On 12/11/2015 05:28 PM, Oleg Fayans wrote:
HI Oleg,
could you prefix the commit message and mail subject with "tests: " or
something similar to make clear that this is a fix in tests and not
actual CA or KRA installation.
--
Petr Vobornik
--
Manage your subscription for the Fre
knowledge to tweak
things.
Simo.
ACK for original patch
Pushed to master: c3c8651ac1bac794e32b3c01f7e4f6b487dcef08
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
acing freeipa-python.x86_64 4.2.3-1.1.fc23
python2-ipaclient noarch
python2-ipalib x86_64
Upgrading:
freeipa-client
not sure if it is a problem, otherwise the patch looks OK.
--
Petr Vobornik
--
Man
le, executable temp file and breaks isolation between a parent
process and all its forked child processes.
Christian
The patch needs to be rebased to 4-2 branch to be usable on Fedora 23 -
FreeIPA 4.2.3.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://w
attached patch was attached to
https://bugzilla.redhat.com/show_bug.cgi?id=1288863
ACK
Pushed to master: 2180d5db8a8e99007c39466c19759a4b1bf098fa
--
Petr Vobornik
From 782d40bd434a57b88a72c53debf090f155b05fb9 Mon Sep 17 00:00:00 2001
From: Yuri Chornoivan
Date: Sun, 6 Dec 2015 19:33:08 +0200
On 12/04/2015 07:04 PM, Tomas Babej wrote:
On 12/04/2015 06:58 PM, Tomas Babej wrote:
On 12/03/2015 04:58 PM, Petr Vobornik wrote:
`ipa help topology` is improved.
Looks good. I changed one part of the documentation for more clarity,
see the attached patch.
Otherwise ACK from me
make much sense to me, we should check for host existence before any
work is done.
ACK
Any reason to use host-show and not server-show?
host-show will be successful on any host, server-show only if the host
is an IPA server.
--
Petr Vobornik
--
Manage your subscription for the Freeipa
t's only pdf at
the moment.
Maybe sanity checks should be less verbose, but I wanted to have it
spelled out.
My goal is to have both wiki page and a printable check list which can
lie on a table.
[1] https://pvoborni.fedorapeople.org/FreeIPAdeveloperschecklist.pdf
--
Petr Vobo
On 12/03/2015 04:58 PM, Petr Vobornik wrote:
SSIA
Updated patch attached.
--
Petr Vobornik
From d9b65ef8366d6f94a1d2fba679bb610388fa Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 3 Dec 2015 16:28:51 +0100
Subject: [PATCH] Update ipa-(cs)replica-manage man pages
---
install
On 12/03/2015 12:54 PM, Petr Vobornik wrote:
On 12/03/2015 12:06 PM, Tomas Babej wrote:
Hi,
this patch updates the man page for the ipa-replica-install given the
latest changes (including the Jan's OTP patch).
Tomas
Questions/suggestions:
1. "you cannot provide an replica f
the patches be pushed?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
`ipa help topology` is improved.
--
Petr Vobornik
From 7fcaa87aab86d816ee6bc63a4bbaf5c65f4961d9 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 3 Dec 2015 16:29:27 +0100
Subject: [PATCH] Extend topology help
`ipa help topology` is improved.
---
ipalib/plugins/topology.py | 52
SSIA
--
Petr Vobornik
From a47fd60f49f1a87bb86913463df7c7813d1cdad3 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 3 Dec 2015 16:28:51 +0100
Subject: [PATCH] Update ipa-(cs)replica-manage man pages
---
install/tools/man/ipa-csreplica-manage.1 | 17 -
install/tools/man
On 12/03/2015 04:13 PM, Martin Kosek wrote:
Original dnf builddep command does not work, unless --spec option is
added.
ACK
Pushed to master: 03c7d63c52615cefef260e169ec4dadb85d54842
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com
Number of entries returned 2
----
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
-client-install before running ipa-replica-install again.
The installation will fail if the host you are installing the
replica on exists as a host in IPA or an existing replication agreement
exists (for example, from a previously failed installation)
"""
I belie
On 12/02/2015 07:16 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 16:44 +0100, Petr Vobornik wrote:
On 12/01/2015 04:20 PM, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Martin Kosek wrote:
On 12/01/2015 02:59 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
On 12
Change CLI option, label and type to reflect that it is a only a DN
of the suffix.
--
Petr Vobornik
From 746ac711ba96e9f5726e2aa37814e376a197219c Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 1 Dec 2015 13:02:18 +0100
Subject: [PATCH] topologysuffix: change iparepltopoconfroot API
aster: f72f8c1ad04847e4d0f24b50c76a583bd6fe5a86
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 12/02/2015 12:24 PM, Martin Kosek wrote:
Update .mailmap with misconfigured patch authors since the last
feature release. Based on the git history, add new Development
contributors.
ACK
pushed to master 4a75a5f7ffd4f5060e84d04e5806b84e5605ddec
--
Petr Vobornik
--
Manage your
On 12/01/2015 09:04 AM, Jan Cholasta wrote:
On 30.11.2015 12:41, Petr Vobornik wrote:
see
https://www.redhat.com/archives/freeipa-devel/2015-November/msg00485.html
LGTM, but I would s/_SUFFIX/_SUFFIX_NAME/.
Updated patch attached.
--
Petr Vobornik
From
e then a release blocker for 4.3 which is not
desired.
Also what about adding support for "ipaProtectedoperation check" for
user principals?
I'm afraid that forbidding getting user principal might be regarded as a
regression which might cause that admins won't set Dis
On 11/26/2015 02:39 PM, Petr Vobornik wrote:
On 11/23/2015 06:51 PM, Oleg Fayans wrote:
Hi all,
Here is a draft of the Replica Promotion test plan
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan
== Test case: Unprivileged users are not allowed to enroll and promote
clients
see
https://www.redhat.com/archives/freeipa-devel/2015-November/msg00485.html
--
Petr Vobornik
From ae546045ff286b7787e90e6eed945c70463404a8 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Fri, 27 Nov 2015 17:00:23 +0100
Subject: [PATCH] rename topology suffixes to "domain" and &
On 11/30/2015 12:15 PM, Jan Cholasta wrote:
On 27.11.2015 15:57, Petr Vobornik wrote:
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to master: c688954c27c219cb18aff968fc1f510afff93981
As we discussed offline, the server plugin
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to master: c688954c27c219cb18aff968fc1f510afff93981
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa
On 11/25/2015 05:05 PM, Martin Babinsky wrote:
On 11/25/2015 03:28 PM, Petr Vobornik wrote:
On 11/24/2015 02:09 PM, Martin Babinsky wrote:
On 11/24/2015 12:17 PM, Petr Vobornik wrote:
On 11/24/2015 12:10 PM, Ludwig Krispenz wrote:
Hi Petr,
I'm testing these patches.Two observations s
On 10/23/2015 04:57 PM, Simo Sorce wrote:
On 23/10/15 08:39, Petr Vobornik wrote:
not sure if the change in2606f5aecd6ac0db31abb515b691529bb7eaf14e was a
mistake or done on purpose.
Anyway:
commit 2606f5aecd6ac0db31abb515b691529bb7eaf14e
has:
-realm, hostname, dirman_passwd, port
On 11/27/2015 12:46 PM, Petr Spacek wrote:
On 27.11.2015 09:00, Jan Cholasta wrote:
On 27.11.2015 08:33, Martin Kosek wrote:
On 11/27/2015 07:05 AM, Jan Cholasta wrote:
On 26.11.2015 17:15, Petr Vobornik wrote:
New topology management gives names to managed suffixes:
ipaca: o=ipaca
realm
dc=example,dc=com
What do you think?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
bumping
for review.
ACK
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
): --setup-ca
--setup-dns --setup-kra works with both domain levels
Note: Not sure if #2 and #3 belongs here, but should be tested. Maybe
tests for domain level 0 already exist.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo
On 11/24/2015 02:09 PM, Martin Babinsky wrote:
On 11/24/2015 12:17 PM, Petr Vobornik wrote:
On 11/24/2015 12:10 PM, Ludwig Krispenz wrote:
Hi Petr,
I'm testing these patches.Two observations so far:
- in Topology->IPA Servers I see a table of my servers and the managed
suffix colu
can set static position to a
node by double clicking on it (this needs to be somehow communicated)
otherwise it is random - each refresh.
Maybe we should not refresh on failed operation because there is no change.
Ludwig
On 11/20/2015 04:00 PM, Petr Vobornik wrote:
Patches 928-931 are prere
needed to test and
which can fail.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
--
Petr Vobornik
From d4f0851d528628ec25592e901e8ddef18ecbf6e9 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 29 Oct 2015 19:01:09 +0100
Subject: [PATCH] topology: treat server suffix as multivalued attribute in API
---
API.txt| 2 +-
VERSION
ds/commands that calls search and show
several times.
Is there something that prevents us to do that?
It already is cached. See get_ipa_config().
rob
I missed that part there, thank you.
Martin
I tried user_add and according to access log(
http://fpaste.org/291835/44785307/ ) it alone does
On 11/13/2015 10:46 AM, Martin Babinsky wrote:
Otherwise it looks OK (not tested yet).
I didn't realize that. I have modified the patch accordingly.
Attaching updated patch with changed docstring of
'check_last_link_managed()'
ACK
--
Petr Vobornik
--
Manage your subsc
ry my bad, I wanted to remove it from paths, I just somehow
forgot to do that.
Updated patch attached.
ACK
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contr
On 11/12/2015 12:27 PM, Martin Basti wrote:
On 05.11.2015 18:27, Petr Vobornik wrote:
On 10/30/2015 09:31 AM, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5144
Patch attached.
configure.jar is basically a signed zip which contains
preferences.html therefore also all
On 11/10/2015 05:43 PM, Martin Babinsky wrote:
On 11/04/2015 06:50 PM, Petr Vobornik wrote:
On 11/04/2015 01:30 PM, Martin Babinsky wrote:
On 10/30/2015 05:06 PM, Martin Babinsky wrote:
On 10/30/2015 03:38 PM, Petr Vobornik wrote:
On 10/30/2015 03:26 PM, Martin Babinsky wrote:
patch for
On 11/06/2015 01:09 PM, Martin Babinsky wrote:
On 11/06/2015 11:06 AM, Petr Vobornik wrote:
On 11/06/2015 10:15 AM, Petr Spacek wrote:
On 6.11.2015 09:25, Martin Kosek wrote:
On 11/05/2015 07:02 PM, Petr Vobornik wrote:
On 11/02/2015 12:37 PM, Martin Kosek wrote:
On 11/02/2015 06:10 AM, Jan
On 11/06/2015 10:15 AM, Petr Spacek wrote:
On 6.11.2015 09:25, Martin Kosek wrote:
On 11/05/2015 07:02 PM, Petr Vobornik wrote:
On 11/02/2015 12:37 PM, Martin Kosek wrote:
On 11/02/2015 06:10 AM, Jan Cholasta wrote:
Hi,
On 22.10.2015 10:44, Martin Babinsky wrote:
https://fedorahosted.org
ole-find ipa.example.com
Role: dns-server
Role: cs-server
Role: ca-renewal-master
Role: trust-controller
All variants alone are fine for Web UI.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
"Automatic Configuration of older versions" should be
removed.
and list item:
"""
Import CA certificate. Make sure you checked
all three checkboxes.
"""
should be moved as a first item in the list in section Firefox
--
Petr Vobornik
--
Manage your subscri
On 10/29/2015 03:01 PM, Martin Babinsky wrote:
On 10/29/2015 01:28 PM, Tomas Babej wrote:
On 10/29/2015 01:10 PM, Petr Vobornik wrote:
On 10/29/2015 11:19 AM, Martin Babinsky wrote:
Petr^2 and Tomas were not happy by the way
https://fedorahosted.org/freeipa/ticket/5175 was handled initially
On 11/04/2015 01:30 PM, Martin Babinsky wrote:
On 10/30/2015 05:06 PM, Martin Babinsky wrote:
On 10/30/2015 03:38 PM, Petr Vobornik wrote:
On 10/30/2015 03:26 PM, Martin Babinsky wrote:
patch for https://fedorahosted.org/freeipa/ticket/5309
The ticket itself is about connectivity checks in
ns in realmdomains tests
* idoverride: Ignore ValidationErrors when converting the anchor
* tests: Add tests for idoverride object integrity
* trusts: Make trust_show.get_dn raise properly formatted NotFound
* trustdomain: Perform validation of the trust domain first
--
Petr Vobornik
--
Manage yo
On 11/02/2015 07:17 PM, Martin Basti wrote:
On 02.11.2015 19:02, Petr Vobornik wrote:
On 11/02/2015 06:49 PM, Alexander Bokovoy wrote:
On Mon, 02 Nov 2015, Alexander Bokovoy wrote:
On Mon, 02 Nov 2015, Petr Vobornik wrote:
For 4.2.3 release
https://fedorahosted.org/freeipa/ticket/5427
On 11/02/2015 06:09 PM, Alexander Bokovoy wrote:
See details in the patch.
ACK
Pushed to master: abf34d99d9300417a7c067926250d7fd2e0e8a4
Pushed to ipa-4-2: 0c4342ce385ddcb57fceddbfef2dd2106e587f85
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https
On 11/02/2015 06:49 PM, Alexander Bokovoy wrote:
On Mon, 02 Nov 2015, Alexander Bokovoy wrote:
On Mon, 02 Nov 2015, Petr Vobornik wrote:
For 4.2.3 release
https://fedorahosted.org/freeipa/ticket/5427
target branches: master, ipa-4-2
--
Petr Vobornik
From
On 10/30/2015 10:42 AM, Martin Kosek wrote:
On 10/27/2015 04:40 PM, Ludwig Krispenz wrote:
On 10/27/2015 03:54 PM, Petr Vobornik wrote:
Both tools serve primarily for managing replication agreements and
replicas.
ipa-replica-manage also manages winsync agreements and DNA ranges.
FreeIPA 4.3
the segments pointing
to/from the deleted host are already deleted.
These checks are currently hardcoded for 'realm' prefix, should we
generalize them as well or is it a part of other effort?
Could be separate patch but yes.
--
Petr Vobornik
--
Manage your subscription for the Fre
which is not possible.
"allowed only" might be better.
Just changing RuntimeError to InvalidDomainLevelError would be fine with
me since the MIN_DOMAIN_LEVEL was already changed to DOMAIN_LEVEL_0.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
ht
On 10/27/2015 04:23 PM, Martin Babinsky wrote:
On 10/22/2015 01:06 PM, Petr Vobornik wrote:
On 10/16/2015 06:41 PM, Endi Sukma Dewata wrote:
On 10/15/2015 9:54 AM, Simo Sorce wrote:
3) ipa-ca-install fails with:
Traceback (most recent call last):
File
"/usr/lib/python2.7/site-pac
handling.
There is no future plan for winsync agreements and ipa-replica-manage
can remain solely for this purpose in environments with managed topology.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
CSReplicationManager
which causes, e.g.:
ipa-csreplica-manage -p Secret123 list ipa.example.com
cannot connect to 'ldaps://ipa.example.com:389': TLS error
-5938:Encountered end of file
Attached patch reverts it.
--
Petr Vobornik
From 2ef72f13e5c819da0d2fbc67244c8c773f0c61cc Mon Sep 17 00:00:00
replica-manage, with description of
what and when should be added?
thanks
thierry
My concern is that if we delete a host before all the updates from
that host has been received, could we receive a late update that will
recreate the ruv element ?
thanks
thierry
--
Petr Vobornik
--
Manage y
random names are not appropriate imo
Martin^2
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
u try it with a plan outlined in
http://www.redhat.com/archives/freeipa-devel/2015-October/msg00342.html
with a copr build:
https://copr.fedoraproject.org/coprs/pvoborni/freeipa-test/build/129440/
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redha
] https://fedorahosted.org/pki/ticket/1414
[2] https://fedorahosted.org/pki/ticket/1580
[3] http://koji.fedoraproject.org/koji/buildinfo?buildID=689985
[4] https://copr.fedoraproject.org/coprs/mkosek/freeipa-master/build/121544/
--
Petr Vobornik
From 2be7d8462fcebe4685288be8f8f5575bec108ed3 Mon Sep
On 10/20/2015 01:32 PM, Martin Babinsky wrote:
On 10/20/2015 01:05 PM, Petr Vobornik wrote:
On 10/20/2015 09:19 AM, Martin Babinsky wrote:
On 10/13/2015 07:04 PM, Martin Babinsky wrote:
On 10/13/2015 06:55 PM, Martin Babinsky wrote:
mbabinsk - hide segment direction from topology commands
message is wrong, it doesn't do anything with Web UI. Also there
is only one patch, not 1/2, otherwise ACK.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org
Service disable revokes existing certificate, removes it from the
service entry and also removes Kerberos principal key.
When you create a new service, it does not contain principal key nor a
certificate therefore there is no work to do in disable command and
therefore the message.
--
Petr Vobo
service
to.
This error tells that the host entry does not exist.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
This patch was extracted from replica promotion patches.
--
Petr Vobornik
From d523ddec1cdc3efc4e4f2d66a8fb9162cdb78f02 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 15 Oct 2015 13:58:46 +0200
Subject: [PATCH] topology: add realm suffix to master entry on update
Realm suffix was set
eback (most recent call last):
File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line
171, in execute
return_value = self.run()
File
"/usr/lib/python2.7/site-packages/ipaserver/install/ipa_kra_install.py",
line 220, in run
self._run()
File
"/us
tage").
First two may be just uncomfortable for a user, but the last one
definitely skips one ability of the plugin.
I agree. Please file a track ticket for each item.
Lenka
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/list
On 10/13/2015 12:24 PM, Jan Cholasta wrote:
On 13.10.2015 10:18, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5361>.
Honza
Decided to use a slightly different approach, updated patch attached.
Works for me, ACK
--
Petr Vobornik
--
Manag
On 10/13/2015 12:19 PM, Martin Babinsky wrote:
On 10/13/2015 10:15 AM, Petr Vobornik wrote:
On 10/13/2015 10:02 AM, Oleg Fayans wrote:
NACK
UI still shows the connectivity information at
http:///ipa/ui/#/e/topologysuffix/topologysegment/realm
Showing it is correct and desired - both in CLI
/freeipa/ticket/5222
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
handle collisions in the names of external
groups
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 08/31/2015 05:24 PM, Petr Vobornik wrote:
By adding no_members option to commands which supports it.
It then skips memberof procession on the server side.
https://fedorahosted.org/freeipa/ticket/5271
New version attached with change:
-var options = { all: true };
+var
tps://fedorahosted.org/freeipa/ticket/4906
--
Petr Vobornik
From c6bda95367a3e5de8435a66c4970bd689b6ca994 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 17 Sep 2015 17:41:06 +0200
Subject: [PATCH] webui: use manual Firefox configuration for Firefox >= 40
The intended course of action is to show
e a new one?
If a backport happens much later, IMHO the proper way would be to create
a separate ticket for the backport and reference the original ticket(s)
and record all commits, even the prerequisites.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://ww
n of LSA-RPC binding strings
* adtrust-install: Correctly determine 4.2 FreeIPA servers
* trusts: Detect domain clash with IPA domain when adding a AD trust
* trusts: Detect missing Samba instance
* winsync-migrate: Add warning about passsync
* winsync-migrate: Expand the man page
=== Yuri Chornoivan (
On 09/17/2015 11:37 AM, Jan Cholasta wrote:
On 14.9.2015 09:44, Jan Cholasta wrote:
On 9.9.2015 18:39, Petr Vobornik wrote:
On 09/09/2015 10:52 AM, Jan Cholasta wrote:
On 8.9.2015 23:06, Petr Vobornik wrote:
On 09/03/2015 03:18 PM, Jan Cholasta wrote:
On 2.9.2015 07:26, Endi Sukma Dewata
o
have the ticket with the right metadata and collection of the right hashes that
the downstream release can digest.
+1
Thoughts?
[1] https://github.com/freeipa/freeipa-tools/blob/master/ipatool
[2] http://www.freeipa.org/page/Contribute/Code
--
Petr Vobornik
--
Manage your subscripti
On 09/16/2015 06:17 PM, Martin Basti wrote:
On 09/16/2015 01:22 PM, Petr Vobornik wrote:
FreeIPA 4.2.1 was released last week but it was not fully announced yet.
The release notes draft is prepared, updates welcome:
http://www.freeipa.org/page/Releases/4.2.1
Shall we add there note to
On 09/16/2015 03:22 PM, Tomas Babej wrote:
On 09/16/2015 03:17 PM, Petr Vobornik wrote:
On 09/15/2015 11:37 AM, Tomas Babej wrote:
On 09/15/2015 11:30 AM, Tomas Babej wrote:
Hi,
attached patch fixes:
https://bugzilla.redhat.com/show_bug.cgi?id=1262315
Tomas
The previous version is
added to makefile.am
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
FreeIPA 4.2.1 was released last week but it was not fully announced yet.
The release notes draft is prepared, updates welcome:
http://www.freeipa.org/page/Releases/4.2.1
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo
ipa-4-2: 72e87e8c33d3aa7d777e3a097bdefc95a52e014e
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
cover what?) or does FreeIPA just run
without webUI in in-tree mode? Is there any better way to test my changes?
It runs without Web UI.
Check "Debugging with source codes" section in
https://pvoborni.fedorapeople.org/doc/#!/guide/Debugging
--
Petr Vobornik
--
Manage your subscript
n-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Managing_Replication-Solving_Common_Replication_Conflicts.html
Use the latest docs, just in case they are more accurate:
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/Managing_Re
On 09/09/2015 10:52 AM, Jan Cholasta wrote:
On 8.9.2015 23:06, Petr Vobornik wrote:
On 09/03/2015 03:18 PM, Jan Cholasta wrote:
On 2.9.2015 07:26, Endi Sukma Dewata wrote:
On 9/1/2015 10:22 AM, Simo Sorce wrote:
On Tue, 2015-09-01 at 17:15 +0200, Petr Vobornik wrote:
On 09/01/2015 04:39 PM
On 09/03/2015 03:18 PM, Jan Cholasta wrote:
On 2.9.2015 07:26, Endi Sukma Dewata wrote:
On 9/1/2015 10:22 AM, Simo Sorce wrote:
On Tue, 2015-09-01 at 17:15 +0200, Petr Vobornik wrote:
On 09/01/2015 04:39 PM, Jan Cholasta wrote:
On 1.9.2015 16:26, Jan Cholasta wrote:
On 26.8.2015 13:22, Petr
, just remove the method.
+
+NOTE: Do not use this method.
I agree that the comment should not be in this patch - it is not
relevant to vaults.
The comment or a removal of the method(if it is really useless) should
be in a different patch. If comment is the way than please also add w
tion, this was just a suggestion
in case deprecation was overlooked.
ACK
Pushed to:
master: 86cd47af0245a216324900be39be1a145bf0741b
ipa-4-2: b7386dc98506d66c6cbb1083992ced7792f938bd
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mail
On 09/01/2015 04:39 PM, Jan Cholasta wrote:
On 1.9.2015 16:26, Jan Cholasta wrote:
On 26.8.2015 13:22, Petr Vobornik wrote:
On 08/25/2015 08:04 PM, Petr Vobornik wrote:
adds commands:
* vaultcontainer-show [--service |--user ]
* vaultcontainer-add-owner
[--service |--user
By adding no_members option to commands which supports it.
It then skips memberof procession on the server side.
https://fedorahosted.org/freeipa/ticket/5271
--
Petr Vobornik
From 39beb39966dff537b82aca1204cc124f52677ba7 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Mon, 31 Aug 2015 17:18
On 08/26/2015 03:16 PM, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5248
ACK
Pushed to:
master: 59cc54b6dce29e32e81bfaad25ff13794092d782
ipa-4-2: 21cdcbd9a6b6a82d39d40b91a64d4d9b4d7e4e7d
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https
On 08/26/2015 03:56 PM, David Kupka wrote:
On 26/08/15 15:45, Petr Vobornik wrote:
On 08/26/2015 02:13 PM, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5231
Attaching updated patch. With changes discussed offline.
Changes works for me, ACK.
(with the changes it is also
with 1M file took about 4mins (in
vault_retrieve_internal). Next archive command with 1M file took "only" 18s.
10k file took 9s.
Why is it so slow?
--
Petr Vobornik
From c08848ad37010fa72e774305837db49a078ef5ea Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Wed, 26 Aug 2015 14:1
On 08/25/2015 04:19 PM, Simo Sorce wrote:
On Tue, 2015-08-25 at 21:49 +1000, Fraser Tweedale wrote:
On Tue, Aug 25, 2015 at 01:39:42PM +0300, Alexander Bokovoy wrote:
On Tue, 25 Aug 2015, Petr Vobornik wrote:
On 08/25/2015 07:37 AM, Alexander Bokovoy wrote:
On Tue, 25 Aug 2015, Fraser
t;,
line 196, in init_config
'pki_subsystem_type': config.pki_subsystem.lower(),
AttributeError: 'NoneType' object has no attribute 'lower'
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 08/25/2015 08:04 PM, Petr Vobornik wrote:
adds commands:
* vaultcontainer-show [--service |--user ]
* vaultcontainer-add-owner
[--service |--user ]
[--users ] [--groups ] [--services ]
* vaultcontainer-remove-owner
[--service |--user ]
[--users ] [--groups
vault test should no longer hang on interactive prompt. Doesn't fix
other issues in vault tests.
https://fedorahosted.org/freeipa/ticket/5251
--
Petr Vobornik
From f288a9bd33a72a86a50bbe4a990b0a2e30d1599f Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 26 Aug 2015 13:03:22
/5250
Use cases:
1. When user/service is deleted, associated vault container looses
owner. There was no API command to set the owner.
2. Change owner of container by admin to manage access.
Show command was added to show current owners.
Find command was not added, should it be?
--
Petr Vobornik
301 - 400 of 1861 matches
Mail list logo