URL: https://github.com/freeipa/freeipa/pull/786
Author: flo-renaud
Title: #786: ipa-server-install: fix uninstall
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/786/head:pr786
git checkout pr786
--
Manage
URL: https://github.com/freeipa/freeipa/pull/786
Title: #786: ipa-server-install: fix uninstall
HonzaCholasta commented:
"""
master:
* d9ed2573fd5b4dcdc8ea865f16d81325707e0f9d ipa-server-install: fix uninstall
ipa-4-5:
* 752e167497eca87632261dec7bbb352cd0e599c8 ipa-serv
URL: https://github.com/freeipa/freeipa/pull/786
Title: #786: ipa-server-install: fix uninstall
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/786
Title: #786: ipa-server-install: fix uninstall
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/758
Title: #758: install: fix CA-less PKINIT
HonzaCholasta commented:
"""
@stlaz, this seems to be a bug in kinit. When you have a certificate chain root
CA -> intermediate CA -> KDC and want to trust the intermediate CA,
URL: https://github.com/freeipa/freeipa/pull/758
Author: HonzaCholasta
Title: #758: install: fix CA-less PKINIT
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/758/head:pr758
git checkout pr758
From
URL: https://github.com/freeipa/freeipa/pull/758
Title: #758: install: fix CA-less PKINIT
HonzaCholasta commented:
"""
@stlaz, FTFY. Also fixed wrong permissions on the CA-less KDC key file (props
to @dkupka).
The "preauthentication failed" with `--no-pkinit` is
URL: https://github.com/freeipa/freeipa/pull/765
Title: #765: [4.5 backport] spec file: bump python-netaddr Requires
HonzaCholasta commented:
"""
@tomaskrizek, this PR is for ipa-4-5, the change is already present in master.
"""
See the full comment at
https://g
URL: https://github.com/freeipa/freeipa/pull/765
Title: #765: [4.5 backport] spec file: bump python-netaddr Requires
HonzaCholasta commented:
"""
@tomaskrizek, yes.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/765#issuecomment-30040158
URL: https://github.com/freeipa/freeipa/pull/773
Title: #773: [WIP] Warn in cert-request if CSR doesn't contain SAN
HonzaCholasta commented:
"""
@frasertweedale, I'm not aware of any agreement and I'm against this as well.
"""
See the full comment at
https://g
URL: https://github.com/freeipa/freeipa/pull/728
Author: HonzaCholasta
Title: #728: ipa-cacert-manage: add --external-ca-type
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/728/head:pr728
git checkout
URL: https://github.com/freeipa/freeipa/pull/758
Author: HonzaCholasta
Title: #758: install: fix CA-less PKINIT
Action: opened
PR body:
"""
**certdb: add named trust flag constants**
Add named constants for common trust flag combinations.
Use the named constants instead
URL: https://github.com/freeipa/freeipa/pull/728
Author: HonzaCholasta
Title: #728: ipa-cacert-manage: add --external-ca-type
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/728/head:pr728
git checkout
URL: https://github.com/freeipa/freeipa/pull/694
Author: martbab
Title: #694: RFC: implement local PKINIT deployment in server/replica install
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/694/head:pr694
git
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
HonzaCholasta commented:
"""
master:
* b1a1e104391c84cb9af7b0a7c8748c8652442ddb separate function to set
ipaConfigString values o
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
HonzaCholasta commented:
"""
Works for me, ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/694#issuecom
URL: https://github.com/freeipa/freeipa/pull/729
Title: #729: Turn on NSSOCSP check in mod_nss conf
HonzaCholasta commented:
"""
@pvomacka, CI fails because you forgot to include python-augeas in lint
BuildRequires.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/729
Title: #729: Turn on NSSOCSP check in mod_nss conf
HonzaCholasta commented:
"""
@pvomacka, CI fails because you forgot to include python-augeas in lint
BuildRequires.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
HonzaCholasta commented:
"""
LGTM.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/694#issuecomment-29764522
URL: https://github.com/freeipa/freeipa/pull/731
Title: #731: spec file: bump krb5 Requires for certauth fixes
HonzaCholasta commented:
"""
@martbab, #739.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/731#issuecomment-29761496
URL: https://github.com/freeipa/freeipa/pull/739
Author: HonzaCholasta
Title: #739: [4.5] spec file: bump krb5 Requires for certauth fixes
Action: opened
PR body:
"""
Bump krb5-* Requires to the version which includes the final version of
certauth support.
https://pagure.i
URL: https://github.com/freeipa/freeipa/pull/731
Author: HonzaCholasta
Title: #731: spec file: bump krb5 Requires for certauth fixes
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/731/head:pr731
git
URL: https://github.com/freeipa/freeipa/pull/731
Author: HonzaCholasta
Title: #731: spec file: bump krb5 Requires for certauth fixes
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/731/head:pr731
git
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
HonzaCholasta commented:
"""
master:
* 38276d3473ecf2a4cc5b5e2a107347f046625626 Update get_attr_filter in LDAPSearch
to handle nsaccountloc
URL: https://github.com/freeipa/freeipa/pull/688
Author: redhatrises
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
HonzaCholasta commented:
"""
Actually, please remove the change in `VERSION.m4`, as it is not necessary and
prevents the patch from applying
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
Label: -ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
HonzaCholasta commented:
"""
Thanks!
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/688#issuecom
URL: https://github.com/freeipa/freeipa/pull/731
Author: HonzaCholasta
Title: #731: spec file: bump krb5 Requires for certauth fixes
Action: opened
PR body:
"""
Bump krb5-* Requires to the version which includes the final version of
certauth support.
https://pagure.io/fre
URL: https://github.com/freeipa/freeipa/pull/725
Title: #725: Fix certificate_out check in CertRetrieveOverride
HonzaCholasta commented:
"""
NACK:
```
$ ipa cert-show 1
ipa: ERROR: Filename is empty
```
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/730
Author: HonzaCholasta
Title: #730: spec file: bump python-netaddr Requires
Action: opened
PR body:
"""
Bump python-netaddr Requires to the version which has correct private and
reserved IPv4 address ranges.
This fixes DNS
URL: https://github.com/freeipa/freeipa/pull/688
Title: #688: Update get_attr_filter in LDAPSearch to handle nsaccountlock user
searches
HonzaCholasta commented:
"""
I guess it should. Could you please file a ticket?
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/694
Title: #694: RFC: implement local PKINIT deployment in server/replica install
HonzaCholasta commented:
"""
@martbab, this sounds like a typical instance of a we will do it later = we
will do it never situation. IMO w
URL: https://github.com/freeipa/freeipa/pull/728
Author: HonzaCholasta
Title: #728: ipa-cacert-manage: add --external-ca-type
Action: opened
PR body:
"""
**server upgrade: always fix certmonger tracking request**
Fix certmonger tracking requests on every run of ipa-server-upgr
URL: https://github.com/freeipa/freeipa/pull/722
Title: #722: Fix server upgrade
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/722
Author: stlaz
Title: #722: Fix server upgrade
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/722/head:pr722
git checkout pr722
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/722
Title: #722: Fix server upgrade
HonzaCholasta commented:
"""
master:
* b38750eaa82025aad56f8eca849f47775b2cbc75 Fix CAInstance.import_ra_cert for
empty passwords
ipa-4-5:
* e3f2878909c1f92a0d92ed2a8ce00
URL: https://github.com/freeipa/freeipa/pull/722
Title: #722: Fix server upgrade
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/723
Title: #723: Store GSSAPI session key in /var/run/httpd
HonzaCholasta commented:
"""
Could we put the mod_auth_gssapi session key in `/var/run/ipa/session.key`?
`/var/run/ipa` is where we store IPA-specific stuff, including
URL: https://github.com/freeipa/freeipa/pull/718
Title: #718: configure: fix AC_CHECK_LIB usage
HonzaCholasta commented:
"""
master:
* 4322b57e313105611df39e99097993ba4161ab42 configure: fix AC_CHECK_LIB usage
ipa-4-5:
* 207864a61a748a9032e67bf0f1782379e44fb5aa configure: f
URL: https://github.com/freeipa/freeipa/pull/718
Title: #718: configure: fix AC_CHECK_LIB usage
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/718
Author: HonzaCholasta
Title: #718: configure: fix AC_CHECK_LIB usage
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/718/head:pr718
git checkout pr718
--
Manage
URL: https://github.com/freeipa/freeipa/pull/721
Author: stlaz
Title: #721: Fix RA cert import during DL0 replication
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/721/head:pr721
git checkout pr721
--
Manage
URL: https://github.com/freeipa/freeipa/pull/721
Title: #721: Fix RA cert import during DL0 replication
HonzaCholasta commented:
"""
master:
* 6f0a622d83ee22ce712a380d1701cb1f383689e4 Fix RA cert import during DL0
replication
ipa-4-5:
* 3f70baf2a4811e3eee341aee6da99dfa80c09
URL: https://github.com/freeipa/freeipa/pull/721
Title: #721: Fix RA cert import during DL0 replication
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/721
Title: #721: Fix RA cert import during DL0 replication
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/719
Author: stlaz
Title: #719: External CA fixes
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/719/head:pr719
git checkout pr719
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/719
Title: #719: External CA fixes
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/719
Title: #719: External CA fixes
HonzaCholasta commented:
"""
master:
* 25a33ce8b1c77b0d957772143affd7085757bccb server-install: No double Kerberos
install
* 7b8503173b253860c1059bd40858f2fdffb4ae33 ext. CA: correctly write the ce
URL: https://github.com/freeipa/freeipa/pull/719
Title: #719: External CA fixes
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/721
Title: #721: Fix RA cert import during DL0 replication
HonzaCholasta commented:
"""
... because you need to apply the same fix to `ReplicaPrepare.export_ra_pkcs12`
as well.
"""
See the full comment at
https://g
URL: https://github.com/freeipa/freeipa/pull/721
Title: #721: Fix RA cert import during DL0 replication
HonzaCholasta commented:
"""
`ipa-replica-install` fails for me:
```
[2/2]: importing RA certificate from PKCS #12 file
[error] CalledProcessError: Command '/usr/bin
URL: https://github.com/freeipa/freeipa/pull/677
Author: HonzaCholasta
Title: #677: cert: defer cert-find result post-processing
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/677/head:pr677
git checkout pr677
URL: https://github.com/freeipa/freeipa/pull/677
Title: #677: cert: defer cert-find result post-processing
HonzaCholasta commented:
"""
master:
* eb6d4c3037d0cc269a7924745f1cbd8f647e6e1a cert: defer cert-find result
post-processing
ipa-4-5:
* 49f9d799c171c7ae2ac546a33a353c
URL: https://github.com/freeipa/freeipa/pull/677
Title: #677: cert: defer cert-find result post-processing
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/677
Title: #677: cert: defer cert-find result post-processing
HonzaCholasta commented:
"""
That might require backporting [issue
6564](https://pagure.io/freeipa/issue/6564) as well.
"""
See the full comment at
http
URL: https://github.com/freeipa/freeipa/pull/718
Title: #718: configure: fix AC_CHECK_LIB usage
HonzaCholasta commented:
"""
`info autoconf Libraries` says:
> If ACTION-IF-FOUND is not
> specified, the default action prepends `-lLIBRARY' to `LIBS' and
> defines `
URL: https://github.com/freeipa/freeipa/pull/718
Author: HonzaCholasta
Title: #718: configure: fix AC_CHECK_LIB usage
Action: opened
PR body:
"""
Replace empty string with a single space in the third argument of
`AC_CHECK_LIB` (`action-if-found`) where applicable
URL: https://github.com/freeipa/freeipa/pull/677
Author: HonzaCholasta
Title: #677: cert: defer cert-find result post-processing
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/677/head:pr677
git checkout
URL: https://github.com/freeipa/freeipa/pull/697
Title: #697: Create system users for FreeIPA services during package
installation
HonzaCholasta commented:
"""
Ah, right, rpmdiff complained about that. Well, that was 2 years ago, and if it
works for sssd it must also work for
URL: https://github.com/freeipa/freeipa/pull/698
Author: HonzaCholasta
Title: #698: install: request service certs after host keytab is set up
Action: opened
PR body:
"""
**dsinstance: reconnect ldap2 after DS is restarted by certmonger**
DS is restarted by certmonger in the
URL: https://github.com/freeipa/freeipa/pull/697
Title: #697: Create system users for FreeIPA services during package
installation
HonzaCholasta commented:
"""
Note that systemd-sysusers is not available in RHEL and CentOS. It might be
better to use the sssd approach:
https://
URL: https://github.com/freeipa/freeipa/pull/677
Author: HonzaCholasta
Title: #677: cert: defer cert-find result post-processing
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/677/head:pr677
git checkout
URL: https://github.com/freeipa/freeipa/pull/672
Title: #672: IPA-KDB: use relative path in ipa-certmap config snippet
HonzaCholasta commented:
"""
master:
* 6c2772dde52c84024d32533b29e6cbd04c69924a IPA-KDB: use relative path in
ipa-certmap config sn
URL: https://github.com/freeipa/freeipa/pull/672
Author: sumit-bose
Title: #672: IPA-KDB: use relative path in ipa-certmap config snippet
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/672/head:pr672
git
URL: https://github.com/freeipa/freeipa/pull/672
Title: #672: IPA-KDB: use relative path in ipa-certmap config snippet
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/672
Title: #672: IPA-KDB: use relative path in ipa-certmap config snippet
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/684
Title: #684: httpinstance: make sure NSS database is backed up
HonzaCholasta commented:
"""
master:
* 5f5a3b29dba7cc736ba334aefb55484baeefeb76 httpinstance: make sure NSS database
is back
URL: https://github.com/freeipa/freeipa/pull/684
Title: #684: httpinstance: make sure NSS database is backed up
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/684
Author: HonzaCholasta
Title: #684: httpinstance: make sure NSS database is backed up
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/684/head:pr684
git checkout
URL: https://github.com/freeipa/freeipa/pull/685
Author: stlaz
Title: #685: [4.5] Caless fix
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/685/head:pr685
git checkout pr685
--
Manage your subscription for the
URL: https://github.com/freeipa/freeipa/pull/685
Title: #685: [4.5] Caless fix
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/685
Title: #685: [4.5] Caless fix
HonzaCholasta commented:
"""
ipa-4-5:
* ebf24e783604952e59e557b5537c6d0de6146ce4 Get correct CA cert nickname in
CA-less
* 99389748beb0158811505efa606c27e1e2e0bc7b Remove publish_ca_cert() method fr
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
HonzaCholasta commented:
"""
master:
* 8c87014e199b3dbe885c69d40a01d2723f813c3e Get correct CA cert nickname in
CA-less
* aae9a918b68dc4f9a7b4fb9abf1bb4d26673109d Remove publish_ca_cer
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/650/head:pr650
git checkout pr650
--
Manage your subscription
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/685
Title: #685: [4.5] Caless fix
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/683
Title: #683: certdb: fix `AttributeError` in `verify_ca_cert_validity`
HonzaCholasta commented:
"""
master:
* 720034f1b440135671d03596368ed5e9e5a0f3c3 certdb: fix `AttributeError` in
`verify_ca_cert_validity`
"&quo
URL: https://github.com/freeipa/freeipa/pull/683
Author: HonzaCholasta
Title: #683: certdb: fix `AttributeError` in `verify_ca_cert_validity`
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/683/head:pr683
git
URL: https://github.com/freeipa/freeipa/pull/683
Title: #683: certdb: fix `AttributeError` in `verify_ca_cert_validity`
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
HonzaCholasta commented:
"""
@stlaz, please also provide a version of this PR rebased on ipa-4-5.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/650#iss
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/684
Author: HonzaCholasta
Title: #684: httpinstance: make sure NSS database is backed up
Action: opened
PR body:
"""
The NSS database at /etc/httpd/alias is not properly initialized and backed
up in CA-less replica promotion. T
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
Label: -ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
HonzaCholasta commented:
"""
I found additional bugs in CA-less (replica) install, but with this PR,
`publish_ca_cert` does not fail anymore.
"""
See the full comment at
http
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
HonzaCholasta commented:
"""
@stlaz, please rebase.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/650#issuecomment-291080182
--
Manage your subscription
URL: https://github.com/freeipa/freeipa/pull/542
Title: #542: Implementation independent interface for CSR generation
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/542
Author: LiptonB
Title: #542: Implementation independent interface for CSR generation
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/542/head:pr542
git checkout
URL: https://github.com/freeipa/freeipa/pull/542
Title: #542: Implementation independent interface for CSR generation
HonzaCholasta commented:
"""
master:
* 5420e9cfbe7803808b6e26d2dae64f2a6a50149a csrgen: Remove helper abstraction
* 136c6c3e2a4f77a27f435efd4a1cd95c9e089314
URL: https://github.com/freeipa/freeipa/pull/542
Title: #542: Implementation independent interface for CSR generation
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/542
Title: #542: Implementation independent interface for CSR generation
HonzaCholasta commented:
"""
@LiptonB, superb, thank you!
Have you made any progress with NSS support? If not, I can add it in a
subsequent PR, if you agree.
&q
URL: https://github.com/freeipa/freeipa/pull/621
Title: #621: Add --password-expiration to allow an admin to force a password
change
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/397
Title: #397: Improve wheel building and provide ipaserver wheel for local
testing
HonzaCholasta commented:
"""
LGTM.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/397#issuecomment-29063222
URL: https://github.com/freeipa/freeipa/pull/490
Title: #490: certdb: use certutil and match_hostname for cert verification
HonzaCholasta commented:
"""
Awesome indeed!
As for your suggestions to improve the validation, I completely agree with
them, but the focus of this PR
1 - 100 of 477 matches
Mail list logo
