Re: [Freeipa-devel] Meaning of Needs UI design field in Trac?

2014-11-24 Thread Martin Kosek
On 11/24/2014 08:39 AM, Fraser Tweedale wrote: Hi all, The precise meaning and usage of the Needs UI design field in Trac is not clear to me. It has five values: - blank - Not needed - Review - Consult - Design What is the purpose of this field and the meanings of the different

Re: [Freeipa-devel] [PATCHES] 0656-0673 Switch the test suite to pytest

2014-11-24 Thread Petr Viktorin
On 11/21/2014 10:13 PM, Rob Crittenden wrote: Tomas Babej wrote: On 11/20/2014 10:12 AM, Petr Viktorin wrote: On 11/19/2014 01:11 PM, Tomas Babej wrote: On 11/14/2014 09:55 AM, Petr Viktorin wrote: On 10/29/2014 04:52 PM, Petr Viktorin wrote: On 10/29/2014 01:22 PM, Tomas Babej wrote:

Re: [Freeipa-devel] [PATCH] 0031 ipa-restore: Check if directory is provided + better errors.

2014-11-24 Thread Petr Viktorin
On 11/21/2014 02:28 PM, David Kupka wrote: On 11/21/2014 02:12 PM, Tomas Babej wrote: On 11/21/2014 01:56 PM, David Kupka wrote: [...] On another note, I also noticed that read_header leaves leaking file descriptor fd. Can you convert that part to use the with statement? This is a perfect

Re: [Freeipa-devel] [PATCH] 0032 Fix error message for nonexistent members and add tests.

2014-11-24 Thread David Kupka
On 11/21/2014 04:23 PM, Tomas Babej wrote: On 11/21/2014 04:11 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4643 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -

[Freeipa-devel] [PATCH 0171] Fix encoding detection of zonemgr option

2014-11-24 Thread Martin Basti
Ticket: https://fedorahosted.org/freeipa/ticket/4762 Patch attached. -- Martin Basti From 2cc99c9140bbe07ed6a4e16037ae036e1f0e2eca Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 24 Nov 2014 12:46:37 +0100 Subject: [PATCH] Fix detection of encoding in zonemgr option

Re: [Freeipa-devel] [PATCH] 1111 Use NSS protocol range setter

2014-11-24 Thread Jan Cholasta
Dne 21.11.2014 v 16:09 Rob Crittenden napsal(a): Jan Cholasta wrote: Hi, Dne 20.11.2014 v 23:26 Rob Crittenden napsal(a): Use new capability in python-nss-0.16 to use the NSS protocol range setter. This lets us enable TLSv1.1 and TLSv1.2 for client connections. I made this configurable via

Re: [Freeipa-devel] [PATCH 0171] Fix encoding detection of zonemgr option

2014-11-24 Thread Jan Cholasta
Hi, Dne 24.11.2014 v 14:01 Martin Basti napsal(a): Ticket: https://fedorahosted.org/freeipa/ticket/4762 Patch attached. Thanks, ACK. Pushed to: master: 230df95ed9e043069da0008d046b6b0135b0a8d1 ipa-4-1: 880f1e5c277a8826e3334723cd840cae4e65dfb8 Honza -- Jan Cholasta

[Freeipa-devel] [PATCH] 0170 AD Trust: improve trust validation

2014-11-24 Thread Alexander Bokovoy
Hi, Trust validation requires AD DC to contact IPA server to verify that trust account actually works. It can fail due to DNS or firewall issue or if AD DC was able to resolve IPA master(s) via SRV records, it still may contact a replica that has no trust data replicated yet. In case AD DC

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Alexander Bokovoy
On Mon, 10 Nov 2014, Jan Cholasta wrote: From 63846b20707b194d0be635fa086fbbe463561d02 Mon Sep 17 00:00:00 2001 From: Jan Cholasta jchol...@redhat.com Date: Mon, 10 Nov 2014 18:10:59 + Subject: [PATCH 5/7] Fix unchecked return values in ipa-winsync

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Alexander Bokovoy
On Mon, 10 Nov 2014, Jan Cholasta wrote: From 5cfc5d50ef7d2e42f10488ddf0d11fa405a8cb84 Mon Sep 17 00:00:00 2001 From: Jan Cholasta jchol...@redhat.com Date: Mon, 10 Nov 2014 18:12:02 + Subject: [PATCH 6/7] Fix unchecked return value in ipa-join https://fedorahosted.org/freeipa/ticket/4651

[Freeipa-devel] [PATCH 0170] Detect and warn about invalid forwardzone configuration

2014-11-24 Thread Martin Basti
Ticket: https://fedorahosted.org/freeipa/ticket/4721 Patch attached -- Martin Basti From a5a19137e3ddf2d2d48cfbdb2968b6f68ac8f772 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 21 Nov 2014 16:54:09 +0100 Subject: [PATCH] Detect and warn about invalid DNS forward zone

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Alexander Bokovoy
On Mon, 10 Nov 2014, Jan Cholasta wrote: From 4e4600da5cd9c42b76a56cdbdb4c1314ee7b0a2a Mon Sep 17 00:00:00 2001 From: Jan Cholasta jchol...@redhat.com Date: Mon, 10 Nov 2014 18:12:52 + Subject: [PATCH 7/7] Fix unchecked return value in krb5 common utils

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Alexander Bokovoy
On Tue, 18 Nov 2014, Jan Cholasta wrote: Dne 12.11.2014 v 08:58 Petr Spacek napsal(a): On 11.11.2014 12:27, Jan Cholasta wrote: Dne 11.11.2014 v 11:40 Alexander Bokovoy napsal(a): On Tue, 11 Nov 2014, Jan Cholasta wrote: From 82d7d37ca310af015018ebb2da2f9a72c4dabcaa Mon Sep 17 00:00:00 2001

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Jan Cholasta
Dne 24.11.2014 v 14:44 Alexander Bokovoy napsal(a): On Tue, 18 Nov 2014, Jan Cholasta wrote: Dne 12.11.2014 v 08:58 Petr Spacek napsal(a): On 11.11.2014 12:27, Jan Cholasta wrote: Dne 11.11.2014 v 11:40 Alexander Bokovoy napsal(a): On Tue, 11 Nov 2014, Jan Cholasta wrote: From

Re: [Freeipa-devel] [PATCH] 783 webui: normalize idview tab labels

2014-11-24 Thread Tomas Babej
On 11/04/2014 03:54 PM, Petr Vobornik wrote: ID View tab labels are no longer redundant. https://fedorahosted.org/freeipa/ticket/4650 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Jan Cholasta
Dne 11.11.2014 v 11:13 Jan Cholasta napsal(a): Dne 10.11.2014 v 19:25 Jan Cholasta napsal(a): Hi, the attached patches provide additional fixes for https://fedorahosted.org/freeipa/ticket/4651. I'm not 100% sure if the fixes for ipa-sam and ipa-kdb are correct, please check them carefully.

Re: [Freeipa-devel] [PATCHES] 366-372 Additional Coverity fixes

2014-11-24 Thread Alexander Bokovoy
On Mon, 24 Nov 2014, Jan Cholasta wrote: https://fedorahosted.org/freeipa/ticket/4713 --- daemons/ipa-kdb/ipa_kdb_mspac.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/daemons/ipa-kdb/ipa_kdb_mspac.c b/daemons/ipa-kdb/ipa_kdb_mspac.c index c8f6c76..debcd1b 100644 ---

[Freeipa-devel] [PATCH] 0033 Use singular in help metavars + update man pages.

2014-11-24 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4695 IMO this is one of two reasonable ways how to fix this ticket. The other one is to change just the manual page but it seems more consistent to use singular for metavars everywhere. -- David Kupka From 54f396b9b8316173b1c295c15feb0bb38025b64a Mon Sep

Re: [Freeipa-devel] [PATCH] 1111 Use NSS protocol range setter

2014-11-24 Thread Rob Crittenden
Jan Cholasta wrote: Dne 21.11.2014 v 16:09 Rob Crittenden napsal(a): Jan Cholasta wrote: Hi, Dne 20.11.2014 v 23:26 Rob Crittenden napsal(a): Use new capability in python-nss-0.16 to use the NSS protocol range setter. This lets us enable TLSv1.1 and TLSv1.2 for client connections. I made

Re: [Freeipa-devel] [PATCH] 0033 Use singular in help metavars + update man pages.

2014-11-24 Thread Martin Basti
On 24/11/14 15:54, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4695 IMO this is one of two reasonable ways how to fix this ticket. The other one is to change just the manual page but it seems more consistent to use singular for metavars everywhere. I like this approach. But

Re: [Freeipa-devel] [PATCH] 0032 Fix error message for nonexistent members and add tests.

2014-11-24 Thread Tomas Babej
On 11/24/2014 01:20 PM, David Kupka wrote: On 11/21/2014 04:23 PM, Tomas Babej wrote: On 11/21/2014 04:11 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4643 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH] 0032 Fix error message for nonexistent members and add tests.

2014-11-24 Thread Petr Vobornik
On 11/24/2014 04:07 PM, Tomas Babej wrote: ACK, works fine. master: * b42b1755dcd0a681709525b4d574e12b77bbce13 webui: normalize idview tab labels ipa-4-1: * 2fc53c9426ff976d4732cc1d16b1b61447cb4313 webui: normalize idview tab labels Wrong thread? Is it meant for [PATCH] 783 webui:

Re: [Freeipa-devel] [PATCH] 0032 Fix error message for nonexistent members and add tests.

2014-11-24 Thread Tomas Babej
On 11/24/2014 04:15 PM, Petr Vobornik wrote: On 11/24/2014 04:07 PM, Tomas Babej wrote: ACK, works fine. master: * b42b1755dcd0a681709525b4d574e12b77bbce13 webui: normalize idview tab labels ipa-4-1: * 2fc53c9426ff976d4732cc1d16b1b61447cb4313 webui: normalize idview tab labels

[Freeipa-devel] [PATCH] 0675 copy_schema_to_ca: Fallback to old import location for ipaplatform.services

2014-11-24 Thread Petr Viktorin
This fixes a regression from the ipaplatform refactoring. https://fedorahosted.org/freeipa/ticket/4763 -- PetrĀ³ From 2bea3850ff68c821b4af4e20d3992256e816c849 Mon Sep 17 00:00:00 2001 From: Petr Viktorin pvikt...@redhat.com Date: Mon, 24 Nov 2014 15:01:29 +0100 Subject: [PATCH]

Re: [Freeipa-devel] [PATCH 0170] Detect and warn about invalid forwardzone configuration

2014-11-24 Thread Petr Spacek
Hello! Thank you for the patch. It is not ready yet but the overall direction seems good. Please see my comments in-line. On 24.11.2014 14:35, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4721 Patch attached -- Martin Basti

[Freeipa-devel] [PATCH] drop archeological feature :)

2014-11-24 Thread Simo Sorce
Getting through krbinstancepy I discovered we are still doing this thing with the master key that has been unnecessary for a few years now. Stop doing that. I haven't really tested this yet ... but ... what could possibly go wrong ? :-D Simo. -- Simo Sorce * Red Hat, Inc * New York From

[Freeipa-devel] RFE - Number of thoughts on FreeIPA

2014-11-24 Thread William B
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have been using FreeIPA for some time now. I have done a lot of testing for the project, and have a desire to see FreeIPA do well. As some background, I'm a system admin for a University, who currently runs an unmanaged instance of 389ds. In

Re: [Freeipa-devel] RFE - Number of thoughts on FreeIPA

2014-11-24 Thread Rich Megginson
On 11/24/2014 03:01 PM, William B wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have been using FreeIPA for some time now. I have done a lot of testing for the project, and have a desire to see FreeIPA do well. As some background, I'm a system admin for a University, who

[Freeipa-devel] ds-migrate feature enhancements

2014-11-24 Thread Alan Evans
I am in the midst of preparing for a migration from OpenLDAP to FreeIPA. ds-migrate wasn't going to fill all of my needs so I thought I would use it for most and then make up some LDIF's and massage them to do the last bit of migration. I have instead decided to extend ds-migrate and I think that

Re: [Freeipa-devel] RFE - Number of thoughts on FreeIPA

2014-11-24 Thread William B
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 24 Nov 2014 15:10:49 -0700 Rich Megginson rmegg...@redhat.com wrote: Finally, back to our rich features. Not all businesses want all the features of FreeIPA. For example, we don't want the Dogtag CA, NTP, DNS or Kerberos components.

Re: [Freeipa-devel] Meaning of Needs UI design field in Trac?

2014-11-24 Thread Fraser Tweedale
On Mon, Nov 24, 2014 at 09:23:50AM +0100, Martin Kosek wrote: On 11/24/2014 08:39 AM, Fraser Tweedale wrote: Hi all, The precise meaning and usage of the Needs UI design field in Trac is not clear to me. It has five values: - blank - Not needed - Review - Consult - Design

Re: [Freeipa-devel] RFE - Number of thoughts on FreeIPA

2014-11-24 Thread Simo Sorce
On Tue, 25 Nov 2014 08:31:33 +1030 William B will...@firstyear.id.au wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have been using FreeIPA for some time now. I have done a lot of testing for the project, and have a desire to see FreeIPA do well. As some background, I'm a