Re: [Freeipa-devel] [PATCH] 483 disable service/host
Pavel Zuna wrote: On 07/12/2010 11:48 PM, Rob Crittenden wrote: This patch supercedes patch 479 which is now defunct. It relies on patch 481. Add API to delete a service principal key, service-disable and host-disable. This is so an admin can essentially revoke a service principal without deleting it (a host stores its own host service principal). I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new output parameter, has_keytab. It is a boolean that indicates whether the entry has a kerberos principal key (or at least our best guess at it). rob ACK. Pavel pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 480 new search attribute
Pavel Zuna wrote: On 07/12/2010 08:21 PM, Rob Crittenden wrote: Add a new optional calss variable to store the attributes to search on. They might differ from the default attributes you want to display. Also link in any search attributes defined in cn=ipaconfig. Thesese are a comma-separated list of attributes. We only have user and group defined currently. rob ACK. Pavel pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 481 add has_output_params support to Method class
Pavel Zuna wrote: On 07/12/2010 10:47 PM, Rob Crittenden wrote: When figuring out what to display has_output_params was being ignored by decendents of the Method class. rob ACK. Pavel pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 482 test cert storage
Pavel Zuna wrote: On 07/12/2010 11:44 PM, Rob Crittenden wrote: Verify that we're storing the same certificate that is being issued. Doesn't hurt to be a little extra paranoid. rob ACK. Pavel pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 483 disable service/host
On 07/12/2010 11:48 PM, Rob Crittenden wrote: This patch supercedes patch 479 which is now defunct. It relies on patch 481. Add API to delete a service principal key, service-disable and host-disable. This is so an admin can essentially revoke a service principal without deleting it (a host stores its own host service principal). I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new output parameter, has_keytab. It is a boolean that indicates whether the entry has a kerberos principal key (or at least our best guess at it). rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 482 test cert storage
On 07/12/2010 11:44 PM, Rob Crittenden wrote: Verify that we're storing the same certificate that is being issued. Doesn't hurt to be a little extra paranoid. rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 481 add has_output_params support to Method class
On 07/12/2010 10:47 PM, Rob Crittenden wrote: When figuring out what to display has_output_params was being ignored by decendents of the Method class. rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 480 new search attribute
On 07/12/2010 08:21 PM, Rob Crittenden wrote: Add a new optional calss variable to store the attributes to search on. They might differ from the default attributes you want to display. Also link in any search attributes defined in cn=ipaconfig. Thesese are a comma-separated list of attributes. We only have user and group defined currently. rob ACK. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel