On 26.10.2012 16:35, Petr Viktorin wrote:
On 10/25/2012 04:55 PM, Jan Cholasta wrote:
Hi,
On 23.10.2012 17:57, Petr Viktorin wrote:
Here is a draft design document for ticket 2732.
Please comment on both the feature itself, and on how to write design
documents.
PetrĀ¹, please add how the UI
Hi,
On 26.10.2012 19:37, Rob Crittenden wrote:
We enable SECURE_NFS in ipa-client-automount. Originally I used the
string YES which worked fine on Fedora systems with systemd. sysV init
systems look for a lower-case yes, so switch to that instead.
I double-checked on F-17 and F-18 that the
Hi,
this patch fixes https://fedorahosted.org/freeipa/ticket/3208.
Honza
--
Jan Cholasta
From 00bd0124504d5214e083da9669ba45f5543aa369 Mon Sep 17 00:00:00 2001
From: Jan Cholasta jchol...@redhat.com
Date: Mon, 29 Oct 2012 05:13:39 -0400
Subject: [PATCH] Reword description of the --passsync
Hi,
I would like to make a bigger change in Web UI. Basically I think Web UI
would benefit from using a Dojo toolkit, a JS framework. I would like to
know if I can proceed with incorporating it. I think this is the best
time (end of 3.0/3.1 and a beginning of 3.2) to do such change.
Why
On 10/23/2012 05:57 PM, Petr Viktorin wrote:
Here is a draft design document for ticket 2732.
Please comment on both the feature itself, and on how to write design
documents.
PetrĀ¹, please add how the UI should handle this.
== Ticket summary ([https://fedorahosted.org/freeipa/ticket/2732
ldap2 server plugin generates a modlist for every IPA command entry
modification. However, encoding of attributes entry_attrs generated
by our framework still does not match entry read from LDAP (until
ticket #2265 is addressed), convert compared values to common ground
so that the comparison
Hi,
On 29.10.2012 10:44, Martin Kosek wrote:
ldap2 server plugin generates a modlist for every IPA command entry
modification. However, encoding of attributes entry_attrs generated
by our framework still does not match entry read from LDAP (until
ticket #2265 is addressed), convert compared
On 10/26/2012 03:33 PM, Petr Spacek wrote:
Hello,
Disable forwarding when forward zones are removed.
https://fedorahosted.org/bind-dyndb-ldap/ticket/96
Hmm ... Apparently, I was sleeping on Friday :-)
There is a promised patch.
--
Petr^2 Spacek
From
Hi,
On 24.10.2012 21:22, Rob Crittenden wrote:
If uninstall fails in certain ways it is possible that some certificates
could still be tracked by certmonger (even if the NSS database is now
gone). This will loop through the directories we care about and warn the
user if there is anything left
On Fri, Oct 26, 2012 at 02:47:17PM +0200, Petr Spacek wrote:
Hello,
Add forward policy none.
This policy adds ability to disable forwarding on per-zone basics.
Now it is possible to forward all queries to global forwarders
and selectively disable forwarding for specific
On Mon, Oct 29, 2012 at 02:24:48PM +0100, Petr Spacek wrote:
On 10/26/2012 03:33 PM, Petr Spacek wrote:
Hello,
Disable forwarding when forward zones are removed.
https://fedorahosted.org/bind-dyndb-ldap/ticket/96
Hmm ... Apparently, I was sleeping on Friday :-)
There is a
On Fri, Oct 26, 2012 at 04:03:08PM +0200, Petr Spacek wrote:
On 10/26/2012 03:55 PM, Martin Kosek wrote:
On 10/26/2012 03:53 PM, Petr Spacek wrote:
Hello,
Flush cache after creating a new forward zone.
https://fedorahosted.org/bind-dyndb-ldap/ticket/97
I guess the patch is
On Mon, Oct 22, 2012 at 04:18:19PM +0200, Petr Spacek wrote:
Hello,
this patch prevents false 'zone serial (2012060301) unchanged' error
messages coming from zone_postload(), which is called after each
zone change from dns_zone_load().
I found zone_postload() unnecessary for our plugin
On 10/26/2012 02:25 PM, Petr Viktorin wrote:
On 10/26/2012 02:20 PM, Petr Viktorin wrote:
Attached are this thread's patches rebased and squashed into one.
... and here is a patch to address replication problems related to
merging the schemata of the IPA and CA databases. See the commit
On 10/29/2012 04:25 PM, Adam Tkac wrote:
On Fri, Oct 26, 2012 at 02:47:17PM +0200, Petr Spacek wrote:
Hello,
Add forward policy none.
This policy adds ability to disable forwarding on per-zone basics.
Now it is possible to forward all queries to global forwarders
and
On 10/29/2012 04:26 PM, Adam Tkac wrote:
On Mon, Oct 29, 2012 at 02:24:48PM +0100, Petr Spacek wrote:
On 10/26/2012 03:33 PM, Petr Spacek wrote:
Hello,
Disable forwarding when forward zones are removed.
https://fedorahosted.org/bind-dyndb-ldap/ticket/96
Hmm ... Apparently,
On 10/29/2012 04:28 PM, Adam Tkac wrote:
On Fri, Oct 26, 2012 at 04:03:08PM +0200, Petr Spacek wrote:
On 10/26/2012 03:55 PM, Martin Kosek wrote:
On 10/26/2012 03:53 PM, Petr Spacek wrote:
Hello,
Flush cache after creating a new forward zone.
On 10/29/2012 02:17 PM, Jan Cholasta wrote:
Hi,
On 29.10.2012 10:44, Martin Kosek wrote:
ldap2 server plugin generates a modlist for every IPA command entry
modification. However, encoding of attributes entry_attrs generated
by our framework still does not match entry read from LDAP (until
This patch adds support for resolving external members from trusted domain.
It means 'ipa group-add-member --external' can accept not only SID but also
user or group specifier in the form DOM\name or name@domain.
The code is highly experimental.
https://fedorahosted.org/freeipa/ticket/3211
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. Set up ccache in /var/run/ipa/ipa_memcached/krb5cc_TRUSTEDDOMAIN with
principal ourdomain$@trusted.domain
5. Do LDAP SASL
Hi all!
This switch drops the preceding 'u' from strings in public error messages.
Ticket: https://fedorahosted.org/freeipa/ticket/3121
This patch also addresses the unfriendly 'u' from re-raising errors from the
external call to netaddr.IPAddress by passing a bytestring to the function.
On 10/29/2012 05:27 AM, Petr Vobornik wrote:
Hi,
I would like to make a bigger change in Web UI. Basically I think Web
UI would benefit from using a Dojo toolkit, a JS framework. I would
like to know if I can proceed with incorporating it. I think this is
the best time (end of 3.0/3.1 and a
Jan Cholasta wrote:
Hi,
this patch fixes https://fedorahosted.org/freeipa/ticket/3208.
There are two typos, PasSync with only 2 s's.
I think there should be a separate section on PassSync explaining what
the service is and passwords are modified. There is some information on
this in the
Jan Cholasta wrote:
Hi,
On 26.10.2012 19:37, Rob Crittenden wrote:
We enable SECURE_NFS in ipa-client-automount. Originally I used the
string YES which worked fine on Fedora systems with systemd. sysV init
systems look for a lower-case yes, so switch to that instead.
I double-checked on F-17
Simo Sorce wrote:
On Fri, 2012-10-26 at 16:30 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
From: Simo Sorce sso...@redhat.com
We check (possibly different) data from LDAP only at (re)start.
This way we always shutdown exactly the services we started even if the list
changed in the meanwhile
On Mon, 2012-10-29 at 15:41 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
On Fri, 2012-10-26 at 16:30 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
From: Simo Sorce sso...@redhat.com
We check (possibly different) data from LDAP only at (re)start.
This way we always shutdown exactly
Simo Sorce wrote:
On Fri, 2012-10-26 at 16:13 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
From: Simo Sorce sso...@redhat.com
This is done as a default action of the ancestor class so that no matter what
platform is currently used this code is always the same and the name is the
wellknown
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. Set up ccache in
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4. Set up ccache in
Alexander Bokovoy wrote:
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3. Fetch trusted domain account auth info
4.
Sumit Bose wrote:
On Wed, Oct 24, 2012 at 01:07:03PM +0200, Martin Kosek wrote:
On 10/24/2012 12:48 PM, Sumit Bose wrote:
On Wed, Oct 24, 2012 at 12:31:57PM +0200, Martin Kosek wrote:
On 10/24/2012 12:19 PM, Sumit Bose wrote:
Hi,
this patches fixes
On Mon, 29 Oct 2012, Rob Crittenden wrote:
[Mon Oct 29 16:15:33 2012] [error] [client 192.168.122.240] File
/usr/lib/python2.7/site-packages/ipaserver/plugins/ldap2.py, line
562, in sasl_interactive_bind_s
[Mon Oct 29 16:15:33 2012] [error] [client 192.168.122.240] return
On Mon, 2012-10-29 at 23:03 +0200, Alexander Bokovoy wrote:
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find trusted domain's domain controller
3.
On Mon, 2012-10-29 at 16:19 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
On Fri, 2012-10-26 at 16:13 -0400, Rob Crittenden wrote:
Simo Sorce wrote:
From: Simo Sorce sso...@redhat.com
This is done as a default action of the ancestor class so that no matter
what
platform is
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 23:03 +0200, Alexander Bokovoy wrote:
On Mon, 29 Oct 2012, Simo Sorce wrote:
On Mon, 2012-10-29 at 19:59 +0200, Alexander Bokovoy wrote:
A sequence is following:
1. Match external member against existing trusted domain
2. Find
On 10/29/2012 4:27 AM, Petr Vobornik wrote:
Hi,
I would like to make a bigger change in Web UI. Basically I think Web UI
would benefit from using a Dojo toolkit, a JS framework. I would like to
know if I can proceed with incorporating it. I think this is the best
time (end of 3.0/3.1 and a
36 matches
Mail list logo