URL: https://github.com/freeipa/freeipa/pull/474
Title: #474: Update man page of ipa-server-install
martbab commented:
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/08b8bfa9b59b30e1bec1fa8c1cfce992dc80c49f
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
tiran commented:
"""
I have one very important question: Without ipatests, how are you going to
automatically test client-only builds?
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/474
Author: Akasurde
Title: #474: Update man page of ipa-server-install
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/474/head:pr474
git checkout pr474
--
Manage
URL: https://github.com/freeipa/freeipa/pull/474
Title: #474: Update man page of ipa-server-install
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/475
Title: #475: Add options to run only ipaclient unittests
martbab commented:
"""
I was thinking that instead of making up more options to test runner we could
reorganize the `ipatests/` directory to actually make sense from the consumer's
POV,
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
martbab commented:
"""
Could we use just keep the post command as "kdestroy -c {apache_ccache_path}"?
Or is everything chrooted into name-spaced /tmp and we can not access the
ccache file
URL: https://github.com/freeipa/freeipa/pull/475
Title: #475: Add options to run only ipaclient unittests
tiran commented:
"""
PS: I'm not attached to the new of the option. Please speak up if you can come
up with a better name than ```--ipaclient-unittests```.
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/475
Author: tiran
Title: #475: Add options to run only ipaclient unittests
Action: opened
PR body:
"""
A new option for ipa-run-tests makes the test runner ignore
subdirectories or skips tests that depend on the ipaserver package or on
a running
URL: https://github.com/freeipa/freeipa/pull/474
Title: #474: Update man page of ipa-server-install
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/474
Author: Akasurde
Title: #474: Update man page of ipa-server-install
Action: opened
PR body:
"""
This fix adds information about --ignore-last-of-role in
ipa-server-install man page
Fixes https://fedorahosted.org/freeipa/ticket/6634
URL: https://github.com/freeipa/freeipa/pull/473
Title: #473: Fix session/cookie related issues introduced with the privilege
separation patches
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
lslebodn commented:
"""
On (16/02/17 02:30), Christian Heimes wrote:
>Lukas, you are wasting both my and your precious time with a needless
>bike-shedding discussion about semantics. The
URL: https://github.com/freeipa/freeipa/pull/473
Title: #473: Fix session/cookie related issues introduced with the privilege
separation patches
abbra commented:
"""
LGTM
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/473#issuecomment-280428547
--
Manage your
URL: https://github.com/freeipa/freeipa/pull/473
Author: simo5
Title: #473: Fix session/cookie related issues introduced with the privilege
separation patches
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
URL: https://github.com/freeipa/freeipa/pull/473
Author: simo5
Title: #473: Fix session/cookie related issues introduced with the privilege
separation patches
Action: opened
PR body:
"""
Fixes two bugs opened recently about double cookies being returned and ccache
removal
"""
To pull the
URL: https://github.com/freeipa/freeipa/pull/454
Author: martbab
Title: #454: Move AD trust installation code to a separate module
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/454/head:pr454
git
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
simo5 commented:
"""
If you request a new keytab you should clean up the cacche ?
If we have a way to run the post exec command as the right user and with the
right /tmp (httpd unit file
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
MartinBasti commented:
"""
@stlaz That means the any *-find command may work unexpectedly with
non-mandratory attribute. For this case you must get all active users by
`user-find --disabled=false` +
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
stlaz commented:
"""
Does that mean that `user-find` no longer works?
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/465#issuecomment-280374785
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
MartinBasti commented:
"""
how about @martbab comment?
https://github.com/freeipa/freeipa/pull/468#issuecomment-280056786
> However the restore use-case is not the only one which can
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
simo5 commented:
"""
If this is about backup/restore, add a kdestroy ccache in the restore scripts,
making sue it su - apache first
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
MartinBasti commented:
"""
No because according @HonzaCholasta this is expected framework behavior
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/465#issuecomment-280366327
--
URL: https://github.com/freeipa/freeipa/pull/468
Author: simo5
Title: #468: Remove non-sensical kdestroy on https stop
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/468/head:pr468
git checkout pr468
From
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
MartinBasti commented:
"""
@simo5 any ideas how this should be fixed? We cannot push this patch without
additional fix of removing outdated ccache because it will cause permanent fail
of
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/454
Author: martbab
Title: #454: Move AD trust installation code to a separate module
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/454/head:pr454
git
URL: https://github.com/freeipa/freeipa/pull/464
Title: #464: Bump required python-cryptography version
Label: -ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/464
Title: #464: Bump required python-cryptography version
Label: -pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/464
Author: stlaz
Title: #464: Bump required python-cryptography version
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/464/head:pr464
git checkout pr464
From
URL: https://github.com/freeipa/freeipa/pull/468
Title: #468: Remove non-sensical kdestroy on https stop
simo5 commented:
"""
@MartinBasti the unit files are the wrong place to destroy ccaches, especially
given they run as a different user (root) and may not have access to destroy
stuff when
URL: https://github.com/freeipa/freeipa/pull/448
Author: gkaihorodova
Title: #448: Tests: Basic coverage with tree root domain
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/448/head:pr448
git checkout
URL: https://github.com/freeipa/freeipa/pull/464
Author: stlaz
Title: #464: Bump required python-cryptography version
Action: reopened
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/464/head:pr464
git checkout pr464
--
URL: https://github.com/freeipa/freeipa/pull/472
Author: tiran
Title: #472: Packaging: Add placeholder packages
Action: opened
PR body:
"""
The ipa and freeipa packages are placeholders to prevent PyPI squashing
attacks and reserve the names for future use. `pip install ipa` installs
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
Upgrade still fails when run for the first time during `dnf update`:
http://pastebin.com/H4kt6hVb
When I run it by hand after this failure, it gets a bit further, but
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
tomaskrizek commented:
"""
ACK, I'm fine with pushing this PR.
`make install` does install ipatests for client-only build, other
server-related packages are omitted.
Server build work like
URL: https://github.com/freeipa/freeipa/pull/443
Title: #443: Stronger check for DM password during server install
Label: +rejected
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/443
Title: #443: Stronger check for DM password during server install
stlaz commented:
"""
Closing as REJECTED, this will be sorted out in another way.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/443#issuecomment-280324266
URL: https://github.com/freeipa/freeipa/pull/443
Author: stlaz
Title: #443: Stronger check for DM password during server install
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/443/head:pr443
git checkout pr443
URL: https://github.com/freeipa/freeipa/pull/396
Title: #396: Explicitly remove support of SSLv2
tomaskrizek commented:
"""
Please update the commit title and description to make it clear that it also
removes support of SSLv3.
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
LGTM
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/471#issuecomment-280305500
--
Manage your subscription for the Freeipa-devel mailing list:
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
tiran commented:
"""
Lukas, you are wasting both my and your precious time with a needless
bike-shedding discussion about semantics. The ```--disable-server``` option
skips all parts of the
URL: https://github.com/freeipa/freeipa/pull/469
Author: tiran
Title: #469: Ignore unlink error in ipa-otpd.socket
Action: reopened
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/469/head:pr469
git checkout pr469
--
Manage
URL: https://github.com/freeipa/freeipa/pull/469
Title: #469: Ignore unlink error in ipa-otpd.socket
HonzaCholasta commented:
"""
This will ignore all errors, not just file does not exist. Are we OK with that?
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/469
Author: tiran
Title: #469: Ignore unlink error in ipa-otpd.socket
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/469/head:pr469
git checkout pr469
--
Manage
URL: https://github.com/freeipa/freeipa/pull/471
Author: HonzaCholasta
Title: #471: Fix some privilege separation regressions
Action: opened
PR body:
"""
**client install: create /etc/ipa/nssdb with correct mode**
The NSS database directory is created with mode 640, which causes the IPA
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
lslebodn commented:
"""
On (16/02/17 00:57), Christian Heimes wrote:
>You are missing the point. Obviously tests are an important part of building.
>I can't test the client bits when ipatests
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
stlaz commented:
"""
Is there a ticket for the xfail scenario?
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/465#issuecomment-280275823
--
Manage your subscription for the
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: Add password file to certutil calls in ipapython.certdb module
Action: edited
Changed field: body
Original value:
"""
With this patchset, ipa-client-install should not ask for NSS database password.
Prerequisite:
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
In the last update I renamed the proposed config option `ca_certfile` to
`cacert_store` and made a requirement for it to be absolute path. This was done
with possible future changes to it
URL: https://github.com/freeipa/freeipa/pull/364
Title: #364: Client-only builds with --disable-server
tiran commented:
"""
You are missing the point. Obviously tests are an important part of building. I
can't test the client bits when ipatests is not available.
Let's do small, incremental
URL: https://github.com/freeipa/freeipa/pull/466
Title: #466: pkinit: make sure to have proper dictionary for Kerberos instance
on upgrade
Label: +pushed
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to
URL: https://github.com/freeipa/freeipa/pull/466
Author: abbra
Title: #466: pkinit: make sure to have proper dictionary for Kerberos instance
on upgrade
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa
URL: https://github.com/freeipa/freeipa/pull/466
Title: #466: pkinit: make sure to have proper dictionary for Kerberos instance
on upgrade
MartinBasti commented:
"""
Fixed upstream
master:
https://fedorahosted.org/freeipa/changeset/14d84daf29543978c6383da10f4f2d913346f013
"""
See the full
54 matches
Mail list logo