Enable a host to retrieve a keytab for all its services.
Using the host service principal one should be able to retrieve a keytab
for other services for the host using ipa-getkeytab. This required a
number of changes:
- allow hosts in the service's managedby to write krbPrincipalKey
- automat
On 08/05/2010 11:01 AM, Pavel Zůna wrote:
On 2010-08-04 01:49, Adam Young wrote:
This is a required patch for the UI code. Basically, the Kerberos
authentication method does not provide any way for the web ui to know
who logged in. With this patch, we can do the equivalent of 'ipa whoami'
that
On 08/04/2010 03:56 PM, Adam Young wrote:
On 07/26/2010 06:01 PM, Rob Crittenden wrote:
The i18n tests were failing if the language wasn't built. Skip it in
this case and inform the user what to run to get the test to execute.
rob
___
Freeipa-devel
On 08/02/2010 06:14 PM, Rob Crittenden wrote:
Properly show the members when an add/remove operation fails.
The remove member function in baseldap was not returning failures at
all. The add member function was only showing them in the group object.
Most of the magic is handled in baseldap. Ea
On 07/29/2010 10:55 AM, Rob Crittenden wrote:
The command tests rely on the in-tree version of the command. If you
haven't done a 'make' in the tree the command won't exist so isn't
testable. This adds a test for command existence and raises a specific
error. It was previously failing with some
On 07/27/2010 04:40 PM, Rob Crittenden wrote:
Fix the RPC tests. The method name comes back as a unicode from
xmlrpclib.loads().
With this and a fix in patch 495 all tests should now pass.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 07/27/2010 04:38 PM, Rob Crittenden wrote:
Add optional error message to pattern validator and enforces valid
user/group names.
The pattern validator by default displays the pattern that is being
matched against. This isn't helpful, particularly for very hairy
patterns. This adds a new par
Hello,
It occurred to me that we can have a compromise. We can have two ways
and let the admins to decide which model to follow.
So the schema will look like this:
The sudo rule entry will have a string attribute to put a command
verbatim as it is designed now and an attribute that contains a DN o
On 08/05/2010 12:00 PM, Adam Young wrote:
On 08/03/2010 01:53 PM, Adam Young wrote:
Proposal to reset master branch to last known good commit prior to
the merge of the web UI code.
Since the push on Friday complicates the source tree unnecessarily,
making it difficult to track actual change4s
On 08/03/2010 01:53 PM, Adam Young wrote:
Proposal to reset master branch to last known good commit prior to the
merge of the web UI code.
Since the push on Friday complicates the source tree unnecessarily,
making it difficult to track actual change4s done as well as to
reproduce the current
On 2010-08-04 01:49, Adam Young wrote:
This is a required patch for the UI code. Basically, the Kerberos
authentication method does not provide any way for the web ui to know
who logged in. With this patch, we can do the equivalent of 'ipa whoami'
that returns the user principal in the summary f
Adam Young wrote:
On 08/05/2010 08:45 AM, Rob Crittenden wrote:
Adam Young wrote:
On 07/30/2010 04:02 PM, Adam Young wrote:
On 07/22/2010 02:25 PM, Rob Crittenden wrote:
Make sure that the host behind new host and service records is
actually a resolvable DNS A record. There is a --force flag
On 08/05/2010 08:45 AM, Rob Crittenden wrote:
Adam Young wrote:
On 07/30/2010 04:02 PM, Adam Young wrote:
On 07/22/2010 02:25 PM, Rob Crittenden wrote:
Make sure that the host behind new host and service records is
actually a resolvable DNS A record. There is a --force flag if you
know what y
Dmitri Pal wrote:
Adam Young wrote:
On 07/30/2010 04:02 PM, Adam Young wrote:
On 07/22/2010 02:25 PM, Rob Crittenden wrote:
Make sure that the host behind new host and service records is
actually a resolvable DNS A record. There is a --force flag if you
know what you are doing (or just feel li
Adam Young wrote:
On 07/30/2010 04:02 PM, Adam Young wrote:
On 07/22/2010 02:25 PM, Rob Crittenden wrote:
Make sure that the host behind new host and service records is
actually a resolvable DNS A record. There is a --force flag if you
know what you are doing (or just feel like charging ahead
15 matches
Mail list logo