Re: [Freeipa-devel] [PATCH] Patch to allow IPA to work with dogtag 10 on f18

2012-08-16 Thread Martin Kosek
On 08/16/2012 05:41 AM, Ade Lee wrote: On Wed, 2012-08-15 at 16:34 +0200, Martin Kosek wrote: .. 3) I had installed IPA with dogtag10 on master. Replica had dogtag10 as well and I got the following error: # ipa-ca-install /home/mkosek/replica-info-vm-114.idm.lab.bos.redhat.com.gpg ...

Re: [Freeipa-devel] [PATCH] Patch to allow IPA to work with dogtag 10 on f18

2012-08-16 Thread Martin Kosek
On 08/16/2012 07:53 AM, Ade Lee wrote: On Wed, 2012-08-15 at 23:41 -0400, Ade Lee wrote: On Wed, 2012-08-15 at 16:34 +0200, Martin Kosek wrote: On 08/15/2012 03:54 PM, Ade Lee wrote: On Wed, 2012-08-15 at 13:24 +0200, Martin Kosek wrote: On 08/08/2012 10:05 PM, Ade Lee wrote: Hi, Dogtag

Re: [Freeipa-devel] [PATCH 0046] Separate RR data parsing from LDAP connections

2012-08-16 Thread Adam Tkac
On Wed, Aug 15, 2012 at 04:04:26PM +0200, Petr Spacek wrote: On 08/15/2012 03:31 PM, Adam Tkac wrote: On Wed, Aug 01, 2012 at 04:19:11PM +0200, Petr Spacek wrote: Hello, this patch finishes LDAP connection vs. LDAP result separation. It is first step necessary for:

Re: [Freeipa-devel] [PATCH 0046] Separate RR data parsing from LDAP connections

2012-08-16 Thread Petr Spacek
On 08/16/2012 11:01 AM, Adam Tkac wrote: On Wed, Aug 15, 2012 at 04:04:26PM +0200, Petr Spacek wrote: On 08/15/2012 03:31 PM, Adam Tkac wrote: On Wed, Aug 01, 2012 at 04:19:11PM +0200, Petr Spacek wrote: Hello, this patch finishes LDAP connection vs. LDAP result separation. It is first step

Re: [Freeipa-devel] [PATCH] 1044 DN ldap syntax exception

2012-08-16 Thread Martin Kosek
On 08/15/2012 10:31 PM, Rob Crittenden wrote: Raise the proper IPA exception when a value isn't a valid DN. rob Works fine. ACK. Pushed to master. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 1043 fix ipa-replica-manage connect

2012-08-16 Thread Martin Kosek
On 08/15/2012 07:59 PM, Rob Crittenden wrote: A dn needed to be converted to a DN object. rob Good catch, I re-tested all ipa-replica-manage actions and they worked fine. ACK. Pushed to master. Martin ___ Freeipa-devel mailing list

Re: [Freeipa-devel] [PATCH] 1045 selinuxusermap fixes

2012-08-16 Thread Martin Kosek
On 08/15/2012 11:23 PM, Rob Crittenden wrote: Fix setting the user in a rule using setattr. We weren't verifying that it was in the ordered list. I also noticed that no mls was allowed when it shouldn't be. Made that required. rob ACK. Pushed to master. Martin

Re: [Freeipa-devel] [PATCH 77] Ticket #2584 - Installation fails when CN is set in, certificate subject base

2012-08-16 Thread Martin Kosek
On 08/16/2012 03:53 AM, John Dennis wrote: From 32cf59ac8963982d2de59562f3f1570e67e92a3e Mon Sep 17 00:00:00 2001 From: John Dennis jden...@redhat.com Date: Wed, 15 Aug 2012 21:33:15 -0400 Subject: [PATCH 77] Ticket #2584 - Installation fails when CN is set in certificate subject base ACK.

Re: [Freeipa-devel] [PATCH] Patch to allow IPA to work with dogtag 10 on f18

2012-08-16 Thread Ade Lee
Patch attached this time. I should know better than to do this in the middle of the night .. On Thu, 2012-08-16 at 09:12 +0200, Martin Kosek wrote: On 08/16/2012 07:53 AM, Ade Lee wrote: On Wed, 2012-08-15 at 23:41 -0400, Ade Lee wrote: On Wed, 2012-08-15 at 16:34 +0200, Martin Kosek wrote:

Re: [Freeipa-devel] [PATCH 0042] Flush zones and RRs cache when handling persistent search reconnection

2012-08-16 Thread Adam Tkac
On Wed, Aug 15, 2012 at 03:55:01PM +0200, Petr Spacek wrote: On 08/15/2012 03:11 PM, Adam Tkac wrote: On Fri, Jul 27, 2012 at 12:16:07PM +0200, Petr Spacek wrote: Hello, this patch implements Flush zones and RRs cache when handling persistent search reconnection behaviour as requested in

Re: [Freeipa-devel] [PATCH] Patch to allow IPA to work with dogtag 10 on f18

2012-08-16 Thread Ade Lee
On Thu, 2012-08-16 at 18:45 +0200, Martin Kosek wrote: On 08/16/2012 01:28 PM, Ade Lee wrote: Patch attached this time. I should know better than to do this in the middle of the night .. On Thu, 2012-08-16 at 09:12 +0200, Martin Kosek wrote: On 08/16/2012 07:53 AM, Ade Lee wrote: On

Re: [Freeipa-devel] [PATCH] trust CLI: add ID range for new trusted domain

2012-08-16 Thread Alexander Bokovoy
On Tue, 14 Aug 2012, Sumit Bose wrote: Hi, currently only a default ID range was used for users from trusted domains. With these two patches an individual range is created during ipa trust-add and it will be used by the extdom plugin to calculate the Poisx UID for the users from the trusted

Re: [Freeipa-devel] [PATCH] trust CLI: add ID range for new trusted domain

2012-08-16 Thread Rob Crittenden
Alexander Bokovoy wrote: On Tue, 14 Aug 2012, Sumit Bose wrote: Hi, currently only a default ID range was used for users from trusted domains. With these two patches an individual range is created during ipa trust-add and it will be used by the extdom plugin to calculate the Poisx UID for the

[Freeipa-devel] [PATCH 78] Ticket #2979 - prevent last admin from being disabled

2012-08-16 Thread John Dennis
-- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ From c47109c63530e188db76986fdda48c76bf681d10 Mon Sep 17 00:00:00 2001 From: John Dennis jden...@redhat.com Date: Thu, 16 Aug 2012 20:28:44 -0400 Subject: [PATCH 78] Ticket #2979 - prevent last admin

[Freeipa-devel] [PATCH] 293 Bump bind-dyndb-ldap version in spec file

2012-08-16 Thread Martin Kosek
The updated version of the BIND LDAP plugin includes completed support of DNS zone transfers. With the new version, users will be able to configure slave DNS servers for IPA master DNS server. From 138a488e79f74c32aeff7ccc40989c7af62d00ca Mon Sep 17 00:00:00 2001 From: Martin Kosek