pspacek's pull request #36: "Fix tests for forward zones" was opened
PR body:
"""
"""
See the full pull-request at https://github.com/freeipa/freeipa/pull/36
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/36/head:pr36
git
On 08/23/2016 08:40 AM, Fraser Tweedale wrote:
Hi folks,
Please review attached patch which fixes
https://fedorahosted.org/freeipa/ticket/6019.
Thanks,
Fraser
Hi Fraser,
I have couple of comments:
1.)
-for entry in lwcas:
-
simo5 commented on a pull request
"""
LGTM
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/29#issuecomment-243174342
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
tomaskrizek commented on a pull request
"""
I've updated the PR based on the comments, please review.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/29#issuecomment-243164916
--
Manage your subscription for the Freeipa-devel mailing list:
tomaskrizek's pull request #29: "Enable LDAPS in replica promotion" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/29
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/29/head:pr29
git
simo5 commented on a pull request
"""
That said we should probably enable_ssl righ tafter we get the cert and restart
DS, and not in replicainstall.py
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/29#issuecomment-243156343
--
Manage your subscription for the
simo5 commented on a pull request
"""
@jcholast we can't enable ssl there as the cert is not available yet, look a
few lines later:
https://github.com/freeipa/freeipa/blob/master/ipaserver/install/dsinstance.py#L397
"""
See the full comment at
tomaskrizek commented on a pull request
"""
@jcholast I'm not certain that enabling the LDAPS before replica promotion
finishes won't have some unintended side effects.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/29#issuecomment-243152442
--
Manage your subscription
tomaskrizek commented on a pull request
"""
@jcholast I'm not certain that enabling the LDAPS before replication finishes
won't have some unintended side effects.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/29#issuecomment-243152442
--
Manage your subscription for the
tomaskrizek's pull request #29: "Enable LDAPS in replica promotion" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/29
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/29/head:pr29
git
On Mon, 2016-08-29 at 16:35 +0200, Petr Spacek wrote:
> On 29.8.2016 16:34, Simo Sorce wrote:
> > On Mon, 2016-08-29 at 09:13 +0200, Petr Spacek wrote:
> >> On 26.8.2016 17:40, Simo Sorce wrote:
> >>> On Fri, 2016-08-26 at 11:37 -0400, Simo Sorce wrote:
> Ie we could set both "allow" and
On Mon, 2016-08-29 at 11:15 +0200, Jan Pazdziora wrote:
> On Fri, Aug 26, 2016 at 10:39:53AM -0400, Simo Sorce wrote:
> > On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> > >
> > > How do you want to enforce HBAC rule that have set time from 10 to 14
> > > everyday? With the same
On 29.8.2016 16:34, Simo Sorce wrote:
> On Mon, 2016-08-29 at 09:13 +0200, Petr Spacek wrote:
>> On 26.8.2016 17:40, Simo Sorce wrote:
>>> On Fri, 2016-08-26 at 11:37 -0400, Simo Sorce wrote:
Ie we could set both "allow" and "allow_with_time" on an object for
cases where the admin wants
On Mon, 2016-08-29 at 09:13 +0200, Petr Spacek wrote:
> On 26.8.2016 17:40, Simo Sorce wrote:
> > On Fri, 2016-08-26 at 11:37 -0400, Simo Sorce wrote:
> >> Ie we could set both "allow" and "allow_with_time" on an object for
> >> cases where the admin wants to enforce the time part only o newer
>
On Mon, 2016-08-29 at 08:29 +0200, Jan Cholasta wrote:
> On 26.8.2016 16:39, Simo Sorce wrote:
> > On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> >>> I miss "why" part of "To be able to handle backward compatibility
> >> with
> >>> ease, a new object called ipaHBACRulev2 is introduced. "
tomaskrizek's pull request #29: "Enable LDAPS in replica promotion" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/29
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/29/head:pr29
git
mirielka's pull request #27: "[master, ipa-4-3] Tests: Fix integration sudo
tests setup and checks" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/27
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch
jcholast's pull request #20: "cert: include CA name in cert command output" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/20
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/20/head:pr20
mbasti-rh commented on a pull request
"""
test_xmlrpc/test_cert_plugin.py F.F
2 same internal errors:
```
[Mon Aug 29 14:57:07.951307 2016] [wsgi:error] [pid 66778] ipa: ERROR:
non-public: KeyError: ipapython.dn.DN('CN=SMIME CA,O=test industries Inc.')
[Mon
jcholast commented on a pull request
"""
I'm afraid this can't be easily fixed due to the manner in which the dns plugin
is implemented.
I'm open to suggestions if you have any.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/34#issuecomment-243114929
--
Manage your
jcholast's pull request #35: "rpcserver: assume version 1 for unversioned
command calls" was opened
PR body:
"""
When a command is called on the server over RPC without its version
specified, assume version 1 instead of the highest known version.
This ensures backward compatibility with old
mbasti-rh commented on a pull request
"""
I really don't like to move definitions how to split params from classes to
single function
```
def split_rrparam(name, value):
```
It doesn't look safe for me or easy to understand and maintain. When I want to
add new DNS type, I have to check 3
jcholast's pull request #34: " dns: prompt for missing record parts in CLI" was
opened
PR body:
"""
Fix the code which determines if a record part is required and thus should
be prompted not to wrongfully consider all record parts to be optional.
Add a client-side fallback of the
mbasti-rh commented on a pull request
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/f0487946cd760a97d92aac12d98cf8bb748576a2
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/26#issuecomment-243102220
--
Manage your subscription for the Freeipa-devel
stlaz's pull request #26: "Don't ignore --ignore-last-of-role for last CA" was
closed
See the full pull-request at https://github.com/freeipa/freeipa/pull/26
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/26/head:pr26
git
stlaz's pull request #26: "Don't ignore --ignore-last-of-role for last CA"
label *pushed* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/26
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
stlaz's pull request #26: "Don't ignore --ignore-last-of-role for last CA"
label *ack* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/26
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
ofayans commented on a pull request
"""
QA ACK. With these changes the issue is gone
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/26#issuecomment-243101582
--
Manage your subscription for the Freeipa-devel mailing list:
mirielka's pull request #14: "Tests: Failing intree tests" label *pushed* has
been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/14
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to
mbasti-rh commented on a pull request
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/3c32af55b646819fa8938d9a6efa6c3189525c37
https://fedorahosted.org/freeipa/changeset/774e4e479db637840cc2441778b5486d4c3b91d3
mirielka's pull request #14: "Tests: Failing intree tests" was closed
See the full pull-request at https://github.com/freeipa/freeipa/pull/14
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/14/head:pr14
git checkout pr14
--
mirielka's pull request #14: "Tests: Failing intree tests" label *ack* has been
added
See the full pull-request at https://github.com/freeipa/freeipa/pull/14
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to
gkaihorodova's pull request #32: "Test for caacl-add-service" was opened
PR body:
"""
Test for caacl-add-service: incorrect error message when service does not exists
https://fedorahosted.org/freeipa/ticket/6171
"""
See the full pull-request at https://github.com/freeipa/freeipa/pull/32
... or
mirielka commented on a pull request
"""
Yes, I also though about not running e.g. `su -c "sudo -l" testuser` but `su -c
"sudo -l -n" testuser` - it would report error `sudo: a password is required`
instead of the previously pasted message that doesn't say that much...
"""
See the full comment
lslebodn commented on a pull request
"""
I forgot to mention that it isn't necessary to it for all cases. maybe
separate/new test might cover such test-case.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/27#issuecomment-243083657
--
Manage your subscription for the
pvomacka's pull request #31: "WebUI: add support for sub-CAs while revoking
certificates and removing certificate hold" was opened
PR body:
"""
Revocation dialog has new field for setting a CA and these patches also fix
showing details of certificates issued by sub-CAs.
On Fri, Aug 26, 2016 at 10:39:53AM -0400, Simo Sorce wrote:
> On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> >
> > How do you want to enforce HBAC rule that have set time from 10 to 14
> > everyday? With the same objectclass old clients will allow this HBAC
> > for
> > all day. Isn't
dkupka's pull request #22: "otptoken: Convert ipatokenotpkey on server" was
closed
See the full pull-request at https://github.com/freeipa/freeipa/pull/22
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/22/head:pr22
git
dkupka's pull request #22: "otptoken: Convert ipatokenotpkey on server" label
*ack* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/22
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
lslebodn commented on a pull request
"""
> This PR is not intended to fix a failing test, but fix their execution and
> error checking. The negative tests for sudorule in master and ipa-4-3 (both
> with sssd-1.14.1-1.fc24, see jenkins jobs for master [1] and ipa-4-3 [2])
> return following
On 26.8.2016 17:40, Simo Sorce wrote:
> On Fri, 2016-08-26 at 11:37 -0400, Simo Sorce wrote:
>> Ie we could set both "allow" and "allow_with_time" on an object for
>> cases where the admin wants to enforce the time part only o newer
>> client
>> but otherwise apply the rule to any client.
>
> I
lslebodn commented on a pull request
"""
The sudo test in master (ipatests/test_integration/test_sudo.py) is the same as
in 4.3 branch.
And it passed for me on fedora 24 with latest ipa-4.3. I tested with
sssd-1.13.4-4 (stable version in fedora) and sssd-1.14.1-1.fc24 (version in
updates
On 26.8.2016 16:39, Simo Sorce wrote:
On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
I miss "why" part of "To be able to handle backward compatibility
with
ease, a new object called ipaHBACRulev2 is introduced. " in the
design
page. If the reason is the above - old client's should
jcholast commented on a pull request
"""
LDAPS is not enabled during replica promotion because of this condition in DS
setup:
https://github.com/freeipa/freeipa/blob/master/ipaserver/install/dsinstance.py#L391
Maybe we can remove the condition rather than add `ds.enable_ssl()`?
"""
See the
dkupka's pull request #22: "otptoken: Convert ipatokenotpkey on server" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/22
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/22/head:pr22
git
45 matches
Mail list logo