[Freeipa-devel] [PATCH] 79 SSH configuration fixes

Hi, this fixes https://fedorahosted.org/freeipa/ticket/2769 as well as some other issues with SSH configuration in ipa-client-install. Honza -- Jan Cholasta From 6edf63e682ba2021ea6f0ffba76388c5ef232254 Mon Sep 17 00:00:00 2001 From: Jan Cholasta jchol...@redhat.com Date: Wed, 23 May 2012

Re: [Freeipa-devel] [PATCH] 260 Replace DNS client based on acutil with python-dns

On Tue, 2012-05-22 at 14:41 +0200, Petr Viktorin wrote: On 05/16/2012 09:44 AM, Martin Kosek wrote: On Tue, 2012-05-15 at 14:02 +0200, Petr Viktorin wrote: On 05/11/2012 06:52 PM, Martin Kosek wrote: python-dns is very feature-rich and it can help us a lot with our DNS

Re: [Freeipa-devel] [PATCH] 260 Replace DNS client based on acutil with python-dns

On Wed, 2012-05-23 at 14:24 +0200, Martin Kosek wrote: On Tue, 2012-05-22 at 14:41 +0200, Petr Viktorin wrote: On 05/16/2012 09:44 AM, Martin Kosek wrote: On Tue, 2012-05-15 at 14:02 +0200, Petr Viktorin wrote: On 05/11/2012 06:52 PM, Martin Kosek wrote: python-dns is very

Re: [Freeipa-devel] [PATCH] 1018 enforce sizelimit when searching for permissions

Rob Crittenden wrote: Martin Kosek wrote: On Fri, 2012-05-18 at 10:17 -0400, Rob Crittenden wrote: Rob Crittenden wrote: Martin Kosek wrote: On Thu, 2012-05-17 at 16:11 -0400, Rob Crittenden wrote: We do two searches when looking for permissions. One within the permission object itself and

Re: [Freeipa-devel] [PATCH] 1019 require policycoreutils if SELinux is enabled

Petr Viktorin wrote: On 2012-05-18 17:53, Rob Crittenden wrote: We don't have an explicit requires on the policycoreutils package in the client because SELinux is not required (just recommended). SELinux can be enabled without this package so check for that condition and don't allow

Re: [Freeipa-devel] [PATCH] 1020 replication conversion retry

Simo Sorce wrote: On Mon, 2012-05-21 at 16:32 -0400, Rob Crittenden wrote: When converting to GSSAPI replication we need to fetch the ldap principal from the other side. We've seen this fail from time to time despite having a call to force_sync. Add a retry loop to try harder, and fix the error

[Freeipa-devel] I've done it by myself and it works -- Re: Feature request: Web UI for IPA users to reset their own expired passwords

I've coded it with python-kerberos and it works. Pretty rough though. --Gelen. From: Gelen James hahaha_...@yahoo.com To: freeipa-devel@redhat.com freeipa-devel@redhat.com Sent: Sunday, May 20, 2012 2:22 AM Subject: Feature request: Web UI for IPA users to

Re: [Freeipa-devel] I've done it by myself and it works -- Re: Feature request: Web UI for IPA users to reset their own expired passwords

Gelen James wrote: I've coded it with python-kerberos and it works. Pretty rough though. Is this something you'd be interested in contributing? rob --Gelen. *From:* Gelen James hahaha_...@yahoo.com *To:*

Re: [Freeipa-devel] I've done it by myself and it works -- Re: Feature request: Web UI for IPA users to reset their own expired passwords

No problem. The code is attached. It is just one python script, with configuration items on the top.  Please be reminded that this code is pretty rough and not well-tested as I can not find appropriate documents on how to use python kerberos module.  Disclaim: This piece of code just works as