +0100, Martin Kosek wrote:
On 01/09/2014 12:26 AM, Simo Sorce wrote:
On
On 01/10/2014 12:43 PM, Jan Cholasta wrote:
On 20.12.2013 13:06, Petr Viktorin wrote:
I now have a failing test in test_permission_rollback. Let's think about
this case for a moment:
The permission system has rollback: if an ACI update fails, the entry
is rolled back. Currently it works (for
Simo Sorce wrote:
On Thu, 2014-01-09 at 10:44 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On 01/09/2014 03:12 PM, Simo Sorce wrote:
Also maybe we should allow admins to bypass the need to have an actual
object to represent the alt name ?
I'd rather not. This would allow a rogue admin
On 01/07/2014 01:54 PM, Jan Cholasta wrote:
On 16.12.2013 14:45, Petr Viktorin wrote:
On 12/16/2013 10:22 AM, Jan Cholasta wrote:
On 13.12.2013 15:16, Petr Viktorin wrote:
On 12/10/2013 04:05 PM, Jan Cholasta wrote:
Hi,
I believe the time has come to drop support for the legacy (dn,
Another permission design page coming up:
http://www.freeipa.org/page/V3/Multivalued_target_filters_in_permissions
related thread:
http://www.redhat.com/archives/freeipa-devel/2013-December/msg00063.html
ticket: https://fedorahosted.org/freeipa/ticket/4074
Originally the ticket also included
On Thu, 2014-01-09 at 21:30 -0800, Noriko Hosoi wrote:
Simo Sorce wrote:
On Thu, 2014-01-09 at 15:15 -0800, Noriko Hosoi wrote:
Simo Sorce wrote:
On Thu, 2014-01-09 at 16:32 -0500, Nathaniel McCallum wrote:
This patch is independent from my patches 0028-0031 and can be merged in
any
On Fri, 2014-01-10 at 12:15 -0500, Simo Sorce wrote:
On Thu, 2014-01-09 at 21:30 -0800, Noriko Hosoi wrote:
Simo Sorce wrote:
On Thu, 2014-01-09 at 15:15 -0800, Noriko Hosoi wrote:
Simo Sorce wrote:
On Thu, 2014-01-09 at 16:32 -0500, Nathaniel McCallum wrote:
This patch is
Hi Simo,
Simo Sorce wrote:
On Fri, 2014-01-10 at 12:15 -0500, Simo Sorce wrote:
This is not what I had in mind, our use cases is something like this:
aci: (target=ldap:///dc=bar)(targetattr=*) (version 3.0; acl userattr
test; allow (add) userattr = managedby#USERDN;)
ldapmodify -D
On Thu, 2014-01-09 at 17:37 -0500, Simo Sorce wrote:
On Thu, 2014-01-09 at 16:32 -0500, Nathaniel McCallum wrote:
This patch is independent from my patches 0028-0031 and can be merged in
any order.
This patch has a bug, but I can't figure it out. We need to set
On Thu, 2014-01-09 at 16:30 +0100, Tomas Babej wrote:
Hi,
Adds a parameter that represents a DateTime format using datetime.datetime
object from python's native datetime library.
In the CLI, accepts one of the following formats:
Accepts subset of values defined by ISO 8601:
On Thu, 09 Jan 2014, Nathaniel McCallum wrote:
New RPMs are up: http://npmccallum.fedorapeople.org/freeipa-otp/rpms/
Just as a note -- we can use copr service to provide a better experience
for testing. I made a copr repo with previous patchset last year:
15 matches
Mail list logo