On 10/05/2013 02:22 PM, Jérôme Fenal wrote:
Hi there,
just a quick head-up to tell I've just changed the wiki page at
https://fedorahosted.org/freeipa-guide/wiki/WikiStart to reflect the
new documentation process (and refer to the right git repo and
freeipa.org page).
Regards,
J.
On 09/05/2013 06:25 AM, Nathaniel McCallum wrote:
This patch has a few problems that I'd like some help with. There are a
few notes here as well.
1. The handling of the 'key' option is insecure. It should probably be
treated like a password (hidden from logs, etc). However, in this case,
it is
On 10/04/2013 07:33 PM, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
+def _convert_scalar(self, value, index=None):
+return Int._convert_scalar(self, value, index=index)
That won't work. In Python 2 unbound methods (such as
Int._validate_scalar)
On 10/04/2013 07:34 PM, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
Thanks for the patch; it needs some work.
From 2678ff4e2f22e7e81bf40b30ffcd0efe0ecf08c2 Mon Sep 17 00:00:00 2001
From: Nathaniel McCallumnpmccal...@redhat.com
Date: Mon, 30 Sep 2013 13:06:37
On 10/04/2013 07:36 PM, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
Thank you! ACK, pushed to master: 12ae6a054a20134fe51f195933ced7b52b2bd2ed
--
Petr³
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 10/04/2013 10:01 PM, Nathaniel McCallum wrote:
On Fri, 2013-10-04 at 13:37 -0400, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
I'm not quite sure why, but this patch apparently changes the output
of ./makeapi. This change is now included in the attached patch.
On 08/01/2013 03:48 PM, Petr Spacek wrote:
Hello,
Fix false error messages when nonexistent object/attribute is deleted.
This patch should go to branches v3 and master.
ACK.
Tested Patch bundle 181 - 185. Common tasks like
adding/deleting/updating records work fine. Also PTR sync,
On 07/22/2013 03:16 PM, Petr Spacek wrote:
On 22.7.2013 13:23, Petr Spacek wrote:
Hello,
Replace LDAP persistent search with syncrepl (RFC 4533).
All direct operations with LDAP Persistent Search control are replaced
by ldap_sync_* calls.
Syncrepl code works in exactly same way as old
On 08/01/2013 03:49 PM, Petr Spacek wrote:
Hello,
Move data structures for parser from ldap_qresult_t to ldap_entry_t.
The target branch is master.
ACK.
Tested Patch bundle 181 - 185. Common tasks like
adding/deleting/updating records work fine. Also PTR sync, zone serial
number
On 08/01/2013 03:51 PM, Petr Spacek wrote:
Hello,
Use DNS_RDATA_MAXLENGTH from rdata.h instead of own definition.
This minor fix could go to v3 and master.
ACK.
Tested Patch bundle 181 - 185. Common tasks like
adding/deleting/updating records work fine. Also PTR sync, zone serial
On 08/01/2013 03:52 PM, Petr Spacek wrote:
Hello,
Do not execute new LDAP search for each updated object.
Syncrepl delivers notification about change in particular object
along with all data from the object. Resource Records are parsed out
from this data instead of data obtained via
Sorry for the delay.
On 09/25/2013 10:51 PM, Nathaniel McCallum wrote:
On Mon, 2013-09-23 at 15:19 +0200, Petr Viktorin wrote:
Great, we're getting close!
[...]
There's another test failure when trying to rename a manager user. I
didn't investigate in detail why that happens.
Does the
Hi,
this issue was found by Steeve, he tried to validate a trust manually
from AD and was repeatedly ask for the admin password without any
progress. It turned out that the ipaNTHash was not set through the
MagicRegen mechanism and samba always returned NT_STATUS_WRONG_PASSWORD.
This patch
On 10/04/2013 12:01 PM, Jan Cholasta wrote:
Hi,
you can find a draft of the design document for this feature at
http://www.freeipa.org/page/V3/CA_certificate_renewal.
Comments are welcome.
Honza
1) Shared certificate store
Shouldn't we name the container as
On 7.10.2013 17:30, Martin Kosek wrote:
On 10/04/2013 12:01 PM, Jan Cholasta wrote:
Hi,
you can find a draft of the design document for this feature at
http://www.freeipa.org/page/V3/CA_certificate_renewal.
Comments are welcome.
Honza
1) Shared certificate store
Shouldn't we name the
On Mon, 07 Oct 2013, Sumit Bose wrote:
Hi,
this issue was found by Steeve, he tried to validate a trust manually
from AD and was repeatedly ask for the admin password without any
progress. It turned out that the ipaNTHash was not set through the
MagicRegen mechanism and samba always returned
Jan Cholasta wrote:
Hi,
you can find a draft of the design document for this feature at
http://www.freeipa.org/page/V3/CA_certificate_renewal.
Comments are welcome.
Honza
Shared certificate store.
DM should not be required. It may be required initially, but we have a
long-term goal of
Comparing master's ipa-kdb's handling of krbPrincipalName and
krbCanonicalName attributes with that of the upstream kldap driver,
there are a few differences which I'm thinking are bugs.
* If an entry has multiple krbPrincipalName values, the name which
was used to look it up is required to
Hi all,
Found in SelinuxMap.xml:
As with adding a user to a ion value identifies
the host-based access control rule to use for mapping. The access
control rule must specify both users and hosts appropriately so that
the SELinux map can construct the SELinux user, IPA; user,
On Mon, 2013-10-07 at 13:22 +0200, Petr Viktorin wrote:
On 10/04/2013 07:33 PM, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
+def _convert_scalar(self, value, index=None):
+return Int._convert_scalar(self, value, index=index)
That won't
On Mon, 2013-10-07 at 13:47 +0200, Petr Viktorin wrote:
On 10/04/2013 07:34 PM, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
Thanks for the patch; it needs some work.
From 2678ff4e2f22e7e81bf40b30ffcd0efe0ecf08c2 Mon Sep 17 00:00:00 2001
From: Nathaniel
On Mon, 2013-10-07 at 14:26 +0200, Petr Viktorin wrote:
On 10/04/2013 10:01 PM, Nathaniel McCallum wrote:
On Fri, 2013-10-04 at 13:37 -0400, Nathaniel McCallum wrote:
This patch is preparatory for the OTP CLI patch.
I'm not quite sure why, but this patch apparently changes the output
of
On Fri, 2013-10-04 at 16:16 -0400, Nathaniel McCallum wrote:
This patch supersedes my patch 0017 and requires patches 0020-0023. I
believe I have solved all of the outstanding issues from the review of
patch 0017, unless otherwise noted:
1. I'm not actually sure what the format of the date
23 matches
Mail list logo