Re: [Freeipa-devel] [PATCH] 0506 Default read ACIs for hosts

On 04/10/2014 05:29 PM, Petr Viktorin wrote: On 04/10/2014 03:04 PM, Martin Kosek wrote: On 04/10/2014 02:52 PM, Simo Sorce wrote: On Thu, 2014-04-10 at 13:56 +0200, Petr Viktorin wrote: On 04/09/2014 12:25 PM, Martin Kosek wrote: On 04/03/2014 12:09 PM, Petr Viktorin wrote: Hello, This

Re: [Freeipa-devel] [PATCH] 0516 Add managed read permissions to realmdomains

On 04/10/2014 03:55 PM, Petr Viktorin wrote: Read access is given to all authenticated users. Works for me, ACK. Pushed to master, Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 0513 Add managed read permissions to RBAC objects

On 04/10/2014 05:03 PM, Petr Viktorin wrote: On 04/10/2014 03:20 PM, Martin Kosek wrote: On 04/10/2014 03:10 PM, Petr Viktorin wrote: On 04/10/2014 03:07 PM, Martin Kosek wrote: On 04/10/2014 03:02 PM, Petr Viktorin wrote: On 04/10/2014 02:58 PM, Martin Kosek wrote: On 04/10/2014 01:46 PM,

Re: [Freeipa-devel] [PATCH] 0515 Add managed read permission for SELinux user map

On 04/10/2014 03:30 PM, Petr Viktorin wrote: Read access is given to all authenticated users. ACK, works fine. Pushed to master: 3db9ce320422a6cc57e1767a1e0cbf06d950a67e Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] 0517 test_realmdomains_plugin: Add default ACI to expected output

On 04/10/2014 03:55 PM, Petr Viktorin wrote: Subject: [PATCH] 0516 Add managed read permissions to realmdomains Read access is given to all authenticated users. Jenkins tells me this breaks tests. Since realmdomains ACIs are set on a single entry, not a container, realmdomains_show --all

[Freeipa-devel] [PATCH] Do not ask for memberindirect when updating managed permissions

One of the default_attributes of permission is memberofindirect, a virtual attribute manufactured by ldap2, which is set when a permission is part of a role. When update_entry is called on an entry with memberofindirect, ipaldap tries to add the attribute to LDAP and fails with an objectclass

[Freeipa-devel] [PATCH] 0519 Add managed read permissions to pwpolicy and cosentry

Read access is given as a new privilege, 'Password Policy Readers', and also to the existing privilege 'Password Policy Administrator'. -- Petr³ From c61532cd5bbce02f073a94fdceff8169c4d4b52d Mon Sep 17 00:00:00 2001 From: Petr Viktorin pvikt...@redhat.com Date: Wed, 26 Mar 2014 17:11:23 +0100

Re: [Freeipa-devel] [PATCH] 569-583 New Login Screen

On Fri, 28 Mar 2014 14:04:13 +0100 Petr Vobornik pvobo...@redhat.com wrote: Attached patches replace IPA.unauthorized dialog with new Login Screen. To make it happen, a support for standalone facets had to be developed because current framework was limited by facets dependent on entities

Re: [Freeipa-devel] [PATCH] 0506 Default read ACIs for hosts

On Fri, 2014-04-11 at 09:48 +0200, Martin Kosek wrote: On 04/10/2014 05:29 PM, Petr Viktorin wrote: On 04/10/2014 03:04 PM, Martin Kosek wrote: On 04/10/2014 02:52 PM, Simo Sorce wrote: On Thu, 2014-04-10 at 13:56 +0200, Petr Viktorin wrote: On 04/09/2014 12:25 PM, Martin Kosek wrote:

Re: [Freeipa-devel] [PATCH] 0519 Add managed read permissions to pwpolicy and cosentry

On Fri, 2014-04-11 at 14:26 +0200, Petr Viktorin wrote: Read access is given as a new privilege, 'Password Policy Readers', and also to the existing privilege 'Password Policy Administrator'. LGTM Simo. -- Simo Sorce * Red Hat, Inc * New York

Re: [Freeipa-devel] [PATCH] 0506 Default read ACIs for hosts

On 04/11/2014 02:36 PM, Simo Sorce wrote: On Fri, 2014-04-11 at 09:48 +0200, Martin Kosek wrote: On 04/10/2014 05:29 PM, Petr Viktorin wrote: On 04/10/2014 03:04 PM, Martin Kosek wrote: On 04/10/2014 02:52 PM, Simo Sorce wrote: On Thu, 2014-04-10 at 13:56 +0200, Petr Viktorin wrote: On