On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4058
Requires patch freeipa-pspacek-0052
ACK
I must admit I don't really like wrapping a constant in the method in
the
On 07/01/2015 10:15 PM, Simo Sorce wrote:
On Wed, 2015-07-01 at 15:00 -0400, Simo Sorce wrote:
On Wed, 2015-07-01 at 14:44 -0400, Simo Sorce wrote:
On Wed, 2015-07-01 at 14:34 -0400, Simo Sorce wrote:
I am working on the replica promotion code and suddenly the topology
plugin is getting in
Dne 2.7.2015 v 09:06 Alexander Bokovoy napsal(a):
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Dne 1.7.2015 v 15:25 Petr Spacek napsal(a):
On 1.7.2015 15:13, Jan Cholasta wrote:
Hi,
Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
Hello,
Create server-dns sub-package.
This allows us to
On 2.7.2015 09:36, Alexander Bokovoy wrote:
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Can this be done without adding server-core?
I'm not aware of such method (except of adding all DNS dependencies as
Requires straight into freeipa-server package).
Because it's not server core,
it's the
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Dne 1.7.2015 v 15:25 Petr Spacek napsal(a):
On 1.7.2015 15:13, Jan Cholasta wrote:
Hi,
Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
Hello,
Create server-dns sub-package.
This allows us to automatically pull in package bind-pkcs11
and thus create
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Can this be done without adding server-core?
I'm not aware of such method (except of adding all DNS dependencies as
Requires straight into freeipa-server package).
Because it's not server core,
it's the whole thing! Or maybe just rename it to
Dne 1.7.2015 v 15:25 Petr Spacek napsal(a):
On 1.7.2015 15:13, Jan Cholasta wrote:
Hi,
Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
Hello,
Create server-dns sub-package.
This allows us to automatically pull in package bind-pkcs11
and thus create upgrade path for on CentOS 7.1 - 7.2.
IPA
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne 29.6.2015 v 10:36 Martin Babinsky napsal(a):
On 06/23/2015 01:49 PM, Martin Babinsky wrote:
This
Hi,
Dne 2.7.2015 v 11:15 Fraser Tweedale napsal(a):
Attached patches fix a couple of important gaps in certprofile
plugin:
- Add --out option to export Dogtag profile data to file
https://fedorahosted.org/freeipa/ticket/5091
- Add --file option to update existing profile in Dogtag
On Thu, Jul 02, 2015 at 11:23:49AM +0200, Jan Cholasta wrote:
Hi,
Dne 2.7.2015 v 11:15 Fraser Tweedale napsal(a):
Attached patches fix a couple of important gaps in certprofile
plugin:
- Add --out option to export Dogtag profile data to file
Hi,
I noticed two variables are redundant in the base/paths.py and
base/tasks.py in the ipaplatform module.
git grep -E 'path_namespace|task_namespace'
ipaplatform/base/paths.py:path_namespace = BasePathNamespace
ipaplatform/base/tasks.py:task_namespace = BaseTaskNamespace()
This
On 2.7.2015 12:57, Tomas Babej wrote:
On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4058
Requires patch freeipa-pspacek-0052
On 07/01/2015 05:39 PM, Tomas Babej wrote:
Hi Thierry,
I think it would be better to use:
error=_('Entry has no \'%s\'') % attr
or even better, use named substitution:
error=_('Entry has no \'%(attribute)s\'') % dict(attribute=attr)
This way will generate a more readable strings for
Attached patches fix a couple of important gaps in certprofile
plugin:
- Add --out option to export Dogtag profile data to file
https://fedorahosted.org/freeipa/ticket/5091
- Add --file option to update existing profile in Dogtag
https://fedorahosted.org/freeipa/ticket/5093
Thanks,
Fraser
Dne 1.7.2015 v 14:13 Martin Basti napsal(a):
Fixes: https://fedorahosted.org/freeipa/ticket/5059
Patch attached.
Works for me, ACK.
Pushed to master: 2e329ecdc7c72045f276319d18df28549a51d4b9
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
On 07/01/2015 08:59 PM, Simo Sorce wrote:
On Wed, 2015-07-01 at 12:05 +0200, Ludwig Krispenz wrote:
This fix allows the removal of segments, where not both endpoints of the
segments are managed.
These segments can exist after deliberately disconnecting a topology by
removal of a central
On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4058
Requires patch freeipa-pspacek-0052
ACK
I must admit I don't really like
On 07/02/2015 10:34 AM, thierry bordaz wrote:
On 07/01/2015 05:39 PM, Tomas Babej wrote:
Hi Thierry,
I think it would be better to use:
error=_('Entry has no \'%s\'') % attr
or even better, use named substitution:
error=_('Entry has no \'%(attribute)s\'') % dict(attribute=attr)
This
On 07/01/2015 07:32 PM, Martin Babinsky wrote:
On 06/30/2015 05:55 PM, Tomas Babej wrote:
On 06/16/2015 01:01 PM, Jan Cholasta wrote:
Dne 16.6.2015 v 10:14 Martin Babinsky napsal(a):
On 05/06/2015 10:12 AM, Tomas Babej wrote:
On 05/05/2015 02:02 PM, Tomas Babej wrote:
On 04/29/2015
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne 29.6.2015 v 10:36 Martin Babinsky napsal(a):
On
On 07/02/2015 01:58 PM, Martin Babinsky wrote:
First attempt at https://fedorahosted.org/freeipa/ticket/4768
self-NACK
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
On 2.7.2015 13:54, Jan Cholasta wrote:
Dne 2.7.2015 v 13:34 Petr Spacek napsal(a):
On 2.7.2015 12:57, Tomas Babej wrote:
On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
--
David Kupka
From 65eb52bff00135f4feb84dfde1e56a69bc8ea438 Mon Sep 17 00:00:00 2001
From: David Kupka dku...@redhat.com
Date: Wed, 1 Jul 2015 16:26:15 +0200
Subject: [PATCH] cermonger: Use private unix socket when DBus
Dne 2.7.2015 v 13:34 Petr Spacek napsal(a):
On 2.7.2015 12:57, Tomas Babej wrote:
On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
Hi all,
cert-request ensures that any dNSName values in a CSR subjectAltName
requestExtension have a corresponding service/host principal in
FreeIPA and that their entries are writable by the bind principal.
It currently DOES NOT enforce CA ACLs for these alternative
principals, i.e. it does not
On 07/02/2015 02:37 PM, Martin Babinsky wrote:
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On
On 07/01/2015 04:51 PM, Petr Vobornik wrote:
For those of you who don't want to try the patches:
* https://pvoborni.fedorapeople.org/images/api-user-show.png
* https://pvoborni.fedorapeople.org/images/api-user-add.png
On 07/01/2015 09:35 AM, Martin Kosek wrote:
On 06/30/2015 06:35 PM, Petr
Dne 2.7.2015 v 16:36 Martin Babinsky napsal(a):
On 07/02/2015 02:37 PM, Martin Babinsky wrote:
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
Hi Martin,
#4559 [RFE] Support lightweight sub-CAs
Remaining work is not huge but may be more than can be done this
week even with Christian's help; the largest
On 07/02/2015 05:18 PM, Fraser Tweedale wrote:
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
...
#4970 Server certificate profile should always include a Subject
Alternate name for the host
If a subjectAltName request
On Thu, Jul 02, 2015 at 06:24:12PM +0200, Petr Spacek wrote:
On 2.7.2015 16:33, Fraser Tweedale wrote:
Hi all,
cert-request ensures that any dNSName values in a CSR subjectAltName
requestExtension have a corresponding service/host principal in
FreeIPA and that their entries are
On 02/07/15 22:07, Drew Erny wrote:
Hi, all,
The core functionality of the community portal is more-or-less complete.
In a local development environment, you can go to a web page, put in
information, and have that information reflected in the FreeIPA server.
There's definitely some polishing
On 30/06/15 16:16, Petr Vobornik wrote:
SSIA
Works for me, ACK.
--
David Kupka
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 30/06/15 16:15, Petr Vobornik wrote:
These options should not be touched by users yet.
https://fedorahosted.org/freeipa/ticket/5061
Works for me, ACK.
--
David Kupka
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 30/06/15 16:15, Petr Vobornik wrote:
Comment from segment deletion check which describes the patch:
Relax check if topology was or is disconnected. Disconnected topology
can contain segments with already deleted servers. Check only if
segments of servers, which can contact this server, and
On 2.7.2015 16:33, Fraser Tweedale wrote:
Hi all,
cert-request ensures that any dNSName values in a CSR subjectAltName
requestExtension have a corresponding service/host principal in
FreeIPA and that their entries are writable by the bind principal.
It currently DOES NOT enforce CA ACLs
Hi,
Dne 2.7.2015 v 17:18 Fraser Tweedale napsal(a):
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
#2915 ipa-getcert does not allow setting specific EKU on
certificates
Involves certmonger so I will need to do a bit more
Hi, all,
The core functionality of the community portal is more-or-less complete.
In a local development environment, you can go to a web page, put in
information, and have that information reflected in the FreeIPA server.
There's definitely some polishing needed (for example, there is no
39 matches
Mail list logo