This patch fixes several potential memory leaks in ipa-pwd-extop
SLAPI plugin.
Common function ipapwd_gen_hashes() now cleans after itself when
it fails. Other changes are local and self-explanatory.
https://fedorahosted.org/freeipa/ticket/715
From 36cd93947d619b7514ae80a82f7d154ecc8ad8ca Mon
This patch fixes a possible situation when krb5_kt_close()
function is called with uninitialized keytab parameter.
https://fedorahosted.org/freeipa/ticket/712
From b82b82a54f124ee5c881ff97cedcaf322cd2b855 Mon Sep 17 00:00:00 2001
From: Martin Kosek mko...@redhat.com
Date: Thu, 13 Jan 2011
Hi,
The attached patch should fix item #4 and #5 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The OTP field has been moved into a separate row to avoid line
wrapping. The line height inside tables has been increased to
avoid overlapping buttons in certificate status panel.
--
Endi
On Thu, 13 Jan 2011 11:19:47 +0100
Martin Kosek mko...@redhat.com wrote:
This patch fixes several potential memory leaks in ipa-pwd-extop
SLAPI plugin.
Common function ipapwd_gen_hashes() now cleans after itself when
it fails. Other changes are local and self-explanatory.
On Thu, 13 Jan 2011 11:50:09 +0100
Martin Kosek mko...@redhat.com wrote:
This patch fixes a possible situation when krb5_kt_close()
function is called with uninitialized keytab parameter.
https://fedorahosted.org/freeipa/ticket/712
ACK,
Simo.
--
Simo Sorce * Red Hat, Inc * New York
On 01/13/2011 03:59 AM, Виктор Сергеевич wrote:
hI!
I'am have analogic problem, like Geerten Schram
Install FreeIPA v2 on Fedora Core 14 x86
I suspect you're running old versions of the certificate server, i.e.
dogtag. Do you have pki-core installed? If so what version? What version
is
Hi there,
I guess you all have your own ways, but I have found a useful GUI tool
for browsing LDAP tree, schemas etc.:
LUMA: http://luma.sourceforge.net
It is much more effective for me when browsing IPA internal LDAP data
structure than using classic ldapsearch CLI utility.
Martin
On Thu, 13 Jan 2011 14:52:24 +0100
Martin Kosek mko...@redhat.com wrote:
Hi there,
I guess you all have your own ways, but I have found a useful GUI tool
for browsing LDAP tree, schemas etc.:
LUMA: http://luma.sourceforge.net
It is much more effective for me when browsing IPA internal
On Thu, 13 Jan 2011 09:42:16 -0500
John Dennis jden...@redhat.com wrote:
I think the reason why some folks are having CA problems is we're now
dependent on dogtag being = 9.0, specifically IPA is now dependent
on pki-core, a new package, but the spec files seems to be only
requiring pki-ca
On 01/12/2011 09:14 PM, Aravind GV wrote:
Hi Rich,
The version of 389-ds-base. I installed this package with fedora
testing repo which is documented in installation steps.
[root@agvdir ~]# rpm -qi 389-ds-base
Name: 389-ds-base Relocations: (not relocatable)
Version
John Dennis wrote:
I think the reason why some folks are having CA problems is we're now
dependent on dogtag being = 9.0, specifically IPA is now dependent on
pki-core, a new package, but the spec files seems to be only requiring
pki-ca 1.3.
The good news is these packages are available in our
Adam Young wrote:
On 01/12/2011 05:17 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
Simo Sorce wrote:
On Wed, 12 Jan 2011 11:03:31 -0500
Rob Crittendenrcrit...@redhat.com wrote:
Add an API version that is enforced both when the server is built (to
disallow unexpected API changes) and
Execute /usr/bin/python directly instead of calling /usr/bin/env python.
ticket 608
This depends on ticket 674 to be applied first.
rob
From ca498f22dbd24aff1ee4af52c18787deb682cce4 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Thu, 13 Jan 2011 12:26:30 -0500
Subject:
Hi,
I pushed 2 trivial patches under one-liner rule.
--
Endi S. Dewata
From 00f0295a4c8e6104989f8820f46a8c7e00a474ba Mon Sep 17 00:00:00 2001
From: Endi S. Dewata edew...@redhat.com
Date: Fri, 14 Jan 2011 01:06:58 +0700
Subject: [PATCH] Fixed incorrect loop variable.
---
python-ldap fails gloriously if the search time limit is 0. Don't allow it.
Don't allow the time limit to be set in the API. Also add a failsafe in
the ldap driver because such bad things happen if this value is 0. I
think it literally spends 0 time on the request and just returns
Bump minimum required version of dogtag up to 9.
ticket 763
rob
From 848e29505d03521f21b36036ba60b662b697c5ba Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Thu, 13 Jan 2011 13:17:36 -0500
Subject: [PATCH] Set minimum version of dogtag to 9
ticket 763
---
ipa.spec.in
On 01/12/2011 08:45 PM, Simo Sorce wrote:
The exisitng code sets up replication agreements by recycling the
Directory Manager password for the Replication Manager user.
This causes 2 issues:
- If you change the DM password newer replicas will fail to access the
older masters as they will
On 01/13/2011 12:28 PM, Rob Crittenden wrote:
Execute /usr/bin/python directly instead of calling /usr/bin/env python.
ticket 608
This depends on ticket 674 to be applied first.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On Thu, 13 Jan 2011 11:50:08 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Yet another new version. There are some new build deps since we fire
up ipalib during the build. These are the changes in ipa.spec.in.
Sorry I have to NACK, it seem you squashed in a patch to change the
python
On Thu, 13 Jan 2011 13:14:53 -0500
Rob Crittenden rcrit...@redhat.com wrote:
python-ldap fails gloriously if the search time limit is 0. Don't
allow it.
Don't allow the time limit to be set in the API. Also add a failsafe
in the ldap driver because such bad things happen if this value is 0.
From 629e2cf059b12c07850eed153d7af45b2b46f6a9 Mon Sep 17 00:00:00 2001
From: Gowrishankar Rajaiyan g...@redhat.com
Date: Fri, 14 Jan 2011 01:07:10 +0530
Subject: [PATCH] Fixed typo in ipa help service
---
ipalib/plugins/service.py |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
From cb9c30c91be10d96bee5908637a4de00a905f584 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Thu, 13 Jan 2011 14:50:46 -0500
Subject: [PATCH] metadata update
Static viewineg was broken due to recent hbac changes.
---
install/static/test/data/ipa_init.json | 73
On Fri, 14 Jan 2011 01:15:06 +0530
Gowrishankar Rajaiyan graja...@redhat.com wrote:
ACK,
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On Thu, 13 Jan 2011 14:51:46 -0500
Adam Young ayo...@redhat.com wrote:
ACK.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On Thu, 13 Jan 2011 20:19:13 +0100
Jakub Hrozek jhro...@redhat.com wrote:
I only found two issues in the winsync codepatch (which I didn't
test):
+ad_conn = ipaldap.IPAdmin(ad_dc_name, port=636,
cacert=cacert)
+ad_conn = do_simple_bind(binddn=ad_binddn,
On Thu, 13 Jan 2011 14:34:45 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Simo Sorce wrote:
On Thu, 13 Jan 2011 11:50:08 -0500
Rob Crittendenrcrit...@redhat.com wrote:
Yet another new version. There are some new build deps since we
fire up ipalib during the build. These are the
On 01/13/2011 03:12 PM, Simo Sorce wrote:
On Thu, 13 Jan 2011 14:51:46 -0500
Adam Youngayo...@redhat.com wrote:
ACK.
Simo.
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 01/13/2011 04:05 PM, Jenny Galipeau wrote:
Adam Young wrote:
http://koji.fedoraproject.org/koji/buildinfo?buildID=213857
See spec change log. This should deal with the mod-rewrite issue.
Adam:
Is this fix in ... I am not seeing the issue today?
Thanks
Jenny
No idea. Rob?
See ticket #759
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From f51d50b1f5690804f7e4c32c350d23524ad527d9 Mon Sep 17 00:00:00 2001
From: Simo Sorce sso...@redhat.com
Date: Thu, 13 Jan 2011 15:54:06 -0500
Subject: [PATCH 1/4] Move Virtual Operations container under cn=etc
Fixes:
Ticket #760
--
Simo Sorce * Red Hat, Inc * New York
From c79edab58d0517354053c666f8347cde377431ef Mon Sep 17 00:00:00 2001
From: Simo Sorce sso...@redhat.com
Date: Thu, 13 Jan 2011 16:00:36 -0500
Subject: [PATCH 2/4] Move mep templates under cn=etc
Fixes:
Ticket #757
--
Simo Sorce * Red Hat, Inc * New York
From 4b30d922d5ea789c4d46e572d1c1a29c59798735 Mon Sep 17 00:00:00 2001
From: Simo Sorce sso...@redhat.com
Date: Thu, 13 Jan 2011 18:09:21 -0500
Subject: [PATCH 4/4] Remove dependency on nss_ldap/nss-pam-ldapd
We use sssd in ipa v2
Fixes:
On 01/13/2011 06:53 PM, Simo Sorce wrote:
Ticket #757
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACK
___
Freeipa-devel mailing list
On 01/13/2011 06:30 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch should fix item #4 and #5 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The OTP field has been moved into a separate row to avoid line
wrapping. The line height inside tables has been increased to
avoid
On 01/13/2011 02:55 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch should fix item #3 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The li tag used for status icon has been replaced with div
tag shaped like a circle. The size can be adjusted using CSS.
Rich Megginson wrote:
For bug https://bugzilla.redhat.com/show_bug.cgi?id=668899
Where is the code that generates the initial CA and server cert?
If I have to do a full ipa install to reproduce I will (btw, is the 2.0
install guide on freeipa.org correct?), but I'd rather have a smaller,
On 01/13/2011 02:55 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch should fix item #3 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The li tag used for status icon has been replaced with div
tag shaped like a circle. The size can be adjusted using CSS.
On 01/13/2011 12:59 PM, Endi Sukma Dewata wrote:
Hi,
The attached patch should fix this bug:
https://fedorahosted.org/freeipa/ticket/657
The StrEnum class has been modified to accept str value and convert
it into unicode. This is to fix encoding issue on F14.
On 1/14/2011 8:40 AM, Adam Young wrote:
The attached patch should fix item #4 and #5 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The OTP field has been moved into a separate row to avoid line
wrapping. The line height inside tables has been increased to
avoid overlapping buttons in
Rich Megginson wrote:
For bug https://bugzilla.redhat.com/show_bug.cgi?id=668899
Where is the code that generates the initial CA and server cert?
If I have to do a full ipa install to reproduce I will (btw, is the 2.0
install guide on freeipa.org correct?), but I'd rather have a smaller,
easily
On 1/14/2011 9:22 AM, Adam Young wrote:
The attached patch should fix item #3 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The li tag used for status icon has been replaced with div
tag shaped like a circle. The size can be adjusted using CSS.
ACK, based on our discussion in IRC.
On 1/14/2011 9:28 AM, Adam Young wrote:
The attached patch should fix this bug:
https://fedorahosted.org/freeipa/ticket/657
The StrEnum class has been modified to accept str value and convert
it into unicode. This is to fix encoding issue on F14.
ACK
Pushed to master.
--
Endi S. Dewata
41 matches
Mail list logo