On 28.7.2011 20:31, Rob Crittenden wrote:
The IPA server cert profile was updated in 9.0.10 to allow the server
certs to act as clients. We need pki-ca 9.0.10 for this.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 29.07.2011 07:41, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On 29.07.2011 06:38, Alexander Bokovoy wrote:
Fixed that all and added unit test for non-existing rules.
Modified description to be more detailed and added real examples.
Scratch previous version, while nicely renaming unit
On Thu, 2011-07-28 at 18:53 -0400, Rob Crittenden wrote:
I created a validator for each of these three to disallow management.
This would be a major API change to remove them.
They are useful in the find command so I hedged my bet and didn't
mark
the docs as deprecated, just as for
On 28.7.2011 21:27, John Dennis wrote:
Clean up existing DN object usage:
DN's support iteration, no need for loop index.
get_cert_nickname() now returns a DN object instead of a dn string.
Use DN equality testing instead of string equality.
Replace use DN syntax strings with DN constructor
On Wed, 2011-07-27 at 10:16 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
When setting a host password once the host has already been enrolled
will result in an expired password (like most passwords we set). We can
just skip setting this at all on hosts.
Test using this method:
https://fedorahosted.org/freeipa/ticket/1368
also replaces a tab by spaces in one else statement (cosmetic).
--
/ Alexander Bokovoy
From bc02d3098671a2284b5764205b893facdeacf80e Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy aboko...@redhat.com
Date: Tue, 19 Jul 2011 15:33:53 +0300
Subject:
On Fri, 2011-07-29 at 11:42 +0300, Alexander Bokovoy wrote:
https://fedorahosted.org/freeipa/ticket/1368
also replaces a tab by spaces in one else statement (cosmetic).
This works fine. But I have few suggestion for improvement:
1) Shouldn't we also run `hostname NEW_HOSTNAME` so that the
On Fri, 2011-07-29 at 08:17 +0200, Jan Cholasta wrote:
On 28.7.2011 20:31, Rob Crittenden wrote:
The IPA server cert profile was updated in 9.0.10 to allow the server
certs to act as clients. We need pki-ca 9.0.10 for this.
rob
___
On 29.07.2011 12:01, Martin Kosek wrote:
On Fri, 2011-07-29 at 11:42 +0300, Alexander Bokovoy wrote:
https://fedorahosted.org/freeipa/ticket/1368
also replaces a tab by spaces in one else statement (cosmetic).
This works fine. But I have few suggestion for improvement:
1) Shouldn't we
Hi,
another attempt to refine error/configuration reporting when configuring
means to access LDAP on a client. Previous one tried to use rpm to find
out package name but this approach is avoiding package names. Instead,
it tries to tell configuration file.
Ticker
On Fri, 2011-07-29 at 12:46 +0300, Alexander Bokovoy wrote:
On 29.07.2011 12:21, Alexander Bokovoy wrote:
On 29.07.2011 12:01, Martin Kosek wrote:
On Fri, 2011-07-29 at 11:42 +0300, Alexander Bokovoy wrote:
https://fedorahosted.org/freeipa/ticket/1368
also replaces a tab by spaces in
On Fri, 2011-07-29 at 13:09 +0300, Alexander Bokovoy wrote:
Hi,
another attempt to refine error/configuration reporting when configuring
means to access LDAP on a client. Previous one tried to use rpm to find
out package name but this approach is avoiding package names. Instead,
it tries to
On Fri, 2011-07-29 at 09:59 +0200, Jan Cholasta wrote:
On 28.7.2011 21:27, John Dennis wrote:
Clean up existing DN object usage:
DN's support iteration, no need for loop index.
get_cert_nickname() now returns a DN object instead of a dn string.
Use DN equality testing instead of
On 29.07.2011 13:52, Martin Kosek wrote:
Oh, this is not informative at all. I'll get this updated.
Updated patch attached.
Ok, hostname is properly changed now. I still have some issues:
1) Updated --hostname help doc line in the source code is too long. This
should be split.
Now it uses
Martin Kosek wrote:
On Thu, 2011-07-28 at 18:53 -0400, Rob Crittenden wrote:
I created a validator for each of these three to disallow management.
This would be a major API change to remove them.
They are useful in the find command so I hedged my bet and didn't
mark
the docs as deprecated,
On 29.07.2011 14:13, Martin Kosek wrote:
On Fri, 2011-07-29 at 13:09 +0300, Alexander Bokovoy wrote:
Hi,
another attempt to refine error/configuration reporting when configuring
means to access LDAP on a client. Previous one tried to use rpm to find
out package name but this approach is
Alexander Bokovoy wrote:
On 29.07.2011 07:41, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On 29.07.2011 06:38, Alexander Bokovoy wrote:
Fixed that all and added unit test for non-existing rules.
Modified description to be more detailed and added real examples.
Scratch previous version,
On 29.07.2011 14:53, Alexander Bokovoy wrote:
On 29.07.2011 13:52, Martin Kosek wrote:
Oh, this is not informative at all. I'll get this updated.
Updated patch attached.
Ok, hostname is properly changed now. I still have some issues:
Updated again to use more reliable regexp for parsing.
On Fri, 2011-07-29 at 16:05 +0300, Alexander Bokovoy wrote:
On 29.07.2011 14:53, Alexander Bokovoy wrote:
On 29.07.2011 13:52, Martin Kosek wrote:
Oh, this is not informative at all. I'll get this updated.
Updated patch attached.
Ok, hostname is properly changed now. I still have some
On Fri, 2011-07-29 at 08:51 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Thu, 2011-07-28 at 18:53 -0400, Rob Crittenden wrote:
I created a validator for each of these three to disallow management.
This would be a major API change to remove them.
They are useful in the find
On 29.07.2011 16:25, Martin Kosek wrote:
On Fri, 2011-07-29 at 16:05 +0300, Alexander Bokovoy wrote:
On 29.07.2011 14:53, Alexander Bokovoy wrote:
On 29.07.2011 13:52, Martin Kosek wrote:
Oh, this is not informative at all. I'll get this updated.
Updated patch attached.
Ok, hostname is
On 29.07.2011 17:06, Alexander Bokovoy wrote:
There was wrong comparison (I wanted to check if option is not None and
then compare it to 'HOSTNAME' but brain short-circuited. My bad.
... and one more update, to get common style for comparisons.
--
/ Alexander Bokovoy
From
On Fri, 2011-07-29 at 17:06 +0300, Alexander Bokovoy wrote:
On 29.07.2011 16:25, Martin Kosek wrote:
On Fri, 2011-07-29 at 16:05 +0300, Alexander Bokovoy wrote:
On 29.07.2011 14:53, Alexander Bokovoy wrote:
On 29.07.2011 13:52, Martin Kosek wrote:
Oh, this is not informative at all. I'll
On 7/28/2011 9:30 PM, Adam Young wrote:
ACK and pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Due to my recent huge patch, version -1 patch will not apply. I had to
rebase by hand.
Please confirm that it still works as intended.
On 07/27/2011 09:01 AM, Petr Vobornik wrote:
On Tue, 2011-07-26 at 21:32 -0400, Adam Young wrote:
On 07/26/2011 07:09 PM, Endi Sukma Dewata wrote:
On
On 07/29/2011 10:58 AM, Adam Young wrote:
Due to my recent huge patch, version -1 patch will not apply. I had
to rebase by hand.
Please confirm that it still works as intended.
Missed a few files in my commit.
From aaf747c17669b7404a3869a5a1a99108dd08b257 Mon Sep 17 00:00:00 2001
From:
On 07/21/2011 02:53 PM, Martin Kosek wrote:
On Thu, 2011-07-21 at 14:40 +0200, Jan Cholasta wrote:
On 20.7.2011 17:10, Jakub Hrozek wrote:
I was playing with ipa_kpasswd (long story short - I needed it running
on a non-standard port) and I noticed there was a compilation warning -
rtag was
On Fri, 2011-07-29 at 15:59 +0300, Alexander Bokovoy wrote:
On 29.07.2011 14:13, Martin Kosek wrote:
On Fri, 2011-07-29 at 13:09 +0300, Alexander Bokovoy wrote:
Hi,
another attempt to refine error/configuration reporting when configuring
means to access LDAP on a client. Previous one
Martin Kosek wrote:
On Fri, 2011-07-29 at 15:59 +0300, Alexander Bokovoy wrote:
On 29.07.2011 14:13, Martin Kosek wrote:
On Fri, 2011-07-29 at 13:09 +0300, Alexander Bokovoy wrote:
Hi,
another attempt to refine error/configuration reporting when configuring
means to access LDAP on a client.
On 29.07.2011 18:09, Rob Crittenden wrote:
Backtrace on sssd-based install:
# ipa-client-install --server=panther.greyoak.com --domain=greyoak.com
--realm=GREYOAK.COM -p admin
DNS domain 'greyoak.com' is not configured for automatic KDC address
lookup.
KDC address will be set to fixed
On 07/29/2011 11:35 AM, Alexander Bokovoy wrote:
No recognized configuration, please check manually NSS setup
May be reword:
Unknown configuration, please check NSS setup manually
But some time ago, somewhere, some person from doc told me not to use please
On 29.07.2011 18:45, Dmitri Pal wrote:
On 07/29/2011 11:35 AM, Alexander Bokovoy wrote:
No recognized configuration, please check manually NSS setup
May be reword:
Unknown configuration, please check NSS setup manually
But some time ago, somewhere, some
There was a small error in add.js:162. Fixed!
On Fri, 2011-07-29 at 11:00 -0400, Adam Young wrote:
On 07/29/2011 10:58 AM, Adam Young wrote:
Due to my recent huge patch, version -1 patch will not apply. I
had to rebase by hand.
Please confirm that it still works as intended.
Alexander Bokovoy wrote:
On 29.07.2011 18:45, Dmitri Pal wrote:
On 07/29/2011 11:35 AM, Alexander Bokovoy wrote:
No recognized configuration, please check manually NSS setup
May be reword:
Unknown configuration, please check NSS setup manually
But some time
On 7/29/2011 11:12 AM, Petr Vobornik wrote:
There was a small error in add.js:162. Fixed!
Nice job on the dialog boxes.
There's a problem though, the Retry doesn't quite work. This is because
'this' object passed to IPA.error_dialog actually points to Ajax context
instead of the
35 matches
Mail list logo