Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

On 10/23/2015 12:38 PM, thierry bordaz wrote: On 10/23/2015 12:39 PM, Ludwig Krispenz wrote: On 10/23/2015 11:24 AM, thierry bordaz wrote: On 10/23/2015 11:00 AM, thierry bordaz wrote: On 10/12/2015 01:17 PM, Ludwig Krispenz wrote: On 10/12/2015 12:44 PM, Martin Basti wrote: On

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 23.10.2015 13:49, Tomas Babej wrote: On 10/23/2015 12:49 PM, Martin Basti wrote: On 23.10.2015 09:34, Martin Basti wrote: On 23.10.2015 09:31, Tomas Babej wrote: On 10/22/2015 05:49 PM, Simo Sorce wrote: On 22/10/15 11:29, Martin Basti wrote: Hello all, in current master branch we

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 23.10.2015 09:34, Martin Basti wrote: On 23.10.2015 09:31, Tomas Babej wrote: On 10/22/2015 05:49 PM, Simo Sorce wrote: On 22/10/15 11:29, Martin Basti wrote: Hello all, in current master branch we have mixed usage of literals 0, 1 and constants MIN_DOMAIN_LEVEL, MAX_DOMAIN_LEVEL,

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 10/23/2015 01:51 PM, Martin Basti wrote: > > > On 23.10.2015 13:49, Tomas Babej wrote: >> >> On 10/23/2015 12:49 PM, Martin Basti wrote: >>> >>> On 23.10.2015 09:34, Martin Basti wrote: On 23.10.2015 09:31, Tomas Babej wrote: > On 10/22/2015 05:49 PM, Simo Sorce wrote: >>

Re: [Freeipa-devel] [PATCH 0012-0019] CA ACL tracker and functional test

On 10/20/2015 02:19 PM, Martin Basti wrote: NACK 1) I still see many hardcoded passwords in the code with change_principal(smime_user, "Secret123"): For now changed to module variable. 2) Also the 'alice' username can be extracted to module variable instead hardcoding The fixture

Re: [Freeipa-devel] [PATCH] 924 use starttls in CSReplicationManager connection again

On 23/10/15 08:39, Petr Vobornik wrote: not sure if the change in2606f5aecd6ac0db31abb515b691529bb7eaf14e was a mistake or done on purpose. Anyway: commit 2606f5aecd6ac0db31abb515b691529bb7eaf14e has: -realm, hostname, dirman_passwd, port, starttls=True) +realm,

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 23/10/15 08:07, Petr Spacek wrote: On 23.10.2015 13:53, Martin Basti wrote: On 23.10.2015 13:53, Tomas Babej wrote: On 10/23/2015 01:51 PM, Martin Basti wrote: On 23.10.2015 13:49, Tomas Babej wrote: On 10/23/2015 12:49 PM, Martin Basti wrote: On 23.10.2015 09:34, Martin Basti wrote:

Re: [Freeipa-devel] [PATCH 0334] ipa-replica-manage: fix undefined variable

On 23.10.2015 13:01, Martin Babinsky wrote: On 10/23/2015 12:48 PM, Martin Basti wrote: In an error message the undefined variable has been used. The attached patch fixes it. ACK Pushed to master: 288a9b9dba05e5f87e253a3968b6431d816f94f6 -- Manage your subscription for the Freeipa-devel

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 23.10.2015 13:53, Tomas Babej wrote: On 10/23/2015 01:51 PM, Martin Basti wrote: On 23.10.2015 13:49, Tomas Babej wrote: On 10/23/2015 12:49 PM, Martin Basti wrote: On 23.10.2015 09:34, Martin Basti wrote: On 23.10.2015 09:31, Tomas Babej wrote: On 10/22/2015 05:49 PM, Simo Sorce

Re: [Freeipa-devel] [PATCH 0327] KRA: fix check if CA is installed on replica

On 10/16/2015 12:41 PM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5345 Patch attached. I have tested it on 4-2 branch and it works as expected, ACK. Obviously, master branch would require a different patch. -- Martin^3 Babinsky -- Manage your subscription for the

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 23.10.2015 14:21, Martin Kosek wrote: On 10/23/2015 02:07 PM, Petr Spacek wrote: On 23.10.2015 13:53, Martin Basti wrote: On 23.10.2015 13:53, Tomas Babej wrote: On 10/23/2015 01:51 PM, Martin Basti wrote: On 23.10.2015 13:49, Tomas Babej wrote: On 10/23/2015 12:49 PM, Martin Basti

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

Hi Ludwig, Thanks for the patch. Yes it is looking good to me. Just a minor change about the message logged (if case of failure to add the cleanallruv task), you may recommend to the administrator the exact command to run. ACK thanks thierry On 10/23/2015 02:27 PM, Ludwig Krispenz wrote:

[Freeipa-devel] [PATCHES 0375-0376] Perform validation of the trust in the trustdomain commands

Details in the commit messages. Fixes: https://fedorahosted.org/freeipa/ticket/5389 Tomas From 79c1fb33b736135a53e422794453ea7100d8cc61 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 23 Oct 2015 10:39:47 +0200 Subject: [PATCH] trusts: Make trust_show.get_dn raise

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 10/23/2015 02:07 PM, Petr Spacek wrote: > On 23.10.2015 13:53, Martin Basti wrote: >> >> >> On 23.10.2015 13:53, Tomas Babej wrote: >>> >>> On 10/23/2015 01:51 PM, Martin Basti wrote: On 23.10.2015 13:49, Tomas Babej wrote: > On 10/23/2015 12:49 PM, Martin Basti wrote: >> On

Re: [Freeipa-devel] [PATCH 0011] Replica promotion related changes in integration tests

On 23.10.2015 15:00, Oleg Fayans wrote: Hi Martin, Here comes the updated version. On 10/22/2015 05:38 PM, Martin Basti wrote: On 22.10.2015 15:23, Martin Basti wrote: On 22.10.2015 14:13, Oleg Fayans wrote: Hello, thank you for the patch. 1) please remove the added empty lines,

Re: [Freeipa-devel] [PATCH 0011] Replica promotion related changes in integration tests

Hi Martin, Here comes the updated version. On 10/22/2015 05:38 PM, Martin Basti wrote: On 22.10.2015 15:23, Martin Basti wrote: On 22.10.2015 14:13, Oleg Fayans wrote: Hello, thank you for the patch. 1) please remove the added empty lines, they are unrelated to this ticket done

Re: [Freeipa-devel] [PATCH 0011] Replica promotion related changes in integration tests

On 23.10.2015 15:00, Oleg Fayans wrote: Hi Martin, Here comes the updated version. On 10/22/2015 05:38 PM, Martin Basti wrote: On 22.10.2015 15:23, Martin Basti wrote: On 22.10.2015 14:13, Oleg Fayans wrote: Hello, thank you for the patch. 1) please remove the added empty lines,

Re: [Freeipa-devel] [PATCH 0327] KRA: fix check if CA is installed on replica

On 10/23/2015 03:12 PM, Martin Babinsky wrote: On 10/16/2015 12:41 PM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5345 Patch attached. I have tested it on 4-2 branch and it works as expected, ACK. Obviously, master branch would require a different patch. I actually

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

On 10/23/2015 03:38 PM, Ludwig Krispenz wrote: On 10/23/2015 03:19 PM, thierry bordaz wrote: Hi Ludwig, Thanks for the patch. Yes it is looking good to me. Just a minor change about the message logged (if case of failure to add the cleanallruv task), you may recommend to the administrator

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

On 10/23/2015 11:00 AM, thierry bordaz wrote: On 10/12/2015 01:17 PM, Ludwig Krispenz wrote: On 10/12/2015 12:44 PM, Martin Basti wrote: On 23.07.2015 10:46, Ludwig Krispenz wrote: The attached patch moves the cleaning of the RUV into the topology plugin. I encountered a problem when

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

On 10/23/2015 12:39 PM, Ludwig Krispenz wrote: On 10/23/2015 11:24 AM, thierry bordaz wrote: On 10/23/2015 11:00 AM, thierry bordaz wrote: On 10/12/2015 01:17 PM, Ludwig Krispenz wrote: On 10/12/2015 12:44 PM, Martin Basti wrote: On 23.07.2015 10:46, Ludwig Krispenz wrote: The attached

[Freeipa-devel] [PATCH] 924 use starttls in CSReplicationManager connection again

not sure if the change in2606f5aecd6ac0db31abb515b691529bb7eaf14e was a mistake or done on purpose. Anyway: commit 2606f5aecd6ac0db31abb515b691529bb7eaf14e has: -realm, hostname, dirman_passwd, port, starttls=True) +realm, hostname, dirman_passwd, port) In

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 10/23/2015 12:49 PM, Martin Basti wrote: > > > On 23.10.2015 09:34, Martin Basti wrote: >> >> >> On 23.10.2015 09:31, Tomas Babej wrote: >>> >>> On 10/22/2015 05:49 PM, Simo Sorce wrote: On 22/10/15 11:29, Martin Basti wrote: > Hello all, > > in current master branch we

Re: [Freeipa-devel] [PATCH 0335] Freeipa domain levels naming

On 10/23/2015 02:07 PM, Petr Spacek wrote: On 23.10.2015 13:53, Martin Basti wrote: On 23.10.2015 13:53, Tomas Babej wrote: On 10/23/2015 01:51 PM, Martin Basti wrote: On 23.10.2015 13:49, Tomas Babej wrote: On 10/23/2015 12:49 PM, Martin Basti wrote: On 23.10.2015 09:34, Martin Basti

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

On 10/23/2015 11:24 AM, thierry bordaz wrote: On 10/23/2015 11:00 AM, thierry bordaz wrote: On 10/12/2015 01:17 PM, Ludwig Krispenz wrote: On 10/12/2015 12:44 PM, Martin Basti wrote: On 23.07.2015 10:46, Ludwig Krispenz wrote: The attached patch moves the cleaning of the RUV into the

[Freeipa-devel] [PATCH 0334] ipa-replica-manage: fix undefined variable

In an error message the undefined variable has been used. The attached patch fixes it. From c7603538629affbbf83e0f3c4ad0366fc3f411f7 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Fri, 23 Oct 2015 10:49:28 +0200 Subject: [PATCH] ipa-replica-manage: fix undefined variable

Re: [Freeipa-devel] [PATCH 0334] ipa-replica-manage: fix undefined variable

On 10/23/2015 12:48 PM, Martin Basti wrote: In an error message the undefined variable has been used. The attached patch fixes it. ACK -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to

Re: [Freeipa-devel] [PATCH 0327] KRA: fix check if CA is installed on replica

On 23.10.2015 15:15, Martin Babinsky wrote: On 10/23/2015 03:12 PM, Martin Babinsky wrote: On 10/16/2015 12:41 PM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5345 Patch attached. I have tested it on 4-2 branch and it works as expected, ACK. Obviously, master branch

[Freeipa-devel] [PATCH] Fix ipa-ca-install bug #5397

This patch moves the check to see if a CA is already installed locally early. Simo. -- Simo Sorce * Red Hat, Inc * New York >From 899ab1fb7dc2a207594a90ecbe84900c1d79e034 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 23 Oct 2015 11:21:01 -0400 Subject: [PATCH] Check

Re: [Freeipa-devel] [PATCH 0086] disable ipa-replica prepare in non-zero domain levels

> One more point: > > +if domain_level > MIN_DOMAIN_LEVEL: > +raise RuntimeError( > +UNSUPPORTED_DOMAIN_LEVEL_TEMPLATE.format( > > It is kind of weird that error happens if domain level is greater than some > minimal value. Better naming is badly needed. >

Re: [Freeipa-devel] Freeipa domain levels naming

On 10/22/2015 05:49 PM, Simo Sorce wrote: > On 22/10/15 11:29, Martin Basti wrote: >> Hello all, >> >> in current master branch we have mixed usage of literals 0, 1 and >> constants MIN_DOMAIN_LEVEL, MAX_DOMAIN_LEVEL, and it is quite mess. >> >> I suggest to use names for domain levels: >> >>

Re: [Freeipa-devel] Freeipa domain levels naming

On 23.10.2015 09:31, Tomas Babej wrote: On 10/22/2015 05:49 PM, Simo Sorce wrote: On 22/10/15 11:29, Martin Basti wrote: Hello all, in current master branch we have mixed usage of literals 0, 1 and constants MIN_DOMAIN_LEVEL, MAX_DOMAIN_LEVEL, and it is quite mess. I suggest to use names

Re: [Freeipa-devel] [PATCH 0090] show optionally configured components in server-find/show command output

On 10/22/2015 04:35 PM, Petr Spacek wrote: On 22.10.2015 16:13, Martin Basti wrote: On 22.10.2015 10:44, Martin Babinsky wrote: https://fedorahosted.org/freeipa/ticket/5181 Thank you for the patch. 1) +OPTIONAL_SERVICES = { +'DNS', +'CA', +'KRA', +'ADTRUST', +'EXTID',

Re: [Freeipa-devel] [PATCH 0019] handle cleanRUV in the topology plugin

Here it is again On 10/12/2015 01:17 PM, Ludwig Krispenz wrote: On 10/12/2015 12:44 PM, Martin Basti wrote: On 23.07.2015 10:46, Ludwig Krispenz wrote: The attached patch moves the cleaning of the RUV into the topology plugin. I encountered a problem when removing a replica, which

[Freeipa-devel] [PATCH 0020-0021] some topology plugin fixes

Hi, the attached two patches address issues I found when testing ca management in the topology plugin Thanks for review, Ludwig >From 64a2ca2d87a0513b54cdd7e2d14f4c321994e9f5 Mon Sep 17 00:00:00 2001 From: Ludwig Krispenz Date: Mon, 24 Aug 2015 13:29:35 +0200 Subject:

[Freeipa-devel] [PATCHES] 0743-0747 Python 3 porting

Hello, Another batch of py3 porting patches. With these, the only thing to fix to get ipapython tests passing will be handling encoding/decoding for stdin/stdout/stderr for ipautil.run(). -- Petr Viktorin From 2dea9db1915ba493a9e214feea6bd0c7d77e4cae Mon Sep 17 00:00:00 2001 From: Petr