URL: https://github.com/freeipa/freeipa/pull/711
Author: stlaz
Title: #711: Move the compat plugin setup at the end of install
Action: opened
PR body:
"""
The compat plugin was causing deadlocks with the topology plugin. Move
its setup at the end of the installation and remove
URL: https://github.com/freeipa/freeipa/pull/679
Title: #679: Make sure remote hosts have our keys
stlaz commented:
"""
Fails with
```2017-04-12T14:16:14Z DEBUG The ipa-replica-install command failed,
exception: ValueError: Incorrect number of results (0) searching forpublic ke
URL: https://github.com/freeipa/freeipa/pull/679
Title: #679: Make sure remote hosts have our keys
stlaz commented:
"""
Fails with
```2017-04-12T14:16:14Z DEBUG The ipa-replica-install command failed,
exception: ValueError: Incorrect number of results (0) searching forpublic ke
URL: https://github.com/freeipa/freeipa/pull/697
Title: #697: Create system users for FreeIPA services during package
installation
stlaz commented:
"""
While I don't like to omit @adelton comments, this is a test blocker for us. I
propose going with @dkupka's comment on add
URL: https://github.com/freeipa/freeipa/pull/697
Title: #697: Create system users for FreeIPA services during package
installation
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/695
Title: #695: [4.4] Fix PKCS11 helper
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/708
Title: #708: Minor typo in details.js
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/697
Title: #697: Create system users for FreeIPA services during package
installation
stlaz commented:
"""
Travis reports wrong usage of the `useradd` command.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/707
Title: #707: Minor typo fixes
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/707
Title: #707: Minor typo fixes
stlaz commented:
"""
Thanks, ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/707#issuecomment-293225820
--
Manage your subscription for the Fre
URL: https://github.com/freeipa/freeipa/pull/707
Title: #707: Minor typo fixes
Label: -ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/703
Title: #703: Remove surplus 'the' in output of ipa-adtrust-install
stlaz commented:
"""
We just got an issue opened, you can add it:
https://pagure.io/freeipa/issue/6864.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/706
Title: #706: Fix CA-less to CA-full upgrade
stlaz commented:
"""
I am not a big fan of creating directories on object initialization, thus this
change. Another way of doing this would be of course to check whether the
pki-t
URL: https://github.com/freeipa/freeipa/pull/706
Author: stlaz
Title: #706: Fix CA-less to CA-full upgrade
Action: opened
PR body:
"""
CertDB would have always created a directory on initialization. This
behavior changes here by replacing the truncate argument with create
URL: https://github.com/freeipa/freeipa/pull/675
Title: #675: [4.5, master] Fix PKCS11 helper
stlaz commented:
"""
I ran the integration test and the result was fine, ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/675#issuecom
URL: https://github.com/freeipa/freeipa/pull/675
Title: #675: [4.5, master] Fix PKCS11 helper
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/703
Title: #703: Remove surplus 'the' in output of ipa-adtrust-install
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/677
Title: #677: cert: defer cert-find result post-processing
stlaz commented:
"""
The patched IPA works better than the current 4.4 and 4.5 branches in terms of
options logic, that's good.
From the code I am not sure which sear
URL: https://github.com/freeipa/freeipa/pull/691
Author: stlaz
Title: #691: Add force-join option to replica install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/691/head:pr691
git checkout pr691
From
URL: https://github.com/freeipa/freeipa/pull/691
Author: stlaz
Title: #691: Add force-join option to replica install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/691/head:pr691
git checkout pr691
From
URL: https://github.com/freeipa/freeipa/pull/691
Author: stlaz
Title: #691: Add force-join option to replica install
Action: opened
PR body:
"""
This patchset adds the force-join option to the replica installer. It also
tries to improve the developer's experience by narrowing
URL: https://github.com/freeipa/freeipa/pull/667
Title: #667: idrange-add: properly handle empty --dom-name option
stlaz commented:
"""
@flo-renaud That's completely OK :)
I thought we could probably add an assert to `CIDict.__contains__()` method
since I realize the issue was
URL: https://github.com/freeipa/freeipa/pull/667
Title: #667: idrange-add: properly handle empty --dom-name option
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/667
Title: #667: idrange-mod: properly handle empty --dom-name option
stlaz commented:
"""
LGTM, except you're talking about `idrange-mod` in the commit message but are
fixing `idrange-add` (`idrange-mod` does not have the option at
URL: https://github.com/freeipa/freeipa/pull/677
Title: #677: cert: defer cert-find result post-processing
stlaz commented:
"""
What worries me the most is that the tests are green even though this is
potentially a serious problem.
"""
See the full comment
URL: https://github.com/freeipa/freeipa/pull/690
Author: stlaz
Title: #690: server-install: remove broken no-pkinit check
Action: opened
PR body:
"""
Don't check for no-pkinit option in case pkinit cert file was
provided. Setting no-pkinit is prohibited in this case, so with
URL: https://github.com/freeipa/freeipa/pull/687
Author: stlaz
Title: #687: Add pki_pin only when needed
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/687/head:pr687
git checkout pr687
From
URL: https://github.com/freeipa/freeipa/pull/684
Title: #684: httpinstance: make sure NSS database is backed up
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/684
Title: #684: httpinstance: make sure NSS database is backed up
stlaz commented:
"""
Without this patch, I encountered a different issue but with the same root
cause. The patch fixes it, so ACK.
"""
See the full
URL: https://github.com/freeipa/freeipa/pull/687
Author: stlaz
Title: #687: Add pki_pin only when needed
Action: opened
PR body:
"""
If both the pki-tomcat NSS database and its password.conf have been
created, don't try to override the password.conf file.
https://pagure.io/fre
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
stlaz commented:
"""
Done in https://github.com/freeipa/freeipa/pull/685
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/650#issuecomment-29113146
URL: https://github.com/freeipa/freeipa/pull/685
Author: stlaz
Title: #685: [4.5] Caless fix
Action: opened
PR body:
"""
Get correct CA cert nickname in CA-less
During CA-less installation, we initialize the HTTPD alias
database from a pkcs12 file. This mean
URL: https://github.com/freeipa/freeipa/pull/683
Title: #683: certdb: fix `AttributeError` in `verify_ca_cert_validity`
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/650/head:pr650
git checkout pr650
From
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
stlaz commented:
"""
Sorry, must have screwed up the rebase.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/650#issuecomment-291109172
--
Manage your subs
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/650/head:pr650
git checkout pr650
From
URL: https://github.com/freeipa/freeipa/pull/593
Title: #593: Add make devcheck for developers
stlaz commented:
"""
@MartinBasti #670 was ACKed already and the commit was originally a part of
this.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/593
Title: #593: Add make devcheck for developers
stlaz commented:
"""
Thanks, ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/593#issuecomment-290673932
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/593
Title: #593: Add make devcheck for developers
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/593
Title: #593: Add make devcheck for developers
stlaz commented:
"""
Whichever is ok with you, I don't mind if it's in the same PR if it is related
to the same ticket.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/593
Title: #593: Add make devcheck for developers
stlaz commented:
"""
The changes to Makefile and configure.ac are just fine. I understand that
changes in the `ipapython/session_storage.py` are done elsewhere so once that
is pus
URL: https://github.com/freeipa/freeipa/pull/678
Title: #678: ipa-ca-install man page: Add domain level 1 help
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/675
Title: #675: [WIP] Fix PKCS11 helper
stlaz commented:
"""
`cffi.api.CDefError: cannot parse "typedef CK_RV (*CK_C_GetSlotList) (CK_BBOOL
tokenPresent,`
-> you're using CK_BBOOL type before defining it.
""
URL: https://github.com/freeipa/freeipa/pull/675
Title: #675: [WIP] Fix PKCS11 helper
stlaz commented:
"""
`cffi.api.CDefError: cannot parse "typedef CK_RV (*CK_C_GetSlotList) (CK_BBOOL
tokenPresent,`
-> you're using CK_BBOOL type before defining it.
""
URL: https://github.com/freeipa/freeipa/pull/666
Title: #666: Fix anonymous principal handling in replica install
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/666
Title: #666: Fix anonymous principal handling in replica install
stlaz commented:
"""
I actually did the review of https://github.com/freeipa/freeipa/pull/631
alongside this.
I do not think the order of adding the anonymous princi
URL: https://github.com/freeipa/freeipa/pull/631
Title: #631: Upgrade: configure PKINIT after adding anonymous principal
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/640
Title: #640: Remove pkinit options from master/replica on DL0
stlaz commented:
"""
Pushed a cleaner version of the previous changes, thanks @HonzaCholasta for the
suggestion.
"""
See the full comment at
https://g
URL: https://github.com/freeipa/freeipa/pull/658
Title: #658: Hide PKI Client database password in log file
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/658
Title: #658: Hide PKI Client database password in log file
stlaz commented:
"""
Works well, thanks!
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/658#issuecomment-290014081
--
Manage you
URL: https://github.com/freeipa/freeipa/pull/640
Author: stlaz
Title: #640: Remove pkinit options from master/replica on DL0
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/640/head:pr640
git checkout
URL: https://github.com/freeipa/freeipa/pull/640
Title: #640: Remove pkinit options from master/replica on DL0
stlaz commented:
"""
@MartinBasti Even though this commit basically breaks the behavior, it's not in
its scope to fix it, it's somehow intended to bre
URL: https://github.com/freeipa/freeipa/pull/640
Title: #640: Remove pkinit options from master/replica on DL0
stlaz commented:
"""
@MartinBasti Even though this commit basically breaks the behavior, it's not in
its scope to fix it, it's somehow intended to bre
URL: https://github.com/freeipa/freeipa/pull/640
Author: stlaz
Title: #640: Remove pkinit options from master/replica on DL0
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/640/head:pr640
git checkout
URL: https://github.com/freeipa/freeipa/pull/490
Author: HonzaCholasta
Title: #490: certdb: use certutil and match_hostname for cert verification
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
URL: https://github.com/freeipa/freeipa/pull/490
Title: #490: certdb: use certutil and match_hostname for cert verification
stlaz commented:
"""
I tried to use the wonderful github tool to resolve conflicts to make this more
review-friendly but I guess it kind of missed the ma
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
This fixes the mentioned issue. I did not test whether the actual disable works
but I should hope so as I don't see how t
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/656
Title: #656: Backup CA cert from kerberos folder
stlaz commented:
"""
Works for me on DL0 as well, you might have had a broken installation.
"""
See the full comment at
https://github.com/freeipa/freeipa/p
URL: https://github.com/freeipa/freeipa/pull/656
Title: #656: Backup CA cert from kerberos folder
stlaz commented:
"""
This seems like a pkinit-related issue, since pkinit is not finished (although
released) and should be only avaialable on domain levels > 0, I don't think
t
URL: https://github.com/freeipa/freeipa/pull/661
Title: #661: git-commit-template: update ticket url to use pagure.io instead of
fe…
stlaz commented:
"""
ACK, stopping the tests as the change does not have anything to do with our
codebase.
"""
See the full
URL: https://github.com/freeipa/freeipa/pull/661
Title: #661: git-commit-template: update ticket url to use pagure.io instead of
fe…
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/640
Title: #640: Remove pkinit options from master/replica on DL0
stlaz commented:
"""
Ah, right, replica does not have `domain_level` option
"""
See the full comment at
https://github.com/freeipa/freeipa/p
URL: https://github.com/freeipa/freeipa/pull/656
Title: #656: Backup CA cert from kerberos folder
stlaz commented:
"""
Yes, it indeed works for me.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/656#issuecomment-289683317
--
Manage your subs
URL: https://github.com/freeipa/freeipa/pull/656
Title: #656: Backup CA cert from kerberos folder
stlaz commented:
"""
That's weird, I think it worked for me, I will check once more.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/656#issuecom
URL: https://github.com/freeipa/freeipa/pull/658
Title: #658: Hide PKI Client database password in log file
stlaz commented:
"""
You will need to do something similar in `ipaserver/install/krainstance.py` as
well.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/641
Title: #641: Set "KDC:Disable Last Success" by default
stlaz commented:
"""
This change of default behavior seems to have removed a lot of write-load from
DS so I believe we should go with it. However, add comme
URL: https://github.com/freeipa/freeipa/pull/641
Title: #641: Set "KDC:Disable Last Success" by default
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo and HBAC rules
stlaz commented:
"""
Changelogs were updated.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/617#issuecomment-289440947
--
Manage your subs
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
@HonzaCholasta You're right, I completely forgot about that one.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
@tiran I of course agree on narrowing the broad except down, my point is we
should rather remove the whole `-list` part and
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
@tiran I of course agree on narrowing the broad except down, my point is we
should rather remove the whole `-list` part and
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
For the record:
```bash
[slaznick@vm-066 ~]$ sudo modutil -dbdir nssdb/ -disable 'Root Certs' -force
ERROR: Module "R
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
For the record:
```bash
[slaznick@vm-066 ~]$ sudo modutil -dbdir nssdb/ -disable 'Root Certs' -force
ERROR: Module "R
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
Hm, I believe the `-list` operation was there just to check whether the module
is there. If `modutil` fails like
URL: https://github.com/freeipa/freeipa/pull/655
Title: #655: httpinstance.disable_system_trust: Don't fail if module 'Root
Certs' …
stlaz commented:
"""
Hm, I believe the `-list` operation was there just to check whether the module
is there. If `modutil` fails like
URL: https://github.com/freeipa/freeipa/pull/656
Author: stlaz
Title: #656: Backup CA cert from kerberos folder
Action: opened
PR body:
"""
I have no idea how I missed this file in previous backup fixing attempts.
https://pagure.io/freeipa/issue/6748
"""
To
URL: https://github.com/freeipa/freeipa/pull/490
Title: #490: certdb: use certutil and match_hostname for cert verification
stlaz commented:
"""
@tiran Could you please finish the review? I guess we can omit the change in
`.spec.in` for the review time being.
"&quo
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo and HBAC rules
stlaz commented:
"""
*sigh* there was a rogue space.
Split into three separate commits.
"""
See the full comment at
https://github.com/freeipa/freeipa/p
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo and HBAC rules
stlaz commented:
"""
*sigh* there was a rogue space.
Split into three separate commits.
"""
See the full comment at
https://github.com/freeipa/freeipa/p
URL: https://github.com/freeipa/freeipa/pull/617
Author: stlaz
Title: #617: Allow renaming of sudo and HBAC rules
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/617/head:pr617
git checkout pr617
From
URL: https://github.com/freeipa/freeipa/pull/653
Title: #653: Bump samba version for FIPS and priv. separation
stlaz commented:
"""
Unfortunately I can't do that.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/653#issuecomment-28903969
URL: https://github.com/freeipa/freeipa/pull/617
Author: stlaz
Title: #617: Allow renaming of sudo and HBAC rules
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/617/head:pr617
git checkout pr617
From
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo and HBAC rules
stlaz commented:
"""
Added the tests but did not test them so we may want to see what Travis has to
say about that.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/653
Author: stlaz
Title: #653: Bump samba version for FIPS and priv. separation
Action: opened
PR body:
"""
With the latest Samba, adding trusts to AD under FIPS should now work
as well as adding trusts as a whole after the privi
URL: https://github.com/freeipa/freeipa/pull/650
Title: #650: CA-less installation fix
stlaz commented:
"""
Fixed according to the comments, thanks.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/650#issuecomment-289014989
--
Manage you
URL: https://github.com/freeipa/freeipa/pull/640
Author: stlaz
Title: #640: Remove pkinit options from master/replica on DL0
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/640/head:pr640
git checkout
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/650/head:pr650
git checkout pr650
From
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/650/head:pr650
git checkout pr650
From
URL: https://github.com/freeipa/freeipa/pull/650
Author: stlaz
Title: #650: CA-less installation fix
Action: opened
PR body:
"""
These patches fix the CA-less installation by guessing the names for CA and
server-cert nicknames in /etc/httpd/alias. The fix is not very
URL: https://github.com/freeipa/freeipa/pull/634
Title: #634: cert: do not limit internal searches in cert-find
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/634
Title: #634: cert: do not limit internal searches in cert-find
stlaz commented:
"""
Works for me.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/634#issuecomment-288728368
--
Manage your subs
URL: https://github.com/freeipa/freeipa/pull/617
Author: stlaz
Title: #617: Allow renaming of sudo and HBAC rules
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/617/head:pr617
git checkout pr617
From
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo and HBAC rules
stlaz commented:
"""
For the record, and I might be wrong, I did a bit of researching, the
`rdn_is_primary_key` is actually misused in some cases, as RDN is the primary
key for
URL: https://github.com/freeipa/freeipa/pull/640
Author: stlaz
Title: #640: Master replica dl0
Action: opened
PR body:
"""
This patchset removes the ability of setting pkinit options on domain level 0
for server/replica installs. Also fixes a usability issue with `--no-pki
URL: https://github.com/freeipa/freeipa/pull/640
Author: stlaz
Title: #640: Remove pkinit options from master/replica on DL0
Action: edited
Changed field: title
Original value:
"""
Master replica dl0
"""
--
Manage your subscription for the Freeipa-devel mailin
URL: https://github.com/freeipa/freeipa/pull/617
Author: stlaz
Title: #617: Allow renaming of sudo and HBAC rules
Action: edited
Changed field: title
Original value:
"""
Allow renaming of sudo rules
"""
--
Manage your subscription for the Freeipa-devel mailin
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo rules
stlaz commented:
"""
Thank you Alexander for your insight. Since this was a hack, I did not want to
do it server-wise. I chose a different approach to the problem and reworked the
o
URL: https://github.com/freeipa/freeipa/pull/617
Author: stlaz
Title: #617: Allow renaming of sudo rules
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/617/head:pr617
git checkout pr617
From
URL: https://github.com/freeipa/freeipa/pull/634
Title: #634: cert: do not limit internal searches in cert-find
stlaz commented:
"""
The tests obviously fail as they expect the `cert-find` command to respect the
`sizelimit` option.
"""
See the full comment
101 - 200 of 664 matches
Mail list logo
