Re: [Freeipa-devel] [PATCH] First part of the replica promotion tests + testplan

Hi, Here is the updated version of the patch (more tests + fixed the issues of the first one) + patch 0017, that implements the necessary changes in the background code, i. e. patch 16 does not work without patch 17 On 11/18/2015 05:20 PM, Martin Basti wrote: On 09.11.2015 15:09, Oleg

Re: [Freeipa-devel] [PATCH] 928-936 webui: topology visualization

On 11/25/2015 03:28 PM, Petr Vobornik wrote: On 11/24/2015 02:09 PM, Martin Babinsky wrote: On 11/24/2015 12:17 PM, Petr Vobornik wrote: On 11/24/2015 12:10 PM, Ludwig Krispenz wrote: Hi Petr, I'm testing these patches.Two observations so far: - in Topology->IPA Servers I see a table of my

Re: [Freeipa-devel] [PATCH 0015] mod_auth_gssapi: Remove ntlmssp support and restrict, mechanism to krb5

Bump for push. May need a rebase. On Wed, Jul 22, 2015 at 7:49 AM, Simo Sorce wrote: > - Original Message - > > From: "Christian Heimes" > > To: "freeipa-devel" > > Sent: Wednesday, July 22, 2015 9:32:59 AM > > Subject:

Re: [Freeipa-devel] [PATCH 0384] ipa-client-automount: Leverage IPAChangeConf to configure the idmapd

Ack. Gabe On Wed, Nov 11, 2015 at 7:22 AM, Tomas Babej wrote: > Hi, > > Simple regexp substitution caused that the domain directive fell under > an inapprorpiate section, if the domain directive was not present. Hence > the idmapd.conf file was not properly parsed. > > Use

[Freeipa-devel] [PATCH] Removed duplicate domain name validation function

There were two functions for the same purpose. Removed one. From 15c192fdee0390ca8b6aa923691d66b1081ffae4 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Wed, 25 Nov 2015 16:38:00 +0100 Subject: [PATCH] Removed duplicate domain name validating function ---

Re: [Freeipa-devel] [PATCH 560] Allow to set allowed krb authz data type per user

On Wed, 2015-11-25 at 08:09 +0100, Jan Cholasta wrote: > On 25.11.2015 00:09, Simo Sorce wrote: > > This patch is untested and mostly an RFC. > > > > I think it is all we need to allow to specify authz data types per user > > and by setting the attribute to NONE preventing a user from getting > >

Re: [Freeipa-devel] [PATCH] Allow ipa-getkeytab to find server name from config file

On Wed, Nov 25, 2015 at 09:44:09AM -0500, Simo Sorce wrote: > On Wed, 2015-11-25 at 14:34 +1000, Fraser Tweedale wrote: > > On Tue, Nov 24, 2015 at 02:36:17PM -0500, Simo Sorce wrote: > > > On Tue, 2015-11-24 at 17:34 +0100, Jan Cholasta wrote: > > > > On 24.11.2015 17:30, Simo Sorce wrote: > > >

Re: [Freeipa-devel] [PATCH] First part of the replica promotion tests + testplan

Hi, 0) Note Please be aware of https://fedorahosted.org/freeipa/ticket/5469 during KRA testing 1) Please do not use MIN and MAX_DOMAIN_LEVEL constants, this may change over time, use DOMAIN_LEVEL_0 and DOMAIN_LEVEL_1 for domain level 0 and 1 2) Why uninstall KRA then server, is not enough

Re: [Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

On Wed, 2015-11-25 at 10:25 +0100, Jan Cholasta wrote: > On 20.11.2015 16:49, Jan Cholasta wrote: > > On 19.11.2015 17:43, Simo Sorce wrote: > >> 510: > >> - We should probably tightenup the ACI to allos host X to only add > >> memberPrincipal = X and no other value, also the host should not be >

Re: [Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

Hi, Should I cover ticket N 3416 in the replica promotion test plan? It should be tested, and IMO there is no sense in creating a separate test plan for just that. On 11/19/2015 03:43 PM, Jan Cholasta wrote: Hi, the attached patches fix and

Re: [Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

Works for me. On 25.11.2015 21:35, Oleg Fayans wrote: Hi, Should I cover ticket N 3416 in the replica promotion test plan? It should be tested, and IMO there is no sense in creating a separate test plan for just that. On 11/19/2015 03:43 PM, Jan Cholasta wrote: Hi, the attached patches fix

Re: [Freeipa-devel] [PATCH] 0748 Handle encoding for ipautil.run

On 11/25/2015 11:04 AM, Jan Cholasta wrote: > On 24.11.2015 17:21, Petr Viktorin wrote: >> On 11/23/2015 10:50 AM, Jan Cholasta wrote: >>> On 23.11.2015 07:43, Jan Cholasta wrote: On 19.11.2015 00:55, Petr Viktorin wrote: > On 11/03/2015 02:39 PM, Petr Viktorin wrote: >> Hello, >>

Re: [Freeipa-devel] [PATCH] Add option to disable setkeytab extended operations

On Wed, 2015-11-25 at 09:02 -0500, Rob Crittenden wrote: > Jan Cholasta wrote: > > On 24.11.2015 22:17, Simo Sorce wrote: > >> On Tue, 2015-11-24 at 14:57 -0500, Simo Sorce wrote: > >>> On Tue, 2015-11-24 at 14:42 -0500, Simo Sorce wrote: > Since some time we use the getkeytab operation to

Re: [Freeipa-devel] [PATCH] Add option to disable setkeytab extended operations

On Wed, 2015-11-25 at 10:24 +0100, Sumit Bose wrote: > On Tue, Nov 24, 2015 at 02:42:32PM -0500, Simo Sorce wrote: > > Since some time we use the getkeytab operation to fetch keytabs on newer > > clients. According to bug #232 setkeytab can be used to circumvent > > password quality controls so it

Re: [Freeipa-devel] [pytest-multihost-devel][PATCH] Functions for handling various file and directory operations

On 11/25/2015 10:08 AM, Abhijeet Kasurde wrote: > Hi All, > > Please find the patch for pytest-multihost-plugin. > > Fixes : https://fedorahosted.org/python-pytest-multihost/ticket/2 Thanks! These will be useful. ACK, pushed as e7bf95b3ba4ca84b73abffda1abcf6187c5c8a67 I wrote some tests for

Re: [Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

On 25.11.2015 18:46, Simo Sorce wrote: On Wed, 2015-11-25 at 10:25 +0100, Jan Cholasta wrote: On 20.11.2015 16:49, Jan Cholasta wrote: On 19.11.2015 17:43, Simo Sorce wrote: 510: - We should probably tightenup the ACI to allos host X to only add memberPrincipal = X and no other value, also

Re: [Freeipa-devel] [pytest-multihost-devel][PATCH] Functions for handling various file and directory operations

Hi Petr, On 11/25/2015 08:27 PM, Petr Viktorin wrote: On 11/25/2015 10:08 AM, Abhijeet Kasurde wrote: Hi All, Please find the patch for pytest-multihost-plugin. Fixes : https://fedorahosted.org/python-pytest-multihost/ticket/2 Thanks! These will be useful. ACK, pushed as

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

On 11/25/2015 09:56 AM, Jan Cholasta wrote: On 25.11.2015 09:28, Martin Babinsky wrote: On 11/25/2015 07:21 AM, Jan Cholasta wrote: On 25.11.2015 05:56, Fraser Tweedale wrote: On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: On 24.11.2015 17:17, Martin Babinsky wrote: On

Re: [Freeipa-devel] [PATCH] Add option to disable setkeytab extended operations

On Tue, Nov 24, 2015 at 02:42:32PM -0500, Simo Sorce wrote: > Since some time we use the getkeytab operation to fetch keytabs on newer > clients. According to bug #232 setkeytab can be used to circumvent > password quality controls so it needs to be slowly retired. ipasam uses this exop to create

Re: [Freeipa-devel] [IPAQE][REVIEW-REQUEST][TEST PLAN] Replica promotion

On 23.11.2015 18:51, Oleg Fayans wrote: Hi all, Here is a draft of the Replica Promotion test plan http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan Hello, Test case: ipa-replica-manage is deprecated in domain level 1 I would be more specific in this test case, deprecated is only

Re: [Freeipa-devel] [PATCH 558] Allow disabling requireing preauth by default for Service Principal Names

On 11/24/2015 10:20 PM, Simo Sorce wrote: This addresses #3860, giving admins the option to not require preauth for Hosts and services. I did not add this option by default, although it does reduce the load on the KDC as well as speed up TGT acquisition for service principal accounts that

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 23.11.2015 15:19, Rob Crittenden wrote: Tomas Babej wrote: On 11/23/2015 01:50 PM, Jan Cholasta wrote: On 23.11.2015 13:40, Tomas Babej wrote: On 11/23/2015 01:31 PM, Jan Cholasta wrote: On 23.11.2015 13:28, Tomas Babej wrote: On 11/23/2015 01:11 PM, Jan Cholasta wrote: On

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

On 11/25/2015 07:21 AM, Jan Cholasta wrote: On 25.11.2015 05:56, Fraser Tweedale wrote: On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: On 24.11.2015 17:17, Martin Babinsky wrote: On 11/24/2015 05:10 PM, Martin Babinsky wrote: On 11/24/2015 05:01 PM, Martin Babinsky wrote: On

[Freeipa-devel] [pytest-multihost-devel][PATCH] Functions for handling various file and directory operations

Hi All, Please find the patch for pytest-multihost-plugin. Fixes : https://fedorahosted.org/python-pytest-multihost/ticket/2 Thanks, Abhijeet Kasurde From 72dfedf298ed6e27cc10f7c63fa1202a0942c88e Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Wed, 25 Nov 2015

Re: [Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

On 20.11.2015 16:49, Jan Cholasta wrote: On 19.11.2015 17:43, Simo Sorce wrote: 510: - We should probably tightenup the ACI to allos host X to only add memberPrincipal = X and no other value, also the host should not be allowed to change the memberPrincipal attribute only the keys. If we can't

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

On 25.11.2015 10:40, Fraser Tweedale wrote: On Wed, Nov 25, 2015 at 09:28:27AM +0100, Martin Babinsky wrote: On 11/25/2015 07:21 AM, Jan Cholasta wrote: On 25.11.2015 05:56, Fraser Tweedale wrote: On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: On 24.11.2015 17:17, Martin

[Freeipa-devel] [PATCH 0359] Fix forwardzone upgrade

When original zone belongs to realmdomains, upgrade will fail. The attached patch solve the issue. https://fedorahosted.org/freeipa/ticket/5472 From 163a0e88cf4dabf53b4b1321f4202683d3fea06d Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 25 Nov 2015 09:57:07 +0100

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

On Wed, Nov 25, 2015 at 09:28:27AM +0100, Martin Babinsky wrote: > On 11/25/2015 07:21 AM, Jan Cholasta wrote: > >On 25.11.2015 05:56, Fraser Tweedale wrote: > >>On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: > >>>On 24.11.2015 17:17, Martin Babinsky wrote: > On 11/24/2015 05:10

Re: [Freeipa-devel] [PATCH] 0748 Handle encoding for ipautil.run

On 24.11.2015 17:21, Petr Viktorin wrote: On 11/23/2015 10:50 AM, Jan Cholasta wrote: On 23.11.2015 07:43, Jan Cholasta wrote: On 19.11.2015 00:55, Petr Viktorin wrote: On 11/03/2015 02:39 PM, Petr Viktorin wrote: Hello, Python 3's strings are Unicode, so data coming to or leaving a Python

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 24.11.2015 15:56, Tomas Babej wrote: On 11/23/2015 04:43 PM, Jan Cholasta wrote: Hi, On 23.11.2015 12:50, Tomas Babej wrote: Hi, this patch implements the single command replica promotion for #5310. Tomas https://fedorahosted.org/freeipa/ticket/5310 1) ensure_enrolled() should be

Re: [Freeipa-devel] [PATCH 507] install: drop support for Dogtag 9

On 25.11.2015 09:06, Jan Cholasta wrote: On 24.11.2015 14:58, David Kupka wrote: On 10/11/15 09:52, Jan Cholasta wrote: On 10.11.2015 09:28, Jan Cholasta wrote: Hi, the attached patch fixes . Honza Actually working patch attached. Hi,

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

On 25.11.2015 09:28, Martin Babinsky wrote: On 11/25/2015 07:21 AM, Jan Cholasta wrote: On 25.11.2015 05:56, Fraser Tweedale wrote: On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: On 24.11.2015 17:17, Martin Babinsky wrote: On 11/24/2015 05:10 PM, Martin Babinsky wrote: On

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 11/10/2015 02:22 PM, Tomas Babej wrote: > Hi, > > This has been rarely used, and can be replaced by proper shell output > redirection. > > https://fedorahosted.org/freeipa/ticket/5408 > Here's an updated version of the patch that gets rid of one missed occurrence of log_file usage. Tomas

Re: [Freeipa-devel] [PATCH 0360] Make dns-resolve command deprecated

On 25.11.2015 12:12, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5466 > > Patch attached. ACK -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

Re: [Freeipa-devel] [PATCH 0344] Use absolute domain name in detection of A/AAAA records

On 19.11.2015 11:05, Martin Basti wrote: > > > On 18.11.2015 18:33, Petr Spacek wrote: >> On 12.11.2015 13:58, Martin Basti wrote: >>> >>> On 09.11.2015 08:47, Petr Spacek wrote: On 4.11.2015 16:16, Martin Basti wrote: > Patch attached. > >

Re: [Freeipa-devel] [PATCH 0351] call directly is_host_resolvable function to verify addresses in NS records

On 19.11.2015 11:11, Martin Basti wrote: > Testing if address is resolvable can be done by directly call of > is_host_resovable, instead of call the dns-resolve command which is doing the > same (works as proxy). > > Patch attached. ACK -- Petr^2 Spacek -- Manage your subscription for the

Re: [Freeipa-devel] [PATCH 0359] Fix forwardzone upgrade

On 25.11.2015 10:42, Martin Basti wrote: > When original zone belongs to realmdomains, upgrade will fail. > > The attached patch solve the issue. > > https://fedorahosted.org/freeipa/ticket/5472 ACK -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH 0360] Make dns-resolve command deprecated

On 25.11.2015 12:12, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5466 > > Patch attached. Please fix missing space after ',' and typo in 'choosen'. Otherwise it works, so cond-ACK. -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 25.11.2015 13:24, Tomas Babej wrote: On 11/10/2015 02:22 PM, Tomas Babej wrote: Hi, This has been rarely used, and can be replaced by proper shell output redirection. https://fedorahosted.org/freeipa/ticket/5408 Here's an updated version of the patch that gets rid of one missed

Re: [Freeipa-devel] [PATCH 0359] Fix forwardzone upgrade

On 25.11.2015 13:36, Petr Spacek wrote: On 25.11.2015 10:42, Martin Basti wrote: When original zone belongs to realmdomains, upgrade will fail. The attached patch solve the issue. https://fedorahosted.org/freeipa/ticket/5472 ACK Pushed to: master: 6eeb4e4f2a9fb6fe5cf83e6b84c737ad3e295de1

[Freeipa-devel] [PATCH 0360] Make dns-resolve command deprecated

https://fedorahosted.org/freeipa/ticket/5466 Patch attached. From 94bc97e4509d6942a5176561f17f3eb547469ef4 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 18 Nov 2015 19:44:08 +0100 Subject: [PATCH] Make command dns-resolve deprecated. To debug DNS issues other

[Freeipa-devel] [PATCH 0361] Remove invalid error message from topology upgrade

https://fedorahosted.org/freeipa/ticket/5482 Patch attached. From abceb5bea904984e9a50d0fcd454269d48c7b2cf Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 25 Nov 2015 12:42:02 +0100 Subject: [PATCH] Remove invalid error messages from topology upgrade Return False does

Re: [Freeipa-devel] [PATCH 0360] Make dns-resolve command deprecated

On 25.11.2015 13:36, Petr Spacek wrote: On 25.11.2015 12:12, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5466 Patch attached. ACK updated and pushed Pushed to master: 749dfc3917cd5b3d0f222d144e8fc96e08308e10 -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 25.11.2015 13:49, Tomas Babej wrote: On 11/25/2015 01:29 PM, Jan Cholasta wrote: On 25.11.2015 13:24, Tomas Babej wrote: On 11/10/2015 02:22 PM, Tomas Babej wrote: Hi, This has been rarely used, and can be replaced by proper shell output redirection.

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/25/2015 02:13 PM, Tomas Babej wrote: > > > On 11/25/2015 02:00 PM, Martin Babinsky wrote: >> On 11/24/2015 11:32 PM, Simo Sorce wrote: >>> Ticket #937 was reopened a while ago because one corner case, new users >>> that have never been assigned a password cause kadmin/kadmin.local to >>>

Re: [Freeipa-devel] [PATCH 0349] baseuser.py compare objectclasses as case insensitive

On 11/17/2015 11:47 AM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5456 Patch attached. ACK but please fix a typo in the commit message before pushing. -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 11/25/2015 01:29 PM, Jan Cholasta wrote: > On 25.11.2015 13:24, Tomas Babej wrote: >> On 11/10/2015 02:22 PM, Tomas Babej wrote: >>> Hi, >>> >>> This has been rarely used, and can be replaced by proper shell output >>> redirection. >>> >>> https://fedorahosted.org/freeipa/ticket/5408 >>> >>

Re: [Freeipa-devel] [PATCH 0361] Remove invalid error message from topology upgrade

On 11/25/2015 12:47 PM, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5482 > > Patch attached. > > ACK. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

Re: [Freeipa-devel] [PATCH 0361] Remove invalid error message from topology upgrade

On 11/25/2015 01:58 PM, Tomas Babej wrote: > > > On 11/25/2015 12:47 PM, Martin Basti wrote: >> https://fedorahosted.org/freeipa/ticket/5482 >> >> Patch attached. >> >> > > ACK. > Pushed to master: 801672cc6618947f5cc4607910871e695587fcbf -- Manage your subscription for the Freeipa-devel

Re: [Freeipa-devel] [PATCH 0351] call directly is_host_resolvable function to verify addresses in NS records

On 25.11.2015 13:36, Petr Spacek wrote: On 19.11.2015 11:11, Martin Basti wrote: Testing if address is resolvable can be done by directly call of is_host_resovable, instead of call the dns-resolve command which is doing the same (works as proxy). Patch attached. ACK Pushed to master:

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/25/2015 02:00 PM, Martin Babinsky wrote: > On 11/24/2015 11:32 PM, Simo Sorce wrote: >> Ticket #937 was reopened a while ago because one corner case, new users >> that have never been assigned a password cause kadmin/kadmin.local to >> throw a fit when they try to visualize information

Re: [Freeipa-devel] [PATCH 0344] Use absolute domain name in detection of A/AAAA records

On 25.11.2015 13:36, Petr Spacek wrote: On 19.11.2015 11:05, Martin Basti wrote: On 18.11.2015 18:33, Petr Spacek wrote: On 12.11.2015 13:58, Martin Basti wrote: On 09.11.2015 08:47, Petr Spacek wrote: On 4.11.2015 16:16, Martin Basti wrote: Patch attached.

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 25.11.2015 14:15, Jan Cholasta wrote: > On 25.11.2015 13:49, Tomas Babej wrote: >> >> >> On 11/25/2015 01:29 PM, Jan Cholasta wrote: >>> On 25.11.2015 13:24, Tomas Babej wrote: On 11/10/2015 02:22 PM, Tomas Babej wrote: > Hi, > > This has been rarely used, and can be replaced

Re: [Freeipa-devel] [PATCH 0349] baseuser.py compare objectclasses as case insensitive

On 25.11.2015 14:33, Martin Babinsky wrote: On 11/17/2015 11:47 AM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5456 Patch attached. ACK but please fix a typo in the commit message before pushing. Fixed Pushed to master: 6bbde3e0f7d661fa559ed5e3365381d2ba113dce --

Re: [Freeipa-devel] [PATCH] Add option to disable setkeytab extended operations

Jan Cholasta wrote: > On 24.11.2015 22:17, Simo Sorce wrote: >> On Tue, 2015-11-24 at 14:57 -0500, Simo Sorce wrote: >>> On Tue, 2015-11-24 at 14:42 -0500, Simo Sorce wrote: Since some time we use the getkeytab operation to fetch keytabs on newer clients. According to bug #232

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 11/25/2015 09:04 AM, Jan Cholasta wrote: > On 23.11.2015 15:19, Rob Crittenden wrote: >> Tomas Babej wrote: >>> >>> >>> On 11/23/2015 01:50 PM, Jan Cholasta wrote: On 23.11.2015 13:40, Tomas Babej wrote: > > > On 11/23/2015 01:31 PM, Jan Cholasta wrote: >> On 23.11.2015

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/24/2015 11:32 PM, Simo Sorce wrote: Ticket #937 was reopened a while ago because one corner case, new users that have never been assigned a password cause kadmin/kadmin.local to throw a fit when they try to visualize information about those user's principals. This patch fakes up

Re: [Freeipa-devel] [PATCH 0102] update idrange tests to reflect disabled modification of local ID ranges

On 11/23/2015 12:58 PM, Tomas Babej wrote: > > > On 11/20/2015 06:41 PM, Milan Kubík wrote: >> On 11/20/2015 04:06 PM, Martin Babinsky wrote: >>> When I fixed https://fedorahosted.org/freeipa/ticket/4826 I forgot to >>> fix the corresponding xmlrpc tests. >>> >>> This oversight bit me today

Re: [Freeipa-devel] [PATCH 0358] ipa-getkeytab: do not return error if translations cannot be loaded

On 11/25/2015 02:31 PM, Tomas Babej wrote: > > > On 11/24/2015 05:38 PM, Martin Basti wrote: >> >> >> On 24.11.2015 17:33, Jan Cholasta wrote: >>> On 24.11.2015 16:52, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5483 Patch attached. >>> >>> Doesn't init_gettext()

Re: [Freeipa-devel] [PATCH 0358] ipa-getkeytab: do not return error if translations cannot be loaded

On 11/24/2015 05:38 PM, Martin Basti wrote: > > > On 24.11.2015 17:33, Jan Cholasta wrote: >> On 24.11.2015 16:52, Martin Basti wrote: >>> https://fedorahosted.org/freeipa/ticket/5483 >>> >>> Patch attached. >> >> Doesn't init_gettext() itself already print to stderr on failure? >> > Nope >

Re: [Freeipa-devel] [PATCH 0104] do not disconnect when using existing connection to check default CA ACLs

Martin Babinsky wrote: > On 11/25/2015 09:56 AM, Jan Cholasta wrote: >> On 25.11.2015 09:28, Martin Babinsky wrote: >>> On 11/25/2015 07:21 AM, Jan Cholasta wrote: On 25.11.2015 05:56, Fraser Tweedale wrote: > On Tue, Nov 24, 2015 at 05:38:45PM +0100, Jan Cholasta wrote: >> On

Re: [Freeipa-devel] [PATCH] 928-936 webui: topology visualization

On 11/24/2015 02:09 PM, Martin Babinsky wrote: On 11/24/2015 12:17 PM, Petr Vobornik wrote: On 11/24/2015 12:10 PM, Ludwig Krispenz wrote: Hi Petr, I'm testing these patches.Two observations so far: - in Topology->IPA Servers I see a table of my servers and the managed suffix column I see

[Freeipa-devel] [PATCH 0362] KRA: do not stop certmonger during standalone uninstall

https://fedorahosted.org/freeipa/ticket/5477 Patch attached. From 256195119576afc4dc5761abbd3d12202ead19e7 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 25 Nov 2015 15:20:51 +0100 Subject: [PATCH] KRA: do not stop certmonger during standalone uninstall

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On Wed, 2015-11-25 at 14:13 +0100, Tomas Babej wrote: > > On 11/25/2015 02:13 PM, Tomas Babej wrote: > > > > > > On 11/25/2015 02:00 PM, Martin Babinsky wrote: > >> On 11/24/2015 11:32 PM, Simo Sorce wrote: > >>> Ticket #937 was reopened a while ago because one corner case, new users > >>> that

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/25/2015 03:32 PM, Simo Sorce wrote: > On Wed, 2015-11-25 at 14:13 +0100, Tomas Babej wrote: >> >> On 11/25/2015 02:13 PM, Tomas Babej wrote: >>> >>> >>> On 11/25/2015 02:00 PM, Martin Babinsky wrote: On 11/24/2015 11:32 PM, Simo Sorce wrote: > Ticket #937 was reopened a while ago

Re: [Freeipa-devel] [PATCH] Allow ipa-getkeytab to find server name from config file

On Wed, 2015-11-25 at 14:34 +1000, Fraser Tweedale wrote: > On Tue, Nov 24, 2015 at 02:36:17PM -0500, Simo Sorce wrote: > > On Tue, 2015-11-24 at 17:34 +0100, Jan Cholasta wrote: > > > On 24.11.2015 17:30, Simo Sorce wrote: > > > > On Tue, 2015-11-24 at 09:14 +0100, Jan Cholasta wrote: > > > >> On