On 07/02/2015 07:42 PM, David Kupka wrote:
> On 30/06/15 16:16, Petr Vobornik wrote:
>> SSIA
>>
>>
> Works for me, ACK.
>
Pushed to master: 66ea322e7e01266cc916156860b684adb21c618d
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-de
On 07/02/2015 07:42 PM, David Kupka wrote:
> On 30/06/15 16:15, Petr Vobornik wrote:
>> These options should not be touched by users yet.
>>
>> https://fedorahosted.org/freeipa/ticket/5061
>>
>>
> Works for me, ACK.
>
Pushed to master: 2b8e1caa7bfda5e540a94fe26fbcdbfd0ea68928
--
Manage your sub
On 07/02/2015 07:42 PM, David Kupka wrote:
> On 30/06/15 16:15, Petr Vobornik wrote:
>> Comment from segment deletion check which describes the patch:
>>
>> Relax check if topology was or is disconnected. Disconnected topology
>> can contain segments with already deleted servers. Check only if
>> s
On 07/03/2015 08:41 AM, Jan Cholasta wrote:
Dne 2.7.2015 v 14:34 David Kupka napsal(a):
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
Client install works, but uninstall does not:
# ipa-client-install --uninstall -U
certmonger failed to start: Command ''/bin/systemctl' 's
Hi all,
I had several offline discussions about the Topology feature [1] and what to do
with it. Many developers worked pretty hard on making the Topology usable for
the upcoming FreeIPA 4.2 release, however, it still misses some of the
functionality that would prevent our users from making th
Dne 2.7.2015 v 14:34 David Kupka napsal(a):
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
Client install works, but uninstall does not:
# ipa-client-install --uninstall -U
certmonger failed to start: Command ''/bin/systemctl' 'start'
'certmonger.service'' returned non-zer
On 07/02/2015 05:58 PM, Jan Cholasta wrote:
Hi,
Dne 2.7.2015 v 17:18 Fraser Tweedale napsal(a):
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
#2915 ipa-getcert does not allow setting specific EKU on
certificates
Involves cer
On 02/07/15 22:07, Drew Erny wrote:
Hi, all,
The core functionality of the community portal is more-or-less complete.
In a local development environment, you can go to a web page, put in
information, and have that information reflected in the FreeIPA server.
There's definitely some polishing nee
Since ipa-replica-* tools will be soon removed I think this simple check
should be enough.
--
David Kupka
From c97001b0724599c4fa4943c4f01d2458b51238ac Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Fri, 3 Jul 2015 05:59:55 +0200
Subject: [PATCH] ipa-replica-prepare: Do not create DNS zone it
On Thu, Jul 02, 2015 at 06:24:12PM +0200, Petr Spacek wrote:
> On 2.7.2015 16:33, Fraser Tweedale wrote:
> > Hi all,
> >
> > cert-request ensures that any dNSName values in a CSR subjectAltName
> > requestExtension have a corresponding service/host principal in
> > FreeIPA and that their entries a
Hi, all,
The core functionality of the community portal is more-or-less complete.
In a local development environment, you can go to a web page, put in
information, and have that information reflected in the FreeIPA server.
There's definitely some polishing needed (for example, there is no
sty
On 30/06/15 16:16, Petr Vobornik wrote:
SSIA
Works for me, ACK.
--
David Kupka
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 30/06/15 16:15, Petr Vobornik wrote:
These options should not be touched by users yet.
https://fedorahosted.org/freeipa/ticket/5061
Works for me, ACK.
--
David Kupka
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Cont
On 30/06/15 16:15, Petr Vobornik wrote:
Comment from segment deletion check which describes the patch:
Relax check if topology was or is disconnected. Disconnected topology
can contain segments with already deleted servers. Check only if
segments of servers, which can contact this server, and th
On 2.7.2015 16:33, Fraser Tweedale wrote:
> Hi all,
>
> cert-request ensures that any dNSName values in a CSR subjectAltName
> requestExtension have a corresponding service/host principal in
> FreeIPA and that their entries are writable by the bind principal.
>
> It currently DOES NOT enforce CA
Hi,
Dne 2.7.2015 v 17:18 Fraser Tweedale napsal(a):
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
#2915 ipa-getcert does not allow setting specific EKU on
certificates
Involves certmonger so I will need to do a bit more
On 07/02/2015 05:18 PM, Fraser Tweedale wrote:
> On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
>> On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
...
>>> #4970 Server certificate profile should always include a Subject
>>> Alternate name for the host
>>>
>>> If a subjectAltName
On Tue, Jun 30, 2015 at 03:46:08PM +0200, Martin Kosek wrote:
> On 06/30/2015 03:03 PM, Fraser Tweedale wrote:
> > Hi Martin,
> >
> > #4559 [RFE] Support lightweight sub-CAs
> >
> > Remaining work is not huge but may be more than can be done this
> > week even with Christian's help; the
On 07/01/2015 04:51 PM, Petr Vobornik wrote:
> For those of you who don't want to try the patches:
> * https://pvoborni.fedorapeople.org/images/api-user-show.png
> * https://pvoborni.fedorapeople.org/images/api-user-add.png
>
> On 07/01/2015 09:35 AM, Martin Kosek wrote:
>> On 06/30/2015 06:35 PM,
Dne 2.7.2015 v 16:36 Martin Babinsky napsal(a):
On 07/02/2015 02:37 PM, Martin Babinsky wrote:
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/
On 07/02/2015 02:37 PM, Martin Babinsky wrote:
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2
Hi all,
cert-request ensures that any dNSName values in a CSR subjectAltName
requestExtension have a corresponding service/host principal in
FreeIPA and that their entries are writable by the bind principal.
It currently DOES NOT enforce CA ACLs for these alternative
principals, i.e. it does not
On 07/02/2015 11:28 AM, Martin Babinsky wrote:
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne 29.6.2015
On 01/07/15 16:31, David Kupka wrote:
Updated patch attached.
--
David Kupka
From 65eb52bff00135f4feb84dfde1e56a69bc8ea438 Mon Sep 17 00:00:00 2001
From: David Kupka
Date: Wed, 1 Jul 2015 16:26:15 +0200
Subject: [PATCH] cermonger: Use private unix socket when DBus SystemBus is not
availabl
On 07/02/2015 01:58 PM, Martin Babinsky wrote:
First attempt at https://fedorahosted.org/freeipa/ticket/4768
self-NACK
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www
On 2.7.2015 13:54, Jan Cholasta wrote:
> Dne 2.7.2015 v 13:34 Petr Spacek napsal(a):
>> On 2.7.2015 12:57, Tomas Babej wrote:
>>>
>>>
>>> On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
>
>
> On 07/01/2015 04:45 PM, Petr Spacek wrote:
>> On 1.7.
Dne 2.7.2015 v 13:34 Petr Spacek napsal(a):
On 2.7.2015 12:57, Tomas Babej wrote:
On 07/02/2015 08:50 AM, Petr Spacek wrote:
On 1.7.2015 20:29, Tomas Babej wrote:
On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/405
On 2.7.2015 12:57, Tomas Babej wrote:
>
>
> On 07/02/2015 08:50 AM, Petr Spacek wrote:
>> On 1.7.2015 20:29, Tomas Babej wrote:
>>>
>>>
>>> On 07/01/2015 04:45 PM, Petr Spacek wrote:
On 1.7.2015 15:32, Martin Basti wrote:
> https://fedorahosted.org/freeipa/ticket/4058
> Requires patc
On 07/01/2015 07:32 PM, Martin Babinsky wrote:
> On 06/30/2015 05:55 PM, Tomas Babej wrote:
>>
>>
>> On 06/16/2015 01:01 PM, Jan Cholasta wrote:
>>> Dne 16.6.2015 v 10:14 Martin Babinsky napsal(a):
On 05/06/2015 10:12 AM, Tomas Babej wrote:
>
>
> On 05/05/2015 02:02 PM, Tomas Bab
Hi,
I noticed two variables are redundant in the base/paths.py and
base/tasks.py in the ipaplatform module.
git grep -E 'path_namespace|task_namespace'
ipaplatform/base/paths.py:path_namespace = BasePathNamespace
ipaplatform/base/tasks.py:task_namespace = BaseTaskNamespace()
This pat
Dne 1.7.2015 v 14:13 Martin Basti napsal(a):
Fixes: https://fedorahosted.org/freeipa/ticket/5059
Patch attached.
Works for me, ACK.
Pushed to master: 2e329ecdc7c72045f276319d18df28549a51d4b9
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.c
On 07/02/2015 08:50 AM, Petr Spacek wrote:
> On 1.7.2015 20:29, Tomas Babej wrote:
>>
>>
>> On 07/01/2015 04:45 PM, Petr Spacek wrote:
>>> On 1.7.2015 15:32, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/4058
Requires patch freeipa-pspacek-0052
>>>
>>> ACK
>>>
>>
>> I must
On Thu, Jul 02, 2015 at 11:23:49AM +0200, Jan Cholasta wrote:
> Hi,
>
> Dne 2.7.2015 v 11:15 Fraser Tweedale napsal(a):
> >Attached patches fix a couple of important gaps in certprofile
> >plugin:
> >
> >- Add --out option to export Dogtag profile data to file
> > https://fedorahosted.org/freeip
On 07/02/2015 10:34 AM, thierry bordaz wrote:
> On 07/01/2015 05:39 PM, Tomas Babej wrote:
>> Hi Thierry,
>>
>> I think it would be better to use:
>>
>> error=_('Entry has no \'%s\'') % attr
>>
>> or even better, use named substitution:
>>
>> error=_('Entry has no \'%(attribute)s\'') % dict(attri
On 07/01/2015 08:59 PM, Simo Sorce wrote:
> On Wed, 2015-07-01 at 12:05 +0200, Ludwig Krispenz wrote:
>> This fix allows the removal of segments, where not both endpoints of the
>> segments are managed.
>> These segments can exist after deliberately disconnecting a topology by
>> removal of a c
On 07/02/2015 11:12 AM, Martin Babinsky wrote:
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne 29.6.2015 v 10:36 Martin Babinsky napsal(a):
On 06/23/20
Hi,
Dne 2.7.2015 v 11:15 Fraser Tweedale napsal(a):
Attached patches fix a couple of important gaps in certprofile
plugin:
- Add --out option to export Dogtag profile data to file
https://fedorahosted.org/freeipa/ticket/5091
- Add --file option to update existing profile in Dogtag
https:
Attached patches fix a couple of important gaps in certprofile
plugin:
- Add --out option to export Dogtag profile data to file
https://fedorahosted.org/freeipa/ticket/5091
- Add --file option to update existing profile in Dogtag
https://fedorahosted.org/freeipa/ticket/5093
Thanks,
Fraser
Fr
On 07/01/2015 03:05 PM, Martin Babinsky wrote:
On 06/30/2015 02:45 PM, Martin Babinsky wrote:
On 06/30/2015 01:11 PM, Martin Babinsky wrote:
On 06/30/2015 12:04 PM, Jan Cholasta wrote:
Dne 29.6.2015 v 10:36 Martin Babinsky napsal(a):
On 06/23/2015 01:49 PM, Martin Babinsky wrote:
This patchs
On 07/01/2015 05:39 PM, Tomas Babej wrote:
Hi Thierry,
I think it would be better to use:
error=_('Entry has no \'%s\'') % attr
or even better, use named substitution:
error=_('Entry has no \'%(attribute)s\'') % dict(attribute=attr)
This way will generate a more readable strings for translat
On 2.7.2015 09:36, Alexander Bokovoy wrote:
> On Thu, 02 Jul 2015, Jan Cholasta wrote:
>> Can this be done without adding server-core?
> I'm not aware of such method (except of adding all DNS dependencies as
> Requires straight into freeipa-server package).
>
>> Because it's not
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Can this be done without adding server-core?
I'm not aware of such method (except of adding all DNS dependencies as
Requires straight into freeipa-server package).
Because it's not server core,
it's the whole thing! Or maybe just rename it to server-com
Dne 2.7.2015 v 09:06 Alexander Bokovoy napsal(a):
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Dne 1.7.2015 v 15:25 Petr Spacek napsal(a):
On 1.7.2015 15:13, Jan Cholasta wrote:
Hi,
Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
Hello,
Create server-dns sub-package.
This allows us to automaticall
On 07/01/2015 10:15 PM, Simo Sorce wrote:
On Wed, 2015-07-01 at 15:00 -0400, Simo Sorce wrote:
On Wed, 2015-07-01 at 14:44 -0400, Simo Sorce wrote:
On Wed, 2015-07-01 at 14:34 -0400, Simo Sorce wrote:
I am working on the replica promotion code and suddenly the topology
plugin is getting in th
On Thu, 02 Jul 2015, Jan Cholasta wrote:
Dne 1.7.2015 v 15:25 Petr Spacek napsal(a):
On 1.7.2015 15:13, Jan Cholasta wrote:
Hi,
Dne 1.7.2015 v 14:12 Petr Spacek napsal(a):
Hello,
Create server-dns sub-package.
This allows us to automatically pull in package bind-pkcs11
and thus create upgra
45 matches
Mail list logo
