Re: [Freeipa-devel] [PATCH] 34 Create FreeIPA CLI Plugin for the 389 Auto Membership plugin
On Fri, 2011-08-05 at 18:36 +, JR Aquino wrote: ~ Jr Aquino, GCIH | Information Security Specialist Citrix Online | 7408 Hollister Avenue | Goleta, CA 93117 T: +1 805.690.3478 jr.aqu...@citrixonline.com http://www.citrixonline.com On Aug 2, 2011, at 5:55 AM, Rob Crittenden wrote: JR Aquino wrote: On Aug 1, 2011, at 5:56 AM, Rob Crittenden wrote: Martin Kosek wrote: On Sat, 2011-07-30 at 00:54 +, JR Aquino wrote: On Jul 21, 2011, at 8:53 AM, JR Aquino wrote: On Jul 21, 2011, at 7:31 AM, Rob Crittenden wrote: Martin Kosek wrote: On Thu, 2011-07-21 at 03:37 +, JR Aquino wrote: Rob, I'm afraid I believe that ldap lookup is necessary. The user inputs a standard string to represent the possible host group… If i simply perform a get_dn it will indeed provide a dn, however, it won't verify that the host group actually exists… (you don't want to create an assignment rule for a non existent target host group) Martin, (except for the name Clarity), I have addressed your observations in this latest patch. Could you please have a look and let me know if there is anything else I need to take care of? Great, preparing the command parameters in pre_callback is much cleaner. Good point about the LDAP lookup. This looks a lot better but there are still a few issues: If group_dn is in the object then you can use self.obj.handle_not_found(*keys) for the NotFound. Ok, I will give that a shot! Or if it can't be moved, in the calls to group_dn() you can use the ldap handle passed into pre_callback. I guess you are using the includetype tuple to avoid coding long variable names everywhere? Would a symbol be better, eg: INCLUDE_RE = 'automemberinclusiveregex' EXCLUDE_RE = 'automemberexclusiveregex' That works, I'll swap em. I agree with Rob here, this will make the code better. Is there a way to validate the regex? Now that you mention it, I believe if I import re, we should be able to validate the initial regex and raise an exception if it is bogus. If we were to add an equivalent user group handler would it be the same code in add_condition and remove_condition? It is sort of nice to have everything together at the moment, I suspect it will need to be generalized at some point. Well. For the groups, I was thinking it starts to get a little different. I would still reuse the condition, but I believe I would pivot users into groups based upon something like their manager? Adding a clarity with no rules won't let you add rules: # ipa hostgroup-add --desc=hg1 hg1 # ipa hostgroupclarity-add hg1 # ipa hostgroupclarity-add-condition --exclusive-hostname-regex=^web5\.example\.com hg1 ipa: ERROR: no modifications to be performed This ^ is deliberate, you cannot add an exclusion rule if there is no existing or simultaneous inclusive rule. :) Martin asked for that, and I think its wise. Yes, it is wise :-) But the error message is really not clear to the user. We should tell him that there must be at least one inclusive rule. I wonder if we shouldn't force user to create a hostgroupclarity object with at least one inclusive rule and than make sure that in all operations at least one inclusive rule stays here. Or we could delete the empty LDAP object after the last inclusive rule is removed, as we do with DNS record LDAP objects in dnsrecord-del. The way you explained clarity today in IRC, how it brings clarity to managing membership with names no human can grok, I got it. Still, clarity is a bit awkward as a name. automember might be a better choice. Fair enough ;) I tried, perhaps I can /allude/ to it in the help / docs. automember it is. One final class I have been struggling with that I want to add… The object and attribute which defines the 'default group' is the parent of the actual rules… i.e. cn=hostgroup,cn=automember,cn=etc… The ipa cli seems to only want to let me make mods that assume I am specifying a target object on the cli… ipa hostgroupautomember-default-group=foorulename- in this scenario, we don't actually want or need a rule name because its the container above… I have had success making the writes, but the cli syntax just doesn't lend itself to that level of abstraction… Any suggestions? I think the best shot would be to create a new command and overload the execute method in that case. Like in hbacrule_enable. You would be able to set dn correctly here and do the update. Does it makes sense? Rob? Martin I agree. We are better off abstracting things now so we can get the API right. I think we can stick more or less with the command names, just in a new plugin and some new arguments. I see the plugin with the
[Freeipa-devel] [PATCH] 36 Ask for reverse DNS zone information right after asking for DNS forwarders
This patch modifies ipa-server-install and ipa-dns-install so that they ask for reverse DNS zone information right after asking for DNS forwarders so that DNS configuration is done in one place. https://fedorahosted.org/freeipa/ticket/1522 Honza -- Jan Cholasta From f420322aef8ae4551e8a12ea70ed8569fbb5ca62 Mon Sep 17 00:00:00 2001 From: Jan Cholasta jchol...@redhat.com Date: Tue, 26 Jul 2011 14:53:19 +0200 Subject: [PATCH] Ask for reverse DNS zone information in attended install right after asking for DNS forwarders, so that DNS configuration is done in one place. ticket 1522 --- install/tools/ipa-dns-install| 46 +++--- install/tools/ipa-server-install | 21 - 2 files changed, 33 insertions(+), 34 deletions(-) diff --git a/install/tools/ipa-dns-install b/install/tools/ipa-dns-install index da70c85..cf400dd 100755 --- a/install/tools/ipa-dns-install +++ b/install/tools/ipa-dns-install @@ -107,6 +107,21 @@ def main(): if bindinstance.named_conf_exists(): sys.exit(\nDNS is already configured in this IPA server.) +# Create a BIND instance +if options.unattended and not options.dm_password: +sys.exit(\nIn unattended mode you need to provide at least the -p option) + +dm_password = options.dm_password or read_password(Directory Manager, + confirm=False, validate=False) +bind = bindinstance.BindInstance(fstore, dm_password) + +# try the connection +try: +bind.ldap_connect() +bind.ldap_disconnect() +except ldap.INVALID_CREDENTIALS, e: +sys.exit(Password is not valid!) + # Check we have a public IP that is associated with the hostname if options.ip_address: ip = options.ip_address @@ -137,29 +152,6 @@ def main(): dns_forwarders = read_dns_forwarders() logging.debug(will use dns_forwarders: %s\n, str(dns_forwarders)) -conf_ntp = ntpinstance.NTPInstance(fstore).is_enabled() - -if not options.unattended: -print -print The following operations may take some minutes to complete. -print Please wait until the prompt is returned. -print - -# Create a BIND instance -if options.unattended and not options.dm_password: -sys.exit(\nIn unattended mode you need to provide at least the -p option) - -dm_password = options.dm_password or read_password(Directory Manager, - confirm=False, validate=False) -bind = bindinstance.BindInstance(fstore, dm_password) - -# try the connection -try: -bind.ldap_connect() -bind.ldap_disconnect() -except ldap.INVALID_CREDENTIALS, e: -sys.exit(Password is not valid!) - if bind.dm_password: api.Backend.ldap2.connect(bind_dn=cn=Directory Manager, bind_pw=bind.dm_password) else: @@ -179,6 +171,14 @@ def main(): if reverse_zone is not None: print Using reverse zone %s % reverse_zone +conf_ntp = ntpinstance.NTPInstance(fstore).is_enabled() + +if not options.unattended: +print +print The following operations may take some minutes to complete. +print Please wait until the prompt is returned. +print + bind.setup(api.env.host, ip_address, api.env.realm, api.env.domain, dns_forwarders, conf_ntp, reverse_zone, zonemgr=options.zonemgr) bind.create_instance() diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 98941ef..3605b03 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -711,6 +711,16 @@ def main(): dns_forwarders = options.forwarders else: dns_forwarders = read_dns_forwarders() + +if options.reverse_zone: +reverse_zone = bindinstance.normalize_zone(options.reverse_zone) +elif not options.no_reverse: +reverse_zone = bindinstance.get_reverse_zone_default(ip) +if not options.unattended and bindinstance.create_reverse(): +reverse_zone = bindinstance.read_reverse_zone(reverse_zone, ip) + +if reverse_zone is not None: +print Using reverse zone %s % reverse_zone else: dns_forwarders = () logging.debug(will use dns_forwarders: %s\n % str(dns_forwarders)) @@ -919,17 +929,6 @@ def main(): # Create a BIND instance bind = bindinstance.BindInstance(fstore, dm_password) -if options.setup_dns: -if options.reverse_zone: -reverse_zone = bindinstance.normalize_zone(options.reverse_zone) -elif not options.no_reverse: -reverse_zone = bindinstance.get_reverse_zone_default(ip) -if not options.unattended and bindinstance.create_reverse(): -reverse_zone = bindinstance.read_reverse_zone(reverse_zone, ip) - -if reverse_zone is not None: -print Using reverse zone %s %
Re: [Freeipa-devel] [PATCH] 106 Improve dnszone-add error message
On 4.8.2011 10:02, Martin Kosek wrote: Check that NS address passed in dnszone-add is a domain name and not an IP address. Make this clear also the parameter help. https://fedorahosted.org/freeipa/ticket/1567 ACK. I'd prefer if doc said Authoritative nameserver hostname instead of Authoritative nameserver domain name, but I guess both are OK? Honza -- Jan Cholasta ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] Correct xmlrpc-c version?
I checked today to see if we have a new xmlrpc-c package that meets our release requirements for 2.1. I see that 1.27.4 was build earlier today for F16 and F17 with the changelog comment just saying it was upgraded to latest upstream (is that our fix?). The upstream tarball does not have a changelog :-( but there is a reference to this URL for change history: http://xmlrpc-c.sourceforge.net/change.html But not much useful information there either. Can someone tell me *exactly* what it is we're waiting for so I can be sure we've got the right release? Also it doesn't look like there has been a rebuild of F15 for a long time so even if F16 and F17 have 1.27.4 and 1.27.4 is what we're looking for (is it?) then that still doesn't meet our needs because we're targeting F15 right? -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Correct xmlrpc-c version?
On Mon, 2011-08-08 at 10:07 -0400, John Dennis wrote: I checked today to see if we have a new xmlrpc-c package that meets our release requirements for 2.1. I see that 1.27.4 was build earlier today for F16 and F17 with the changelog comment just saying it was upgraded to latest upstream (is that our fix?). The upstream tarball does not have a changelog :-( but there is a reference to this URL for change history: http://xmlrpc-c.sourceforge.net/change.html But not much useful information there either. Can someone tell me *exactly* what it is we're waiting for so I can be sure we've got the right release? Also it doesn't look like there has been a rebuild of F15 for a long time so even if F16 and F17 have 1.27.4 and 1.27.4 is what we're looking for (is it?) then that still doesn't meet our needs because we're targeting F15 right? John, reading the page above it might not be there. What we are waiting for is: Curl client: add gssapi_delegation option. Needed in some cases with newer Curl libraries to get back old function. It appears this line is under the 1.28 heading which is marked as Not released yet. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Correct xmlrpc-c version?
On Mon, 2011-08-08 at 10:07 -0400, John Dennis wrote: I checked today to see if we have a new xmlrpc-c package that meets our release requirements for 2.1. I see that 1.27.4 was build earlier today for F16 and F17 with the changelog comment just saying it was upgraded to latest upstream (is that our fix?). The upstream tarball does not have a changelog :-( but there is a reference to this URL for change history: http://xmlrpc-c.sourceforge.net/change.html But not much useful information there either. Can someone tell me *exactly* what it is we're waiting for so I can be sure we've got the right release? Also it doesn't look like there has been a rebuild of F15 for a long time so even if F16 and F17 have 1.27.4 and 1.27.4 is what we're looking for (is it?) then that still doesn't meet our needs because we're targeting F15 right? Good news is that the problem in curl package has been fixed and was built for F-15: https://admin.fedoraproject.org/updates/curl-7.21.3-9.fc15 But we need this change to be propagated to the xmlrpc-c too. As you wrote, there is already a fixed version for F-16 and F-17: xmlrpc-c-1.16.24. I checked the source code, the GSSAPI delegation fix should be there. We just need to ask them to release an update for F-15 too. Adding xmlrpc-c Fedora owner to the CC list. Enrico, can you please release the package for F-15 too? When all this is ready, I plan to immediately send a patch update our .spec to make this work on F-15. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 106 Improve dnszone-add error message
On Mon, 2011-08-08 at 15:33 +0200, Jan Cholasta wrote: On 4.8.2011 10:02, Martin Kosek wrote: Check that NS address passed in dnszone-add is a domain name and not an IP address. Make this clear also the parameter help. https://fedorahosted.org/freeipa/ticket/1567 ACK. I'd prefer if doc said Authoritative nameserver hostname instead of Authoritative nameserver domain name, but I guess both are OK? Honza In this case I wanted the doc to say domain name in order to be keep the terminology exact with respect to the relevant RFC (1035). Pushed to master. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 236 Fixed 3rd level tab style.
On 08/05/2011 12:12 PM, Endi Sukma Dewata wrote: The 3rd level tab style has been adjusted according to UXD input. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 237 Fixed facet group labels.
On 08/05/2011 02:25 PM, Endi Sukma Dewata wrote: The facet group labels have been modified according to UXD spec. Some facet groups will have more descriptive labels. Some others will not have any labels because the facet tab is self-explanatory. Ticket #1423, #1561 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK. Pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 236 Fixed 3rd level tab style.
On 08/08/2011 11:58 AM, Adam Young wrote: On 08/05/2011 12:12 PM, Endi Sukma Dewata wrote: The 3rd level tab style has been adjusted according to UXD input. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Correct xmlrpc-c version?
On 08/08/2011 11:42 AM, Martin Kosek wrote: On Mon, 2011-08-08 at 10:07 -0400, John Dennis wrote: I checked today to see if we have a new xmlrpc-c package that meets our release requirements for 2.1. I see that 1.27.4 was build earlier today for F16 and F17 with the changelog comment just saying it was upgraded to latest upstream (is that our fix?). The upstream tarball does not have a changelog :-( but there is a reference to this URL for change history: http://xmlrpc-c.sourceforge.net/change.html But not much useful information there either. Can someone tell me *exactly* what it is we're waiting for so I can be sure we've got the right release? Also it doesn't look like there has been a rebuild of F15 for a long time so even if F16 and F17 have 1.27.4 and 1.27.4 is what we're looking for (is it?) then that still doesn't meet our needs because we're targeting F15 right? Good news is that the problem in curl package has been fixed and was built for F-15: https://admin.fedoraproject.org/updates/curl-7.21.3-9.fc15 But we need this change to be propagated to the xmlrpc-c too. As you wrote, there is already a fixed version for F-16 and F-17: xmlrpc-c-1.16.24. I checked the source code, the GSSAPI delegation fix should be there. We just need to ask them to release an update for F-15 too. Adding xmlrpc-c Fedora owner to the CC list. Enrico, can you please release the package for F-15 too? When all this is ready, I plan to immediately send a patch update our .spec to make this work on F-15. You're talking about just the Fedora spec file right? Aren't we also supposed to be doing a RHEL 6.2 build and doesn't RHEL 6.2 have the same issues and requirements? -- John Dennis jden...@redhat.com Looking to carve out IT costs? www.redhat.com/carveoutcosts/ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 238 Fixed error after login on IE
The IE does not resend the request body during negotiation, so after
after a successful authentication the server could not find the JSON
request to parse.
The Web UI has been modified to detect this error and resend the
initialization request.
Ticket #1540
--
Endi S. Dewata
From dbe61f4469252dc834696c3e56d9381353d40aac Mon Sep 17 00:00:00 2001
From: Endi S. Dewata edew...@redhat.com
Date: Wed, 3 Aug 2011 15:26:54 -0500
Subject: [PATCH] Fixed error after login on IE
The IE does not resend the request body during negotiation, so after
after a successful authentication the server could not find the JSON
request to parse.
The Web UI has been modified to detect this error and resend the
initialization request.
Ticket #1540
---
install/ui/host.js |3 +-
install/ui/ipa.js | 74 ++-
2 files changed, 63 insertions(+), 14 deletions(-)
diff --git a/install/ui/host.js b/install/ui/host.js
index 743196b08fdcfd9d7c91d92a5f9eba6048b498b2..3ffcba34be0ea571b4349e7deaa6a3cd0234f00a 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -138,6 +138,7 @@ IPA.host_adder_dialog = function(spec)
that.on_error = function(xhr, text_status, error_thrown)
{
+var ajax = this;
var command = that.command;
var data = error_thrown.data;
var dialog = null;
@@ -152,7 +153,7 @@ IPA.host_adder_dialog = function(spec)
fqdn: that.get_field('fqdn').save()
}
};
-command.on_success(data, text_status, xhr);
+command.on_success.call(ajax, data, text_status, xhr);
}
});
} else {
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index d53ee7b126a7d5e103013675620dc973aa9f8a0a..8a3dd4e7d596914687e412aefdda27d7d699261d 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -70,8 +70,35 @@ var IPA = ( function () {
var batch = IPA.batch_command({
name: 'ipa_init',
+retry: false,
on_success: on_success,
-on_error: on_error
+on_error: function(xhr, text_status, error_thrown) {
+
+// On IE the request is missing after authentication,
+// so the request needs to be resent.
+if (error_thrown.name == 'IPA Error 909') {
+batch.execute();
+
+} else {
+var ajax = this;
+
+var dialog = IPA.error_dialog({
+xhr: xhr,
+text_status: text_status,
+error_thrown: error_thrown,
+command: batch
+});
+
+dialog.on_cancel = function() {
+dialog.close();
+if (on_error) {
+on_error.call(ajax, xhr, text_status, error_thrown);
+}
+};
+
+dialog.open();
+}
+}
});
batch.add_command(IPA.command({
@@ -243,12 +270,23 @@ IPA.command = function(spec) {
that.execute = function() {
function dialog_open(xhr, text_status, error_thrown) {
+
+var ajax = this;
+
var dialog = IPA.error_dialog({
xhr: xhr,
text_status: text_status,
error_thrown: error_thrown,
command: that
});
+
+dialog.on_cancel = function() {
+dialog.close();
+if (that.on_error) {
+that.on_error.call(ajax, xhr, text_status, error_thrown);
+}
+};
+
dialog.open();
}
@@ -399,6 +437,7 @@ IPA.batch_command = function (spec) {
method: that.method,
args: that.args,
options: that.options,
+retry: that.retry,
on_success: function(data, text_status, xhr) {
for (var i=0; ithat.commands.length; i++) {
@@ -406,8 +445,10 @@ IPA.batch_command = function (spec) {
var result = data.result.results[i];
if (!result) {
-if (command.on_error) command.on_error(
-xhr, text_status,
+if (command.on_error) command.on_error.call(
+this,
+xhr,
+text_status,
{
name: 'Internal Error '+xhr.status,
message: result ? xhr.statusText : Internal error
@@ -415,7 +456,8 @@ IPA.batch_command = function (spec) {
);
} else if (result.error) {
-if (command.on_error) command.on_error(
+if
Re: [Freeipa-devel] [PATCH] 003 Redirection after changing browser configuration
On 08/08/2011 09:50 AM, Petr Vobornik wrote: On 08/05/2011 11:12 PM, Adam Young wrote: On 08/05/2011 09:22 AM, Petr Vobornik wrote: Redirection after changing browser configuration https://fedorahosted.org/freeipa/ticket/1502 Added redirection link. Notes: Modified preferences.html.template to be able to respond to the configuration change. Because of security politics page cannot be automatically redirected. (has to redirect top frame). - Message with link was added. Redirection link has to use absolute url because page is situated in object frame and its location points to jar archive. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Looks good. The formatting of the Link at the end is wrapped around across multiple lines. Of course, right now, we are missing the css there, so maybe it is due to the stylesheet error. If you can put the message on one line and the link on the second, I'd consider it ACKed ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel The link alone can't fit on a single line. - I have expanded the object's area. (and cleaned css from trailing white spaces in the process) - Added css in preferences template in order to look good. In the future it would be better to remove these css and reuse ipa_error.css. But it has to be included in the jar (I don't know where to do it). - Corrected object tag ending so Back to the Web UI link is displayed even if user has not configured Firefox (this can be useful for other browser's users or if user don't want to configure browser. But it is redundant with the link which is displayed after configuration.). ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel OK, ACKed and pushed to master. edewata is working on a fix for the CSS for the error/config pages. Please make sure to integrate that fix with tuning the layout issues for this one. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] Correct xmlrpc-c version?
On 08/08/2011 06:13 PM, John Dennis wrote: On 08/08/2011 11:42 AM, Martin Kosek wrote: On Mon, 2011-08-08 at 10:07 -0400, John Dennis wrote: I checked today to see if we have a new xmlrpc-c package that meets our release requirements for 2.1. I see that 1.27.4 was build earlier today for F16 and F17 with the changelog comment just saying it was upgraded to latest upstream (is that our fix?). The upstream tarball does not have a changelog :-( but there is a reference to this URL for change history: http://xmlrpc-c.sourceforge.net/change.html But not much useful information there either. Can someone tell me *exactly* what it is we're waiting for so I can be sure we've got the right release? Also it doesn't look like there has been a rebuild of F15 for a long time so even if F16 and F17 have 1.27.4 and 1.27.4 is what we're looking for (is it?) then that still doesn't meet our needs because we're targeting F15 right? Good news is that the problem in curl package has been fixed and was built for F-15: https://admin.fedoraproject.org/updates/curl-7.21.3-9.fc15 But we need this change to be propagated to the xmlrpc-c too. As you wrote, there is already a fixed version for F-16 and F-17: xmlrpc-c-1.16.24. I checked the source code, the GSSAPI delegation fix should be there. We just need to ask them to release an update for F-15 too. Adding xmlrpc-c Fedora owner to the CC list. Enrico, can you please release the package for F-15 too? When all this is ready, I plan to immediately send a patch update our .spec to make this work on F-15. You're talking about just the Fedora spec file right? Aren't we also supposed to be doing a RHEL 6.2 build and doesn't RHEL 6.2 have the same issues and requirements? Correct - the relevant 6.2 bug is this one: https://bugzilla.redhat.com/show_bug.cgi?id=719945 The status is still ASSIGNED as of now so I think the patch has not been submitted to CVS yet (although Kamil referenced an upstream commit). I've put the RHEL maintainer to CC so he can comment on the ETA of the RHEL fix. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 239 Fixed host adder dialog.
The host adder dialog has been modified to use separate fields for
hostname and DNS zone. The hostname is a text field and the DNS zone
is an editable drop-down list. The fields will have the following
behavior:
- If the user types a dot into the hostname field, the cursor will
automatically move into the DNS zone field.
- If the user pastes an FQDN into the hostname field, the value will
automatically be split into hostname and DNS zone.
- If the user selects a value from the drop-down list, it will only
change the DNS zone, not the hostname.
Ticket #1457
--
Endi S. Dewata
From 7737f2fe857afc083aa73af76a124827104bc7cd Mon Sep 17 00:00:00 2001
From: Endi S. Dewata edew...@redhat.com
Date: Mon, 8 Aug 2011 15:47:38 -0500
Subject: [PATCH] Fixed host adder dialog.
The host adder dialog has been modified to use separate fields for
hostname and DNS zone. The hostname is a text field and the DNS zone
is an editable drop-down list. The fields will have the following
behavior:
- If the user types a dot into the hostname field, the cursor will
automatically move into the DNS zone field.
- If the user pastes an FQDN into the hostname field, the value will
automatically be split into hostname and DNS zone.
- If the user selects a value from the drop-down list, it will only
change the DNS zone, not the hostname.
Ticket #1457
---
install/ui/host.js | 158 ++-
install/ui/ipa.css | 12
2 files changed, 154 insertions(+), 16 deletions(-)
diff --git a/install/ui/host.js b/install/ui/host.js
index 3ffcba34be0ea571b4349e7deaa6a3cd0234f00a..5073b65e963f2de95d1efe1f8b8d7b04e0428734 100644
--- a/install/ui/host.js
+++ b/install/ui/host.js
@@ -105,21 +105,35 @@ IPA.entity_factories.host = function () {
factory: IPA.host_adder_dialog,
width: 400,
height: 250,
-fields:[
+fields: [
{
-factory: IPA.dnszone_select_widget,
name: 'fqdn',
+optional: true,
+hidden: true
+},
+{
+factory: IPA.text_widget,
+name: 'hostname',
label: IPA.messages.objects.service.host,
+undo: false
+},
+{
+factory: IPA.dnszone_select_widget,
+name: 'dnszone',
+label: IPA.metadata.objects.dnszone.label_singular,
editable: true,
undo: false
},
-{factory:IPA.force_host_add_checkbox_widget},
{
-factory:IPA.text_widget,
-name:ip_address,
-undo:false,
+factory: IPA.force_host_add_checkbox_widget,
+name: 'force'
+},
+{
+factory: IPA.text_widget,
+name: 'ip_address',
label: IPA.get_method_option('host_add','ip_address')['label'],
-tooltip: IPA.get_method_option('host_add','ip_address')['doc']
+tooltip: IPA.get_method_option('host_add','ip_address')['doc'],
+undo: false
}
]
}).
@@ -129,15 +143,128 @@ IPA.entity_factories.host = function () {
build();
};
-IPA.host_adder_dialog = function(spec)
-{
+IPA.host_adder_dialog = function(spec) {
+
spec = spec || {};
spec.retry = typeof spec.retry !== 'undefined' ? spec.retry : false;
var that = IPA.add_dialog(spec);
-that.on_error = function(xhr, text_status, error_thrown)
-{
+that.create = function() {
+
+that.container.addClass('host-adder-dialog');
+
+var hostname = that.get_field('hostname');
+var dnszone = that.get_field('dnszone');
+
+var table = $('table/', {
+name: 'fqdn'
+}).appendTo(that.container);
+
+var tr = $('tr/').appendTo(table);
+
+var td = $('td/', {
+name: hostname.name,
+title: hostname.label,
+text: hostname.label
+}).appendTo(tr);
+
+td = $('td/', {
+name: dnszone.name,
+title: dnszone.label,
+text: dnszone.label
+}).appendTo(tr);
+
+tr = $('tr/').appendTo(table);
+
+td = $('td/').appendTo(tr);
+var span = $('span/', {
+name: hostname.name
+}).appendTo(td);
+hostname.create(span);
+
+td = $('td/').appendTo(tr);
+span = $('span/', {
+name: dnszone.name
+}).appendTo(td);
+dnszone.create(span);
+
+table = $('table/', {
+name: 'other'
+}).appendTo(that.container);
+
+var force = that.get_field('force');
+
+tr = $('tr/').appendTo(table);
+
+
Re: [Freeipa-devel] [PATCH] 239 Fixed host adder dialog.
On 08/08/2011 05:13 PM, Endi Sukma Dewata wrote: The host adder dialog has been modified to use separate fields for hostname and DNS zone. The hostname is a text field and the DNS zone is an editable drop-down list. The fields will have the following behavior: - If the user types a dot into the hostname field, the cursor will automatically move into the DNS zone field. - If the user pastes an FQDN into the hostname field, the value will automatically be split into hostname and DNS zone. - If the user selects a value from the drop-down list, it will only change the DNS zone, not the hostname. Ticket #1457 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel The JQuery code drawing the table in the create method is cut-and-paste.. It should be possible to make it look right without redrawing the whole table. These two fields should be put into their own section, which can then be responsible for drawing just the rows responsible for these fields, leaving the default behavior for the other rows. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
