On 02/26/2014 12:40 PM, Alexander Bokovoy wrote:
On Wed, 26 Feb 2014, Martin Kosek wrote:
On 02/25/2014 07:15 PM, Alexander Bokovoy wrote:
On Tue, 25 Feb 2014, Tomas Babej wrote:
Hi,
As a part of a better cleanup procedure in the integration tests,
make sure that winbindd is not running
Hello list,
Proposal for access control related to PC/SC smart cards follows.
I have no idea if it applies to PKCS#11 or not but I think somebody
knowledgeable in this area should look into it ...
I'm sorry Honza :-)
Petr^2 Spacek
Original Message
Subject: F21 System Wide
Hello,
Here is an additional part for the multivalued target filters: making
--memberof also multivalued.
http://www.freeipa.org/page/V3/Multivalued_target_filters_in_permissions
https://fedorahosted.org/freeipa/ticket/4074
--
Petr³
From c5b08c920df97c49dc0e44124f735c7655d6186a Mon Sep 17
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this long-running thread, I'll rename the
subpackage to freeipa-server-foreman-smartproxy to make it clearer what
it is/does. Right now it requires manual configuration so having the
package
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the recent discussion on importing tokens led me to write a script to
parse RFC 6030 xml files into IPA token data. This all works well. But
now I need to integrate it into the
Hi,
On 28.2.2014 10:11, Petr Spacek wrote:
Hello list,
Proposal for access control related to PC/SC smart cards follows.
I have no idea if it applies to PKCS#11 or not but I think somebody
knowledgeable in this area should look into it ...
I'm sorry Honza :-)
Don't be, this seems to be
HI Ludwig,
Thanks for catching that, I will update the doc.
When the legacy server receives an aci with that new syntax, it does not
recognize the new keywords (moddn, target_to, target_from) so the parser
fails and the aci is simply ignored.
In the implementation (__aclp__parse_ac) ,
On 28.2.2014 11:53, Sumit Bose wrote:
Hi,
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The reason was that starting named timed out because
generate-rndc-key.sh was basically blocking
On Fri, Feb 28, 2014 at 11:59:57AM +0100, Petr Spacek wrote:
On 28.2.2014 11:53, Sumit Bose wrote:
Hi,
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The reason was that starting
On Fri, 28 Feb 2014, Sumit Bose wrote:
Hi,
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The reason was that starting named timed out because
generate-rndc-key.sh was basically blocking
On 02/28/2014 10:47 AM, Petr Viktorin wrote:
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this long-running thread, I'll rename the
subpackage to freeipa-server-foreman-smartproxy to make it clearer what
it is/does. Right now it requires
On 02/28/2014 12:41 PM, Martin Kosek wrote:
On 02/28/2014 10:47 AM, Petr Viktorin wrote:
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this long-running thread, I'll rename the
subpackage to freeipa-server-foreman-smartproxy to make it
Hello,
This fixes https://fedorahosted.org/freeipa/ticket/4206
Apply on top of my patch 0479, to avoid a conflict in tests.
--
Petr³
From 286190d9374290acef301ca92279f3f729827cad Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Fri, 28 Feb 2014 12:23:17 +0100
Subject:
Fixing the subject
On 02/28/2014 01:11 PM, Petr Viktorin wrote:
Hello,
This fixes https://fedorahosted.org/freeipa/ticket/4206
Apply on top of my patch 0479, to avoid a conflict in tests.
--
Petr³
___
Freeipa-devel mailing list
On 28.2.2014 12:10, Sumit Bose wrote:
On Fri, Feb 28, 2014 at 11:59:57AM +0100, Petr Spacek wrote:
On 28.2.2014 11:53, Sumit Bose wrote:
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The
On Fri, Feb 28, 2014 at 01:14:58PM +0100, Petr Spacek wrote:
On 28.2.2014 12:10, Sumit Bose wrote:
On Fri, Feb 28, 2014 at 11:59:57AM +0100, Petr Spacek wrote:
On 28.2.2014 11:53, Sumit Bose wrote:
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed
On 02/28/2014 02:12 PM, Martin Kosek wrote:
On 02/26/2014 10:44 AM, Petr Viktorin wrote:
Hello,
Here are a few fixes/improvements, and the first part of a managed permission
updater.
The patches should go in this order but don't need to be ACKed/pushed all at
once.
Design:
Petr Viktorin wrote:
On 02/28/2014 12:41 PM, Martin Kosek wrote:
On 02/28/2014 10:47 AM, Petr Viktorin wrote:
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this long-running thread, I'll rename the
subpackage to
On 02/26/2014 04:01 PM, Gabe Alford wrote:
Hi all,
I added a tip in the deleting users section on restoring admin account.
Please review.
https://fedorahosted.org/freeipa/ticket/2746
Hello,
The new tip is added right under a Note about the same thing (or a very
similar thing, from the
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the recent discussion on importing tokens led me to write a script to
parse RFC 6030 xml files into IPA token data.
On Fri, 2014-02-28 at 11:53 +0100, Sumit Bose wrote:
Hi,
I just tried to install FreeIPA on a fresh F20 VM and
'ipa-server-install --setup-dns' failed to start FreeIPA finally after
everything was configured.
The reason was that starting named timed out because
generate-rndc-key.sh was
On Fri, 2014-02-28 at 09:03 -0500, Rob Crittenden wrote:
Petr Viktorin wrote:
On 02/28/2014 12:41 PM, Martin Kosek wrote:
On 02/28/2014 10:47 AM, Petr Viktorin wrote:
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this long-running
Simo Sorce wrote:
On Fri, 2014-02-28 at 09:03 -0500, Rob Crittenden wrote:
Petr Viktorin wrote:
On 02/28/2014 12:41 PM, Martin Kosek wrote:
On 02/28/2014 10:47 AM, Petr Viktorin wrote:
On 02/27/2014 10:18 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
[...]
Ok, so try to summarize this
On 28.2.2014 15:25, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the recent discussion on importing tokens led me to write a script to
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the recent discussion on importing tokens led me to write a script to
Hello,
This reduces LDAP searches in permission-find when there are legacy
permissions. The root entry (which contains all legacy permission ACIs)
is only looked up once.
--
Petr³
From 34528e3fce17db1e4c2a23f091dc9d7fcd93b97f Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Petr Spacek wrote:
On 28.2.2014 15:25, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the recent discussion on importing tokens led me to
On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum wrote:
So the
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27
On Fri, 28 Feb 2014, Petr Viktorin wrote:
On 02/28/2014 04:02 PM, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
[...]
Why then to do it as a IPA CLI command at all?
This is an administrative task which can be done with a separate
ipa-otp-import command,
On 02/28/2014 04:15 PM, Alexander Bokovoy wrote:
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
On Fri, 28 Feb 2014, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden
On 02/28/2014 04:02 PM, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
[...]
Why then to do it as a IPA CLI command at all?
This is an administrative task which can be done with a separate
ipa-otp-import command, designated to run on IPA masters.
On 02/04/2014 03:01 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/4138.
Honza
Thanks, ACK. Here are some tests for this, do they look good?
--
Petr³
From ca10b6af63727f0ca7a008dccc9edbe594ca5467 Mon Sep 17 00:00:00 2001
From: Petr Viktorin
On Fri, 2014-02-28 at 10:01 -0500, Rob Crittenden wrote:
Petr Spacek wrote:
On 28.2.2014 15:25, Nathaniel McCallum wrote:
On Fri, 2014-02-28 at 10:47 +0100, Petr Vobornik wrote:
On 28.2.2014 04:02, Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Thu, 27 Feb 2014, Nathaniel McCallum
I'm seeing what looks like https://fedorahosted.org/freeipa/ticket/4084
in new F-20 install I stood up. I finally threw my hands up and
configured system to use an environment file to work around it.
Not sure if anyone else is seeing this.
rob
___
On Fri, 28 Feb 2014, Rob Crittenden wrote:
I'm seeing what looks like
https://fedorahosted.org/freeipa/ticket/4084 in new F-20 install I
stood up. I finally threw my hands up and configured system to use an
environment file to work around it.
Not sure if anyone else is seeing this.
One
36 matches
Mail list logo