Previously the user's city parameter is defined to use the 'locality'
attribute. This was a problem because the attribute would be returned
as 'l' by the directory server causing a mismatch. Now the parameter
has been changed to use the 'l' attribute.
https://fedorahosted.org/freeipa/ticket/985
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 05:19 AM, Rob Crittenden wrote:
Right before rc1 I discovered a problem in ipa-replica-prepare. It was
crashign when trying to generate the SSL certificates. The first time it
failed on nss_shutdown() claiming that NSS wasn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not sure about checking the flags - this might be a little too much
validation.
https://fedorahosted.org/freeipa/ticket/840
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is a minor optimization that didn't occur to me yesterday when I
was reviewing Rob's patch - sorry.
The patch only adds _srv_ as the first entry if service discovery
succeeded during ipa-client-install. This gets rid of the DNS timeout
for cases
On Fri, 18 Feb 2011 05:06:34 +
JR Aquino jr.aqu...@citrix.com wrote:
On Feb 17, 2011, at 8:38 PM, Adam Young ayo...@redhat.com wrote:
I tried to follow the steps to setup Sudo on a client here:
https://fedoraproject.org/wiki/QA:Testcase_freeipav2_sudo
Of course, since my serve
On Feb 18, 2011, at 5:01 AM, Simo Sorce sso...@redhat.com wrote:
On Fri, 18 Feb 2011 05:06:34 +
JR Aquino jr.aqu...@citrix.com wrote:
On Feb 17, 2011, at 8:38 PM, Adam Young ayo...@redhat.com wrote:
I tried to follow the steps to setup Sudo on a client here:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The doc= value was misleading. The minimum value in SOA record defines
how long should NXDOMAIN responses be cached. As per RFC 2308, the
maximum allowed value should be 3 hours.
Also, many parameters allowed negative values which really don't make
On Fri, 18 Feb 2011 13:18:36 +
JR Aquino jr.aqu...@citrix.com wrote:
I'm afraid not Simo.
As you recall. Both /etc/sudoers and the 2 Sudo containers in FreeIPA
are protected. There is a deliberate default aci which prevents
anonymous users from enumerating everyones Sudo information.
On 2/18/11 5:49 AM, Simo Sorce sso...@redhat.com wrote:
On Fri, 18 Feb 2011 13:18:36 +
JR Aquino jr.aqu...@citrix.com wrote:
I'm afraid not Simo.
As you recall. Both /etc/sudoers and the 2 Sudo containers in FreeIPA
are protected. There is a deliberate default aci which prevents
On 02/18/2011 04:10 AM, Martin Kosek wrote:
On Thu, 2011-02-17 at 12:29 -0500, Adam Young wrote:
Looks good. Only problem is on braces. we have a code standard that
is like this
IPA.something = function () {
not
IPA.something = function ()
{
This is due to Javascript being ambiguous
On 02/11/2011 03:32 PM, Adam Young wrote:
On 02/10/2011 10:57 PM, Endi Sukma Dewata wrote:
Hi Kyle,
I added the expand/collapse all link into the details page.
See the following demo:
David O'Brien wrote:
Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/831
Jan
I think I'd like David's take on this, but my initial reaction is I'd
prefer the word maximum to maximal.
rob
The second patch is in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/17/2011 04:35 AM, Rob Crittenden wrote:
Add default roles and permissions for HBAC, SUDO and pw policy
Created some default roles as examples. In doing so I realized that we
were completely missing default rules for HBAC, SUDO and password
On 02/18/2011 03:13 AM, Endi Sukma Dewata wrote:
The json_metadata() has been updated to return ipa.Objects and
ipa.Methods. The i18n_messages() has been updated to include other
messages that are not available from the metadata.
https://fedorahosted.org/freeipa/ticket/899
On 02/18/2011 03:11 AM, Endi Sukma Dewata wrote:
Previously the user's city parameter is defined to use the 'locality'
attribute. This was a problem because the attribute would be returned
as 'l' by the directory server causing a mismatch. Now the parameter
has been changed to use the 'l'
On 02/18/2011 03:14 AM, Endi Sukma Dewata wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
___
Freeipa-devel mailing list
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 05:19 AM, Rob Crittenden wrote:
Right before rc1 I discovered a problem in ipa-replica-prepare. It was
crashign when trying to generate the SSL certificates. The first time it
failed on nss_shutdown() claiming that
Nathan Kinder wrote:
Works for me, I thought I acked this last night. I guess not so ACK.
pushed to master.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 02/18/2011 03:15 AM, Endi Sukma Dewata wrote:
https://fedorahosted.org/freeipa/ticket/899
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
If applied without 106 it breaks the unit
John Dennis wrote:
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Jakub Hrozek wrote:
On Thu, Feb 17, 2011 at 11:30:03AM +0100, Jan Zelený wrote:
Better, thanks. I'd also like to change the code which is using this function,
so the conversion doesn't take place twice.
I think it's safe. The documentation on unicode() says:
---
More precisely, if object is
Jan Zeleny wrote:
JR Aquinojr.aqu...@citrix.com wrote:
On 2/17/11 3:23 AM, Jan Zelenýjzel...@redhat.com wrote:
JR Aquinojr.aqu...@citrix.com wrote:
This patch fixes the netgroup plugin's behavior of adding duplicate
entries
when the managed entry plugin creates a netgroup with a
On Fri, Feb 18, 2011 at 11:11:25AM -0500, Rob Crittenden wrote:
Add exit code info to the ipa command man page.
The tool I use, manedit, also escaped all dashes. Seems benign so I left it.
Yep, renders OK.
ticket 803
rob
Ack
___
On 2/17/11 2:20 PM, Rob Crittenden rcrit...@redhat.com wrote:
JR Aquino wrote:
On 2/17/11 11:02 AM, Rob Crittendenrcrit...@redhat.com wrote:
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a managed
netgroup.
Jakub Hrozek wrote:
On Fri, Feb 18, 2011 at 11:11:25AM -0500, Rob Crittenden wrote:
Add exit code info to the ipa command man page.
The tool I use, manedit, also escaped all dashes. Seems benign so I left it.
Yep, renders OK.
ticket 803
rob
Ack
pushed to master
JR Aquino wrote:
On 2/17/11 2:20 PM, Rob Crittendenrcrit...@redhat.com wrote:
JR Aquino wrote:
On 2/17/11 11:02 AM, Rob Crittendenrcrit...@redhat.com wrote:
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The doc= value was misleading. The minimum value in SOA record defines
how long should NXDOMAIN responses be cached. As per RFC 2308, the
maximum allowed value should be 3 hours.
Also, many parameters allowed negative values
Fixes #266
I haven't been able to test this as the Windows machine we have
available decided to not behave today.
I may try again next week assuming I have time.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From c8044a8ba346c0b0e5858e327a8b6e949bea6dd1 Mon Sep 17 00:00:00 2001
From: Simo
On 02/18/2011 03:10 PM, Simo Sorce wrote:
Fixes #266
I haven't been able to test this as the Windows machine we have
available decided to not behave today.
I may try again next week assuming I have time.
ack
Simo.
___
Freeipa-devel mailing list
This patch demonstrates how to use the plugin framework with the
existing entities. The plugin framework provides a name space for the
classes, functions and variables specific for the plugin. Any code
executed inside the init() method will be 'safe' because at that point
the metadata and i18n
--
Endi S. Dewata
From 945f937059587c2fe00a4874e6752baa3412c9f4 Mon Sep 17 00:00:00 2001
From: Endi S. Dewata edew...@redhat.com
Date: Fri, 18 Feb 2011 18:15:21 -0600
Subject: [PATCH] Applied plugin framework on aci.
---
install/ui/aci.js| 87
On 02/18/2011 06:48 PM, Endi Sukma Dewata wrote:
This patch demonstrates how to use the plugin framework with the
existing entities. The plugin framework provides a name space for the
classes, functions and variables specific for the plugin. Any code
executed inside the init() method will be
Here's a rough hack. It follows the steps in the test script. I tested
it out and it works.
BASEDN=`awk '/basedn/ {print $3}' /etc/ipa/default.conf`
IPASERVER=`awk '/server/ {print $3}' /etc/ipa/default.conf`
DOMAIN=`awk '/domain/ {print $3}' /etc/ipa/default.conf`
CONFDIR=`mktemp -d`
On 02/18/2011 05:12 PM, Endi Sukma Dewata wrote:
On 2/18/2011 1:08 PM, Endi Sukma Dewata wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
Needs rebase, due to
On 2/18/2011 10:35 PM, Adam Young wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
Needs rebase, due to mkosek's big patch.
Attached is an updated version. I had to
35 matches
Mail list logo
