mbasti-rh commented on a pull request
"""
I cannot connect to LDAPS even if only CA-less servers are installed
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/21#issuecomment-242746093
--
Manage your subscription for the Freeipa-devel mailing list:
pvoborni commented on a pull request
"""
Promotion of replica is missing ds.enable_ssl step (or how is it called). Tomas
is working on it in ticket https://fedorahosted.org/freeipa/ticket/6226
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/21#issuecomment-242750401
--
mbasti-rh commented on a pull request
"""
Maybe comment next to sleep why the sleep is there, may not hurt
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/28#issuecomment-242727734
--
Manage your subscription for the Freeipa-devel mailing list:
stlaz's pull request #23: "Time-Based HBAC Policies" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/23
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/23/head:pr23
git checkout pr23
mbasti-rh commented on a pull request
"""
Yes, I can reproduce it without this PR. ACK for this
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/21#issuecomment-242751300
--
Manage your subscription for the Freeipa-devel mailing list:
jcholast's pull request #21: "custodia: include known CA certs in the PKCS#12
file for Dogtag" was closed
See the full pull-request at https://github.com/freeipa/freeipa/pull/21
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
ofayans commented on a pull request
"""
Done.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/28#issuecomment-242733667
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
ofayans's pull request #28: "Added a sleep interval after domainlevel raise in
tests" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/28
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
On Fri, 2016-08-26 at 11:55 +0200, Martin Basti wrote:
>
> On 26.08.2016 11:43, Jan Cholasta wrote:
> > Hi,
> >
> > On 11.8.2016 12:34, Stanislav Laznicka wrote:
> >> Hello,
> >>
> >> I updated the design of the Time-Based HBAC Policies according to the
> >> discussion we led here earlier. Please
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to the
discussion we led here earlier. Please check the design page
On 08/26/2016 12:39 PM, Martin Basti wrote:
>
>
> On 26.08.2016 12:37, Petr Vobornik wrote:
>> On 08/26/2016 12:23 PM, Martin Basti wrote:
>>>
>>> On 26.08.2016 12:20, Alexander Bokovoy wrote:
On Fri, 26 Aug 2016, Jan Cholasta wrote:
> On 26.8.2016 11:55, Martin Basti wrote:
>>
stlaz's pull request #26: "Don't ignore --ignore-last-of-role for last CA" was
opened
PR body:
"""
Use a handler created for the purpose of deciding whether
to raise exception or not.
https://fedorahosted.org/freeipa/ticket/6259
"""
See the full pull-request at
stlaz's pull request #23: "Time-Based HBAC Policies" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/23
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/23/head:pr23
git checkout pr23
jcholast's pull request #21: "custodia: include known CA certs in the PKCS#12
file for Dogtag" label *ack* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/21
--
Manage your subscription for the Freeipa-devel mailing list:
ofayans's pull request #28: "Added a sleep interval after domainlevel raise in
tests" was opened
PR body:
"""
Due to race conditions the test sometimes catches 2 one-way segments instead of
one bidirectional. We need to give the master time to merge the one-way
segments before we test the
ofayans's pull request #28: "Added a sleep interval after domainlevel raise in
tests" was closed
See the full pull-request at https://github.com/freeipa/freeipa/pull/28
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
ofayans's pull request #28: "Added a sleep interval after domainlevel raise in
tests" label *pushed* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/28
--
Manage your subscription for the Freeipa-devel mailing list:
mbasti-rh commented on a pull request
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/9dffe55e6582bca7b1a4b8ad3042c63c5ccde51a
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/28#issuecomment-242747200
--
Manage your subscription for the Freeipa-devel
mbasti-rh commented on a pull request
"""
On replica:
```
[root@vm-058-017 ~]# ipa-ca-install
Directory Manager (existing master) password:
Run connection check to master
Connection check OK
Configuring certificate server (pki-tomcatd). Estimated time: 3 minutes 30
seconds
[1/25]: creating
ofayans's pull request #28: "Added a sleep interval after domainlevel raise in
tests" label *ack* has been added
See the full pull-request at https://github.com/freeipa/freeipa/pull/28
--
Manage your subscription for the Freeipa-devel mailing list:
jcholast's pull request #20: "cert: include CA name in cert command output" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/20
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/20/head:pr20
On 26.08.2016 12:20, Alexander Bokovoy wrote:
On Fri, 26 Aug 2016, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to the
discussion we led here earlier. Please check the design page
http://www.freeipa.org/page/V4/Time-Based_Account_Policies.
On Fri, 26 Aug 2016, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to the
discussion we led here earlier. Please
On 26.08.2016 12:13, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to the
discussion we led here earlier. Please
On 26.08.2016 12:37, Petr Vobornik wrote:
On 08/26/2016 12:23 PM, Martin Basti wrote:
On 26.08.2016 12:20, Alexander Bokovoy wrote:
On Fri, 26 Aug 2016, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34,
On 08/26/2016 12:47 PM, Standa Laznicka wrote:
> On 08/26/2016 12:39 PM, Martin Basti wrote:
>>
>>
>> On 26.08.2016 12:37, Petr Vobornik wrote:
>>> On 08/26/2016 12:23 PM, Martin Basti wrote:
On 26.08.2016 12:20, Alexander Bokovoy wrote:
> On Fri, 26 Aug 2016, Jan Cholasta wrote:
jcholast's pull request #20: "cert: include CA name in cert command output" was
synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/20
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/20/head:pr20
On 08/26/2016 12:27 PM, Jan Cholasta wrote:
On 26.8.2016 12:21, Martin Basti wrote:
On 26.08.2016 12:13, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of
On 26.8.2016 12:21, Martin Basti wrote:
On 26.08.2016 12:13, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to
mirielka's pull request #27: "Tests: Fix integration sudo tests setup and
checks" was opened
PR body:
"""
Adding 'defaults' sudorule to prevent requesting further user authentication.
Adding checks that if a user should be rejected access, a proper error message
is displayed.
On 19.8.2016 13:11, Fraser Tweedale wrote:
Bump for review.
On Wed, Aug 17, 2016 at 12:09:39AM +1000, Fraser Tweedale wrote:
On Tue, Aug 16, 2016 at 08:10:08AM +0200, Jan Cholasta wrote:
On 16.8.2016 07:24, Fraser Tweedale wrote:
On Mon, Aug 15, 2016 at 08:19:33AM +0200, Jan Cholasta wrote:
Hi,
On 22.7.2016 07:18, Fraser Tweedale wrote:
While I was poking around SAN-processing code, I decided to
implement a small enhancement: allowing the subject principal's DN
to appear in SAN.
https://fedorahosted.org/freeipa/ticket/6112
Patch depends on my other patches 0090, 0092, 0093,
Hi,
On 11.8.2016 12:34, Stanislav Laznicka wrote:
Hello,
I updated the design of the Time-Based HBAC Policies according to the
discussion we led here earlier. Please check the design page
http://www.freeipa.org/page/V4/Time-Based_Account_Policies. The biggest
changes are in the Implementation
On 08/26/2016 12:23 PM, Martin Basti wrote:
>
>
> On 26.08.2016 12:20, Alexander Bokovoy wrote:
>> On Fri, 26 Aug 2016, Jan Cholasta wrote:
>>> On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan Cholasta wrote:
> Hi,
>
> On 11.8.2016 12:34, Stanislav
On 08/26/2016 12:39 PM, Martin Basti wrote:
On 26.08.2016 12:37, Petr Vobornik wrote:
On 08/26/2016 12:23 PM, Martin Basti wrote:
On 26.08.2016 12:20, Alexander Bokovoy wrote:
On Fri, 26 Aug 2016, Jan Cholasta wrote:
On 26.8.2016 11:55, Martin Basti wrote:
On 26.08.2016 11:43, Jan
Akasurde's pull request #25: "Added install check before executing ipa-*
command" was opened
PR body:
"""
Fixes: https://fedorahosted.org/freeipa/ticket/6261
Signed-off-by: Abhijeet Kasurde
"""
See the full pull-request at https://github.com/freeipa/freeipa/pull/25
... or
mirielka's pull request #27: "Tests: Fix integration sudo tests setup and
checks" was edited
See the full pull-request at https://github.com/freeipa/freeipa/pull/27
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/27/head:pr27
On Fri, 2016-08-26 at 18:09 +0300, Alexander Bokovoy wrote:
> On Fri, 26 Aug 2016, Simo Sorce wrote:
> >On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> >> > I miss "why" part of "To be able to handle backward compatibility
> >> with
> >> > ease, a new object called ipaHBACRulev2 is
mbasti-rh's pull request #30: "Print to debug output answer from CA" was opened
PR body:
"""
CA request may fail due various erros, without debug output we cannot
decide what is wrong.
"""
See the full pull-request at https://github.com/freeipa/freeipa/pull/30
... or pull the PR as Git branch:
On Fri, 26 Aug 2016, Simo Sorce wrote:
On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> I miss "why" part of "To be able to handle backward compatibility
with
> ease, a new object called ipaHBACRulev2 is introduced. " in the
design
> page. If the reason is the above - old client's
tomaskrizek's pull request #29: "Enable LDAPS in replica promotion" was opened
PR body:
"""
With CA-less master and CA-less replica, attempting to install CA on replica
would fail. LDAPS has to be enabled during replica promotion, because it is
required by Dogtag.
On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> > I miss "why" part of "To be able to handle backward compatibility
> with
> > ease, a new object called ipaHBACRulev2 is introduced. " in the
> design
> > page. If the reason is the above - old client's should ignore time
> rules
> > then
On Fri, 2016-08-26 at 11:37 -0400, Simo Sorce wrote:
> Ie we could set both "allow" and "allow_with_time" on an object for
> cases where the admin wants to enforce the time part only o newer
> client
> but otherwise apply the rule to any client.
I notice that SSSD does not like it if there are
On Fri, 2016-08-26 at 11:26 -0400, Simo Sorce wrote:
> On Fri, 2016-08-26 at 18:09 +0300, Alexander Bokovoy wrote:
> > On Fri, 26 Aug 2016, Simo Sorce wrote:
> > >On Fri, 2016-08-26 at 12:39 +0200, Martin Basti wrote:
> > >> > I miss "why" part of "To be able to handle backward compatibility
> >
LiptonB's pull request #10: "Client-side CSR autogeneration" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/10
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/10/head:pr10
git checkout
LiptonB's pull request #10: "Client-side CSR autogeneration" was synchronize
See the full pull-request at https://github.com/freeipa/freeipa/pull/10
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/10/head:pr10
git checkout
mirielka's pull request #24: "[master, ipa-4-3] Raise error when running
ipa-adtrust-install with empty netbios--name" was edited
See the full pull-request at https://github.com/freeipa/freeipa/pull/24
... or pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
mirielka's pull request #24: "[master, ipa-4-3] Raise error when running
ipa-adtrust-install with empty netbios--name" was opened
PR body:
"""
When running ipa-adtrust-install, a netbios-name option must be specified.
Currently if an invalid netbios name in form of empty string is specified, the
On 23.8.2016 11:46, Fraser Tweedale wrote:
Thanks for review; rebased and updated patch attached. Only 0090
has substantive changes.
Cheers,
Fraser
On Mon, Aug 22, 2016 at 09:22:08AM +0200, Jan Cholasta wrote:
On 19.8.2016 13:11, Fraser Tweedale wrote:
Bump for review.
On Mon, Aug 15, 2016
50 matches
Mail list logo