On Thu, 2011-01-27 at 15:41 +0100, Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
On Thu, 2011-01-27 at 11:15 +0100, Jan Zelený wrote:
Lookup based on --filter wasn't implemented at all. It did't show until
now,
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Jan Zelenyjzel...@redhat.com wrote:
This patch adds command ipa user-unlock and some LDAP modifications
which are required by Kerberos for unlocking to work.
Ticket:
https://fedorahosted.org/freeipa/ticket/344
Jan
On Fri, 2011-01-28 at 09:21 +0100, Martin Kosek wrote:
On Thu, 2011-01-27 at 15:41 +0100, Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
On Thu, 2011-01-27 at 11:15 +0100, Jan Zelený wrote:
Lookup based on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/28/2011 05:09 AM, Simo Sorce wrote:
On Thu, 27 Jan 2011 19:03:40 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
One of the recent API patches didn't update API.txt
Which patch ?
I build
modifyprivilegemembership permission object class in LDAP should be
groupofnames, not nestedgroup.
https://fedorahosted.org/freeipa/ticket/858
From 3d488962ea23d60cfdbf60b4f520d85575d3cdd2 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Fri, 28 Jan 2011 11:14:24 +0100
Martin Kosek mko...@redhat.com wrote:
On Fri, 2011-01-28 at 09:21 +0100, Martin Kosek wrote:
On Thu, 2011-01-27 at 15:41 +0100, Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
On Thu, 2011-01-27 at 11:15 +0100,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/freeipa/ticket/723
Here's how I tested:
1) Add a host to IPA
2) ipa-getkeytab -s ipaserver -p host/ipahost -k /tmp/testkeytab -e
des-cbc-crc (or any other enctype)
3) klist -k -t -e /tmp/testkeytab must list only that keytab
On Fri, 2011-01-28 at 13:01 +0100, Jan Zelený wrote:
Martin Kosek mko...@redhat.com wrote:
On Fri, 2011-01-28 at 09:21 +0100, Martin Kosek wrote:
On Thu, 2011-01-27 at 15:41 +0100, Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Martin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Trivial patch - I noticed that delegation help mentioned self-service.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/27/2011 07:22 AM, Jakub Hrozek wrote:
On Wed, Jan 26, 2011 at 11:25:03AM -0500, Rob Crittenden wrote:
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/26/2011 03:38 PM, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/freeipa/ticket/866
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk1CxJsACgkQHsardTLnvCUrlQCdFbo1PvZZZUx5IcKuTH9RFc+z
Fix the is the server configured detection code to allow an external
CA installation to proceed.
We cache the install values between the first and second stage of a CA
installation. The install would fail in stage two if for some reason
this cache file didn't exist, this should also be fixed.
From 8d95199288d282b9b32878f8dd48ca9115cd3ffb Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Fri, 28 Jan 2011 10:21:30 -0500
Subject: [PATCH] jsl warnings
---
install/ui/details.js |2 +-
install/ui/entity.js |2 +-
install/ui/ipa.js |1 +
Simo Sorce wrote:
On Fri, 28 Jan 2011 14:28:59 +0100
Jakub Hrozekjhro...@redhat.com wrote:
https://fedorahosted.org/freeipa/ticket/866
ACK.
Simo.
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On Fri, 28 Jan 2011 11:17:55 +0100
Martin Kosek mko...@redhat.com wrote:
modifyprivilegemembership permission object class in LDAP should be
groupofnames, not nestedgroup.
https://fedorahosted.org/freeipa/ticket/858
Ack, and pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Jan Zelený wrote:
Jan Zelenyjzel...@redhat.com wrote:
This patch adds command ipa user-unlock and some LDAP modifications
which are required by Kerberos for unlocking to work.
Ticket:
https://fedorahosted.org/freeipa/ticket/344
On 01/28/2011 10:22 AM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACKed in IRC buy edewata and pushed to master
___
On 01/27/2011 08:39 PM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACKed in IRC buy edewata and pushed to master
___
On 01/27/2011 04:41 PM, Adam Young wrote:
For ticket https://fedorahosted.org/freeipa/ticket/668
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACKed in IRC buy edewata and pushed to
On 01/27/2011 04:40 PM, Adam Young wrote:
Trivial patch, but want it to be reviewed. Just changes the text on
the entity filter for select boxes
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/27/2011 01:31 PM, Jakub Hrozek wrote:
On 01/26/2011 09:50 PM, Simo Sorce wrote:
On Mon, 2011-01-24 at 15:51 +0100, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/21/2011 05:54 PM, Rob Crittenden wrote:
Jakub
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/27/2011 07:02 PM, Jakub Hrozek wrote:
Bind cannot load a zone if any of its name server records is not
resolvable.
https://fedorahosted.org/freeipa/ticket/838
Rebased on top of new version of my patch 039
-BEGIN PGP SIGNATURE-
On Fri, 28 Jan 2011 17:11:56 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/27/2011 07:02 PM, Jakub Hrozek wrote:
Bind cannot load a zone if any of its name server records is not
resolvable.
On Fri, 28 Jan 2011 11:15:05 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/28/2011 05:09 AM, Simo Sorce wrote:
On Thu, 27 Jan 2011 19:03:40 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 27 Jan 2011 07:22:27 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On Wed, Jan 26, 2011 at 11:25:03AM -0500, Rob Crittenden wrote:
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/26/2011 03:38 PM, Jakub Hrozek wrote:
On Fri, 28 Jan 2011 13:17:20 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/freeipa/ticket/723
Here's how I tested:
1) Add a host to IPA
2) ipa-getkeytab -s ipaserver -p host/ipahost -k /tmp/testkeytab -e
des-cbc-crc
On Fri, 28 Jan 2011 17:10:53 +0100
Jakub Hrozek jhro...@redhat.com wrote:
Apparently the fix was not enough, I got fooled by one callback in the
framework and it worked only by accident. Thanks for testing, Simo.
New patch attached.
Ack pushed to master,
Simo.
--
Simo Sorce * Red Hat,
On Thu, 06 Jan 2011 00:27:28 +0700
Endi Sukma Dewata edew...@redhat.com wrote:
On 1/5/2011 5:09 PM, Endi Sukma Dewata wrote:
This patch partially fix this bug:
https://fedorahosted.org/freeipa/ticket/534
The SUDO details page has been modified to support external users
and hosts. In
On Fri, 28 Jan 2011 13:35:49 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Trivial patch - I noticed that delegation help mentioned self-service.
ack,
pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
Simo Sorce wrote:
See ticket #862
Simo.
ack
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Jan Zelený wrote:
Since some LDAP attributes have their cli_name value defined,
so they can be more user friendly, it can be difficult for user to find
out which attributes do the parameteres given to CLI really represent.
This patch provides new command, which will take another IPA command as
JR,
Thank you for bringing it up.
I think it would be beneficial to have something for logging. I am not
sure that this is exactly it.
I suggest you log a ticket and we put it into 2.1 bucket so when we are
done with 2.0 we will triage and think about it.
Right now is not the best time to start
This patch fixes several issues in delegation UI:
When adding a new delegation, only the first attribute selected
was saved. Now all attributes will be saved properly.
When loading the details page, the custom widgets did not store
the original values properly so is_dirty() did not work
On Fri, 28 Jan 2011 13:10:46 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Simo Sorce wrote:
See ticket #862
Simo.
ack
pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Simo Sorce wrote:
When re-initializing a replica it is better (for clients sake) to always
increment entryusn values, so that no change will be missed aby a client
querying the server.
This patch configures the entryusn plugin to do the right thing.
Requires ds 1.2.8 for testing (tested with
On Fri, 28 Jan 2011 13:58:10 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Simo Sorce wrote:
When re-initializing a replica it is better (for clients sake) to
always increment entryusn values, so that no change will be missed
aby a client querying the server.
This patch configures
From 1d4ba6f92a24cfc9de07f6fad428f9ce1eb22084 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Fri, 28 Jan 2011 13:06:34 -0500
Subject: [PATCH] services list
Declaritive Service definition
https://fedorahosted.org/freeipa/ticket/442
---
install/ui/entity.js |4 +
On 01/28/2011 01:46 PM, Endi Sukma Dewata wrote:
This patch fixes several issues in delegation UI:
When adding a new delegation, only the first attribute selected
was saved. Now all attributes will be saved properly.
When loading the details page, the custom widgets did not store
the original
On 01/28/2011 02:04 PM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
From 70cb968ffd8cda67e7be1cf5422e6ec906ad619a Mon Sep 17 00:00:00 2001
From: Adam Young
On 01/28/2011 02:32 PM, Adam Young wrote:
On 01/28/2011 02:04 PM, Adam Young wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
___
On 1/28/2011 1:52 PM, Adam Young wrote:
ACK and pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 1/28/11 10:43 AM, Dmitri Pal d...@redhat.com wrote
JR,
Thank you for bringing it up.
I think it would be beneficial to have something for logging.
I agree as it is a PCI Requirement.
I am not
sure that this is exactly it.
You are correct. More discussion is necessary to capture the minimum
Simo Sorce wrote:
On Fri, 28 Jan 2011 10:09:18 -0500
Rob Crittendenrcrit...@redhat.com wrote:
Fix the is the server configured detection code to allow an
external CA installation to proceed.
We cache the install values between the first and second stage of a
CA installation. The install
From 243e340013f6b7cf200a77eb88ce9d84d2e9d334 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Fri, 28 Jan 2011 16:46:19 -0500
Subject: [PATCH] attribute table save
corrected param and the format of the attrs sent for attribute changes in permissions
---
install/ui/aci.js |
On 1/28/2011 4:03 PM, Adam Young wrote:
The widget.save() should return an array, so I'm reverting
the change and use join() to create the list. If this is ok,
feel free to merge it into your patch.
--
Endi S. Dewata
From 094c5fd369cd647a5c05769740d7b3adbdc34888 Mon Sep 17 00:00:00 2001
On 01/28/2011 05:25 PM, Endi Sukma Dewata wrote:
On 1/28/2011 4:03 PM, Adam Young wrote:
The widget.save() should return an array, so I'm reverting
the change and use join() to create the list. If this is ok,
feel free to merge it into your patch.
Go ahead and incorporate into your
On Wed, 19 Jan 2011 11:47:11 -0500
Rob Crittenden rcrit...@redhat.com wrote:
This patch skips some self-testing and locking done by the framework
when in production mode. The assumption is that all development is
done in mode != production so no inconsistencies can sneak in.
While this
Use a common group named 'dirsrv' for all DS instances, as requested in
ticket #851
While there also remove the -u option, it is silly to allow to change
one in three (the other are group name and pki ds instance user)
accounts only. Plus it is apparently confusing to admins.
Simo.
--
Simo
Simo Sorce wrote:
Use a common group named 'dirsrv' for all DS instances, as requested in
ticket #851
While there also remove the -u option, it is silly to allow to change
one in three (the other are group name and pki ds instance user)
accounts only. Plus it is apparently confusing to admins.
49 matches
Mail list logo
