Re: [Freeipa-devel] [PATCH] 440 Server does not detect different server and IPA domain

On 11/08/2013 06:07 PM, Ana Krivokapic wrote: On 11/06/2013 10:19 AM, Martin Kosek wrote: Server installer does not properly recognize a situation when server fqdn is not in a subdomain of the IPA domain, but shares the same suffix. For example, if server FQDN is ipa-idm.example.com and

[Freeipa-devel] [PATCH 0204] Remove obsolete zr_get_rbt() function from zone register

Hello, Remove obsolete zr_get_rbt() function from zone register. -- Petr^2 Spacek From a7e3b8d832b195efa330cd7781a2b3fb94ee72c7 Mon Sep 17 00:00:00 2001 From: Petr Spacek pspa...@redhat.com Date: Mon, 11 Nov 2013 10:48:11 +0100 Subject: [PATCH] Remove obsolete zr_get_rbt() function from zone

[Freeipa-devel] [PATCH 0205] Fix race condition during write to internal RBTDB

Hello, Fix race condition during write to internal RBTDB. RBTDB implementation allows to open only one RBTDB instance for writing at the same time. This patch adds mutex to newversion() implementation in ldap_driver.c. See comments around ldapdb_t, newversion() and closeversion(). -- Petr^2

Re: [Freeipa-devel] [PATCHES] 0258-0265 Add schema updater based on IPA schema files

On 11/11/2013 12:32 PM, Petr Viktorin wrote: On 11/07/2013 02:34 PM, Ana Krivokapic wrote: On 11/01/2013 03:26 PM, Petr Viktorin wrote: On 09/13/2013 06:44 PM, Petr Viktorin wrote: On 08/01/2013 04:52 PM, Petr Viktorin wrote: Hello, With these patches, schema updates will be based on the

Re: [Freeipa-devel] [RFE] Permissions V2

Petr Viktorin wrote: Hello, I'm splitting up ACI work into several designs to make it more manageable. This one is about - Moving ACIs out of $SUFFIX - Storing all ACI data in the permission entry - Permission flag system for ensuring backwards compatibility Summary of the backcompat story: -

Re: [Freeipa-devel] [PATCHES] 0258-0265 Add schema updater based on IPA schema files

On 11/11/2013 02:53 PM, Ana Krivokapic wrote: On 11/11/2013 12:32 PM, Petr Viktorin wrote: On 11/07/2013 02:34 PM, Ana Krivokapic wrote: On 11/01/2013 03:26 PM, Petr Viktorin wrote: On 09/13/2013 06:44 PM, Petr Viktorin wrote: On 08/01/2013 04:52 PM, Petr Viktorin wrote: Hello, With these

Re: [Freeipa-devel] Building FreeIPA on Debian Unstable

On 31.10.2013 21:19, Adam Young wrote: I'm about to take off for a week, and want to make sure that I don't lose the momentum I've put in so far. I spent agood portion of yesterday and today trying to get a Debian build going, and I think that this is worth sharing with the larger team.

Re: [Freeipa-devel] [RFE] Permissions V2

On 11/11/2013 03:56 PM, Rob Crittenden wrote: Petr Viktorin wrote: Hello, I'm splitting up ACI work into several designs to make it more manageable. This one is about - Moving ACIs out of $SUFFIX - Storing all ACI data in the permission entry - Permission flag system for ensuring backwards

[Freeipa-devel] Recovering from expired CA subsystem certificates in IPA 2.x

There have been a number of questions about expiring CA subsystem certificates for users running 2.x and unable to upgrade to 3.x where this is handled automatically, so I wrote http://www.freeipa.org/page/IPA_2x_Certificate_Renewal Now you'll see why we automated it. It can cause premature

Re: [Freeipa-devel] [PATCH 0016] Add RADIUS proxy support to ipalib CLI

On Fri, 2013-11-08 at 13:26 +0100, Petr Viktorin wrote: On 09/25/2013 10:56 PM, Nathaniel McCallum wrote: On Fri, 2013-09-20 at 12:38 -0400, Nathaniel McCallum wrote: On Thu, 2013-09-12 at 16:48 -0400, Nathaniel McCallum wrote: On Thu, 2013-09-05 at 00:06 -0400, Nathaniel McCallum wrote: