-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/2014 08:29 PM, Petr Spacek wrote:
Hello,
Fix record parsing to prevent child zone corruption.
Child zone hosted on the same server as parent zone was
corrupted by bug in update_record().
Child zone's apex was modified by
On Tue, 2014-04-08 at 11:01 +0200, Petr Spacek wrote:
On 8.4.2014 10:49, Jan Cholasta wrote:
On 8.4.2014 10:31, Petr Spacek wrote:
On 8.4.2014 10:29, Jan Cholasta wrote:
On 8.4.2014 10:19, Petr Spacek wrote:
On 8.4.2014 10:14, Jan Cholasta wrote:
On 8.4.2014 10:09, Alexander Bokovoy
On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote:
Hello,
Not sure how relevant this patch is to the current documentation
considering (I believe) that wildcards are supported in versions 3.3
and up. Patch for https://fedorahosted.org/freeipa/ticket/3616
Thanks,
Gabe
On 04/08/2014 05:17 PM, Petr Viktorin wrote:
On 04/08/2014 04:39 PM, Martin Kosek wrote:
On 04/08/2014 01:14 PM, Petr Viktorin wrote:
On 04/08/2014 12:53 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
...
The patch is functional, but I am not really a big fan of placing
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read permissions to read Sudo commands, command
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and hostgroups.
For most attributes, anonymous read access is given.
For member, memberOf, memberUID, read access is given only to authenticated
users.
Didn't we agree that we want to make
On 04/07/2014 01:34 PM, Petr Viktorin wrote:
On 04/07/2014 01:28 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read permissions to read HBAC rules, services, and service groups.
Read access is given to all authenticated users.
So far looked OK in my
Hi,
the following batch deals with the following:
* cleans up apache's semaphores prior to installing IPA (CA install can
get stuck when IPA is reinstalled many times)
* allows to pass extra arguments to install_client task
* uses trailing dot in the hostname as fqdn which should not be
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read permissions to read hosts.
Read access is given to all authenticated users.
For reading host membership info, there is a separate permission that also
defaults to all authenticated users.
The userPassword attribute is not
On 9.4.2014 10:03, Tomas Hozza wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/2014 08:29 PM, Petr Spacek wrote:
Hello,
Fix record parsing to prevent child zone corruption.
Child zone hosted on the same server as parent zone was
corrupted by bug in update_record().
Child zone's
Hello,
Add bind-lite-devel to BuildRequires.
Pushed to master: 0a3160bd3a4195429d082d7d48ffa596212c4b82
Bump NVR to 4.2.
Pushed to master: 2568801743900684e00cc466deef1c5919d3480f
--
Petr^2 Spacek
From 0a3160bd3a4195429d082d7d48ffa596212c4b82 Mon Sep 17 00:00:00 2001
From: Petr Spacek
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
--
Massimiliano Perrone
Tel +39 393 9121310
Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 085973
http://www.tirasa.net
Apache Syncope PMC Member
On 04/09/2014 12:07 PM, Tomas Babej wrote:
Hi,
the following batch deals with the following:
* cleans up apache's semaphores prior to installing IPA (CA install can
get stuck when IPA is reinstalled many times)
What happens if Apache is running for some reason? Should we also stop
it before
On 04/09/2014 10:59 AM, Martin Kosek wrote:
On 04/07/2014 01:34 PM, Petr Viktorin wrote:
On 04/07/2014 01:28 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read permissions to read HBAC rules, services, and service groups.
Read access is given to all
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:17 PM, Petr Viktorin wrote:
On 04/08/2014 04:39 PM, Martin Kosek wrote:
On 04/08/2014 01:14 PM, Petr Viktorin wrote:
On 04/08/2014 12:53 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
...
The patch is
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
On Mon, 07 Apr 2014 09:43:10 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 03/27/2014 03:37 PM, Misnyovszki Adam wrote:
On Wed, 26 Mar 2014 13:15:55 +0100
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
On Mon, 07 Apr 2014 09:43:10 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 03/27/2014 03:37 PM, Misnyovszki Adam
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
Hello,
It depends what you mean by status. We have a command to get a lock/auth status
of a user with user-status command:
#
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This typically happens when BIND
is processing LDAP updates during shutdown.
I noticed this crash during sanity testing 4.2
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
Hello,
It depends what you mean by status. We have a command to get a lock/auth status
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
Hello,
It depends
On 04/09/2014 01:45 PM, Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
On Mon, 07 Apr 2014 09:43:10 +0200
Petr Viktorin pvikt...@redhat.com wrote:
I am good with it.
Gabe
On Wed, Apr 9, 2014 at 4:20 AM, Petr Spacek pspa...@redhat.com wrote:
On 9.4.2014 10:29, Martin Basti wrote:
On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote:
Hello,
Not sure how relevant this patch is to the current documentation
considering (I believe)
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and hostgroups.
For most attributes, anonymous read access is given.
For member, memberOf, memberUID, read access is given only to
On 04/09/2014 02:40 PM, Martin Kosek wrote:
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks
On 04/09/2014 03:15 PM, Massimiliano Perrone (tirasa.net) wrote:
On 04/09/2014 02:40 PM, Martin Kosek wrote:
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This typically happens when BIND
On Wed, 09 Apr 2014 14:53:34 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/09/2014 01:45 PM, Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam
On 04/09/2014 03:21 PM, Misnyovszki Adam wrote:
On Wed, 09 Apr 2014 14:53:34 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/09/2014 01:45 PM, Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin pvikt...@redhat.com wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and hostgroups.
For most attributes, anonymous read access is given.
For member, memberOf,
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be faster than the bind itself.
Think about the amplification effect in an environment with 20
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read
On 9.4.2014 15:50, Ludwig Krispenz wrote:
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be faster than the bind itself.
Think about the
On 04/09/2014 03:56 PM, Petr Viktorin wrote:
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM,
On 04/09/2014 07:57 AM, Petr Spacek wrote:
On 9.4.2014 15:50, Ludwig Krispenz wrote:
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
Something like this is what we have experienced for real and cause
us to
actually disable replication of all the lockout related attributes
in
the past.
But also here it can get complicated, we cannot really use
failedlogincount
On 04/09/2014 03:26 PM, Martin Kosek wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and hostgroups.
For most attributes, anonymous read
On 04/09/2014 04:02 PM, Martin Kosek wrote:
On 04/09/2014 03:56 PM, Petr Viktorin wrote:
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM,
On 04/09/2014 08:09 AM, Simo Sorce wrote:
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
Something like this is what we have experienced for real and cause
us to
actually disable replication of all the lockout related attributes
in
the past.
But also here it can get complicated,
On 04/09/2014 02:58 PM, Gabe Alford wrote:
I am good with it.
Gabe
Pushed to docs master: be130d05c2111d31465e57238c5390a5c4ab9de2
On Wed, Apr 9, 2014 at 4:20 AM, Petr Spacek pspa...@redhat.com
mailto:pspa...@redhat.com wrote:
On 9.4.2014 10:29, Martin Basti wrote:
On Tue,
On 9.4.2014 15:20, Tomas Hozza wrote:
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This typically happens when BIND
is
On 04/09/2014 04:17 PM, Rich Megginson wrote:
On 04/09/2014 08:09 AM, Simo Sorce wrote:
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
Something like this is what we have experienced for real and cause
us to
actually disable replication of all the lockout related attributes
in
The meta-permissions.
Read access is given to all authenticated users. Reading membership info
(i.e. privileges) is split into a separate permission.
Another permission is added that allows read access to all ACIs.
If we don't want to open that up for everyone, I could limit this to
only
On 04/09/2014 04:09 PM, Petr Viktorin wrote:
On 04/09/2014 03:26 PM, Martin Kosek wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and
On 04/09/2014 05:08 PM, Martin Kosek wrote:
On 04/09/2014 04:09 PM, Petr Viktorin wrote:
On 04/09/2014 03:26 PM, Martin Kosek wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add
On 04/09/2014 04:54 PM, Petr Viktorin wrote:
The meta-permissions.
:-)
Read access is given to all authenticated users. Reading membership info (i.e.
privileges) is split into a separate permission.
Another permission is added that allows read access to all ACIs.
If we don't want to open
On (09/04/14 16:38), Petr Spacek wrote:
On 9.4.2014 15:20, Tomas Hozza wrote:
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This
On 9.4.2014 17:39, Lukas Slebodnik wrote:
On (09/04/14 16:38), Petr Spacek wrote:
On 9.4.2014 15:20, Tomas Hozza wrote:
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case
I came across these articles that may be of some use in this topic. I
humbly admit that I am no expert on this topic, and these may not be of any
use. Plus, I am not a fan of the product, but maybe it helps?
http://technet.microsoft.com/en-us/library/cc772726%28v=ws.10%29.aspx
Hello,
Bump NVR to 4.3.
Pushed to master: 89f1751ff8f8582d628652060eff3bf5a9d7254a
--
Petr^2 Spacek
From 89f1751ff8f8582d628652060eff3bf5a9d7254a Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Wed, 9 Apr 2014 17:59:32 +0200
Subject: [PATCH] Bump NVR to 4.3.
Signed-off-by:
The FreeIPA team is proud to announce bind-dyndb-ldap version 4.3.
It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/
The new version has also been built for Fedora 20 and and is on its way to
updates-testing:
Petr Viktorin wrote:
On 03/14/2014 07:58 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/12/2014 07:48 PM, Rob Crittenden wrote:
[...]
Here are a couple more enhancements I'm considering, this seems simpler
than inter-diff since it is so small.
Not really. Having a patch file with a
Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/14/2014 07:58 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/12/2014 07:48 PM, Rob Crittenden wrote:
[...]
Here are a couple more enhancements I'm considering, this seems
simpler
than inter-diff since it is so small.
Not really.
On 04/08/2014 02:42 PM, Rob Crittenden wrote:
Justin Brown wrote:
Dmitri,
I'd be more than happy to, but I'm having trouble figuring out where
it should go. Could you send me a link to a similar design page?
I'd put it under here: http://www.freeipa.org/page/V4_Proposals
There is a
54 matches
Mail list logo