Dne 7.7.2015 v 16:42 Endi Sukma Dewata napsal(a):
- Original Message -
On 07/07/2015 10:51 AM, Jan Cholasta wrote:
Dne 3.7.2015 v 15:44 Endi Sukma Dewata napsal(a):
Here is the rebased patch for vault access control.
LGTM, except:
@@ -356,6 +386,13 @@ class vault(LDAPObject):
Dne 8.7.2015 v 00:37 Tomas Babej napsal(a):
On 07/07/2015 07:49 PM, Martin Basti wrote:
On 03/07/15 16:41, Martin Babinsky wrote:
On 07/02/2015 01:58 PM, Martin Babinsky wrote:
First attempt at https://fedorahosted.org/freeipa/ticket/4768
Attaching reworked patch.
ACK
--
Martin Bast
On 07/07/2015 03:47 PM, Sumit Bose wrote:
> On Tue, May 26, 2015 at 02:47:02PM +0300, Alexander Bokovoy wrote:
>> On Tue, 26 May 2015, Sumit Bose wrote:
>>> On Tue, May 26, 2015 at 01:24:30PM +0200, Petr Vobornik wrote:
On 05/26/2015 01:21 PM, Sumit Bose wrote:
> Hi,
>
> this tes
On 07/07/2015 03:49 PM, Sumit Bose wrote:
> On Tue, May 26, 2015 at 01:36:35PM +0200, Martin Kosek wrote:
>> On 05/26/2015 01:33 PM, Sumit Bose wrote:
>>> Hi,
>>>
>>> these patches add some unit tests and some additional improvements
>>> related to the issues described in
>>> https://bugzilla.red
On 07/07/2015 04:31 PM, Alexander Bokovoy wrote:
> On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
>> Hi,
>>
>> attached are patches to introduce one-way trust support and few more to
>> fix currently outstanding trust-related bugs.
>>
>> More details are in the commit messages.
>>
>> For oddjobd-a
On 07/07/2015 07:16 PM, Martin Basti wrote:
> On 03/07/15 06:17, David Kupka wrote:
>> Since ipa-replica-* tools will be soon removed I think this simple
>> check should be enough.
>>
>>
>>
> ACK
>
> --
> Martin Basti
>
>
>
Pushed to master: 6a91893ff50fee6d7c71d9bc982d85a3ec8b7583
--
Man
On 07/07/2015 07:49 PM, Martin Basti wrote:
> On 03/07/15 16:41, Martin Babinsky wrote:
>> On 07/02/2015 01:58 PM, Martin Babinsky wrote:
>>> First attempt at https://fedorahosted.org/freeipa/ticket/4768
>>>
>>>
>>>
>> Attaching reworked patch.
>>
>>
>>
> ACK
>
> --
> Martin Basti
>
>
>
Pus
On 07/07/2015 07:36 PM, Martin Basti wrote:
> https://fedorahosted.org/freeipa/ticket/5101
>
> Patch attached.
>
>
>
ACK.
Pushed to master: 1d9bdb240943527e1e19704acd183eae254267ae
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/free
On 07/07/2015 07:30 PM, Martin Basti wrote:
> On 04/07/15 16:58, Fraser Tweedale wrote:
>> On Fri, Jul 03, 2015 at 10:34:07PM +1000, Fraser Tweedale wrote:
>>> On Thu, Jul 02, 2015 at 08:12:12PM +1000, Fraser Tweedale wrote:
On Thu, Jul 02, 2015 at 11:23:49AM +0200, Jan Cholasta wrote:
>
On 07/07/2015 07:16 PM, Martin Basti wrote:
> On 07/07/15 10:33, Tomas Babej wrote:
>> Hi,
>>
>> * Hide topology and domainlevel commands in the CLI
>> * Hide topology and domainlevel in the WebUI
>> * Set maximum allowed domain level to 0
>> * Do not configure and enable the topology plugin
>>
>
On 03/07/15 16:41, Martin Babinsky wrote:
On 07/02/2015 01:58 PM, Martin Babinsky wrote:
First attempt at https://fedorahosted.org/freeipa/ticket/4768
Attaching reworked patch.
ACK
--
Martin Basti
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/m
https://fedorahosted.org/freeipa/ticket/5101
Patch attached.
--
Martin Basti
From f5de8e7a9ecd8f8220bd542d9ff264ce7917a829 Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Tue, 7 Jul 2015 16:28:48 +0200
Subject: [PATCH] Fix regression: ipa-dns-install will add CA records if
required
https:/
On 04/07/15 16:58, Fraser Tweedale wrote:
On Fri, Jul 03, 2015 at 10:34:07PM +1000, Fraser Tweedale wrote:
On Thu, Jul 02, 2015 at 08:12:12PM +1000, Fraser Tweedale wrote:
On Thu, Jul 02, 2015 at 11:23:49AM +0200, Jan Cholasta wrote:
Hi,
Dne 2.7.2015 v 11:15 Fraser Tweedale napsal(a):
Attach
On 07/07/15 10:33, Tomas Babej wrote:
Hi,
* Hide topology and domainlevel commands in the CLI
* Hide topology and domainlevel in the WebUI
* Set maximum allowed domain level to 0
* Do not configure and enable the topology plugin
https://fedorahosted.org/freeipa/ticket/5097
ACK
--
Martin Bas
On 03/07/15 06:17, David Kupka wrote:
Since ipa-replica-* tools will be soon removed I think this simple
check should be enough.
ACK
--
Martin Basti
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
Hello,
the patch removes the dependency on Python's ssl module and
python-backports-ssl_match_hostname.
https://fedorahosted.org/freeipa/ticket/5068
Open question
-
Is paths.IPA_NSSDB_DIR the correct NSSDB?
Christian
From 976427e5c448093131a99bdf77fc9d23c2d87883 Mon Sep 17 00:00:00
On 03/07/15 08:46, Martin Kosek wrote:
On 07/03/2015 08:41 AM, Jan Cholasta wrote:
Dne 2.7.2015 v 14:34 David Kupka napsal(a):
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
Client install works, but uninstall does not:
# ipa-client-install --uninstall -U
certmonger faile
- Original Message -
> On 07/07/2015 10:51 AM, Jan Cholasta wrote:
> > Dne 3.7.2015 v 15:44 Endi Sukma Dewata napsal(a):
> >> Here is the rebased patch for vault access control.
> >>
> >
> > LGTM, except:
> >
> > @@ -356,6 +386,13 @@ class vault(LDAPObject):
> > {
> >
On 07/07/2015 04:28 PM, Alexander Bokovoy wrote:
> On Tue, 07 Jul 2015, Nathaniel McCallum wrote:
>> This LGTM. However, I’ll let Alexander give the ACK.
> Looks good for me too.
>
>
>
Pushed to master: 25d1afdc54284c6bcf1caf08beae2e66ceb7f4e8
--
Manage your subscription for the Freeipa-dev
On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
Hi,
attached are patches to introduce one-way trust support and few more to
fix currently outstanding trust-related bugs.
More details are in the commit messages.
For oddjobd-activated helper, if you want to test the one-way trust
setup, you need t
On Tue, 07 Jul 2015, Nathaniel McCallum wrote:
This LGTM. However, I’ll let Alexander give the ACK.
Looks good for me too.
--
/ Alexander Bokovoy
signature.asc
Description: PGP signature
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/f
On 06/30/2015 05:40 PM, Simo Sorce wrote:
> On Tue, 2015-06-30 at 16:10 +0200, Martin Basti wrote:
>> On 30/06/15 15:18, Martin Basti wrote:
>>> On 30/06/15 14:47, Simo Sorce wrote:
On Tue, 2015-06-30 at 13:19 +0200, Tomas Babej wrote:
> On 06/30/2015 01:08 PM, Martin Basti wrote:
>>
This LGTM. However, I’ll let Alexander give the ACK.
> On Jul 7, 2015, at 10:11 AM, Christian Heimes wrote:
>
> Hi,
>
> the patch addresses the error handling of ipa-httpd-kdcproxy as
> discussed in the other thread.
>
> Christian
> --
> Manage your subscription for the Freeipa-devel mailing
Hi,
the patch addresses the error handling of ipa-httpd-kdcproxy as
discussed in the other thread.
Christian
From 85dc0cc3f597accdee6f6de9d7b4d41b2173a8d9 Mon Sep 17 00:00:00 2001
From: Christian Heimes
Date: Tue, 7 Jul 2015 16:05:48 +0200
Subject: [PATCH] Improve error handling in ipa-httpd-kdc
On 2015-07-07 15:41, Simo Sorce wrote:
> On Tue, 2015-07-07 at 08:48 -0400, Nathaniel McCallum wrote:
>>> On Jul 6, 2015, at 11:35 AM, Christian Heimes wrote:
>>>
>>> Hello,
>>>
>>> I like to ask for your opinion regarding the pre-exec hook
>>> 'ipa-httpd-kdcproxy' in httpd.service. Alex has asked
On Tue, May 26, 2015 at 01:36:35PM +0200, Martin Kosek wrote:
> On 05/26/2015 01:33 PM, Sumit Bose wrote:
> >Hi,
> >
> >these patches add some unit tests and some additional improvements
> >related to the issues described in
> >https://bugzilla.redhat.com/show_bug.cgi?id=1222475 . The original issu
On Tue, May 26, 2015 at 02:47:02PM +0300, Alexander Bokovoy wrote:
> On Tue, 26 May 2015, Sumit Bose wrote:
> >On Tue, May 26, 2015 at 01:24:30PM +0200, Petr Vobornik wrote:
> >>On 05/26/2015 01:21 PM, Sumit Bose wrote:
> >>>Hi,
> >>>
> >>>this tests should have gone together with
> >>>c1114ef82516
On Tue, 2015-07-07 at 08:48 -0400, Nathaniel McCallum wrote:
> > On Jul 6, 2015, at 11:35 AM, Christian Heimes wrote:
> >
> > Hello,
> >
> > I like to ask for your opinion regarding the pre-exec hook
> > 'ipa-httpd-kdcproxy' in httpd.service. Alex has asked me to handle error
> > cases like LDAP
> On Jul 6, 2015, at 11:35 AM, Christian Heimes wrote:
>
> Hello,
>
> I like to ask for your opinion regarding the pre-exec hook
> 'ipa-httpd-kdcproxy' in httpd.service. Alex has asked me to handle error
> cases like LDAP connection timeout more gracefully. At the moment any
> error causes the
On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
From b7a3b206deb3257b3a78939f0d2a6a114e48b758 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Thu, 26 Mar 2015 14:34:06 +0200
Subject: [PATCH 01/11] add one-way trust support to ipasam
When trust is established, ipasam module creates a number
On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
From a4e2034028d64a8b2b533af9541e698a68388fb2 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Thu, 4 Jun 2015 21:29:36 +
Subject: [PATCH 07/11] ipa-adtrust-install: allow configuring of trust agents
Trust agents are IPA master without Sam
On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
From 4a856d8ff597ec516cc1eb05f06e062bb4ecca5b Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy
Date: Thu, 28 May 2015 11:49:58 +
Subject: [PATCH 05/11] trusts: pass AD DC hostname if specified explicitly
Fixes https://bugzilla.redhat.com/show_bu
On Tue, 07 Jul 2015, Alexander Bokovoy wrote:
Hi,
attached are patches to introduce one-way trust support and few more to
fix currently outstanding trust-related bugs.
More details are in the commit messages.
For oddjobd-activated helper, if you want to test the one-way trust
setup, you need t
Hi,
attached are patches to introduce one-way trust support and few more to
fix currently outstanding trust-related bugs.
More details are in the commit messages.
For oddjobd-activated helper, if you want to test the one-way trust
setup, you need to put SELinux into permissive. We have bugs for
On 07/07/2015 11:48 AM, Martin Basti wrote:
> On 07/07/15 10:37, Tomas Babej wrote:
>>
>> On 07/07/2015 09:09 AM, Tomas Babej wrote:
>>>
>>> On 06/24/2015 04:33 PM, Tomas Babej wrote:
On 06/24/2015 04:29 PM, Martin Basti wrote:
> On 24/06/15 14:39, Tomas Babej wrote:
>> +msgid "Autom
On 07/07/2015 10:51 AM, Jan Cholasta wrote:
> Dne 3.7.2015 v 15:44 Endi Sukma Dewata napsal(a):
>> Here is the rebased patch for vault access control.
>>
>
> LGTM, except:
>
> @@ -356,6 +386,13 @@ class vault(LDAPObject):
> {
> 'objectclass': ['nsContainer'],
On 07/07/15 10:37, Tomas Babej wrote:
On 07/07/2015 09:09 AM, Tomas Babej wrote:
On 06/24/2015 04:33 PM, Tomas Babej wrote:
On 06/24/2015 04:29 PM, Martin Basti wrote:
On 24/06/15 14:39, Tomas Babej wrote:
+msgid "Automount location name."
+msgstr "Job Title"
+
in german po file
+msgid "A
On 03/07/15 06:17, David Kupka wrote:
Since ipa-replica-* tools will be soon removed I think this simple check
should be enough.
Updated patch attached.
--
David Kupka
From 3df59261538f6b28e158802d8f6e4a47dadeab84 Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Fri, 3 Jul 2015 05:59:55 +02
Dne 3.7.2015 v 15:44 Endi Sukma Dewata napsal(a):
Here is the rebased patch for vault access control.
LGTM, except:
@@ -356,6 +386,13 @@ class vault(LDAPObject):
{
'objectclass': ['nsContainer'],
'cn': rdn['cn'],
+
On 07/07/2015 09:09 AM, Tomas Babej wrote:
>
>
> On 06/24/2015 04:33 PM, Tomas Babej wrote:
>> On 06/24/2015 04:29 PM, Martin Basti wrote:
>>> On 24/06/15 14:39, Tomas Babej wrote:
+msgid "Automount location name."
+msgstr "Job Title"
+
>>>
>>> in german po file
>>>
>>> +msgid "A
Hi,
* Hide topology and domainlevel commands in the CLI
* Hide topology and domainlevel in the WebUI
* Set maximum allowed domain level to 0
* Do not configure and enable the topology plugin
https://fedorahosted.org/freeipa/ticket/5097
From 8cdc723d334540258fdc408933b3f47ccebf5b53 Mon Sep 17 00:0
Dne 3.7.2015 v 14:23 Endi Sukma Dewata napsal(a):
On 7/1/2015 1:53 AM, Jan Cholasta wrote:
I think it would be better to use a new attribute type which
inherits
from ipaPublicKey (ipaVaultPublicKey?) rather than ipaPublicKey
directly
for assymetric vault public keys, so that assymetric public ke
42 matches
Mail list logo