On 13.6.2014 21:59, Nathaniel McCallum wrote:
On Wed, 2014-06-11 at 12:43 -0400, Nathaniel McCallum wrote:
On Wed, 2014-06-11 at 12:12 +0200, Ludwig Krispenz wrote:
On 05/13/2014 04:33 PM, Jan Cholasta wrote:
On 12.5.2014 21:02, Nathaniel McCallum wrote:
On Thu, 2014-05-08 at 13:51 -0400,
On 06/13/2014 10:20 PM, Simo Sorce wrote:
[...]
2) and I think this is a MUCH bigger issue, the Admin users are
unbounded and pass any Access Control Check and this means they can now
retrieve any key for users or machines.
It is already bad enough that admins can unconditionally set any key,
On 06/16/2014 09:17 AM, Jan Cholasta wrote:
On 13.6.2014 21:59, Nathaniel McCallum wrote:
On Wed, 2014-06-11 at 12:43 -0400, Nathaniel McCallum wrote:
On Wed, 2014-06-11 at 12:12 +0200, Ludwig Krispenz wrote:
On 05/13/2014 04:33 PM, Jan Cholasta wrote:
On 12.5.2014 21:02, Nathaniel McCallum
On Fri, 13 Jun 2014, Simo Sorce wrote:
On Fri, 2014-06-13 at 15:39 -0400, Nathaniel McCallum wrote:
I am CC'ing Simo because he wants to review my PBKDF2 implementation.
Thank you.
I am a bit concerned you are using etree.parse(self.args[0]) directly
with the default parser configuration.
I
On 06/14/2014 12:05 AM, Simo Sorce wrote:
On Fri, 2014-06-13 at 15:39 -0400, Nathaniel McCallum wrote:
I am CC'ing Simo because he wants to review my PBKDF2 implementation.
Thank you.
I am a bit concerned you are using etree.parse(self.args[0]) directly
with the default parser configuration.
On 06/11/2014 02:59 PM, Jan Cholasta wrote:
On 11.6.2014 13:29, Martin Kosek wrote:
On 06/11/2014 10:58 AM, Jan Cholasta wrote:
On 10.6.2014 09:55, Martin Kosek wrote:
On 06/06/2014 12:50 PM, Jan Cholasta wrote:
On 23.1.2014 14:34, Jan Cholasta wrote:
On 22.1.2014 16:43, Simo Sorce wrote:
On 06/16/2014 07:04 AM, Fraser Tweedale wrote:
On Fri, Jun 13, 2014 at 02:12:41PM +0200, Petr Viktorin wrote:
First patch: minor fix in env loading
Second patch:
When api.env is loaded, strings that look like floats get auto-converted
to floats. This is wrong, as the conversion can lose
Hello,
When a stage user is activate (ipa stageuse-activate), UUID plugin
(DS) checks that the ipaUniqueID value of the new active user is
'autogenerate'.
This is useful to prevent a provisioning systems to create Active
user with invalid ipaUniqueID.
Now one of the workflow
On 16.6.2014 13:31, Martin Kosek wrote:
On 06/11/2014 02:59 PM, Jan Cholasta wrote:
On 11.6.2014 13:29, Martin Kosek wrote:
On 06/11/2014 10:58 AM, Jan Cholasta wrote:
On 10.6.2014 09:55, Martin Kosek wrote:
On 06/06/2014 12:50 PM, Jan Cholasta wrote:
On 23.1.2014 14:34, Jan Cholasta wrote:
Hi,
the attached patches implement
https://fedorahosted.org/freeipa/ticket/3737.
My patches 241-253 and 262-294 are required for this
(http://www.redhat.com/archives/freeipa-devel/2014-June/msg00276.html,
http://www.redhat.com/archives/freeipa-devel/2014-June/msg00307.html).
The
On 12.6.2014 14:40, Endi Sukma Dewata wrote:
On 6/11/2014 8:05 AM, Petr Vobornik wrote:
It enables declarative extraction of values from partial
results of a batch commands and also further extensibility
in custom adapters.
The default adapter has detection logic for this extraction so
it can
On 12.6.2014 14:40, Endi Sukma Dewata wrote:
On 2/25/2014 11:07 AM, Petr Vobornik wrote:
Depends on tbabej's patches # 137, 138 and my 546.
https://fedorahosted.org/freeipa/ticket/3306
ACK on #547.
Pushed to master: 4de9c5fc51c1e9a07a23b430ba531eb096960732
--
Petr Vobornik
On 06/16/2014 02:57 PM, Jan Cholasta wrote:
On 16.6.2014 13:31, Martin Kosek wrote:
On 06/11/2014 02:59 PM, Jan Cholasta wrote:
On 11.6.2014 13:29, Martin Kosek wrote:
On 06/11/2014 10:58 AM, Jan Cholasta wrote:
On 10.6.2014 09:55, Martin Kosek wrote:
On 06/06/2014 12:50 PM, Jan Cholasta
Jan Cholasta wrote:
Hi,
the attached patches implement
https://fedorahosted.org/freeipa/ticket/3259 and
https://fedorahosted.org/freeipa/ticket/3520.
This work depends on my patches 241-253 and 262-266
(http://www.redhat.com/archives/freeipa-devel/2014-June/msg00276.html).
Note that
On 06/13/2014 05:25 PM, Petr Viktorin wrote:
With the first patch, old SYSTEM permissions can be replaced. The Read
DNS Entries did not have an associated ACI, but was rather rolled into
a single ACI with the managedBy rule used for per-zone access.
(and before that it was part of a deny rule.)
On Fri, 2014-06-13 at 18:05 -0400, Simo Sorce wrote:
On Fri, 2014-06-13 at 15:39 -0400, Nathaniel McCallum wrote:
I am CC'ing Simo because he wants to review my PBKDF2 implementation.
Thank you.
I am a bit concerned you are using etree.parse(self.args[0]) directly
with the default parser
On 06/16/2014 06:23 PM, Nathaniel McCallum wrote:
On Fri, 2014-06-13 at 18:05 -0400, Simo Sorce wrote:
On Fri, 2014-06-13 at 15:39 -0400, Nathaniel McCallum wrote:
I am CC'ing Simo because he wants to review my PBKDF2 implementation.
Thank you.
I am a bit concerned you are using
On Mon, 2014-06-16 at 11:53 +0300, Alexander Bokovoy wrote:
On Fri, 13 Jun 2014, Simo Sorce wrote:
On Fri, 2014-06-13 at 15:39 -0400, Nathaniel McCallum wrote:
I am CC'ing Simo because he wants to review my PBKDF2 implementation.
Thank you.
I am a bit concerned you are using
Rob Crittenden wrote:
Jan Cholasta wrote:
Hi,
the attached patches implement
https://fedorahosted.org/freeipa/ticket/3259 and
https://fedorahosted.org/freeipa/ticket/3520.
This work depends on my patches 241-253 and 262-266
19 matches
Mail list logo