Re: [Freeipa-devel] FreeIPA OTP End-to-End

On Sun, Jan 12, 2014 at 10:07:49PM +0200, Alexander Bokovoy wrote: There seem to be two parts, one is covered by this bug and another one is related to SSSD/logind communication: allow sssd_t systemd_logind_var_run_t:dir search; allow sssd_t systemd_logind_var_run_t:file { read getattr open

[Freeipa-devel] [PATCH 125] CLDAP: do not prepend \\

Hi, Scott found that the fix for https://fedorahosted.org/freeipa/ticket/4028 is not complete. After some checks and comparisons with samba and AD behaviour I came to the conclusion that the two \\ at the beginning of the NetBIOS name of the IPA server is not needed in the response of

Re: [Freeipa-devel] [PATCH 0137] ipalib: Add DateTime parameter

Hi, On 10.1.2014 21:21, Nathaniel McCallum wrote: On Thu, 2014-01-09 at 16:30 +0100, Tomas Babej wrote: Hi, Adds a parameter that represents a DateTime format using datetime.datetime object from python's native datetime library. In the CLI, accepts one of the following formats: Accepts

Re: [Freeipa-devel] [PATCH 0137] ipalib: Add DateTime parameter

On 13.1.2014 13:41, Jan Cholasta wrote: Hi, On 10.1.2014 21:21, Nathaniel McCallum wrote: On Thu, 2014-01-09 at 16:30 +0100, Tomas Babej wrote: Hi, Adds a parameter that represents a DateTime format using datetime.datetime object from python's native datetime library. In the CLI, accepts

Re: [Freeipa-devel] [PATCH] 0336 rpcserver: Consolidate __call__ in xmlclient and jsonclient_kerb

Petr Viktorin wrote: See commit message ticket. https://fedorahosted.org/freeipa/ticket/4069 Our handling of XML-RPC introspection is iffy as it is and this would remove those methods completely. Can you add them back into the xmlserver class? rob

Re: [Freeipa-devel] [PATCH] 0335 ipa-replica-install: Move check for existing host before DNS resolution check

Petr Viktorin wrote: See commit message ticket for details. https://fedorahosted.org/freeipa/ticket/3889 If memory serves this was done so that both the replication and the host checks would be done so the admin wouldn't die a death of a thousand cuts. If a leftover agreement exists then

Re: [Freeipa-devel] [PATCH] 0084 Make sure state of services is preserved after client uninstall

Ana Krivokapic wrote: On 11/15/2013 05:03 PM, Tomas Babej wrote: On 11/07/2013 05:25 PM, Ana Krivokapic wrote: Hello, This patch addresses tickethttps://fedorahosted.org/freeipa/ticket/3790. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 531-541 OTP UI

Petr, HOTP support should be trivial to add. In the CLI it is just --type=hotp. Everything else is the same, with the exception of the new optional --counter parameter. In soft tokens, this parameter should never be used. Nathaniel - Original Message - Hi, these patches implements

[Freeipa-devel] python-kerberos patch

In an effort to be able to to use GSS-Proxy as a client in IPA I've written a patch against python-kerberos to add a call to gss_cred_inquire so we can peek at the current principal name. This will replace the python-krbV call in ipapython/util.py::get_current_principal(). The patch is

Re: [Freeipa-devel] python-kerberos patch

On Mon, 2014-01-13 at 14:45 -0500, Rob Crittenden wrote: In an effort to be able to to use GSS-Proxy as a client in IPA I've written a patch against python-kerberos to add a call to gss_cred_inquire so we can peek at the current principal name. This will replace the python-krbV call in