On 05/14/2010 11:32 PM, Rob Crittenden wrote:
Enforce that the max lifetime is min lifetime. This was a regression
from IPA v1.
This relies on the pwpolicy switcheroo, patch 441.
rob
ack.
Pavel
___
Freeipa-devel mailing list
On 05/14/2010 11:54 PM, Rob Crittenden wrote:
The uid option to the user plugin is the uidnumber, not the login name.
Try to clarify that in the cmd line doc.
rob
ack.
Pavel
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 05/14/2010 10:02 PM, Rob Crittenden wrote:
This completes the switch to the new pwpolicy plugin. I generated the
patch with -M but it still created a huge diff. The changes are
relatively minor, mostly dropping '2' from a bunch of calls and fixing
removal of the pwpolicy when deleting a
Remove the unnecessary get_dn() and get_primary_key_from_dn() from
hbacsvcgroup plugin and add some basic tests for it.
rob
freeipa-445-hbac.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Pavel Zuna wrote:
On 05/14/2010 11:30 PM, Rob Crittenden wrote:
Update HBAC test to drop serviceName for groups of services.
This relies on patch 440
rob
ack.
Pavel
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Pavel Zuna wrote:
On 05/14/2010 03:40 PM, Rob Crittenden wrote:
Replace serviceName with memberService so we can assign individual
services or groups of services to an HBAC rule.
rob
Why is there a custom get_dn() in hbacsvcgroup? If the primary_key (cn)
is part of the object DN, there is
Pavel Zuna wrote:
On 05/14/2010 11:54 PM, Rob Crittenden wrote:
The uid option to the user plugin is the uidnumber, not the login name.
Try to clarify that in the cmd line doc.
rob
ack.
Pavel
pushed to master
___
Freeipa-devel mailing list
