Re: [Freeipa-devel] [DESIGN] Lightweight CA renewal

On Tue, Jun 21, 2016 at 07:29:22AM +0200, Jan Cholasta wrote: > On 18.6.2016 02:38, Fraser Tweedale wrote: > > On Fri, Jun 17, 2016 at 03:21:07PM +0200, Jan Cholasta wrote: > > > On 17.6.2016 09:34, Fraser Tweedale wrote: > > > > On Mon, May 09, 2016 at 09:35:06AM +0200, Jan Cholasta wrote: > > >

Re: [Freeipa-devel] [WIP] Thin client

On 20.6.2016 19:56, Martin Basti wrote: On 20.06.2016 18:48, Martin Basti wrote: On 20.06.2016 16:42, Jan Cholasta wrote: On 20.6.2016 16:13, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub:

Re: [Freeipa-devel] [DESIGN] Lightweight CA renewal

On 18.6.2016 02:38, Fraser Tweedale wrote: On Fri, Jun 17, 2016 at 03:21:07PM +0200, Jan Cholasta wrote: On 17.6.2016 09:34, Fraser Tweedale wrote: On Mon, May 09, 2016 at 09:35:06AM +0200, Jan Cholasta wrote: Hi, On 6.5.2016 08:01, Fraser Tweedale wrote: Hullo all, FreeIPA Lightweight CAs

Re: [Freeipa-devel] [PATCHES 551-552, 623-624] cert: add owner information, allow search by certificate

On 20.6.2016 15:31, Jan Cholasta wrote: On 20.6.2016 09:54, Jan Cholasta wrote: On 15.6.2016 12:33, Jan Cholasta wrote: On 14.6.2016 11:44, Jan Cholasta wrote: On 21.4.2016 09:11, Jan Cholasta wrote: On 6.4.2016 15:46, Pavel Vomacka wrote: On 03/16/2016 01:50 PM, Jan Cholasta wrote: Hi,

Re: [Freeipa-devel] [PATCH 0532] Fix possibly undefined variable

On 20.06.2016 20:31, Alexander Bokovoy wrote: On Mon, 20 Jun 2016, Martin Basti wrote: Patch attached. From a073b44587a5b34c4f1de5742d54e7c547cd5821 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 20 Jun 2016 12:48:38 +0200 Subject: [PATCH] Fix possibly

[Freeipa-devel] [PATCH] 0059: webui: make 'Actions' strings translatable

Hello, please review attached patch. -- Pavel^3 Vomacka From ff35b4ae33714783c42751f917e2c21fd390cbd7 Mon Sep 17 00:00:00 2001 From: Pavel Vomacka Date: Mon, 20 Jun 2016 20:43:26 +0200 Subject: [PATCH] Make Actions string translatable Remove hardcoded strings 'Actions '

Re: [Freeipa-devel] [PATCH 0532] Fix possibly undefined variable

On Mon, 20 Jun 2016, Martin Basti wrote: Patch attached. From a073b44587a5b34c4f1de5742d54e7c547cd5821 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 20 Jun 2016 12:48:38 +0200 Subject: [PATCH] Fix possibly undefined variable in ipa_smb_conf_exists() There was

Re: [Freeipa-devel] [PATCH] 0021 slapi-nis should allow password update on a virtual entry

On Wed, 15 Jun 2016, thierry bordaz wrote: Thanks Alexander for the review. You are right I forgot to remove those lines during the cleanup. ACK -- I've committed this patch to slapi-nis and released 0.56.0 version. https://bodhi.fedoraproject.org/updates/slapi-nis-0.56.0-2.fc24 -- /

Re: [Freeipa-devel] [PATCH] 0020 Enable password change extop to apply on virtual entry like the entry in compat tree

On Tue, 14 Jun 2016, thierry bordaz wrote: From ac6c0617f618fc609df93dc18ec25255484b533d Mon Sep 17 00:00:00 2001 From: Thierry Bordaz Date: Fri, 10 Jun 2016 15:34:40 +0200 Subject: [PATCH] ipapwd_extop should use TARGET_DN defined by a pre-extop plugin ipapwd_extop allows

Re: [Freeipa-devel] [PATCH] 0019 - 2 ipapwd_extop should take precedence over default DS plugin

On Thu, 16 Jun 2016, thierry bordaz wrote: From 81af4f17deca1814851429a054804b5bc9f63491 Mon Sep 17 00:00:00 2001 From: Thierry Bordaz Date: Thu, 16 Jun 2016 16:28:03 +0200 Subject: [PATCH] Make sure ipapwd_extop takes precedence over passwd_modify_extop DS core server

Re: [Freeipa-devel] [PATCH 0137] DNS Locations: make ipa-ca record generation more robus

On 20.06.2016 18:28, Petr Spacek wrote: Hello, DNS Locations: make ipa-ca record generation more robust __add_ca_records_from_hostname() now skips over DNS exceptions and retries resolution until timeout of 120 seconds is reached. Luckily current logic fails safe: In cases where resolution

Re: [Freeipa-devel] [WIP] Thin client

On 20.06.2016 18:48, Martin Basti wrote: On 20.06.2016 16:42, Jan Cholasta wrote: On 20.6.2016 16:13, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to

Re: [Freeipa-devel] [Patch-0046] Increased certmonger timeout to address ticket N 5758

On 16.06.2016 10:29, Oleg Fayans wrote: With this change the certmonger timeout issue is no longer observed in abcd lab. ACK Pushed to: master: 0ba9e72057bd372a7cf8ee51d1521ec5d11069d5 ipa-4-3: 084340b1c513c874e259378c0e24008c8f0237ed -- Manage your subscription for the Freeipa-devel

[Freeipa-devel] [PATCH 0533] Server-del: fix system records removal

Patch attached. Services must be removed before records are updated From 7c0d3bd3ff3f507ddcd92d7b2f8e2363696c4dba Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 20 Jun 2016 19:27:55 +0200 Subject: [PATCH] Server-del: fix system records removal Services on replica

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

On 20.06.2016 18:32, Petr Spacek wrote: On 20.6.2016 18:05, Martin Basti wrote: On 20.06.2016 16:57, Petr Spacek wrote: Hello, DNS: Warn about restart when default TTL setting DNS is changed bind-dyndb-ldap 10.0 has to be restarted after each change to default TTL.

Re: [Freeipa-devel] [PATCH] 0019 - 2 ipapwd_extop should take precedence over default DS plugin

On 16.06.2016 22:29, Alexander Bokovoy wrote: On Thu, 16 Jun 2016, thierry bordaz wrote: The version DS 1.3.5.6 is now available. Here is the second version of the patch taking into account lower precedence for Schema Compat On 06/13/2016 06:01 PM, Alexander Bokovoy wrote: On Mon, 13 Jun

Re: [Freeipa-devel] [PATCH] pylint fixes

On 20.06.2016 19:06, Martin Basti wrote: On 20.06.2016 12:00, Florence Blanc-Renaud wrote: On 06/09/2016 05:10 PM, Petr Spacek wrote: Hello, I've received a bunch of pylint fixes produced by upstream contributor who is not subscribed to the list so I'm resending them here. All credit

Re: [Freeipa-devel] [PATCH] pylint fixes

On 20.06.2016 12:00, Florence Blanc-Renaud wrote: On 06/09/2016 05:10 PM, Petr Spacek wrote: Hello, I've received a bunch of pylint fixes produced by upstream contributor who is not subscribed to the list so I'm resending them here. All credit goes to Bárta Jan<55042ba...@sstebrno.eu>.

Re: [Freeipa-devel] [PATCH 0134] DNS: Fix realm domains integration with DNS zone add

On 20.06.2016 14:35, Petr Spacek wrote: Hello, DNS: Fix realm domains integration with DNS zone add. Realmdomains integration into DNS commands pre-dates split of DNS forward zones and DNS master zones into two distinct commands. There was an forgotten condition in dnszone_add command which

[Freeipa-devel] [PATCH] 0058 WebUI: certificate widget on ID override user page

Hello, please review attached patch. https://fedorahosted.org/freeipa/ticket/5926 -- Pavel^3 Vomacka From aa6ef0a9b51d8c2d955399a044d1ee90cc6f936e Mon Sep 17 00:00:00 2001 From: Pavel Vomacka Date: Fri, 17 Jun 2016 10:05:52 +0200 Subject: [PATCH] Add certificate widget

[Freeipa-devel] [PATCH 0532] Fix possibly undefined variable

Patch attached. From a073b44587a5b34c4f1de5742d54e7c547cd5821 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 20 Jun 2016 12:48:38 +0200 Subject: [PATCH] Fix possibly undefined variable in ipa_smb_conf_exists() There was missing else statement what may result in

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

On 20.6.2016 18:05, Martin Basti wrote: > > > On 20.06.2016 16:57, Petr Spacek wrote: >> Hello, >> >> DNS: Warn about restart when default TTL setting DNS is changed >> >> bind-dyndb-ldap 10.0 has to be restarted after each change to default >> TTL. >> >>

[Freeipa-devel] [PATCH 0137] DNS Locations: make ipa-ca record generation more robus

Hello, DNS Locations: make ipa-ca record generation more robust __add_ca_records_from_hostname() now skips over DNS exceptions and retries resolution until timeout of 120 seconds is reached. Luckily current logic fails safe: In cases where resolution failed for all the CA servers, the resulting

Re: [Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

On 20.06.2016 16:57, Petr Spacek wrote: Hello, DNS: Warn about restart when default TTL setting DNS is changed bind-dyndb-ldap 10.0 has to be restarted after each change to default TTL. https://fedorahosted.org/freeipa/ticket/2956 DNS: Support default TTL setting for master DNS zones

[Freeipa-devel] [PATCH 0135-0136] DNS: Warn about restart when default TTL setting DNS is change DNS: Support default TTL setting for master DNS zone

Hello, DNS: Warn about restart when default TTL setting DNS is changed bind-dyndb-ldap 10.0 has to be restarted after each change to default TTL. https://fedorahosted.org/freeipa/ticket/2956 DNS: Support default TTL setting for master DNS zones https://fedorahosted.org/freeipa/ticket/2956 --

Re: [Freeipa-devel] [WIP] Thin client

On 20.6.2016 16:13, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to "ipalib: use relative imports for cross-plugin imports" should be good for review. The

Re: [Freeipa-devel] [WIP] Thin client

On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to "ipalib: use relative imports for cross-plugin imports" should be good for review. The rest is subject to change (WARNING: I

[Freeipa-devel] [PATCH 0162] Do not update result of *-config-show with empty server attributes

https://fedorahosted.org/freeipa/ticket/5960 -- Martin^3 Babinsky From a366d731d276efd34e1f0924ddc4e51041c1814c Mon Sep 17 00:00:00 2001 From: Martin Babinsky Date: Mon, 20 Jun 2016 15:29:21 +0200 Subject: [PATCH] Do not update result of *-config-show with empty server

Re: [Freeipa-devel] [PATCHES 551-552, 623-624] cert: add owner information, allow search by certificate

On 20.6.2016 09:54, Jan Cholasta wrote: On 15.6.2016 12:33, Jan Cholasta wrote: On 14.6.2016 11:44, Jan Cholasta wrote: On 21.4.2016 09:11, Jan Cholasta wrote: On 6.4.2016 15:46, Pavel Vomacka wrote: On 03/16/2016 01:50 PM, Jan Cholasta wrote: Hi, the attached patches implement the

[Freeipa-devel] [PATCH 0134] DNS: Fix realm domains integration with DNS zone add

Hello, DNS: Fix realm domains integration with DNS zone add. Realmdomains integration into DNS commands pre-dates split of DNS forward zones and DNS master zones into two distinct commands. There was an forgotten condition in dnszone_add command which caused omission of DNS master zones with

Re: [Freeipa-devel] [PATCH 0531] Fix undefined variable in replica install

On 20.06.2016 13:44, Martin Basti wrote: Patch attached. https://fedorahosted.org/freeipa/ticket/5975 Discard this, Honza set patch independently because it was related to thin client -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH] Fix minor typos

On 19.06.2016 10:08, Yuri Chornoivan wrote: Hi, Just a fix for two minor typos: recors -> records recieve -> receive Thanks for fixing these typos. Best regards, Yuri Thanks! ACK master: * a95e0777ac64cc8edad152f189be5347117785ef Fix minor typos -- Manage your subscription for the

[Freeipa-devel] [PATCH 0531] Fix undefined variable in replica install

Patch attached. https://fedorahosted.org/freeipa/ticket/5975 From 0995aa1cabff511899d5de03972ed96818a1495f Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Mon, 20 Jun 2016 12:35:45 +0200 Subject: [PATCH] Fix: undefined 'ipaconf' in replica promotion ipaconf variable and

Re: [Freeipa-devel] [PATCH] 0048-50: webui: extend topology graph functionality

On 06/13/2016 10:48 AM, Pavel Vomacka wrote: Hello, please review attached patches which extend topology graph functionality. First two add possibility to create agreement using mouse and the third one adds 'Autogenerated' placeholder. 0047,48: https://fedorahosted.org/freeipa/ticket/5648

Re: [Freeipa-devel] [PATCH] pylint fixes

On 06/09/2016 05:10 PM, Petr Spacek wrote: Hello, I've received a bunch of pylint fixes produced by upstream contributor who is not subscribed to the list so I'm resending them here. All credit goes to Bárta Jan<55042ba...@sstebrno.eu>. Flo, if you have time for it I think that it could be a

[Freeipa-devel] [PATCH 0017][Tests] Fix failing ipatests/test_ipalib/test_errors.py

Hi, attaching patch to fix failing test in ipatests/test_ipalib/test_errors.py. Failures were caused by comparing unicode and non-unicode strings, hence I modified responsible non-unicode strings to unicode. Lenka From 28f4860fc22307e9e16937b0e748aa16c2e85937 Mon Sep 17 00:00:00 2001

Re: [Freeipa-devel] [PATCHES 551-552, 623-624] cert: add owner information, allow search by certificate

On 15.6.2016 12:33, Jan Cholasta wrote: On 14.6.2016 11:44, Jan Cholasta wrote: On 21.4.2016 09:11, Jan Cholasta wrote: On 6.4.2016 15:46, Pavel Vomacka wrote: On 03/16/2016 01:50 PM, Jan Cholasta wrote: Hi, the attached patches implement the server-side part of