Re: [Freeipa-devel] [PATCH] 702 add entitlement API

2011-02-08 Thread Jan Zelený
Rob Crittenden rcrit...@redhat.com wrote: The entitlement plugin was being skipped completely if the python-rhsm package wasn't installed. We want to let it limp through if the package isn't installed but we're doing API validation. ticket 919 rob Patch looks and applies ok, installation

[Freeipa-devel] [PATCH] 78 Use ldapi: instead of unsecured ldap: in ipa core tools.

2011-02-08 Thread Pavel Zuna
The patch also corrects exception handling in some of the tools. Fix #874 Pavel freeipa-pzuna-78-toolsldapi.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 049 Make nsslib IPv6 aware

2011-02-08 Thread Jakub Hrozek
On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote: Jakub Hrozek jhro...@redhat.com wrote: Hi, attached is a patch to nsslib.py that changes its semantics so it is able to work with different address families. It is the last piece of IPv6 support. Aside from the hunks in

Re: [Freeipa-devel] [PATCH] 73 Update config doc to reflect that 0 is not allowed for search time limit.

2011-02-08 Thread Pavel Zuna
On 02/08/2011 12:34 AM, David O'Brien wrote: Pavel Zuna wrote: Fix #837 Pavel /me hesitantly asks... Doesn't this mean that 1 is illegal? doc=_('Max. amount of time (sec.) for a search ( 1 or -1 for unlimited)'), Neither is there any mention of zero being illegal. It may be implicit or

Re: [Freeipa-devel] [PATCH] 72 Set minimum for Kerberos policy max life and max renew

2011-02-08 Thread Jakub Hrozek
On Mon, Feb 07, 2011 at 02:10:40PM +0100, Pavel Zuna wrote: On 02/07/2011 01:10 PM, Jakub Hrozek wrote: On Mon, Feb 07, 2011 at 11:13:56AM +0100, Pavel Zuna wrote: Fix #847 Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH] 703 389-ds startup with krb config

2011-02-08 Thread Rob Crittenden
If /etc/krb5.conf doesn't exist or contains no default kerberos realm then 389-ds won't start at all. This is a problem during installation because we configure 389 first. This patch will let the server come up, you just won't be able to do any joins or password changes until you configure

Re: [Freeipa-devel] [PATCH] 77 Update krbtpolicy doc to inform that restarting krb5kdc might be needed.

2011-02-08 Thread Rob Crittenden
David O'Brien wrote: Dmitri Pal wrote: On 02/07/2011 06:46 PM, David O'Brien wrote: Jenny Galipeau wrote: Pavel Zuna wrote: It seems that restarting krb5kdc is only needed when changes to the global policy are made. Per-user policies take effect immediately for newly requested tickets. Can

[Freeipa-devel] [PATCH] 1 Remove unnecessary BuildRequires

2011-02-08 Thread Jan Cholasta
Removed 2 unnecessary BuildRequires from freeipa.spec.in: * e2fsprogs-devel: obsoleted by libuuid-devel * libcap-devel: not needed to build the RPM diff --git a/freeipa.spec.in b/freeipa.spec.in index 9da5809..84c9e8c 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -29,10 +29,8 @@

Re: [Freeipa-devel] [PATCH] 1 Remove unnecessary BuildRequires

2011-02-08 Thread Jan Cholasta
Fixing newbie mistake: included properly formated patch. It was tested in mock. Dne 8.2.2011 18:30, Jan Cholasta napsal(a): Removed 2 unnecessary BuildRequires from freeipa.spec.in: * e2fsprogs-devel: obsoleted by libuuid-devel * libcap-devel: not needed to build the RPM

[Freeipa-devel] [PATCH] drop the group.upg NIS map

2011-02-08 Thread Nalin Dahyabhai
The group.upg NIS map was an experiment in providing UPG groups dynamically, and is not one of the maps that I'd ever expect a NIS client to know to search. We should probably just drop it. --- install/share/nis.uldif | 12 1 files changed, 0 insertions(+), 12 deletions(-) diff

[Freeipa-devel] [PATCH] Moved add dialog into search facet.

2011-02-08 Thread Endi Sukma Dewata
Previously the add dialog is added into entity. The dialog is only used by the search facet, so it's now moved into the search facet. -- Endi S. Dewata From b05f930e7538c69658b9cb3711584ef745dd3548 Mon Sep 17 00:00:00 2001 From: Endi S. Dewata edew...@redhat.com Date: Tue, 8 Feb 2011 15:41:24

Re: [Freeipa-devel] [PATCH] 73 Update config doc to reflect that 0 is not allowed for search time limit.

2011-02-08 Thread David O'Brien
Pavel Zuna wrote: On 02/08/2011 12:34 AM, David O'Brien wrote: Pavel Zuna wrote: Fix #837 Pavel /me hesitantly asks... Doesn't this mean that 1 is illegal? doc=_('Max. amount of time (sec.) for a search ( 1 or -1 for unlimited)'), Neither is there any mention of zero being illegal. It

Re: [Freeipa-devel] [PATCH] 77 Update krbtpolicy doc to inform that restarting krb5kdc might be needed.

2011-02-08 Thread David O'Brien
Rob Crittenden wrote: David O'Brien wrote: Dmitri Pal wrote: On 02/07/2011 06:46 PM, David O'Brien wrote: Jenny Galipeau wrote: Pavel Zuna wrote: It seems that restarting krb5kdc is only needed when changes to the global policy are made. Per-user policies take effect immediately for newly

[Freeipa-devel] Hosts, A recs, and AAAA recs

2011-02-08 Thread Adam Young
The current process to add a host today is: Create an A record run add host We have --force which will allow us to add the host even if the A record doesn't exist, but do we have a way to say, add this host, A record, and record all at the same time? From a cloud perspective, it

[Freeipa-devel] [PATCH] 705 make main selfservice aci visible

2011-02-08 Thread Rob Crittenden
The main aci that grants user's the ability to manage themselves wasn't visible to the selfservice plugin. Move the location of the aci and fix the description. ticket 934 rob freeipa-rcrit-705-aci.patch Description: application/mbox ___

Re: [Freeipa-devel] Hosts, A recs, and AAAA recs

2011-02-08 Thread Simo Sorce
On Tue, 08 Feb 2011 22:10:16 -0500 Adam Young ayo...@redhat.com wrote: The current process to add a host today is: Create an A record run add host We have --force which will allow us to add the host even if the A record doesn't exist, but do we have a way to say, add this host, A