[Freeipa-devel] [PATCH] 11 - re-enable uninstall option in ipa-kra-install

Re-enable uninstall feature for ipa-kra-install The underlying Dogtag issue (Dogtag ticket 1113) has been fixed. We can therefore re-enable the uninstall option for ipa-kra-install. Also, fixes an incorrect path in the ipa-pki-proxy.conf, and adds a debug statement to provide s

Re: [Freeipa-devel] [PATCH] 0083 Remove internaldb pasword from password.conf

On 11/06/2013 01:41 PM, Ana Krivokapic wrote: On 11/06/2013 01:34 PM, Ana Krivokapic wrote: Hello, This patch addresses tickethttps://fedorahosted.org/freeipa/ticket/4005. I tried installing a replica with this patch applied to the 4.1 branch, but ipa-ca-install fails with: 2014-09-01T16:1

[Freeipa-devel] [PATCH 0118] Allow to disable service (in LDAP)

This patch allows to disable service in LDAP to prevents service to be started by "ipactl restart" Required by DNSSEC Patch attached -- Martin Basti From df330b6b2d630982a25ceaf7c7f6af79327f9089 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Thu, 28 Aug 2014 19:27:44 +0200 Subject: [PATCH

[Freeipa-devel] [PATCH 0117] Allow to mask and unmask services

This is required by DNSSEC installer Patch attached -- Martin Basti From 57a1beb4a3f554d65a6f9734e0a3b6b4856c5092 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 1 Sep 2014 10:49:28 +0200 Subject: [PATCH] Add mask, unmask methods for service This patch allows mask and unmask services i

Re: [Freeipa-devel] [PATCH] 0105 FIX: LDAP_updater

On 24/07/14 09:06, Martin Basti wrote: On 23/07/14 15:17, Martin Basti wrote: This patch fixes ordering problem of schema updates Martin should it be in IPA 4.0.x ? It requires rebased ldap_python (will be in Fedora 21) Patch attached I found a bug there, but before I send updated version,

Re: [Freeipa-devel] [PATCH 0116] Refactoring of service autobind

On 28/08/14 14:01, Jan Cholasta wrote: Hi, Dne 27.8.2014 v 15:22 Martin Basti napsal(a): Patch attached. 1) Please rename object_exists to entry_exists. 2) Use empty attribute list in get_entry() in object_exists/entry_exists. 3) Please update LDAPObject.get_dn_if_exists() to use object

[Freeipa-devel] [PATCH] 316 Normalize external CA cert before passing it to pkispawn

Hi, the attached patch fixes . Honza -- Jan Cholasta >From 94c88e23285e33ac62e3a44352c238d2351d01da Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Fri, 29 Aug 2014 13:35:45 +0200 Subject: [PATCH] Normalize external CA cert before passing it to p

Re: [Freeipa-devel] [PATCH] 308 Allow changing CA renewal master in ipa-csreplica-manage

Dne 4.8.2014 v 10:39 Jan Cholasta napsal(a): Dne 24.7.2014 v 16:10 Jan Cholasta napsal(a): Hi, the attached patch fixes . Requires my patches 246 and 262 (current versions attached). Honza Forgot to update the man page. Updated patch attached.

Re: [Freeipa-devel] [PATCH] CLIENT: Explicitly require python-backports-ssl_match_hostname

On 09/01/2014 01:15 PM, Jakub Hrozek wrote: On Mon, Sep 01, 2014 at 11:01:23AM +0200, Martin Kosek wrote: On 08/25/2014 07:36 PM, Jakub Hrozek wrote: Hi, ipa-client-install was failing for me on a fresh F-21 machine until I manually dragged in python-backports-ssl_match_hostname Umh, thanks

Re: [Freeipa-devel] [PATCH] CLIENT: Explicitly require python-backports-ssl_match_hostname

On Mon, Sep 01, 2014 at 11:01:23AM +0200, Martin Kosek wrote: > On 08/25/2014 07:36 PM, Jakub Hrozek wrote: > > Hi, > > > > ipa-client-install was failing for me on a fresh F-21 machine until I > > manually dragged in python-backports-ssl_match_hostname > > Umh, thanks for the fix, but I do not t

Re: [Freeipa-devel] [PATCH] 0003 User life cycle: new stageuser plugin with add verb

On 08/08/2014 03:54 PM, thierry bordaz wrote: Hi, The attached patch is related to 'User Life Cycle' (https://fedorahosted.org/freeipa/ticket/3813) It creates a stageuser plugin with a first function stageuser-add. Stage user entries are provisioned under 'cn=staged users,cn=accounts,cn=provisi

[Freeipa-devel] [PATCH] [WIP] ticket #4302 Move replication topology to the shared tree

Hello, attached is a patch for the plugin part for this enhancement: https://fedorahosted.org/freeipa/ticket/4302 I will now implement the management commands and continue testing in a real setup, so there will probably changes when problems are detected or clarifications added. But I would be

Re: [Freeipa-devel] [PATCH] CLIENT: Explicitly require python-backports-ssl_match_hostname

On 08/25/2014 07:36 PM, Jakub Hrozek wrote: > Hi, > > ipa-client-install was failing for me on a fresh F-21 machine until I > manually dragged in python-backports-ssl_match_hostname Umh, thanks for the fix, but I do not think this spec is actually used in our build process. The last update was do

Re: [Freeipa-devel] [PATCH] 0154-0158 improve trust operations

On 08/29/2014 11:26 AM, Sumit Bose wrote: > On Thu, Aug 21, 2014 at 01:43:35PM +0300, Alexander Bokovoy wrote: >> Hi! >> >> Attached patchset improves trust operations: >> >> 1. Ensures we only allow establishing trust to forest root domain >> 2. Ensures that we select primary domain controllers >>