w to check current state of current Fedoras
automatically using a script - e.g. avoid parsing mailing list or going
through runs in OpenQA?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to Fre
r priority in pagure doesn't imply blocker tag in PR. But
testblocker tag in pagure does. Actually I'm thinking about changing
Pagure priority names to: "highest, high, medium, low, patchwelcome"
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
ht
that
everything works during 4.6 development.
The reason is that there might also be something else not working and it
is better to time test it + the fix would not fix older clients.
If anybody wants to use/try it, then the records can be created manually.
--
Petr Vobornik
--
Manage your
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 04/21/2017 08:49 AM, Standa Laznicka wrote:
On 04/21/2017 08:12 AM, Abhijeet Kasurde wrote:
+1
On 20/04/17 9:36 PM, Petr Vobornik wrote:
Hi all,
I'd like to improve quality of bug reports and RFEs.
A possibility I see is to create and issue template [1].
Sounds like a good idea! Please
Bug
What doesn't work (what was the goal)
Steps to Reproduce
Actual results
Expected results
Version/Release/Distribution
$ rpm -q freeipa-server ipa-server 389-ds-base pki-ca krb5-server
Additional info:
""""
[1] https://docs.pagure.org
l new SSSD is released?
I'd keep it there and add Jakub's comment. It will be useful when SSSD
with the support is released.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.f
://bodhi.fedoraproject.org/updates/FEDORA-2017-c5e572f32b
There is no build for Fedora 25.
f25 build was added to @freeipa/freeipa-master COPR repo
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA
On 02/28/2017 12:03 PM, Petr Vobornik wrote:
On 02/28/2017 12:00 PM, Petr Vobornik wrote:
On 02/27/2017 12:46 PM, Petr Vobornik wrote:
Hello list,
today and tomorrow a migration of FreeIPA issue tracker[1] and git repo
will take place.
It is due to FedoraHosted sunset [2]. Both
On 02/28/2017 12:48 PM, Martin Basti wrote:
On 28.02.2017 12:38, Lukas Slebodnik wrote:
On (28/02/17 12:17), Martin Basti wrote:
On 28.02.2017 12:03, Petr Vobornik wrote:
On 02/28/2017 12:00 PM, Petr Vobornik wrote:
On 02/27/2017 12:46 PM, Petr Vobornik wrote:
Hello list,
today
On 02/27/2017 12:46 PM, Petr Vobornik wrote:
Hello list,
today and tomorrow a migration of FreeIPA issue tracker[1] and git repo
will take place.
It is due to FedoraHosted sunset [2]. Both will be migrated to pagure.io
[3].
During this migration it won't be possible to add new tickets
://fedorahosted.org/freeipa/
[2] https://communityblog.fedoraproject.org/fedorahosted-sunset-2017-02-28/
[3] https://pagure.io/
Thank you for understanding,
--
Petr Vobornik
Associate Manager, Engineering, Identity Management
Red Hat, Inc.
--
Manage your subscription for the Freeipa-devel mailing list
On 02/22/2017 12:43 AM, Fraser Tweedale wrote:
On Tue, Feb 21, 2017 at 06:12:23PM +0100, Petr Vobornik wrote:
On 02/21/2017 05:15 PM, Florence Blanc-Renaud wrote:
Hi,
related to the Certificate Identity Mapping feature, a new CLI will be
needed to find all the users matching a given
th users linked via standard
certificate blob and other generically mapped users
"""
--
Petr Vobornik
Associate Manager, Engineering, Identity Management
Red Hat, Inc.
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freei
e form or in structured way. If in
structured, then implementation in client side plugin would make better
sense.
+1 to Alexander on '--out nsupdate' option
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
;>> installation, a check could be performed to verify the FIPS topology
>>>> status is the same as the current system's FIPS status. However, this
>>>> proposal has a flaw. It is possible to simply install a FIPS-enabled
>>>> replica and then turn FIPS off.
e case or reasons to integrate with Duo instead of
using FreeIPA's 2FA?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
insignificant amount of dependencies to build all of IPA.
>
>>> Petr, are you going to allocate time for this soonish or should I open a
>>> ticket and forget about it for now?
>
> IMHO this should be covered under the build refactoring to avoid
> regressions.
>
>
event. And then the handler would call
something new set_text method:
set_text(new_activity)
that.dots = 0
that.text = new_activity
that.make_step()
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-
pointer
dereference
On 08/05/2016 02:33 PM, Pavel Vomacka wrote:
>
>
> On 08/01/2016 05:53 PM, Petr Vobornik wrote:
>> On 07/29/2016 03:25 PM, Alexander Bokovoy wrote:
>>> On Fri, 29 Jul 2016, Pavel Vomacka wrote:
>>>> Hello,
>>>>
>>>
it's about configuring NFS server against IPA and not IPA server
itself as NFS server. In that case it should be IMO in client package
because NFS server is also a client from IPA's perspective.
>
> We now prefer contributions in form of Github pull-requests.
Right
--
Petr Vobornik
On 10/26/2016 09:53 AM, Martin Basti wrote:
>
>
> On 30.03.2016 10:06, Martin Basti wrote:
>>
>>
>> On 24.03.2016 15:27, Petr Vobornik wrote:
>>> to enable debugging of such errors.
>>>
>>> E.g.: https://fedorahosted.org/freeipa/ticket/5741
say 50KB?
I.e., I would be interested in the small patches but let's read the
large ones on GitHub.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page
>>> interact with the community. Is there a administrator to review these
>>> changes? Who should I send mail to? Please help me. Thank you very much!
>>>
>>>
>>>
>>
>> Hello,
>>
>> at first you can write here what is your
fected?
If so, then we need either to backport the patch to 4.3 and fix Fedora
directly or completely block the python-dns update on f24.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 10/11/2016 03:50 PM, Alexander Bokovoy wrote:
> On ti, 11 loka 2016, Petr Vobornik wrote:
>> Hi List,
>>
>> we discussed locally a proposal about creating a feature branch for each
>> sub-team effort in our main git. Currently it would be for the 4 ongoing
>>
y with:
$ make tarball
But it probably wasn't tested much so I'd not rely on it.
What I'd like to see:
Release engineer:
$ make dist
$ # copy tarball
Packager:
$ ./configure [--options]
$ make install
I think that this workflow is implied by "Automake: Standard Targets"
but IMH
against?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 10/05/2016 06:40 PM, Petr Vobornik wrote:
> Hi,
>
> we planned to release 4.4.2 Today. I'd postpone it to tomorrow morning
> so you have time to read the RN page.
>
> Almost completely auto-generated release notes page:
> http://www.freeipa.org/page/Releases/4
is "Known Issues section"
- the script for generating RN will be shared
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
>> Please add the bugzilla link.
>
> Done.
>
Linked upstream ticket: https://fedorahosted.org/freeipa/ticket/6368
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 09/23/2016 02:09 PM, Martin Basti wrote:
>
>
> On 23.09.2016 09:54, Jakub Hrozek wrote:
>> On Thu, Sep 22, 2016 at 06:09:43PM +0200, Petr Vobornik wrote:
>>> Hi all,
>>>
>>> As you know, FedoraHosted.org will be decommissioned.
>>>
>&
://www.freeipa.org/page/FedoraHosted_Migration
It already contains several requirements which were discussed in other
channels.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http
On 08/26/2016 12:47 PM, Standa Laznicka wrote:
> On 08/26/2016 12:39 PM, Martin Basti wrote:
>>
>>
>> On 26.08.2016 12:37, Petr Vobornik wrote:
>>> On 08/26/2016 12:23 PM, Martin Basti wrote:
>>>>
>>>> On 26.08.2016 12:20, Alexander Bokovo
On 08/26/2016 12:39 PM, Martin Basti wrote:
>
>
> On 26.08.2016 12:37, Petr Vobornik wrote:
>> On 08/26/2016 12:23 PM, Martin Basti wrote:
>>>
>>> On 26.08.2016 12:20, Alexander Bokovoy wrote:
>>>> On Fri, 26 Aug 2016, Jan Cholasta wrote:
clients not being able to use new rules even if they would lack time
>> component.
>>
>
> Older client do not support timerules, so they should not search for
> them. HBAC without timerules will be still have 'ipaHBACRule'
> objectclass and will work with old clients. Only
On 08/24/2016 12:21 PM, Martin Basti wrote:
>
>
> On 24.08.2016 11:25, Christian Heimes wrote:
>> On 2016-08-23 12:42, Petr Vobornik wrote:
>>> On 08/11/2016 04:13 PM, Martin Basti wrote:
>>>>
>>>> On 08.08.2016 16:10, Christian Heimes wrote:
>
gt; ipapython/secrets/kem.py:148: [E0602(undefined-variable), newServerKeys]
> Undefined variable 'os')
> * Module ipaserver.install.custodiainstance
> ipaserver/install/custodiainstance.py:77: [E0602(undefined-variable),
> CustodiaInstance.upgrade_instance] Undefined variab
t;
> ACK for master
>
> For 4.3, it requires new patch
>
> Martin
>
bump
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
t;>>>>> How is combined updated related to requires to
>>>>>>>>>>>>>>> slapi-nis-0.56.1?
>>>>>>>>>>>>>>> It will not prevent tu update freeipa without new slapi-nis.
>>>>>>>>
On 08/16/2016 10:17 AM, Jan Cholasta wrote:
> On 12.8.2016 15:02, Petr Vobornik wrote:
>> On 08/12/2016 02:54 PM, Tibor Dudlak wrote:
>>> Hi,
>>>
>>> I have edited my previous patch.
>>>
>>> On Thu, Aug 11, 2016 at 11:52 AM, Jan Cholasta <jc
ber in each patch
iteration. But append new patch version. E.g. freeipa-ddudla-0003-2-Added...
Starting new thread for each patch revision makes it hard to track.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 08/11/2016 07:21 PM, Martin Basti wrote:
>
>
> On 11.08.2016 18:57, Pavel Vomacka wrote:
>>
>>
>> On 08/11/2016 02:00 PM, Petr Vobornik wrote:
>>> On 08/11/2016 10:54 AM, Alexander Bokovoy wrote:
>>>> On Thu, 11 Aug 2016, Jan Cholasta wro
modprinc +ok_to_auth_as_delegate HTTP/ipa.example.test
>>>
>>> -- obtaining the delegated certificated fails.
>>
>> That's because ok_as_delegate and ok_to_auth_as_delegate are different
>> flags.
> Right. The following patch adds ok_to_auth_as_delegate to the
On 08/09/2016 04:18 PM, Martin Basti wrote:
>
>
> On 09.08.2016 16:07, Stanislav Laznicka wrote:
>> https://fedorahosted.org/freeipa/ticket/6183
>>
>>
>>
> Didn't we agreed that --force-join should be always used (without extra
> replica-install option)
tch I'm successfully managed to make FleetCommander
>> integration plugin completely independent of FreeIPA.
> Patch attached now. ;)
>
I'll assume that we want to target 4.4.x therefore it can be pushed to
master, right? I.e. no need for creating ipa-4-4 branch atm.
Reasoning is tha
On 08/06/2016 12:32 PM, Petr Vobornik wrote:
> usage of ipautil.run in get_pem methond of ca-less tests was not
> refactored when the ipautil.run was refactored in
> 099cf98307d4b2f0ace5d5e28754f264808bf59d
>
> This results in failure of all CA-less test (probably).
>
> Pat
Vobornik
From 390731b873b3e47fe26b5ccd59dca39b8afeecd3 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Sat, 6 Aug 2016 12:25:57 +0200
Subject: [PATCH] ca-less tests: fix getting cert in pem format from nssdb
usage of ipautil.run in get_pem methond of ca-less
that it passes jslint (`jsl -conf
jsl.conf`) Easiest may be to use temp(i.e. do not include it here)
jsl.conf e.g.: https://pvoborni.fedorapeople.org/plugins/loginauth/jsl.conf
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/l
./asn1/.libs/libipaasn1.a(constr_SEQUENCE.o): In function
> `SEQUENCE_decode_uper':
> /root/freeipa/rpmbuild/BUILD/freeipa-4.4.0/asn1/asn1c/constr_SEQUENCE.c:1187:
> undefined reference to `uper_open_type_get'
> /root/freeipa/rpmbuild/BUILD/freeipa-4.4.0/asn1/asn1c/constr_SEQUENCE.c:1
pes (DNSNameParam for DNS names, Principal for
>> principal names, etc.)
>>
>> Nitpick: please don't mix moving existing stuff and adding new stuff in a
>> single patch.
>>
> Updated patches attached.
>
> Patches 0092..0094 are refactors and bugfixes.
> P
On 07/13/2016 12:36 PM, Stanislav Laznicka wrote:
> On 07/13/2016 09:51 AM, Petr Vobornik wrote:
>> On 07/13/2016 08:26 AM, Stanislav Laznicka wrote:
>>> On 07/12/2016 08:44 AM, Stanislav Laznicka wrote:
>>>> On 07/11/2016 04:27 PM, Petr Vobornik wrote:
>>&
acka <pvoma...@redhat.com>
>> Date: Tue, 26 Jul 2016 13:07:30 +0200
>> Subject: [PATCH 12/13] Coverity - accessing attribute of variable
>> which can
>> point to null
>>
>> Added check whether variable is pointing to null or not.
>> ---
>> install/ui/src/freeipa
s
* Added pyusb as a dependency
* Deprecated the domain-level option in ipa-server-install
* fixes premature sys.exit in ipa-replica-manage del
* Remove dangling RUVs even if replicas are offline
=== Thierry Bordaz (1) ===
* Make sure ipapwd_extop takes precedence over passwd_modify_extop
--
Petr
Hi all,
this is a draft of release notes for upcoming 4.3.2 release
- http://www.freeipa.org/page/Releases/4.3.2
Comments/updates welcome!
Regards,
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 07/21/2016 05:47 PM, Martin Babinsky wrote:
> On 07/21/2016 05:22 PM, Petr Vobornik wrote:
>> On 07/19/2016 09:27 AM, Petr Vobornik wrote:
>>> On 07/19/2016 08:01 AM, Jan Cholasta wrote:
>>>> Hi,
>>>>
>>>> On 18.7.2016 18:50, Florence
On 07/19/2016 09:27 AM, Petr Vobornik wrote:
> On 07/19/2016 08:01 AM, Jan Cholasta wrote:
>> Hi,
>>
>> On 18.7.2016 18:50, Florence Blanc-Renaud wrote:
>>> On 07/15/2016 04:29 PM, Petr Vobornik wrote:
>>>> ipa-ca-install said that it used
>>>>
On 07/11/2016 09:52 AM, Florence Blanc-Renaud wrote:
> Hi,
>
> please find a patch for the 3rd issue of ticket 6012.
>
> https://fedorahosted.org/freeipa/ticket/6012
>
>
bump for review
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
h
On 07/19/2016 08:01 AM, Jan Cholasta wrote:
> Hi,
>
> On 18.7.2016 18:50, Florence Blanc-Renaud wrote:
>> On 07/15/2016 04:29 PM, Petr Vobornik wrote:
>>> ipa-ca-install said that it used
>>> /var/log/ipareplica-ca-install.log
>>> but in fact it us
uot; is valid for both master and replica.
https://fedorahosted.org/freeipa/ticket/6088
--
Petr Vobornik
From 9af48b0d4c0b0b6d1e51cc320ec9409caa0ec873 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pvobo...@redhat.com>
Date: Fri, 15 Jul 2016 16:25:36 +0200
Subject: [PATCH] unite log file name of
>
> ..and putting the list back into the loop
>
master:
* 37bfd1fdde8906b2b5712d1f99f3f4be8f91ca0a DNS install: Ensure that DNS
servers container exists
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-d
quired features were released for Fedora as 10.3.3-3.
>> Attached patch retracts the min required version accordingly.
>
> ACK
>
master:
* 49389ed1e06c786df489c0fd9f6e8183f00eedff spec: require Dogtag >= 10.3.3-3
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 07/14/2016 03:09 PM, Martin Babinsky wrote:
> On 07/14/2016 01:21 PM, David Kupka wrote:
>> https://fedorahosted.org/freeipa/ticket/6069
>>
>>
> ACK.
>
master:
* 92dea9b186611f7f1ba8aa5952b4cfdc363d75b8 schema: Fix subtopic -> topic
mapping
--
Petr Vobornik
ce6b4c533647b8894f516e34bea8184f1b8 Tests: Tracker class for services
* dcdbbb975927a24ec05f7addefd59c71823a57c2 Tests: Authentication
indicators xmlrpc tests
* aab861142d3aec503ebae4779fbfa1858e20f451 Tests: Authentication
indicators integration tests
--
Petr Vobornik
--
Manage your subscription for the Freeip
essage):
>> """
>> **13019** Unable to correctly format some part of the result
>> """
>> +type = "warning"
>> errno = 13019
>>
>>
> ACK.
>
master:
* a5c8c9880d62dca50caa1cc8a77c3ae40225570b messages: specify message
type for ResultFormattingError
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
rect. ACK.
master:
* 2f02ffed03beac43b26e8521eff87b9489a746f9 Preserve user principal
aliases during rename operation
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
not be even visible in CLI.
>>
>>
> ACK.
>
master:
* a1a7ecdc7bf6686adf8558cedd3964f9e4805469 vault-add: set the default
vault type on the client side if none was given
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.
; +principal, or multiple types.
>> +
>> +CERTIFICATE AUTHORITY SCOPE:
>> +
>> +A CA ACL can be associated with one or more CAs by name, or by the
>> +"all CAs" category. For compatibility reasons, a CA ACL with no CA
>> +association implies an as
On 07/12/2016 12:35 PM, Martin Babinsky wrote:
> On 07/11/2016 12:40 PM, Stanislav Laznicka wrote:
>> https://fedorahosted.org/freeipa/ticket/6034
>>
>>
>>
> ACK
>
master:
* 6c74bd2bcca46b586b07c3acd9670dae6e1f07b9 Removed unused method
parameter from migrate-d
bdc5ef16 host-find: do not show SSH
key by default
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
DN)
>>>>> +self.preserve_krbprincipalname_post(ldap, entry_attrs,
>>>>> **options)
>>>>> if options.get('random', False):
>>>>> try:
>>>>> entry_attrs['randompassword'] =
>>
On 07/13/2016 08:26 AM, Stanislav Laznicka wrote:
> On 07/12/2016 08:44 AM, Stanislav Laznicka wrote:
>> On 07/11/2016 04:27 PM, Petr Vobornik wrote:
>>> On 07/11/2016 01:23 PM, Stanislav Laznicka wrote:
>>>> https://fedorahosted.org/freeipa/ticket/6046
>>
/freeipa/ticket/6035
>> ACK.
>>
>> I haven't tested it but the change is obvious.
>>
>
> And it works as expected, so ACK also from me.
>
master:
* 9feeaca9fb552229638ce98086aa75905a45b48d Enable vault-* commands on client
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
I should change the patch
>> accordingly or if the current version is ok,
>>
>> bye,
>> Sumit
>>
>>
>>
> Code looks ok to me and the patch fixes the issue, so ACK.
>
master:
* 6d6da6b281173737bd31ba4845af11a097846c05 kdb: check for local realm in
enter
On 07/11/2016 02:30 PM, Stanislav Laznicka wrote:
> On 07/11/2016 02:18 PM, Martin Babinsky wrote:
>> https://fedorahosted.org/freeipa/ticket/6044
>>
>>
>>
> ACK.
>
>
>
master:
* c1d8629b7490f443eededf0c0d0472d8285f85e8 ipa-advise: correct handling
s-manage patch posted earlier in the mailing
> list ACKed although it probably hasn't been pushed yet.
>
> ACK.
>
master:
* a5efeb449bba47dd430a7b8ffa594ace189252f4 ipa-compat-manage: use server
API to retrieve plugin status
--
Petr Vobornik
--
Manage your subscription for the Freeipa
est Sub CA with
CAACL and certificate profile
* 0277a89825cf0d8d1099f537d9eb4ab1020751d2 ipatests: remove ipacertbase
option from test CSR configuration
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
e issue.
> Ack,
>
> Flo.
>
master:
* c5cc79f1ad2ef1eb81ad3d9cea2882a7ae1825b2 ipa-nis-manage: Use server
API to retrieve plugin status
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
9a57f3c473833f2ff26c8061ec uninstall: untrack
lightweight CA certs
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
ca installer.
The unattended mode is unrelated.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
t properly to disallow anything not
usable by dogtag.
Adding Fraser for the dogtag part.
rob
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
/group to the list of
_failed_member_output_params of the class ClientMethod.
https://fedorahosted.org/freeipa/ticket/6026
I've a feeling that this issue is more general and multiple commands
regressed. Would be good to check other member options, e.g. also in
user plugin.
--
Petr Vobornik
FreeIPA 4.4.0 was tagged.
Release notes will follow soon.
* http://www.freeipa.org/page/Downloads#Latest_Release_-_FreeIPA_4.4.0
* http://freeipa.org/downloads/src/freeipa-4.4.0.tar.gz
SHA1: 441ef8cb2b0ac103723d03b0478da641d697e104
MD5: 078697b25e02361fca37d00a1144130d
--
Petr Vobornik
: I tested David's patch and it actually doesn't work when
>>>> the new password policy for ipausers group is created (priority = 0,
>>>> which should be the highest priority). The maxlife and minlife values
>>>> are empty. Even if I set the new password policy maxlife and minlife to
>>>> 0 the result was that password will expire in 90 days. The patch worked
>>>> correctly when I changed value of maxlife and minlife to 0 in
>>>> 'global_policy'. Then the password expiration was set to 2038-01-01.
>>>>
>>>
>>> Hello!
>>>
>>> I hope I've finally find all the places in ipa-kdb and ipa-pwd-extop
>>> plugins to tickle in order to have password that don't expire. Updated
>>> patch attached.
>>>
>>> https://fedorahosted.org/freeipa/ticket/2795
>>>
>>
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 07/01/2016 11:02 AM, Martin Babinsky wrote:
> On 06/30/2016 01:16 PM, Fraser Tweedale wrote:
>> Hullo,
>>
>> The attached patch fixes
>> https://fedorahosted.org/freeipa/ticket/6011.
>>
>> Cheers,
>> Fraser
>>
>>
>>
> ACK
>
;>>>>> a6b4d4349a9ac6de453d9ad3c679ec32add4e43b
>>>>>>>>>>> for 'ipalib/plugins/config.py'
>>>>>>>>>>> fatal: git-write-tree: error building trees
>>>>>>>>>>> Repository lacks necessary
On 07/01/2016 09:04 AM, Pavel Vomacka wrote:
>
>
> On 06/30/2016 05:27 PM, Petr Vobornik wrote:
>> On 06/30/2016 02:48 PM, Pavel Vomacka wrote:
>>> Hello,
>>>
>>> please review these patches. First two patches fix two minor bugs in
>>>
.
In such case krbcanonicalname should be used - it contains the same
principal as the one which will be in future API responses.
part of: https://fedorahosted.org/freeipa/ticket/5927
--
Petr Vobornik
From a15518f25eb339ab2bc90dbc304648a9fd266e51 Mon Sep 17 00:00:00 2001
From: Petr Vobornik <pv
ld be simplified into
var principal_name = value[0] || {};
but why is an object set into that.principal_name when it is later used
as a text: `that.principal_text.text(that.principal_name);`
Patch 0070: LGTM
Patch 0071: LGTM
Patch 0072: LGTM if the change of krbprincipalname to krbcanonicalname
i
On 06/30/2016 03:55 PM, Nathaniel McCallum wrote:
> On Thu, 2016-06-30 at 13:42 +0200, Petr Vobornik wrote:
>> On 06/29/2016 04:40 PM, Stanislav Laznicka wrote:
>>>
>>> On 06/29/2016 04:02 PM, Stanislav Laznicka wrote:
>>>>
>>
ed. I
> will
> just add Honza for code sanity check. Therefore conditional ACK if the code
> can
> take no further improvements.
>
> Standa
>
>
Pushed to master: 025cfd911bce6214ef2b4311b16c5b6df6ad173a
According to Honza, it doesn't solve all corner cases. This can be
On 06/30/2016 01:57 PM, Pavel Vomacka wrote:
>
>
> On 06/29/2016 05:42 PM, Petr Vobornik wrote:
>> On 06/24/2016 12:40 PM, Pavel Vomacka wrote:
>>> Hello,
>>>
>>> please review attached patches, they add 'Delete Server' button.
>>>
>>
On 06/30/2016 10:39 AM, Pavel Vomacka wrote:
>
>
> On 06/29/2016 04:40 PM, Petr Vobornik wrote:
>> On 06/27/2016 05:50 PM, Pavel Vomacka wrote:
>>> Hello,
>>>
>>> Please review attached patch which simplifies confirmation messages for
>>> 'remov
On 06/29/2016 06:38 PM, Petr Vobornik wrote:
> On 06/28/2016 04:32 PM, Pavel Vomacka wrote:
>> Hello,
>>
>> please review attached patches. I moved strings used by authentication
>> indicators widget to another dict so the second patch changes strings in
>> custo
rmissions for krbprincipalauthind
>>>>> attribute in hosts.py, is this omitted on purpose?
>>>>> Martin^2
>>>>>
>>>> The attached patch adds them should these be required.
>>>>
>>>>
>>>
>>> Then w
g/freeipa/ticket/5872
>
ACK
push should wait on server side.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
erver search
page which is missing in this patch.
Updated patch with the issues fixed is attached.
I did not test final version of the patch because my testing env. died.
--
Petr Vobornik
From d0ea026cebcda0e301ed75b4dc53c78675c20ef0 Mon Sep 17 00:00:00 2001
From: Pavel Vomacka <pvoma...@r
pull-down list.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 06/27/2016 04:34 PM, Pavel Vomacka wrote:
>
>
> On 06/23/2016 04:25 PM, Petr Vobornik wrote:
>> On 06/20/2016 06:54 PM, Pavel Vomacka wrote:
>>> Hello,
>>>
>>> please review attached patch.
>>>
>>> https://fedorahosted.org/f
1 - 100 of 1705 matches
Mail list logo