On 10/15/2013 06:19 PM, Jérôme Fenal wrote:
kk2013/10/15 Martin Kosek mko...@redhat.com:
Thanks. It would be ideal, if this table is (in future) generated somehow
semi-automatically as practically all this info can be gathered from FreeIPA
code. But for now, this is great.
I see some issues
On 10/18/2013 04:07 PM, Alexander Bokovoy wrote:
On Fri, 18 Oct 2013, Ana Krivokapic wrote:
On 10/18/2013 01:31 PM, Ana Krivokapic wrote:
On 10/18/2013 09:48 AM, Martin Kosek wrote:
On 10/17/2013 10:29 PM, Alexander Bokovoy wrote:
On Thu, 17 Oct 2013, Ana Krivokapic wrote:
Hello,
This
On 10/03/2013 12:42 PM, Martin Kosek wrote:
On 10/02/2013 01:26 PM, Petr Viktorin wrote:
On 10/02/2013 01:07 PM, Simo Sorce wrote:
...
To sum it up, I would rather not build our permission system on this group.
I think we need top base our ACIs on LDAP bind targets ldap:///all and
ldap
On 10/09/2013 08:57 PM, Nathaniel McCallum wrote:
I still need reviews on the following patches. The first two (0015 and
0016) should be close if not ready to merge. They have undergone four
revisions. The third is probably in the middle of reviews. Please help
me push this over the goal line.
On 10/18/2013 04:21 PM, Ana Krivokapic wrote:
On 09/30/2013 05:05 PM, Petr Viktorin wrote:
Hello,
This patch introduces an user template with the result of a default
user add/show. The template is then customized and used in each test.
This makes the tests shorter, and highlights the non
On 10/18/2013 05:53 PM, Ana Krivokapic wrote:
On 09/13/2013 06:24 PM, Petr Viktorin wrote:
The simple replication test is failing intermittently. It's quite
hard to manually verify if this patch fixes that completely, but my
testing says it does make a positive difference.
See commit message
On 10/21/2013 03:57 PM, Martin Kosek wrote:
On 10/18/2013 04:28 PM, Petr Viktorin wrote:
On 10/03/2013 12:42 PM, Martin Kosek wrote:
On 10/02/2013 01:26 PM, Petr Viktorin wrote:
On 10/02/2013 01:07 PM, Simo Sorce wrote:
...
To sum it up, I would rather not build our permission system
On 10/22/2013 09:20 AM, Tomas Babej wrote:
Hi,
Adds support for host definition by a environment variables of the
following form:
KEYWORDHOST__envX, where X is the number of the environment
for which host referenced by a keyword should be defined.
You can also optionally use
Replying to one part only:
On 10/21/2013 04:50 PM, Tomas Babej wrote:
On 10/16/2013 03:44 PM, Petr Viktorin wrote:
I still think it would be simpler if IPA and AD domains shared the
numbering namespace (users would need to define $AD_env2; if they had
$MASTER_env1 and $AD_env1 they would
On 10/22/2013 10:09 AM, Tomas Babej wrote:
On 10/22/2013 09:54 AM, Petr Viktorin wrote:
On 10/22/2013 09:20 AM, Tomas Babej wrote:
Hi,
Adds support for host definition by a environment variables of the
following form:
KEYWORDHOST__envX, where X is the number of the environment
for which host
Here are refactorings and fixes for small issues I found so far while
working on ticket #3566.
Having these already in master should make the final patchset easier to
review.
--
Petr³
From d08b18cdac29120159217a9d43ebe3ce80eff3b0 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt
On 10/22/2013 02:24 PM, Tomas Babej wrote:
On 10/22/2013 02:15 PM, Tomas Babej wrote:
On 10/22/2013 12:27 PM, Tomas Babej wrote:
On 10/22/2013 10:37 AM, Petr Viktorin wrote:
Replying to one part only:
On 10/21/2013 04:50 PM, Tomas Babej wrote:
On 10/16/2013 03:44 PM, Petr Viktorin wrote
Here are fixes for two bugs found while running integration tests under
Beaker.
--
Petr³
From c568f9c83eaf6e579efaf03fc9580ae46cf0b61c Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Thu, 24 Oct 2013 13:55:47 +0200
Subject: [PATCH] Tests: mkdir_recursive: Don't fail when
On 10/25/2013 10:31 AM, Martin Kosek wrote:
Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one
machine (of course, when listening to different ports).
To make sure that mod_ssl is not configured to listen on 443
(default mod_ssl configuration), add a check to the installer checking
On 10/24/2013 04:38 PM, Tomas Babej wrote:
On 10/24/2013 01:29 PM, Petr Viktorin wrote:
[...]
Patch 106:
In ADTrustBase, it looks like if test_install_adtrust or
test_configure_dns_and_time fail, it doesn't make much sense to run
the other tests.
If that's the case they can go in an install
On 10/24/2013 05:48 PM, Ana Krivokapic wrote:
Hello,
This patch addresses ticket https://fedorahosted.org/freeipa/ticket/3990
ACK, pushed to:
master: c518a80ab7faa8cbb399e3ed32c213ad518d997c
ipa-3-3: 24073d22e2e829ccba49e698c45e07b69cf25770
--
Petr³
On 10/25/2013 02:09 PM, Martin Kosek wrote:
On 10/25/2013 12:33 PM, Petr Viktorin wrote:
On 10/25/2013 10:31 AM, Martin Kosek wrote:
Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one
machine (of course, when listening to different ports).
To make sure that mod_ssl
On 10/25/2013 03:46 PM, Petr Viktorin wrote:
On 10/25/2013 02:09 PM, Martin Kosek wrote:
On 10/25/2013 12:33 PM, Petr Viktorin wrote:
On 10/25/2013 10:31 AM, Martin Kosek wrote:
Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one
machine (of course, when listening to different
On 10/22/2013 08:15 PM, Ana Krivokapic wrote:
Hello,
This patch addresses ticket https://fedorahosted.org/freeipa/ticket/3819
ACK, thanks!
Do we want to push this to 3.3 as well? It's a stand-alone test module;
unless it's called it's as if it wasn't there.
(Assuming no one runs *all*
On 10/24/2013 12:20 PM, Tomas Babej wrote:
On 10/22/2013 10:44 AM, Petr Viktorin wrote:
On 10/22/2013 10:09 AM, Tomas Babej wrote:
On 10/22/2013 09:54 AM, Petr Viktorin wrote:
On 10/22/2013 09:20 AM, Tomas Babej wrote:
Hi,
Adds support for host definition by a environment variables
On 10/29/2013 10:49 AM, Ana Krivokapic wrote:
Hello,
Patch 0080 adds userClass attribute for users to IPA CLI.
Patch 0081 adds userClass attribute for users and hosts to the web UI.
Design page:
http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems
Tickets:
On 10/17/2013 03:27 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/3975.
Honza
Thanks! Works for me, ACK, pushed to
master: e98abdca9b4cf772e93176b42e17ec5fb5736ea4
ipa-3-3: 074816faf36650dbfa5aa8a22a3896a31b64dbf1
--
Petr³
On 10/29/2013 01:34 PM, Jan Cholasta wrote:
On 16.10.2013 18:13, Petr Viktorin wrote:
On 10/14/2013 10:59 AM, Jan Cholasta wrote:
On 10.10.2013 09:45, Jan Cholasta wrote:
On 9.10.2013 13:57, Petr Viktorin wrote:
[...]
109. Decode and encode attribute values in LDAPEntry on demand
On 10/31/2013 12:38 PM, Ana Krivokapic wrote:
On 10/30/2013 04:40 PM, Tomas Babej wrote:
Hi,
This allows us to clean sssd cache on older, non-systemd platforms.
Part of: https://fedorahosted.org/freeipa/ticket/3833
___
Freeipa-devel mailing list
On 10/31/2013 01:02 PM, Ana Krivokapic wrote:
On 10/30/2013 04:19 PM, Tomas Babej wrote:
Hi,
Without this patch, restored directories get home_t SELinux context.
Part of: https://fedorahosted.org/freeipa/ticket/3833
___
Freeipa-devel mailing list
On 10/31/2013 02:05 PM, Ana Krivokapic wrote:
On 10/30/2013 04:01 PM, Tomas Babej wrote:
Hi,
The RHEL 5.9 clients do not have /usr/bin symlinks.
Part of: https://fedorahosted.org/freeipa/ticket/3833
___
Freeipa-devel mailing list
On 10/30/2013 03:57 PM, Tomas Babej wrote:
On 10/29/2013 01:00 PM, Petr Viktorin wrote:
On 10/24/2013 12:20 PM, Tomas Babej wrote:
On 10/22/2013 10:44 AM, Petr Viktorin wrote:
On 10/22/2013 10:09 AM, Tomas Babej wrote:
On 10/22/2013 09:54 AM, Petr Viktorin wrote:
On 10/22/2013 09:20 AM
On 11/01/2013 03:20 PM, Tomas Babej wrote:
On 11/01/2013 12:19 PM, Tomas Babej wrote:
Hi,
This implements the test cases for legacy clients using SSSD, nss-ldap
and nss-pam-ldapd.
Part of: https://fedorahosted.org/freeipa/ticket/3833
A nitpick:
assert result.returncode == 0
On 11/01/2013 03:34 PM, Ana Krivokapic wrote:
On 11/01/2013 03:30 PM, Tomas Babej wrote:
On 11/01/2013 03:27 PM, Ana Krivokapic wrote:
On 11/01/2013 03:18 PM, Tomas Babej wrote:
On 10/31/2013 12:10 PM, Ana Krivokapic wrote:
On 10/30/2013 04:18 PM, Tomas Babej wrote:
Hi,
Adds which package
Recent ipaldap refactoring broke the simple_replication test; here is a fix.
Pushed as one-liner to master: 1f6880c59059496f5002111cd0b5f16cc51961db
--
Petr³
From 95c229b617342f9fb46373428abbc5ba4c7778e4 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Fri, 1 Nov 2013 15
Hello,
During discussions about fine-grained read ACIs [0], it became clear
that we need to grant permissions to all authenticated and all, even
anonymous users.
Here is a design document for the feature:
http://www.freeipa.org/page/V3/Anonymous_and_All_permissions
[0]
On 11/04/2013 04:33 PM, Martin Kosek wrote:
On 11/04/2013 02:49 PM, Petr Viktorin wrote:
Hello,
During discussions about fine-grained read ACIs [0], it became clear that we
need to grant permissions to all authenticated and all, even anonymous
users.
Here is a design document for the feature
On 10/29/2013 04:17 PM, Petr Viktorin wrote:
On 10/29/2013 01:34 PM, Jan Cholasta wrote:
On 16.10.2013 18:13, Petr Viktorin wrote:
On 10/14/2013 10:59 AM, Jan Cholasta wrote:
On 10.10.2013 09:45, Jan Cholasta wrote:
On 9.10.2013 13:57, Petr Viktorin wrote:
[...]
109. Decode and encode
Hello,
In master (IPA 3.4), an ipaldap entry's `single_value` is now a
dict-like object, rather than a function:
entry = ldap.get_entry(dn)
print 'Hello, %s!' % entry.single_value['cn']
entry.single_value['wasGreeted'] = True
Additionally, there is now a `raw` dict-like view that
On 11/05/2013 05:53 PM, John Dennis wrote:
On 11/05/2013 11:13 AM, Martin Basti wrote:
Hi list,
I'm working on ticket: https://fedorahosted.org/freeipa/ticket/3169
UTF-8 DNS names will be converted to punycode ASCII string and stored
But there is a question, how to show DNS names to user (in
Hello,
I'm splitting up ACI work into several designs to make it more manageable.
This one is about
- Moving ACIs out of $SUFFIX
- Storing all ACI data in the permission entry
- Permission flag system for ensuring backwards compatibility
Summary of the backcompat story:
- Attributes, rights,
On 11/05/2013 06:08 PM, John Dennis wrote:
On 11/05/2013 12:04 PM, Petr Viktorin wrote:
On 11/05/2013 05:53 PM, John Dennis wrote:
On 11/05/2013 11:13 AM, Martin Basti wrote:
Hi list,
I'm working on ticket: https://fedorahosted.org/freeipa/ticket/3169
UTF-8 DNS names will be converted
On 11/07/2013 02:14 PM, Martin Kosek wrote:
On 11/07/2013 01:59 PM, Petr Viktorin wrote:
On 11/05/2013 06:08 PM, John Dennis wrote:
On 11/05/2013 12:04 PM, Petr Viktorin wrote:
On 11/05/2013 05:53 PM, John Dennis wrote:
On 11/05/2013 11:13 AM, Martin Basti wrote:
Hi list,
I'm working
On 11/07/2013 07:48 PM, Nathaniel McCallum wrote:
On Mon, 2013-10-07 at 16:22 +0200, Petr Viktorin wrote:
Sorry for the delay.
On 09/25/2013 10:51 PM, Nathaniel McCallum wrote:
On Mon, 2013-09-23 at 15:19 +0200, Petr Viktorin wrote:
Great, we're getting close!
[...]
There's another test
On 11/06/2013 02:20 PM, Ana Krivokapic wrote:
On 11/05/2013 02:02 PM, Petr Viktorin wrote:
Honza's recent LDAP refactoring left some unused helper functions
around. This patch removes them.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 10/31/2013 02:45 PM, Jan Cholasta wrote:
Hi,
the attached patches fix https://fedorahosted.org/freeipa/ticket/3971.
Tested with 25000 users.
Honza
Patch 198:
Also update ipaldap's find_entries docstring, it no longer uses IPA
defaults.
While you're touching this part of code, I had
I hid Send by mistake; continuing review:
On 11/08/2013 03:14 PM, Petr Viktorin wrote:
On 10/31/2013 02:45 PM, Jan Cholasta wrote:
Hi,
the attached patches fix https://fedorahosted.org/freeipa/ticket/3971.
Tested with 25000 users.
Honza
Patch 198:
Also update ipaldap's find_entries
On 11/11/2013 03:56 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
Hello,
I'm splitting up ACI work into several designs to make it more
manageable.
This one is about
- Moving ACIs out of $SUFFIX
- Storing all ACI data in the permission entry
- Permission flag system for ensuring backwards
On 11/12/2013 12:17 AM, Nathaniel McCallum wrote:
On Fri, 2013-11-08 at 13:26 +0100, Petr Viktorin wrote:
On 09/25/2013 10:56 PM, Nathaniel McCallum wrote:
On Fri, 2013-09-20 at 12:38 -0400, Nathaniel McCallum wrote:
On Thu, 2013-09-12 at 16:48 -0400, Nathaniel McCallum wrote:
On Thu
On 11/15/2013 02:26 PM, Petr Vobornik wrote:
Hello list,
this is a first part of RCUE adoption effort. Main themes of this patch
set are:
- use RCUE navigation https://fedorahosted.org/freeipa/ticket/3902
- new styles for textboxes, textareas, radio/checkbox buttons and
buttons- part of
On 11/15/2013 02:09 PM, Petr Viktorin wrote:
On 11/11/2013 04:18 PM, Ana Krivokapic wrote:
On 11/11/2013 02:53 PM, Ana Krivokapic wrote:
On 11/11/2013 12:32 PM, Petr Viktorin wrote:
On 11/07/2013 02:34 PM, Ana Krivokapic wrote:
On 11/01/2013 03:26 PM, Petr Viktorin wrote:
On 09/13/2013 06
On 11/15/2013 03:28 PM, Petr Vobornik wrote:
On 11/15/2013 02:40 PM, Petr Viktorin wrote:
On 11/15/2013 02:26 PM, Petr Vobornik wrote:
Hello list,
this is a first part of RCUE adoption effort. Main themes of this patch
set are:
- use RCUE navigation https://fedorahosted.org/freeipa/ticket
On 11/18/2013 04:12 PM, Ana Krivokapic wrote:
On 11/15/2013 05:28 PM, Petr Viktorin wrote:
On 11/15/2013 02:09 PM, Petr Viktorin wrote:
On 11/11/2013 04:18 PM, Ana Krivokapic wrote:
On 11/11/2013 02:53 PM, Ana Krivokapic wrote:
On 11/11/2013 12:32 PM, Petr Viktorin wrote:
On 11/07/2013 02
On 11/15/2013 12:34 PM, Petr Viktorin wrote:
On 11/12/2013 12:17 AM, Nathaniel McCallum wrote:
On Fri, 2013-11-08 at 13:26 +0100, Petr Viktorin wrote:
We've since decided that we'll carry LDAP content updates only in
update files, so you can leave indices.ldif referint-conf.ldif
unchanged
- ACI audit tool
On 11/18/2013 07:49 PM, Simo Sorce wrote:
On Mon, 2013-11-18 at 19:29 +0100, Petr Viktorin wrote:
On 11/18/2013 06:19 PM, Dmitri Pal wrote:
Please factor in impact on the extensibility and API.
* Regarding extensibility:
Right now we say to add schema, create plugin and things
On 11/18/2013 06:17 PM, Petr Vobornik wrote:
On 11/15/2013 05:43 PM, Petr Viktorin wrote:
On 11/15/2013 03:28 PM, Petr Vobornik wrote:
On 11/15/2013 02:40 PM, Petr Viktorin wrote:
On 11/15/2013 02:26 PM, Petr Vobornik wrote:
[...]
It's quite a lot of patches so I did not attach them here
On 10/21/2013 10:29 AM, Martin Basti wrote:
On Mon, 2013-10-21 at 09:29 +0200, Martin Kosek wrote:
On 10/18/2013 05:00 PM, Martin Basti wrote:
Patch attached.
Ticket:
https://fedorahosted.org/freeipa/ticket/3243
I did not test the patch, just looked at the code and I have few comments:
1)
On 11/05/2013 07:22 PM, Martin Kosek wrote:
Server and client installer should allow kernel keyring ccache when
supported.
The patch needs a rebase.
Can you add a function to check if persistent key is supported? It would
remove some code duplication.
How do I enable the kernel keyring? On
On 11/19/2013 12:58 PM, Ana Krivokapic wrote:
On 11/19/2013 12:52 PM, Ana Krivokapic wrote:
On 11/14/2013 10:04 AM, Petr Vobornik wrote:
On 11/13/2013 01:33 PM, Ana Krivokapic wrote:
On 11/12/2013 01:27 PM, Ana Krivokapic wrote:
On 10/30/2013 09:56 PM, Martin Kosek wrote:
- Original
On 11/19/2013 01:27 PM, Petr Vobornik wrote:
On 11/18/2013 08:47 PM, Petr Viktorin wrote:
On 11/18/2013 06:17 PM, Petr Vobornik wrote:
On 11/15/2013 05:43 PM, Petr Viktorin wrote:
On 11/15/2013 03:28 PM, Petr Vobornik wrote:
On 11/15/2013 02:40 PM, Petr Viktorin wrote:
On 11/15/2013 02:26
On 11/15/2013 02:40 PM, Ana Krivokapic wrote:
On 11/13/2013 02:56 PM, Tomas Babej wrote:
Hi,
Part of: https://fedorahosted.org/freeipa/ticket/3504
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 11/20/2013 12:59 PM, Ana Krivokapic wrote:
On 11/18/2013 01:54 PM, Tomas Babej wrote:
[...]
Updated patch attached.
Looks good, ACK.
Pushed to master: 4a0e91449e2b65304ae8d660d1a480200b1a13d3
--
Petr³
___
Freeipa-devel mailing list
On 11/20/2013 03:42 PM, Ana Krivokapic wrote:
On 10/09/2013 04:11 PM, Petr Viktorin wrote:
On 09/16/2013 05:13 PM, Petr Viktorin wrote:
Hello,
The first patch allow concatenating LazyText objects using `+`. This
means we can break up long docstrings into multiple parts. Translators
can
2001
From: Petr Viktorin pvikt...@redhat.com
Date: Thu, 21 Nov 2013 12:06:29 +0100
Subject: [PATCH] test_integration: Set up DNS on replicas
https://fedorahosted.org/freeipa/ticket/4038
---
ipatests/test_integration/tasks.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/ipatests
On 11/21/2013 02:04 PM, Petr Viktorin wrote:
Hello,
This should fix tests failing on Beaker when the test controller and
master share the same machine.
The second patch adds more debugging output to the code that fails.
https://fedorahosted.org/freeipa/ticket/4038
Self-NACK for now; I'll
On 11/25/2013 01:05 PM, Jan Cholasta wrote:
On 6.11.2013 13:28, Petr Viktorin wrote:
Hello Honza,
This is a simple enough patch, but I'd like you to check if it's
consistent with your vision of the framework.
I used self._raw here deliberately, so that calling repr() on an
LDAPEntry does
On 11/26/2013 12:34 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/4021.
Honza
--
Jan Cholasta
ACK.
Pushed to:
master: f20577ddc4ab40c2365c8abaa703d96019ec4eef
ipa-3-3:
The changelog was useless and caused unnecessary rebase conflicts.
Let's kill it.
--
Petr³
From fe9d847fa39e3683ada3b7d12f3643ae9433bf45 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Tue, 26 Nov 2013 13:06:07 +0100
Subject: [PATCH] Remove changelog from the spec
On 11/26/2013 09:57 AM, Jan Cholasta wrote:
On 25.11.2013 14:41, Petr Viktorin wrote:
On 11/25/2013 01:05 PM, Jan Cholasta wrote:
On 6.11.2013 13:28, Petr Viktorin wrote:
Hello Honza,
This is a simple enough patch, but I'd like you to check if it's
consistent with your vision of the framework
On 11/26/2013 01:27 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
The changelog was useless and caused unnecessary rebase conflicts.
Let's kill it.
--
Petr³
From fe9d847fa39e3683ada3b7d12f3643ae9433bf45 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt
On 11/26/2013 12:17 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/4021.
Honza
I assume a build of httpd = 2.4.6-6 is not planned for Fedora 19, so
master is now f20+ only. Is that right?
--
Petr³
On 11/26/2013 02:15 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
On 11/26/2013 12:17 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes https://fedorahosted.org/freeipa/ticket/4021.
Honza
I assume a build of httpd = 2.4.6-6 is not planned for Fedora 19, so
On 11/22/2013 12:01 PM, Alexander Bokovoy wrote:
On Thu, 21 Nov 2013, Tomas Babej wrote:
https://fedorahosted.org/freeipa/ticket/4042
---
ipaserver/install/adtrustinstance.py | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/ipaserver/install/adtrustinstance.py
On 11/26/2013 01:45 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
On 11/26/2013 01:27 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
The changelog was useless and caused unnecessary rebase conflicts.
Let's kill it.
--
Petr³
From
On 11/26/2013 04:42 PM, Jan Cholasta wrote:
On 26.11.2013 16:35, Jan Cholasta wrote:
On 26.11.2013 14:24, Simo Sorce wrote:
On Tue, 2013-11-26 at 14:11 +0100, Jan Cholasta wrote:
kadmin.local still returns an error for me with this patch applied:
kadmin.local: modprinc +ok_as_delegate
On 11/26/2013 03:06 PM, Jan Cholasta wrote:
On 18.10.2013 12:26, Petr Viktorin wrote:
On 10/17/2013 06:08 PM, Jan Cholasta wrote:
Hi,
On 7.10.2013 18:16, Petr Viktorin wrote:
On 08/12/2013 10:17 AM, Petr Viktorin wrote:
On 08/02/2013 11:13 AM, Petr Viktorin wrote:
On 05/10/2013 04:54 PM
On 11/21/2013 09:54 PM, Dmitri Pal wrote:
On 11/21/2013 01:34 PM, Nathaniel McCallum wrote:
The password can be retrieved with radiusproxy-show --all, because it is
not blocked by LDAP ACIs. Is that intended?
Yes. But I'm torn as to whether or not this is a good idea. Regular
users can't see
Sorry for the late review!
On 11/21/2013 07:34 PM, Nathaniel McCallum wrote:
On Fri, 2013-11-15 at 12:34 +0100, Petr Viktorin wrote:
The password can be retrieved with radiusproxy-show --all, because it is
not blocked by LDAP ACIs. Is that intended?
Yes. But I'm torn as to whether
On 11/25/2013 03:27 PM, Jan Cholasta wrote:
On 8.11.2013 17:56, Petr Viktorin wrote:
Patch 198:
Also update ipaldap's find_entries docstring, it no longer uses IPA
defaults.
Done.
While you're touching this part of code, I had some other improvements
in mind -- you can consider them
On 11/26/2013 02:35 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
On 11/26/2013 02:15 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
On 11/26/2013 12:17 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes
https://fedorahosted.org/freeipa
On 11/11/2013 04:48 PM, Petr Viktorin wrote:
On 11/11/2013 03:56 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
Hello,
I'm splitting up ACI work into several designs to make it more
manageable.
This one is about
- Moving ACIs out of $SUFFIX
- Storing all ACI data in the permission entry
On 11/27/2013 02:50 PM, Martin Kosek wrote:
On 11/27/2013 02:26 PM, Jan Cholasta wrote:
Hi,
the attached patches fix https://fedorahosted.org/freeipa/ticket/4010.
This fixes points 2) 3) in the ticket; point 1) is not applicable; 4)
are false positives.
The checks mentioned in the ticket
On 11/29/2013 03:50 PM, Alexander Bokovoy wrote:
On Fri, 29 Nov 2013, Martin Kosek wrote:
On 11/29/2013 03:30 PM, Petr Viktorin wrote:
On 11/26/2013 02:35 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov 2013, Petr Viktorin wrote:
On 11/26/2013 02:15 PM, Alexander Bokovoy wrote:
On Tue, 26 Nov
On 11/29/2013 01:48 PM, Martin Kosek wrote:
On 11/19/2013 12:35 PM, Petr Viktorin wrote:
On 11/05/2013 07:22 PM, Martin Kosek wrote:
Server and client installer should allow kernel keyring ccache when
supported.
How do I enable the kernel keyring? On f20 I get this:
2013-11-19T11:28:07Z
On 12/02/2013 02:29 PM, Simo Sorce wrote:
On Fri, 2013-11-29 at 16:51 +0100, Petr Viktorin wrote:
I've updated the design with
- updated schema (this time the OIDs are even reserved properly!)
- longer attribute descriptions with examples
- updated update algorithm based on discussion
On 12/02/2013 02:01 PM, Martin Kosek wrote:
On 12/02/2013 01:58 PM, Petr Viktorin wrote:
On 11/29/2013 01:48 PM, Martin Kosek wrote:
On 11/19/2013 12:35 PM, Petr Viktorin wrote:
On 11/05/2013 07:22 PM, Martin Kosek wrote:
Server and client installer should allow kernel keyring ccache when
On 12/02/2013 03:42 PM, Simo Sorce wrote:
On Mon, 2013-12-02 at 14:51 +0100, Petr Viktorin wrote:
On 12/02/2013 02:01 PM, Martin Kosek wrote:
On 12/02/2013 01:58 PM, Petr Viktorin wrote:
On 11/29/2013 01:48 PM, Martin Kosek wrote:
On 11/19/2013 12:35 PM, Petr Viktorin wrote:
On 11/05/2013
://fedorahosted.org/freeipa/ticket/4038 tests: Forwarder is
not set on replicas
--
Petr³
From 5c3bb59c6c0a46e2841a95d643edf29692024e4e Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Thu, 24 Oct 2013 12:14:58 +0200
Subject: [PATCH] test_integration: Support external names
On 11/28/2013 04:59 PM, Nathaniel McCallum wrote:
Everything looks good to me. +1
Pushed to master: a1f32fa9369109235dba041de9c972da09d8448a
--
Petr³
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 12/05/2013 11:15 AM, Jan Cholasta wrote:
Hi,
the attached patches fix https://fedorahosted.org/freeipa/ticket/3896.
Patch 207 should fix build failures some of you were having after
hardenening was enabled in the spec file.
Thanks!
In 209, would (ret != 1) make more sense than (ret ==
064acd3c1ef7524c2525fb9266ff5fe3251d23d3 Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Thu, 5 Dec 2013 13:31:19 +0100
Subject: [PATCH] Add comment about last change to VERSION
When a branch with API version bump is rebased, but the version was
also bumped in master, Git thinks the change was already
On 12/03/2013 03:26 PM, Simo Sorce wrote:
Some tags escaped the relicensing we did a long time ago.
Simo.
Looks good, ACK, pushed to:
master: af26e6da4650b3a429af31bc38b546eff27e38c6
ipa-3-3: 9defb913aa65bfe9b423d510f340ae23b9e547f2
I grepped for some other occurences of GPLv2:
On 12/05/2013 04:02 PM, Simo Sorce wrote:
On Thu, 2013-12-05 at 15:38 +0100, Petr Vobornik wrote:
On 5.12.2013 15:34, Simo Sorce wrote:
On Thu, 2013-12-05 at 15:29 +0100, Petr Vobornik wrote:
On 5.12.2013 14:09, Petr Viktorin wrote:
On 12/03/2013 03:26 PM, Simo Sorce wrote:
Some tags
On 12/06/2013 11:52 AM, Jan Cholasta wrote:
On 5.12.2013 13:31, Alexander Bokovoy wrote:
On Thu, 05 Dec 2013, Petr Viktorin wrote:
On 12/05/2013 11:15 AM, Jan Cholasta wrote:
Hi,
the attached patches fix
https://fedorahosted.org/freeipa/ticket/3896.
Patch 207 should fix build failures some
On 12/02/2013 02:48 PM, Petr Viktorin wrote:
On 12/02/2013 02:29 PM, Simo Sorce wrote:
On Fri, 2013-11-29 at 16:51 +0100, Petr Viktorin wrote:
I've updated the design with
- updated schema (this time the OIDs are even reserved properly!)
- longer attribute descriptions with examples
- updated
On 12/06/2013 02:26 PM, Alexander Bokovoy wrote:
On Fri, 06 Dec 2013, Jan Cholasta wrote:
However, even if writing to the pipe failed, we still need to wait
until
thread dies with pthread_join(). I think returning -1 here is
premature.
Fixed, updated patches attached.
Also removed CFLAGS
Hello,
As some of you are aware, I'm running a Jenkins instance for FreeIPA
continuous integration in our lab here at Red Hat Brno.
I'm currently porting the job definitions to jenkins-job-builder[0] for
ease of management. This allowed me to strip out the private bits from
the
On 12/06/2013 03:28 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 14:14 +0100, Petr Viktorin wrote:
On 12/02/2013 02:48 PM, Petr Viktorin wrote:
On 12/02/2013 02:29 PM, Simo Sorce wrote:
It would be very nice if you can add the resulting LDAP objects in the
example, that will allow me
On 12/06/2013 03:49 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 15:46 +0100, Petr Viktorin wrote:
On 12/06/2013 03:28 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 14:14 +0100, Petr Viktorin wrote:
On 12/02/2013 02:48 PM, Petr Viktorin wrote:
On 12/02/2013 02:29 PM, Simo Sorce wrote
On 12/06/2013 03:54 PM, Rob Crittenden wrote:
Simo Sorce wrote:
On Fri, 2013-12-06 at 15:46 +0100, Petr Viktorin wrote:
On 12/06/2013 03:28 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 14:14 +0100, Petr Viktorin wrote:
On 12/02/2013 02:48 PM, Petr Viktorin wrote:
On 12/02/2013 02:29 PM, Simo
locally. Petr, could you check if it works?
--
Petr³
From ff7581fd58701d3effb02dd5cc18f1f43491f17b Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Fri, 6 Dec 2013 16:39:06 +0100
Subject: [PATCH] test_webui: Allow False values in configuration for no_ca,
no_dns, has_trusts
On 12/06/2013 05:10 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 14:19 +0100, Petr Vobornik wrote:
Modified web ui files had incorrect GPLv2 headers instead of GPLv3 ones.
All of the affected code is of FreeIPA origin.
Ack.
Simo.
Pushed to
master: b6540e88d88470f6566507e442f521214c5a74dc
On 12/06/2013 03:00 PM, Simo Sorce wrote:
On Fri, 2013-12-06 at 13:42 +0100, Martin Kosek wrote:
On 12/02/2013 05:20 PM, Alexander Bokovoy wrote:
On Mon, 02 Dec 2013, Martin Kosek wrote:
On 12/02/2013 04:05 PM, Petr Viktorin wrote:
On 12/02/2013 03:42 PM, Simo Sorce wrote:
On Mon, 2013-12
On 12/09/2013 02:50 PM, Martin Kosek wrote:
On 12/09/2013 02:35 PM, Simo Sorce wrote:
On Mon, 2013-12-09 at 12:39 +0100, Martin Kosek wrote:
On 12/09/2013 12:08 PM, Tomas Babej wrote:
On 12/05/2013 01:37 PM, Petr Viktorin wrote:
Consider this scenario:
- Nathaniel submits RADIUS patches
On 12/09/2013 05:43 PM, Martin Kosek wrote:
Clean up the .gitignore file:
- Remove no longer used .gitignore entries, like .bzr files
- Do not repeat autotools generated files over and over again
- Whitelist existent Makefiles in the repository
- Better separate the .gitignore entries
801 - 900 of 1752 matches
Mail list logo