d at
the call site.
Why is init_creds() now called from __init__()? Why is it still called
from _auth_header()?
Why is ldap_uri now passed to IPAKEMKeys()?
Thanks for the review, Simo.
Fraser
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.r
, but
this is the likely reason why it wan't there from the beginning.
Makefile: replace perl with sed
Perl was missing in BuildRequires anyway and it is used only on one place,
all other places are using sed.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing
On 19.4.2016 12:42, Martin Babinsky wrote:
On 04/14/2016 11:46 AM, Ludwig Krispenz wrote:
On 04/14/2016 10:59 AM, Martin Babinsky wrote:
On 04/14/2016 08:24 AM, Jan Cholasta wrote:
On 13.4.2016 17:10, Rob Crittenden wrote:
Martin Babinsky wrote:
This is a WIP patch which moves the `ipa
On 19.4.2016 13:49, Martin Babinsky wrote:
On 04/14/2016 10:48 AM, Martin Babinsky wrote:
On 04/14/2016 08:42 AM, Jan Cholasta wrote:
Hi,
On 13.4.2016 16:49, Martin Babinsky wrote:
This is a WIP patch which moves the `ipa-replica-manage del` subcommand
to the 'server-del' API method
On 6.4.2016 15:46, Pavel Vomacka wrote:
On 03/16/2016 01:50 PM, Jan Cholasta wrote:
Hi,
the attached patches implement the server-side part of
<https://fedorahosted.org/freeipa/ticket/5381>.
Honza
Hi,
thank you for the patches. I tested them and they work well. But I would
like
On 13.4.2016 14:13, Tomas Babej wrote:
On 04/13/2016 09:55 AM, Tomas Babej wrote:
On 04/07/2016 01:53 PM, Sumit Bose wrote:
On Mon, Apr 04, 2016 at 04:27:02PM +0200, Jan Cholasta wrote:
Hi,
On 1.4.2016 16:53, Tomas Babej wrote:
Hi,
this extends the user ID overrides with capability
On 14.4.2016 08:56, Jan Cholasta wrote:
On 7.4.2016 16:17, Petr Spacek wrote:
On 7.4.2016 15:20, Fraser Tweedale wrote:
On Thu, Apr 07, 2016 at 12:29:00PM +0200, Jan Cholasta wrote:
On 7.4.2016 12:13, Christian Heimes wrote:
On 2016-04-07 11:09, Petr Spacek wrote:
On 7.4.2016 08:43, Fraser
thin client feature anyway ;-)
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 6.4.2016 10:57, Petr Spacek wrote:
On 6.4.2016 10:50, Jan Cholasta wrote:
On 4.4.2016 13:51, Petr Spacek wrote:
On 4.4.2016 13:39, Martin Basti wrote:
On 31.03.2016 09:58, Petr Spacek wrote:
On 26.2.2016 15:37, Petr Spacek wrote:
On 25.2.2016 16:46, Simo Sorce wrote:
On Thu, 2016-02
On 12.4.2016 12:57, Jan Cholasta wrote:
On 12.4.2016 10:45, Petr Spacek wrote:
On 12.4.2016 09:31, Martin Babinsky wrote:
On 03/17/2016 06:16 PM, Martin Babinsky wrote:
Hi list,
here is a link (http://www.freeipa.org/page/V4/Server_Roles) to WIP
design document concerning the concept
a discussion with Petr Spacek and Jan Cholasta about the possible
utilization of server role implementation for the generation of location
specific DNAME records.[1]
The thing that would make Petr's life a bit easier is a plugin that would
associate a certain role with a set of DNS RRs and would be able
s,$SUFFIX;
and userattr = "managedby#USERDN";)
(Retain existing ACIs for backwards compatiblity.)
Actually this has been discussed before:
<https://www.redhat.com/archives/freeipa-devel/2015-November/msg00547.html>
Let me know what you think!
I think that all y
this seems as safer and easier way to go.
FreeIPA installers already create quite a lot of principals and keytabs so
this is well understood task.
I would do (3).
+1 for (3)
A SUID binary feels like a dangerous hack.
+1
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing
ver-mod:
server-mod --location= [--location-weight=0..65535]
? This is the natural way to model one-to-many relationships in the API,
consistent with existing stuff.
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinf
-find, the full certificate blob
should not be shown in idoverrideuser-find. You can do that by setting
search_display_attributes attribute on the idoverrideuser class
appropriately.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com
.
[1]
https://git.fedorahosted.org/cgit/freeipa.git/tree/install/tools/ipa-replica-manage?h=ipa-4-3#n753
[2]
https://git.fedorahosted.org/cgit/freeipa.git/tree/install/tools/ipa-replica-manage?h=ipa-4-3#n810
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list
On 24.3.2016 14:13, Martin Babinsky wrote:
On 03/24/2016 01:47 PM, Martin Babinsky wrote:
On 03/22/2016 12:28 PM, Martin Babinsky wrote:
On 03/16/2016 02:17 PM, Martin Babinsky wrote:
On 03/16/2016 01:35 PM, Nathaniel McCallum wrote:
On Wed, 2016-03-16 at 07:25 +0100, Jan Cholasta wrote
d this patch, since I think it is related to
https://fedorahosted.org/freeipa/ticket/4639 but I am not sure. CC'ing
Jan who owns the ticket.
It seems so, on uninstall we restore mod_nss config, so httpd uses the
default password (whatever that is), but the database still uses the
password set b
to
init/systemd/httpd.conf rather than install/share/ipa-httpd.conf.
not relevant to this patch, but there are others candidates for
templates like:
daemons/dnssec/ipa-dnskeysyncd.service
daemons/dnssec/ipa-ods-exporter.service
install/conf/ipa.conf
--
Jan Cholasta
--
Manage your subscription
nge is not backward compatible, can we do this?
https://fedorahosted.org/freeipa/ticket/5281
commands: user-find
I'm for it, would like to hear other opinions.
Note: it should be only in user-find commands. 'show' has to display it.
+1
--
Jan Cholasta
--
Manage your subscription for the Free
to know the base
DN of some arbitrary LDAP search operation. Could you give an example?
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
her command and param anyway.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
: True
Enabled: True
Do not be afraid to bring up other questions/remarks/comments. This is
my first design documents so I expect them to be plenty.
The CLI commands are a little bit self-inconsistent, see any other
plugin for how the general layout of arguments should look like.
--
Jan
are using user/host objects in their code and want the same
behavior as user/host commands. Please keep the change isolated in the
relevant commands.
2) Don't add ipasshpubkey to search_attributes, we don't want user-find
and friends to search inside ipasshpubkey.
--
Jan Cholasta
--
M
On 10.3.2016 19:04, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5703
Patch attached.
Works for me, ACK.
Pushed to master: 04d4519ed545df6ca156cbccaab059cfc3338bf6
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman
On 18.3.2016 05:16, Timo Aaltonen wrote:
07.01.2016, 10:50, Jan Cholasta kirjoitti:
Hi,
the attached patch ports the _ipap11helper module to python-cffi.
Combined with my patch 536 [1], this makes ipapython architecture
independent.
don't know why it works for you, but ipa-ods-exporter
On 3.3.2016 18:31, Martin Basti wrote:
On 26.02.2016 07:25, Jan Cholasta wrote:
Hi,
On 25.2.2016 18:05, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5680
Patch attached.
NACK.
For python 3, the ldap module is provided by python3-pyldap.
Any reason for the random ordering
On 11.3.2016 09:32, Martin Babinsky wrote:
On 03/11/2016 07:24 AM, Jan Cholasta wrote:
On 9.3.2016 11:14, Martin Babinsky wrote:
On 03/07/2016 04:28 PM, Martin Kosek wrote:
On 03/07/2016 03:17 PM, Petr Spacek wrote:
On 7.3.2016 13:27, Jan Cholasta wrote:
Hi,
On 7.3.2016 12:47, Martin
Hi,
the attached patches implement the server-side part of
<https://fedorahosted.org/freeipa/ticket/5381>.
Honza
--
Jan Cholasta
From f7d6e814b9addf5216c563cbb6dbe257ee1be935 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 16 Mar 2016 13:09:11 +
On 16.3.2016 08:33, Stanislav Laznicka wrote:
On 03/15/2016 12:47 PM, Petr Vobornik wrote:
On 03/15/2016 07:25 AM, Jan Cholasta wrote:
On 14.3.2016 17:18, Petr Vobornik wrote:
On 03/14/2016 04:55 PM, Jan Cholasta wrote:
On 14.3.2016 16:26, Petr Vobornik wrote:
On 03/14/2016 12:57 PM, Jan
On 15.3.2016 22:22, Nathaniel McCallum wrote:
On Tue, 2016-03-15 at 17:54 +0100, Martin Babinsky wrote:
On 03/15/2016 03:36 PM, Martin Babinsky wrote:
On 03/09/2016 07:06 AM, Jan Cholasta wrote:
On 8.3.2016 17:45, Martin Babinsky wrote:
On 03/08/2016 05:35 PM, Jan Cholasta wrote:
Hi
On 14.3.2016 17:18, Petr Vobornik wrote:
On 03/14/2016 04:55 PM, Jan Cholasta wrote:
On 14.3.2016 16:26, Petr Vobornik wrote:
On 03/14/2016 12:57 PM, Jan Cholasta wrote:
On 14.3.2016 12:50, Martin Basti wrote:
On 14.03.2016 12:05, Jan Cholasta wrote:
Hi,
On 11.3.2016 10:39, Stanislav
On 14.3.2016 16:26, Petr Vobornik wrote:
On 03/14/2016 12:57 PM, Jan Cholasta wrote:
On 14.3.2016 12:50, Martin Basti wrote:
On 14.03.2016 12:05, Jan Cholasta wrote:
Hi,
On 11.3.2016 10:39, Stanislav Laznicka wrote:
Hi,
Please see the patch attached. Contrary to the discussion at
https
On 14.3.2016 13:56, Rob Crittenden wrote:
Jan Cholasta wrote:
On 11.3.2016 15:56, Gabe Alford wrote:
On Fri, Mar 11, 2016 at 7:35 AM, Petr Vobornik <pvobo...@redhat.com
<mailto:pvobo...@redhat.com>> wrote:
On 03/11/2016 03:00 PM, Rob Crittenden wrote:
Martin
On 14.3.2016 12:50, Martin Basti wrote:
On 14.03.2016 12:05, Jan Cholasta wrote:
Hi,
On 11.3.2016 10:39, Stanislav Laznicka wrote:
Hi,
Please see the patch attached. Contrary to the discussion at
https://fedorahosted.org/freeipa/ticket/4987 I also added the suffix
option for clean_ruv
and the other half by ipa-replica-manage is confusing.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5117>
and <https://fedorahosted.org/freeipa/ticket/5720>.
Honza
--
Jan Cholasta
From efd94957c00021f08560fd67eeb083ee2c2a260e Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Thu,
On 11.3.2016 15:56, Gabe Alford wrote:
On Fri, Mar 11, 2016 at 7:35 AM, Petr Vobornik <pvobo...@redhat.com
<mailto:pvobo...@redhat.com>> wrote:
On 03/11/2016 03:00 PM, Rob Crittenden wrote:
Martin Kosek wrote:
On 03/11/2016 09:55 AM, Jan Ch
the documentation. Ditto for automation.
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 9.3.2016 11:14, Martin Babinsky wrote:
On 03/07/2016 04:28 PM, Martin Kosek wrote:
On 03/07/2016 03:17 PM, Petr Spacek wrote:
On 7.3.2016 13:27, Jan Cholasta wrote:
Hi,
On 7.3.2016 12:47, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5696
Shouldn't we rather fix IPA
On 10.3.2016 07:57, Fraser Tweedale wrote:
On Thu, Mar 10, 2016 at 07:15:59AM +0100, Jan Cholasta wrote:
On 10.3.2016 03:35, Fraser Tweedale wrote:
On Wed, Mar 09, 2016 at 01:30:01PM +0100, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5298
Patch attached.
ACK
Shouldn't we
On 10.3.2016 03:35, Fraser Tweedale wrote:
On Wed, Mar 09, 2016 at 01:30:01PM +0100, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5298
Patch attached.
ACK
Shouldn't we remove these on upgrade as well?
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel
On 8.3.2016 17:45, Martin Babinsky wrote:
On 03/08/2016 05:35 PM, Jan Cholasta wrote:
Hi,
On 8.3.2016 16:21, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5700
1) Instead of checking for utf-8 in particular, I would prefer a more
robust approach:
try:
qr
UnicodeError:
# it is not printable
else:
# it is printable
2) There is no os.isatty() check to see if stdout is actually a tty.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA
Hi,
On 7.3.2016 12:47, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5696
Shouldn't we rather fix IPA to work with bind running in chroot (which
is AFAIK considered good security practice)?
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing
On 3.3.2016 08:18, Jan Cholasta wrote:
On 2.3.2016 22:15, Martin Štefany wrote:
Hi,
On St, 2016-03-02 at 17:51 +0100, Martin Basti wrote:
On 27.02.2016 21:19, Martin Štefany wrote:
Hi,
I did as Jan suggested, everything is now a new command 'ipa-
sshupdate',
(so it's based on Jan's 'ipa
and which to
IPA itself. For example the upgrade section - I assume Dogtag should
update registry.cfg and IPA caIPAserviceCert profile, but it is not
clearly stated anywhere.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman
this ticket? What is the gain there?
I would like to know the answer myself.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 2.3.2016 14:58, Petr Viktorin wrote:
On 03/01/2016 08:57 AM, Jan Cholasta wrote:
On 29.2.2016 17:14, Petr Viktorin wrote:
On 02/29/2016 08:12 AM, Jan Cholasta wrote:
Hi,
On 26.2.2016 17:14, Petr Viktorin wrote:
On 02/22/2016 12:37 PM, Petr Viktorin wrote:
Hello,
These fixes are needed
at 14:36 +0100, Jan Cholasta wrote:
Hi,
On 25.2.2016 14:23, Martin Basti wrote:
On 22.02.2016 22:13, Martin Štefany wrote:
Hi,
please, review the attached patch which adds --ssh-update to
ipa-
client-
install.
Ticket:https://fedorahosted.org/freeipa/ticket/2655
Hello,
thank you for your patch
Hi,
these patches are for master only, see commit messages for details.
Honza
--
Jan Cholasta
From 49f3e365dc56ccda7d8aec7cf9d8e2d98791b031 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Wed, 2 Mar 2016 11:00:23 +0100
Subject: [PATCH 1/2] ipalib: provide pe
On 29.2.2016 17:14, Petr Viktorin wrote:
On 02/29/2016 08:12 AM, Jan Cholasta wrote:
Hi,
On 26.2.2016 17:14, Petr Viktorin wrote:
On 02/22/2016 12:37 PM, Petr Viktorin wrote:
Hello,
These fixes are needed for the "happy path" of ipa-client-install
--server on Python 3.
Hello,
Cou
Hi,
On 22.2.2016 12:35, Petr Viktorin wrote:
Hello,
This will make a python3-ipaclient RPM.
Thanks, ACK.
Added a missing newline, rebased and pushed to:
master: ec95ffaa529b3de61b12c85ce01e4b2f1d0c65b3
ipa-4-3: f714cb46923b23181daf20d72e34202ea0aacfd8
Honza
--
Jan Cholasta
--
Manage your
n the type is bytes in get_ipa_basedn(), read
attribute values from 'entry.raw' rather than 'entry' and decode always.
2) get_ipa_basedn() is used only in ipadiscovery, perhaps we should move
it there?
Patch 0773: ACK, but the patch does not apply on ipa-4-3.
Patch 0774: ACK.
Honza
--
Ja
On 26.2.2016 21:38, Lukas Slebodnik wrote:
On (26/02/16 12:37), Tomas Babej wrote:
On 02/26/2016 07:30 AM, Jan Cholasta wrote:
On 22.2.2016 19:56, Tomas Babej wrote:
On 02/22/2016 06:14 PM, Alexander Bokovoy wrote:
On Mon, 22 Feb 2016, Tomas Babej wrote:
On 02/22/2016 11:48 AM
/2016 04:04 PM, Jan Cholasta wrote:
On 22.2.2016 15:56, David Kupka wrote:
On 22/02/16 07:28, Jan Cholasta wrote:
On 18.2.2016 10:10, David Kupka wrote:
On 19/01/16 16:10, David Kupka wrote:
On 19/01/16 14:38, Jan Cholasta wrote:
On 19.1.2016 14:26, Martin Kosek wrote:
On 01/19/2016 01:47 PM
a whitespace error.
Updated patch is attached.
ACK.
This should not be pushed until the dependency for SSSD can be bumped.
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d872920f74
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com
appended the new ones.
There are missing as well as redundant requires in other packages,
shouldn't we fix these too?
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http
On 25.2.2016 15:59, Petr Spacek wrote:
On 25.2.2016 14:36, Jan Cholasta wrote:
Hi,
On 25.2.2016 14:23, Martin Basti wrote:
On 22.02.2016 22:13, Martin Štefany wrote:
Hi,
please, review the attached patch which adds --ssh-update to ipa-client-
install.
Ticket:https://fedorahosted.org
root_logger.error(
"Cannot connect to the server due to generic error:
%s", e)
return CLIENT_INSTALL_ERROR
@@ -3088,6 +3181,9 @@ def main():
if options.uninstall:
return uninstall(options, env)
+if options.ssh_update:
+
On 24.2.2016 15:43, Martin Basti wrote:
On 24.02.2016 13:36, Jan Cholasta wrote:
On 24.2.2016 13:07, Martin Basti wrote:
On 24.02.2016 10:45, Jan Cholasta wrote:
On 23.2.2016 17:20, Martin Basti wrote:
On 22.02.2016 09:00, Jan Cholasta wrote:
Hi,
On 17.2.2016 14:49, Martin Basti
like this can even get to the sources.
Fortunately the added check will prevent that in the future.
Before this is pushed, could you please check git history to verify that
these duplicate excepts are not symptomps of some actual problems?
--
Jan Cholasta
--
Manage your subscription
lanation
in's a workaround.
LSommit message becuase it's a workaround.
LS
Updated patch with reworded commit message.
Please also add "workaround for
https://bugzilla.redhat.com/show_bug.cgi?id=1096506; comment above the
changed requires.
--
Jan Cholasta
--
Manage your subscription for the Fre
s --option are explicitly specified.
+1.
My personal favorite would be to deprecate autodiscovery in
ipa-client-install and tell people to use realmd instead. What you
describe is all that is needed to retain backward compatibility.
--
Jan Cholasta
--
Manage your subscription for the Fre
On 24.2.2016 13:07, Martin Basti wrote:
On 24.02.2016 10:45, Jan Cholasta wrote:
On 23.2.2016 17:20, Martin Basti wrote:
On 22.02.2016 09:00, Jan Cholasta wrote:
Hi,
On 17.2.2016 14:49, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5631
Patch attached (for master, 4.3
On 24.2.2016 10:50, David Kupka wrote:
On 22/02/16 16:06, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5592>.
Honza
Works for me, ACK.
Thanks.
Pushed to:
master: 11592dde1b232a70f318e01f5271b38890090648
i
On 23.2.2016 17:20, Martin Basti wrote:
On 22.02.2016 09:00, Jan Cholasta wrote:
Hi,
On 17.2.2016 14:49, Martin Basti wrote:
https://fedorahosted.org/freeipa/ticket/5631
Patch attached (for master, 4.3, 4.2)
1) All the replication agreement permission ACIs should be located in
the same
On 24.2.2016 09:13, Martin Babinsky wrote:
On 02/22/2016 06:30 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5612>.
Honza
ACK.
Thanks.
Pushed to:
master: ef9134640795b736731bfbdb6fe0badb3e817552
i
On 24.2.2016 08:46, Stanislav Laznicka wrote:
Reworded the commit messages so that they mention Coverity.
On 02/22/2016 07:18 AM, Jan Cholasta wrote:
On 2.2.2016 13:36, Stanislav Laznicka wrote:
On 02/01/2016 02:24 PM, Jan Cholasta wrote:
On 1.2.2016 12:11, Petr Spacek wrote:
On 1.2.2016 09
On 23.2.2016 09:55, Martin Babinsky wrote:
On 02/23/2016 07:43 AM, Fraser Tweedale wrote:
On Tue, Feb 23, 2016 at 07:32:31AM +0100, Jan Cholasta wrote:
On 23.2.2016 06:40, Fraser Tweedale wrote:
On Mon, Feb 22, 2016 at 02:03:49PM +0100, Martin Babinsky wrote:
https://fedorahosted.org/freeipa
On 13.1.2016 08:12, Jan Cholasta wrote:
On 8.1.2016 11:56, Fraser Tweedale wrote:
On Thu, Jan 07, 2016 at 08:00:51PM +1000, Fraser Tweedale wrote:
On Thu, Jan 07, 2016 at 07:56:15AM +0100, Jan Cholasta wrote:
Hi,
On 6.1.2016 05:26, Fraser Tweedale wrote:
Happy new year, all.
The attached
e a way in the CLI to override the decisions of the framework
and set explicit weights ?
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
teRetrieveError if the profile already
exists, which can then be properly handled in _create_dogtag_profile().
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5612>.
Honza
--
Jan Cholasta
From 7e0ec898cd58647250ed673fa55b98012939e373 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Mon, 22 Feb 2016 18:14:46 +0100
Subject: [PATCH] cacert instal
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5592>.
Honza
--
Jan Cholasta
From 30e528a6254c72b52f89dbfa164c2b972939c58f Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Mon, 22 Feb 2016 15:05:35 +0100
Subject: [PATCH] client: stop us
On 22.2.2016 15:56, David Kupka wrote:
On 22/02/16 07:28, Jan Cholasta wrote:
On 18.2.2016 10:10, David Kupka wrote:
On 19/01/16 16:10, David Kupka wrote:
On 19/01/16 14:38, Jan Cholasta wrote:
On 19.1.2016 14:26, Martin Kosek wrote:
On 01/19/2016 01:47 PM, David Kupka wrote:
I've polished
ittle
bit more robust. You should check that the original entry contains all
the required values before touching it (objectclass=ipapermissionv2,
ipapermissiontype=V2, ipapermissiontype=MANAGED) and remove only the
values that need to be removed, instead of just overwriting everything.
Honza
--
J
On 18.2.2016 10:10, David Kupka wrote:
On 19/01/16 16:10, David Kupka wrote:
On 19/01/16 14:38, Jan Cholasta wrote:
On 19.1.2016 14:26, Martin Kosek wrote:
On 01/19/2016 01:47 PM, David Kupka wrote:
I've polished the patch attached to #5586 by Timo Aaltonen.
Thanks for the patch. I've fixed
On 2.2.2016 13:36, Stanislav Laznicka wrote:
On 02/01/2016 02:24 PM, Jan Cholasta wrote:
On 1.2.2016 12:11, Petr Spacek wrote:
On 1.2.2016 09:03, Jan Cholasta wrote:
Hi,
On 29.1.2016 15:49, Martin Basti wrote:
On 29.01.2016 15:49, Stanislav Laznicka wrote:
Reworded the commits so
On 17.2.2016 10:43, Jan Cholasta wrote:
On 9.2.2016 18:02, Petr Viktorin wrote:
On 01/29/2016 09:42 AM, Jan Cholasta wrote:
On 29.1.2016 09:25, Jan Cholasta wrote:
Hi,
On 27.1.2016 18:38, Petr Viktorin wrote:
Hello,
Here is a mixed bag of Python 3 fixes.
They fix some tests
On 9.2.2016 18:02, Petr Viktorin wrote:
On 01/29/2016 09:42 AM, Jan Cholasta wrote:
On 29.1.2016 09:25, Jan Cholasta wrote:
Hi,
On 27.1.2016 18:38, Petr Viktorin wrote:
Hello,
Here is a mixed bag of Python 3 fixes.
They fix some tests, and they should enable you to use `python3
/usr/bin/ipa
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5550>.
Honza
--
Jan Cholasta
From af50dbca408aa83be2356f81b0e531f5cf8ca4b2 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Fri, 15 Jan 2016 08:07:21 +0100
Subject: [PATCH] replica promot
.
This is suspicious:
-if is_ca_enabled():
-http.configure_certmonger_renewal_guard()
+http.configure_certmonger_renewal_guard()
Why is it necessary?
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 2.2.2016 11:41, Martin Babinsky wrote:
On 02/02/2016 09:33 AM, Jan Cholasta wrote:
On 1.2.2016 14:54, Martin Basti wrote:
On 01.02.2016 13:55, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5655
LGTM, works for me, tested on both ca-less server and CA-full server
0021: Please use the original error messages (there are no
requests being added to D-Bus, but to certmonger).
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org
On 1.2.2016 12:11, Petr Spacek wrote:
On 1.2.2016 09:03, Jan Cholasta wrote:
Hi,
On 29.1.2016 15:49, Martin Basti wrote:
On 29.01.2016 15:49, Stanislav Laznicka wrote:
Reworded the commits so that they better reflect what's going on in those.
On 01/29/2016 02:49 PM, Stanislav Laznicka
ust remove the library_path.encode(), it's there
because the original C code did the same thing, but don't think it's
necessary.
Patch 769: LGTM
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to Fre
On 29.1.2016 09:25, Jan Cholasta wrote:
Hi,
On 27.1.2016 18:38, Petr Viktorin wrote:
Hello,
Here is a mixed bag of Python 3 fixes.
They fix some tests, and they should enable you to use `python3
/usr/bin/ipa`.
Patch 761:
1) The "invalid 'my_number': " bit comes from IPA itself,
On 26.1.2016 10:23, Martin Babinsky wrote:
On 01/26/2016 10:14 AM, Martin Babinsky wrote:
On 01/25/2016 08:56 AM, Alexander Bokovoy wrote:
On Mon, 25 Jan 2016, Jan Cholasta wrote:
Hi,
the attached patch fixes
<https://fedorahosted.org/freeipa/ticket/5611>.
Note that this is a 4.2-sp
On 25.1.2016 14:49, Petr Viktorin wrote:
On 01/25/2016 02:12 PM, Jan Cholasta wrote:
On 14.1.2016 17:49, Petr Viktorin wrote:
On 01/14/2016 11:09 AM, Jan Cholasta wrote:
On 14.1.2016 10:48, Petr Viktorin wrote:
On 01/14/2016 07:55 AM, Jan Cholasta wrote:
Hi,
On 13.1.2016 13:03, Martin
On 27.1.2016 14:41, Tomas Babej wrote:
On 01/27/2016 08:06 AM, Martin Babinsky wrote:
On 01/25/2016 08:19 AM, Jan Cholasta wrote:
On 22.1.2016 12:28, Jan Cholasta wrote:
On 22.1.2016 10:34, Martin Babinsky wrote:
On 01/21/2016 10:27 AM, Jan Cholasta wrote:
Hi,
the attached patch fixes
hat it can be properly triaged and you don't have to guess where it
should be pushed.
Honza
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 21.1.2016 15:04, Martin Babinsky wrote:
On 01/21/2016 02:51 PM, Jan Cholasta wrote:
On 21.1.2016 14:45, Martin Babinsky wrote:
On 01/21/2016 02:21 PM, Petr Vobornik wrote:
On 01/21/2016 01:53 PM, Martin Babinsky wrote:
this patch ensures that promoted replicas in CA-less topology have
On 14.1.2016 17:49, Petr Viktorin wrote:
On 01/14/2016 11:09 AM, Jan Cholasta wrote:
On 14.1.2016 10:48, Petr Viktorin wrote:
On 01/14/2016 07:55 AM, Jan Cholasta wrote:
Hi,
On 13.1.2016 13:03, Martin Babinsky wrote:
On 01/13/2016 11:34 AM, Petr Viktorin wrote:
Hello,
I'm planning to port
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5611>.
Note that this is a 4.2-specific fix.
Honza
--
Jan Cholasta
From c2a0684c64538166809883a235bd131518b6e78f Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Mon, 25 Jan 2016 08
On 22.1.2016 12:28, Jan Cholasta wrote:
On 22.1.2016 10:34, Martin Babinsky wrote:
On 01/21/2016 10:27 AM, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5595>.
Honza
ACK
Self-NACK. Doesn't work with external CA install.
Updated p
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5598>.
Honza
--
Jan Cholasta
From 871f1f63214074e9d4bcb84a460a7ba4810d0e25 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jchol...@redhat.com>
Date: Thu, 21 Jan 2016 15:48:30 +0100
Subject: [PATCH] replica install:
On 22.1.2016 10:34, Martin Babinsky wrote:
On 01/21/2016 10:27 AM, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5595>.
Honza
ACK
Self-NACK. Doesn't work with external CA install.
--
Jan Cholasta
--
Manage your subscription for the F
On 15.12.2015 16:01, Jan Cholasta wrote:
On 15.12.2015 15:53, Petr Viktorin wrote:
On 12/14/2015 08:18 AM, Jan Cholasta wrote:
On 4.12.2015 14:29, Jan Cholasta wrote:
Hi,
On 3.12.2015 17:32, Petr Viktorin wrote:
Hello,
This specfile patch makes python-ipalib noarch, by splitting out
() and replicainstall.install().
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
301 - 400 of 2029 matches
Mail list logo