[Freeipa-devel] [PATCH 0384] ipa-client-automount: Leverage IPAChangeConf to configure the idmapd

. https://fedorahosted.org/freeipa/ticket/5069 From 220fc10dd3ba5454f6bd28fa4d85149a4e5b8f92 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Wed, 11 Nov 2015 14:23:43 +0100 Subject: [PATCH] ipachangeconf: Add ability to preserve section case The IPAChangeConf normallizes section names to lower

[Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

Hi, this patch implements the single command replica promotion&enrollment for #5310. Tomas https://fedorahosted.org/freeipa/ticket/5310 From 8dbb1f420533793f20160b7927e4a1e4d2bd9611 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Mon, 23 Nov 2015 12:46:15 +0100 Subject: [PATCH] replicains

[Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

201bc398ec59920f7cd34de69de66cb3489f417d Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Mon, 23 Nov 2015 12:47:56 +0100 Subject: [PATCH] private_ccache: Harden the removal of KRB5CCNAME env variable If the code within the private_ccache contextmanager does not set/removes the KRB5CCNAME, the pop method will raise

Re: [Freeipa-devel] [PATCH 0102] update idrange tests to reflect disabled modification of local ID ranges

On 11/20/2015 06:41 PM, Milan Kubík wrote: > On 11/20/2015 04:06 PM, Martin Babinsky wrote: >> When I fixed https://fedorahosted.org/freeipa/ticket/4826 I forgot to >> fix the corresponding xmlrpc tests. >> >> This oversight bit me today when I ran in-tree tests on my VM. >> >> Here is the patch

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 11/23/2015 01:11 PM, Jan Cholasta wrote: > On 23.11.2015 12:53, Tomas Babej wrote: >> Hi, >> >> If the code within the private_ccache contextmanager does not >> set/removes the KRB5CCNAME, the pop method will raise KeyError, which >> will cause unneces

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 11/23/2015 01:31 PM, Jan Cholasta wrote: > On 23.11.2015 13:28, Tomas Babej wrote: >> >> >> On 11/23/2015 01:11 PM, Jan Cholasta wrote: >>> On 23.11.2015 12:53, Tomas Babej wrote: >>>> Hi, >>>> >>>> If the code within the priv

Re: [Freeipa-devel] [PATCH 0064] Check if IPA is configured before attempting a winsync migration

On 11/23/2015 12:11 PM, Martin Babinsky wrote: > On 11/20/2015 07:10 PM, Gabe Alford wrote: >> Thanks. Updated patch attached. >> >> >> Gabe >> >> On Fri, Nov 20, 2015 at 10:36 AM, Martin Babinsky > > wrote: >> >> On 11/20/2015 04:02 PM, Gabe Alford wrote: >> >>

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 11/23/2015 01:50 PM, Jan Cholasta wrote: > On 23.11.2015 13:40, Tomas Babej wrote: >> >> >> On 11/23/2015 01:31 PM, Jan Cholasta wrote: >>> On 23.11.2015 13:28, Tomas Babej wrote: >>>> >>>> >>>> On 11/23/2015 01:11 PM

Re: [Freeipa-devel] [PATCHES 151-153] ipasam: fix wrong usage of talloc_new()

On 11/18/2015 12:59 PM, Alexander Bokovoy wrote: > On Wed, 18 Nov 2015, Sumit Bose wrote: >> Hi, >> >> please find attached 3 small patches for ipasam. The first fixes >> https://fedorahosted.org/freeipa/ticket/5457 . The second is related >> because if the compat tree is enabled the lookup will

[Freeipa-devel] [DRAFT] FreeIPA 4.1.5 release notes

Hello all, Given the numerous stabilization and Fedora bug fixes, we have agreed to release a new FreeIPA 4.1 for Fedora 22. I prepared the release notes on FreeIPA.org wiki: http://www.freeipa.org/page/Releases/4.1.5 Updates or improvements to release notes page welcome. Particularly if you thi

Re: [Freeipa-devel] [PATCH 0102] disconnect ldap2 backend after adding default CA ACL profiles

On 11/24/2015 03:26 PM, Martin Babinsky wrote: > This patch fixes the server/replica installer crash caused by leaking > ldap2 connection introduced by commit > 620036d26e98fdcefff00168e9e5463a8257d49c during fixing > https://fedorahosted.org/freeipa/ticket/5459 > > > ACK. Pushed to: master: 3

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 11/23/2015 04:43 PM, Jan Cholasta wrote: > Hi, > > On 23.11.2015 12:50, Tomas Babej wrote: >> Hi, >> >> this patch implements the single command replica promotion&enrollment >> for #5310. >> >> Tomas >> >> https://fedorahoste

Re: [Freeipa-devel] [PATCH 0357] Installer: force service-add during replica install

On 11/24/2015 01:58 PM, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5420 > > Patch attached. > > ACK. Pushed to master: 5427e7a8c7216b0aa54159a668951d71fb009139 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 11/10/2015 02:22 PM, Tomas Babej wrote: > Hi, > > This has been rarely used, and can be replaced by proper shell output > redirection. > > https://fedorahosted.org/freeipa/ticket/5408 > Here's an updated version of the patch that gets rid of one missed occurrence

Re: [Freeipa-devel] [PATCH 0381] admintool: Remove the option to override the log file

On 11/25/2015 01:29 PM, Jan Cholasta wrote: > On 25.11.2015 13:24, Tomas Babej wrote: >> On 11/10/2015 02:22 PM, Tomas Babej wrote: >>> Hi, >>> >>> This has been rarely used, and can be replaced by proper shell output >>> redirection. >>

Re: [Freeipa-devel] [PATCH 0386] private_ccache: Harden the removal of KRB5CCNAME env variable

On 11/25/2015 09:04 AM, Jan Cholasta wrote: > On 23.11.2015 15:19, Rob Crittenden wrote: >> Tomas Babej wrote: >>> >>> >>> On 11/23/2015 01:50 PM, Jan Cholasta wrote: >>>> On 23.11.2015 13:40, Tomas Babej wrote: >>>>> >>>&

Re: [Freeipa-devel] [PATCH 0361] Remove invalid error message from topology upgrade

On 11/25/2015 12:47 PM, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5482 > > Patch attached. > > ACK. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Co

Re: [Freeipa-devel] [PATCH 0361] Remove invalid error message from topology upgrade

On 11/25/2015 01:58 PM, Tomas Babej wrote: > > > On 11/25/2015 12:47 PM, Martin Basti wrote: >> https://fedorahosted.org/freeipa/ticket/5482 >> >> Patch attached. >> >> > > ACK. > Pushed to master: 801672cc6618947f5cc4607910871e695587fcbf --

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/25/2015 02:00 PM, Martin Babinsky wrote: > On 11/24/2015 11:32 PM, Simo Sorce wrote: >> Ticket #937 was reopened a while ago because one corner case, new users >> that have never been assigned a password cause kadmin/kadmin.local to >> throw a fit when they try to visualize information abou

Re: [Freeipa-devel] [PATCH 559] Fix kadmin for new users

On 11/25/2015 02:13 PM, Tomas Babej wrote: > > > On 11/25/2015 02:00 PM, Martin Babinsky wrote: >> On 11/24/2015 11:32 PM, Simo Sorce wrote: >>> Ticket #937 was reopened a while ago because one corner case, new users >>> that have never been assigned a pass

Re: [Freeipa-devel] [PATCH 0102] update idrange tests to reflect disabled modification of local ID ranges

On 11/23/2015 12:58 PM, Tomas Babej wrote: > > > On 11/20/2015 06:41 PM, Milan Kubík wrote: >> On 11/20/2015 04:06 PM, Martin Babinsky wrote: >>> When I fixed https://fedorahosted.org/freeipa/ticket/4826 I forgot to >>> fix the corresponding xmlrpc tests. &g

Re: [Freeipa-devel] [PATCH 0358] ipa-getkeytab: do not return error if translations cannot be loaded

On 11/24/2015 05:38 PM, Martin Basti wrote: > > > On 24.11.2015 17:33, Jan Cholasta wrote: >> On 24.11.2015 16:52, Martin Basti wrote: >>> https://fedorahosted.org/freeipa/ticket/5483 >>> >>> Patch attached. >> >> Doesn't init_gettext() itself already print to stderr on failure? >> > Nope > A

Re: [Freeipa-devel] [PATCH 0358] ipa-getkeytab: do not return error if translations cannot be loaded

On 11/25/2015 02:31 PM, Tomas Babej wrote: > > > On 11/24/2015 05:38 PM, Martin Basti wrote: >> >> >> On 24.11.2015 17:33, Jan Cholasta wrote: >>> On 24.11.2015 16:52, Martin Basti wrote: >>>> https://fedorahosted.org/freeipa/ticket/5483 >&g

Re: [Freeipa-devel] [PATCH 0384] ipa-client-automount: Leverage IPAChangeConf to configure the idmapd

On 11/25/2015 04:33 PM, Gabe Alford wrote: > Ack. > > Gabe > > On Wed, Nov 11, 2015 at 7:22 AM, Tomas Babej <mailto:tba...@redhat.com>> wrote: > > Hi, > > Simple regexp substitution caused that the domain directive fell under > an inappro

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 11/26/2015 01:33 PM, Jan Cholasta wrote: > On 25.11.2015 09:01, Jan Cholasta wrote: >> On 24.11.2015 15:56, Tomas Babej wrote: >>> >>> >>> On 11/23/2015 04:43 PM, Jan Cholasta wrote: >>>> Hi, >>>> >>>> On 23.11.2015 1

[Freeipa-devel] [PATCH 0387] custodia: Make sure container is created with first custodia

Hi, If a first 4.3+ replica is installed in the domain, the custodia container does not exist. Make sure it is created to avoid failures during key generation. https://fedorahosted.org/freeipa/ticket/5474 From bc88f695866183666aa27535d6e3fd730dc07547 Mon Sep 17 00:00:00 2001 From: Tomas Babej

Re: [Freeipa-devel] [PATCH 0387] custodia: Make sure container is created with first custodia

On 11/27/2015 05:04 PM, Martin Babinsky wrote: > On 11/27/2015 04:25 PM, Tomas Babej wrote: >> Hi, >> >> If a first 4.3+ replica is installed in the domain, the custodia >> container does not exist. Make sure it is created to avoid failures >> d

Re: [Freeipa-devel] [PATCH 0387] custodia: Make sure container is created with first custodia

On 11/27/2015 05:26 PM, Martin Babinsky wrote: > On 11/27/2015 05:13 PM, Tomas Babej wrote: >> >> >> On 11/27/2015 05:04 PM, Martin Babinsky wrote: >>> On 11/27/2015 04:25 PM, Tomas Babej wrote: >>>> Hi, >>>> >>>> If a first 4.

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 11/30/2015 09:25 AM, Jan Cholasta wrote: > On 26.11.2015 14:36, Tomas Babej wrote: >> >> >> On 11/26/2015 01:33 PM, Jan Cholasta wrote: >>> On 25.11.2015 09:01, Jan Cholasta wrote: >>>> On 24.11.2015 15:56, Tomas Babej wrote: >>>>&g

Re: [Freeipa-devel] [PATCH] 924 use starttls in CSReplicationManager connection again

On 11/27/2015 04:18 PM, Simo Sorce wrote: > On Fri, 2015-11-27 at 14:51 +0100, Petr Vobornik wrote: >> On 10/23/2015 04:57 PM, Simo Sorce wrote: >>> On 23/10/15 08:39, Petr Vobornik wrote: not sure if the change in2606f5aecd6ac0db31abb515b691529bb7eaf14e was a mistake or done on purpose

[Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

/5501 From e6f1846f0d7d17303e5b30b1643651ba739b2b6c Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Mon, 30 Nov 2015 12:53:39 +0100 Subject: [PATCH] tests: Add hostmask detection for sudo rules validating on hostmask IPA sudo tests worked under the assumption that the clients that are executing

Re: [Freeipa-devel] dns discovery broken?

On 12/01/2015 12:58 PM, Oleg Fayans wrote: > Hi all, > > I am unable to enroll a client with the latest upstream ipa code > > I've successfully installed ipa-server with --setup-dns and --forwarder > provided. I configured client's resolv.conf to use master's ip as the > first dns server. > But

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 12/01/2015 08:19 AM, Jan Cholasta wrote: > On 30.11.2015 19:17, Simo Sorce wrote: >> On Mon, 2015-11-30 at 12:25 +0100, Tomas Babej wrote: >>> +# Perform only if we have the necessary options >>> +if not any([installer.admin_password, installer.keytab]):

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 11/30/2015 05:32 PM, Lukas Slebodnik wrote: > On (30/11/15 13:09), Tomas Babej wrote: >> Hi, >> >> IPA sudo tests worked under the assumption that the clients that >> are executing the sudo commands have their IPs assigned within >> 255.255.255.0 host

Re: [Freeipa-devel] [PATCH] Fixed typo in ipa stage-user documentation

On 12/02/2015 07:31 AM, Abhijeet Kasurde wrote: > Hi All, > > Please find a small fix in 'ipa stage-user' documentation. > > Thanks, > Abhijeet Kasurde > > ACK, Thanks. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contr

Re: [Freeipa-devel] [PATCH] Fixed typo in ipa stage-user documentation

On 12/02/2015 08:27 AM, Tomas Babej wrote: > On 12/02/2015 07:31 AM, Abhijeet Kasurde wrote: >> Hi All, >> >> Please find a small fix in 'ipa stage-user' documentation. >> >> Thanks, >> Abhijeet Kasurde >> >> > > ACK, Thanks. &g

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/01/2015 06:27 PM, Tomas Babej wrote: > > > On 11/30/2015 05:32 PM, Lukas Slebodnik wrote: >> On (30/11/15 13:09), Tomas Babej wrote: >>> Hi, >>> >>> IPA sudo tests worked under the assumption that the clients that >>> are executi

Re: [Freeipa-devel] [PATCH 0385] replicainstall: Add possiblity to install client in one

On 12/02/2015 09:53 AM, Martin Babinsky wrote: > On 12/01/2015 04:33 PM, Jan Cholasta wrote: >> On 1.12.2015 16:19, Tomas Babej wrote: >>> >>> >>> On 12/01/2015 08:19 AM, Jan Cholasta wrote: >>>> On 30.11.2015 19:17, Simo Sorce wrote: >>&g

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/02/2015 09:24 AM, Tomas Babej wrote: > > > On 12/01/2015 06:27 PM, Tomas Babej wrote: >> >> >> On 11/30/2015 05:32 PM, Lukas Slebodnik wrote: >>> On (30/11/15 13:09), Tomas Babej wrote: >>>> Hi, >>>> >>>> IPA sudo te

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/02/2015 05:25 PM, Lukas Slebodnik wrote: > On (02/12/15 15:41), Tomas Babej wrote: >> >> >> On 12/02/2015 09:24 AM, Tomas Babej wrote: >>> >>> >>> On 12/01/2015 06:27 PM, Tomas Babej wrote: >>>> >>>> >>>> O

[Freeipa-devel] [PATCH 0390] man: Update the ipa-replica-install manpage with promotion

Hi, this patch updates the man page for the ipa-replica-install given the latest changes (including the Jan's OTP patch). Tomas From 454e091bc29a536452094ecbf6fe72c100d46f30 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Thu, 3 Dec 2015 11:42:03 +0100 Subject: [PATCH] man: Update th

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/03/2015 04:26 PM, Aleš Mareček wrote: > Hello, > > ACK for code > NACK for the placing "get_client_ip_with_hostmask" function to test_sudo.py > (this function should be in some more general file) > What place would you propose? The task.py is not a good place, as this is not really a ta

Re: [Freeipa-devel] [PATCH 0390] man: Update the ipa-replica-install manpage with promotion

On 12/04/2015 12:08 PM, Petr Vobornik wrote: > On 12/03/2015 12:54 PM, Petr Vobornik wrote: >> On 12/03/2015 12:06 PM, Tomas Babej wrote: >>> Hi, >>> >>> this patch updates the man page for the ipa-replica-install given the >>> latest changes (

Re: [Freeipa-devel] [PATCH] 940 Update ipa-(cs)replica-manage man pages

On 12/04/2015 12:09 PM, Petr Vobornik wrote: > On 12/03/2015 04:58 PM, Petr Vobornik wrote: >> SSIA >> > > Updated patch attached. > > ACK, Pushed to master: 95d659b634b2ea13d18d26cacbd73e19972145f2 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailm

Re: [Freeipa-devel] [PATCH] 941 Extend topology help

On 12/03/2015 04:58 PM, Petr Vobornik wrote: > `ipa help topology` is improved. > > Looks good. I changed one part of the documentation for more clarity, see the attached patch. Otherwise ACK from me. Tomas From b460994c2a0f454ffcfdc8345d58c0c963155c7d Mon Sep 17 00:00:00 2001 From: Petr Vob

Re: [Freeipa-devel] [PATCH] 941 Extend topology help

On 12/04/2015 06:58 PM, Tomas Babej wrote: > > > On 12/03/2015 04:58 PM, Petr Vobornik wrote: >> `ipa help topology` is improved. >> >> > > Looks good. I changed one part of the documentation for more clarity, > see the attached patch. > > Otherwise

[Freeipa-devel] [PATCH 0391] replicainstall: Add check for domain if server is specified

Hi, Avoids failing in the later stages during the ipa-client-install command. Tomas From 477a9a197524ff39373f5e58cf7c7ee173657c91 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 4 Dec 2015 19:13:07 +0100 Subject: [PATCH] replicainstall: Add check for domain if server is specified Avoids

[Freeipa-devel] [PATCH 0392] tests: Fix incorrect uninstall method invocation

Hi, this fixes: https://fedorahosted.org/freeipa/ticket/5516 Tomas From efd1304be61c792c23c8e8560db6508c63fdd5e6 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Sat, 5 Dec 2015 16:54:04 +0100 Subject: [PATCH] tests: Fix incorrect uninstall method invocation https://fedorahosted.org/freeipa

Re: [Freeipa-devel] [PATCH 0392] tests: Fix incorrect uninstall method invocation

On 12/07/2015 10:58 AM, Tomas Babej wrote: > Hi, > > this fixes: https://fedorahosted.org/freeipa/ticket/5516 > > Tomas > Pushed under oneliner rule: master: 5cb003f0b4b85dce47499f594c410b34b5c961e2 ipa-4-2: e5189ef6e23e4691f6c74541da5bc1a0b0f2e73f -- Manage your subscripti

Re: [Freeipa-devel] [PATCH 0391] replicainstall: Add check for domain if server is specified

On 12/04/2015 08:22 PM, Rob Crittenden wrote: > Martin Kosek wrote: >> On 12/04/2015 07:17 PM, Tomas Babej wrote: >>> Hi, >>> >>> Avoids failing in the later stages during the ipa-client-install >>> command. >>> >>> Tomas >> &g

Re: [Freeipa-devel] You cannot specify '--admin-password' option(s) with replica file

On 12/07/2015 10:36 AM, Oleg Fayans wrote: > This is an error message that I received at the attempt to install > replica with the following command: > > ipa-replica-install --setup-ca -p -w > /var/lib/ipa/replica-info-replica2.justfor.test.gpg > > However, if I remove the '-w ', then I get t

[Freeipa-devel] [PATCH 0393] replicainstall: Admin password should not conflict with

Hi, The --admin-password (-w) has its use both in domain level 0 and 1. https://fedorahosted.org/freeipa/ticket/5517 From 9f5a6c6b257955ccad03840090d1b8fd2463bf6d Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Mon, 7 Dec 2015 14:32:11 +0100 Subject: [PATCH] replicainstall: Admin password

Re: [Freeipa-devel] [PATCH 0393] replicainstall: Admin password should not conflict with

On 12/07/2015 02:33 PM, Tomas Babej wrote: > Hi, > > The --admin-password (-w) has its use both in domain level 0 and 1. > > https://fedorahosted.org/freeipa/ticket/5517 > > > ACK. Pushed to master: dcb6626e870bcededb62d801720721d5d6c9795f -- Manage your subs

Re: [Freeipa-devel] [PATCH 0068] add missing /ipaplatform/constants.py to .gitignore

On 12/08/2015 01:26 PM, Petr Spacek wrote: > Hello, > > add missing /ipaplatform/constants.py to .gitignore > ACK. -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribu

Re: [Freeipa-devel] [PATCH 0068] add missing /ipaplatform/constants.py to .gitignore

On 12/08/2015 01:26 PM, Tomas Babej wrote: > > > On 12/08/2015 01:26 PM, Petr Spacek wrote: >> Hello, >> >> add missing /ipaplatform/constants.py to .gitignore >> > > ACK. > Pushed to master: 848912ae31d1549d5f6bed874cc6c4541bada6f4 -- Mana

[Freeipa-devel] [PATCH 0394] topology: Make sure the old 'realm' topology suffix is not

edorahosted.org/freeipa/ticket/5526 From 4c60de6009140f389bc45a5649868f1fde938421 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Tue, 8 Dec 2015 13:34:15 +0100 Subject: [PATCH] topology: Make sure the old 'realm' topology suffix is not used The old 'realm' topology suffix is n

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/03/2015 04:33 PM, Tomas Babej wrote: > > > On 12/03/2015 04:26 PM, Aleš Mareček wrote: >> Hello, >> >> ACK for code >> NACK for the placing "get_client_ip_with_hostmask" function to test_sudo.py >> (this function should be in some more g

Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).

On 12/08/2015 04:20 PM, Oleg Fayans wrote: > ACK. The initial issue is fixed. > > On 12/08/2015 03:03 PM, David Kupka wrote: >> https://fedorahosted.org/freeipa/ticket/5531 >> >> > Can we get some more love for the patch and provide at least a sentence worth of commit message before pushing?

Re: [Freeipa-devel] [PATCH 0394] topology: Make sure the old 'realm' topology suffix is not

On 12/08/2015 02:28 PM, Tomas Babej wrote: > Hi, > > The old 'realm' topology suffix is no longer used, however, it was being > created on masters with version 4.2.3 and later. Make sure it's properly > removed. > > Note that this is not the case for

[Freeipa-devel] [PATCH 0395] replicainstall: Make sure the enrollment state is preserved

called on the machine that has not been enrolled before in case of failure during the promote_check phase. https://fedorahosted.org/freeipa/ticket/5529 From 183cea1e3a7efd8574d6b74b9181485e6cf7d19b Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Thu, 10 Dec 2015 14:10:18 +0100 Subject: [PATCH

Re: [Freeipa-devel] [PATCH 0395] replicainstall: Make sure the enrollment state is preserved

On 12/10/2015 02:18 PM, Tomas Babej wrote: > Hi, > > During the promote_check phase, the subsequent checks after the machine > is enrolled may cause the installation to abort, hence leaving it > enrolled even though it might not have been prior to the execution of > the i

Re: [Freeipa-devel] [PATCH 0373] Upgrade: Fix IPA version comparison

On 12/10/2015 11:23 AM, Martin Basti wrote: > > > On 10.12.2015 09:13, Lukas Slebodnik wrote: >> On (09/12/15 19:22), Martin Basti wrote: >>> https://fedorahosted.org/freeipa/ticket/5535 >>> >>> Patch attached. >> >From 8ef93485d61e8732166fb0c5b6c4559209740f3e Mon Sep 17 00:00:00 2001 >>> From:

Re: [Freeipa-devel] [PATCH 0113] properly add ACIs to custodia container during IPA upgrade

On 12/11/2015 10:37 AM, David Kupka wrote: > On 10/12/15 10:14, Martin Babinsky wrote: >> On 12/08/2015 10:45 AM, Martin Babinsky wrote: >>> fixes https://fedorahosted.org/freeipa/ticket/5524 >>> >>> >>> >> >> Attaching updated patch with simpler fix suggested by Jan. >> >> >> > Thanks for the pa

Re: [Freeipa-devel] [PATCH 0113] properly add ACIs to custodia container during IPA upgrade

On 12/11/2015 12:50 PM, Tomas Babej wrote: > > > On 12/11/2015 10:37 AM, David Kupka wrote: >> On 10/12/15 10:14, Martin Babinsky wrote: >>> On 12/08/2015 10:45 AM, Martin Babinsky wrote: >>>> fixes https://fedorahosted.org/freeipa/ticket/5524 >>&g

Re: [Freeipa-devel] [PATCH 0395] replicainstall: Make sure the enrollment state is preserved

On 12/10/2015 02:22 PM, Tomas Babej wrote: > > > On 12/10/2015 02:18 PM, Tomas Babej wrote: >> Hi, >> >> During the promote_check phase, the subsequent checks after the machine >> is enrolled may cause the installation to abort, hence leaving it >> enro

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/11/2015 02:01 PM, Lukas Slebodnik wrote: > On (10/12/15 11:40), Tomas Babej wrote: >> On 12/10/2015 09:05 AM, Lukas Slebodnik wrote: >>> On (08/12/15 14:47), Tomas Babej wrote: >>>> >>>> >>>> On 12/03/2015 04:33 PM, Tomas Babej wrote:

Re: [Freeipa-devel] [PATCHES 523-525] replica install: add remote connection check over API

On 12/11/2015 03:40 PM, Jan Cholasta wrote: > On 11.12.2015 08:03, Jan Cholasta wrote: >> On 11.12.2015 07:08, Jan Cholasta wrote: >>> On 10.12.2015 15:56, Martin Babinsky wrote: On 12/10/2015 09:48 AM, Jan Cholasta wrote: > On 9.12.2015 16:38, Jan Cholasta wrote: >> On 9.12.2015 14:

Re: [Freeipa-devel] [PATCH 0373] Upgrade: Fix IPA version comparison

On 12/11/2015 09:36 AM, Martin Kosek wrote: > On 12/10/2015 05:09 PM, Martin Basti wrote: >> >> >> On 10.12.2015 15:49, Tomas Babej wrote: >>> >>> On 12/10/2015 11:23 AM, Martin Basti wrote: >>>> >>>> On 10.12.2015 09:13, Lukas

Re: [Freeipa-devel] [PATCH 0071] replica: Fix ipa-replica-install with replica file (domain, level 0).

On 12/09/2015 08:31 AM, David Kupka wrote: > On 08/12/15 16:33, Tomas Babej wrote: >> >> >> On 12/08/2015 04:20 PM, Oleg Fayans wrote: >>> ACK. The initial issue is fixed. >>> >>> On 12/08/2015 03:03 PM, David Kupka wrote: >>>> https://

Re: [Freeipa-devel] [PATCH 0388] tests: Add hostmask detection for sudo rules validating

On 12/10/2015 09:05 AM, Lukas Slebodnik wrote: > On (08/12/15 14:47), Tomas Babej wrote: >> >> >> On 12/03/2015 04:33 PM, Tomas Babej wrote: >>> >>> >>> On 12/03/2015 04:26 PM, Aleš Mareček wrote: >>>> Hello, >>>> >>&g

Re: [Freeipa-devel] [PATCH 0395] replicainstall: Make sure the enrollment state is preserved

On 12/11/2015 06:05 PM, Martin Basti wrote: > > > On 11.12.2015 14:03, Tomas Babej wrote: >> >> On 12/10/2015 02:22 PM, Tomas Babej wrote: >>> >>> On 12/10/2015 02:18 PM, Tomas Babej wrote: >>>> Hi, >>>> >>>> Duri

Re: [Freeipa-devel] [PATCHES 523-525] replica install: add remote connection check over API

On 12/11/2015 05:37 PM, Martin Basti wrote: > > > On 11.12.2015 15:40, Jan Cholasta wrote: >> On 11.12.2015 08:03, Jan Cholasta wrote: >>> On 11.12.2015 07:08, Jan Cholasta wrote: On 10.12.2015 15:56, Martin Babinsky wrote: > On 12/10/2015 09:48 AM, Jan Cholasta wrote: >> On 9.12.2

Re: [Freeipa-devel] [PATCH 0070] Makefile: disable parallel build

On 12/11/2015 09:35 AM, Petr Spacek wrote: > Hello, > > Makefile: disable parallel build > > IPA build system cannot cope with parallel build anyway, so this patch > disables parallel build explicitly so it does not blow up when user > has -j specified in default MAKEOPTS. > > > ACK. Pushe

Re: [Freeipa-devel] [PATCHES 531-532] server install: redirect ipa-client-install output to standard output

On 12/14/2015 12:52 PM, Jan Cholasta wrote: > Hi, > > the attached patches fix . > > Honza > > > Shouldn't skip_output be also marked as incompatible with redirect_output? Tomas -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH 533] replica promotion: notify user about ignoring client enrollment options

On 12/14/2015 02:02 PM, Jan Cholasta wrote: > On 14.12.2015 13:41, Jan Cholasta wrote: >> Hi, >> >> the attached patch fixes . > > Self-NACK, updated patch attached. > > > ACK, works fine. -- Manage your subscription for the Freeipa-devel maili

Re: [Freeipa-devel] [PATCHES 531-532] server install: redirect ipa-client-install output to standard output

On 12/14/2015 12:57 PM, Jan Cholasta wrote: > On 14.12.2015 12:54, Tomas Babej wrote: >> >> >> On 12/14/2015 12:52 PM, Jan Cholasta wrote: >>> Hi, >>> >>> the attached patches fix <https://fedorahosted.org/freeipa/ticket/5527>. >>> &

Re: [Freeipa-devel] [PATCH 0378] Tests: fix always true assertion

On 12/14/2015 12:24 PM, Martin Basti wrote: > Fixes: > /usr/lib/python2.7/site-packages/ipatests/test_cmdline/test_ipagetkeytab.py:116: > SyntaxWarning: assertion is always true, perhaps remove parentheses? > > Patch attached. > > Nice catch. ACK. Pushed to master: e1cb802d15d07f80b4812c51e2

Re: [Freeipa-devel] [PATCH 533] replica promotion: notify user about ignoring client enrollment options

On 12/14/2015 02:19 PM, Tomas Babej wrote: > > > On 12/14/2015 02:02 PM, Jan Cholasta wrote: >> On 14.12.2015 13:41, Jan Cholasta wrote: >>> Hi, >>> >>> the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5530>. >> >>

Re: [Freeipa-devel] [PATCH 0373] Upgrade: Fix IPA version comparison

On 12/14/2015 10:21 AM, Martin Basti wrote: > > > On 14.12.2015 09:24, Martin Kosek wrote: >> On 12/14/2015 07:21 AM, Jan Cholasta wrote: >>> On 11.12.2015 19:01, Tomas Babej wrote: >>>> >>>> On 12/11/2015 09:36 AM, Martin Kosek wrote:

Re: [Freeipa-devel] [PATCH] 0047 dogtaginstance: remove unused function 'check_inst'

On 12/14/2015 06:56 AM, Fraser Tweedale wrote: > Just some drive-by cleanup of an unused function. > > Cheers, > Fraser > ACK, thanks for the cleanup! Pushed to master: 38861428e76c19107a03f07530e3724aee60a270 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redha

Re: [Freeipa-devel] [PATCHES 531-532] server install: redirect ipa-client-install output to standard output

On 12/14/2015 02:41 PM, Jan Cholasta wrote: > On 14.12.2015 14:20, Tomas Babej wrote: >> >> >> On 12/14/2015 12:57 PM, Jan Cholasta wrote: >>> On 14.12.2015 12:54, Tomas Babej wrote: >>>> >>>> >>>> On 12/14/2015 12:52 PM,

Re: [Freeipa-devel] [PATCH 0374-0375] Fix permissions on newly created directories

On 12/11/2015 07:19 PM, Martin Basti wrote: > > > On 10.12.2015 15:18, Martin Basti wrote: >> Hello, >> >> patch 0374 fixes the ticket, but I found more issues with directory >> permission, I fixed them in 0375 >> >> https://fedorahosted.org/freeipa/ticket/5520 >> >> Patches attached. > > Patc

Re: [Freeipa-devel] [PATCH 534] replica promotion: let ipa-client-install validate enrollment options

On 12/14/2015 03:37 PM, Jan Cholasta wrote: > Hi, > > the attached patch fixes . > > Honza > > > ACK, Pushed to master: 110e3dfc5401899ae0a54cc979ca0820e53cfa02 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat

Re: [Freeipa-devel] [PATCH 0117] ipa-client-install: create a temporary directory for ccache files

On 12/14/2015 05:31 PM, Martin Babinsky wrote: > fixes https://fedorahosted.org/freeipa/ticket/5528 Works as expected, code-wise looks good. Thanks for looking into this, ACK! Pushed to master: 5886f87f974fa508047a21350c2e6e75a3001da6 -- Manage your subscription for the Freeipa-devel mailing

Re: [Freeipa-devel] [PATCH 536] ipapython: remove default_encoding_utf8

On 01/05/2016 08:54 AM, Jan Cholasta wrote: > Hi, > > the attached patch replaces the default_encoding_utf8 binary module with > 2 lines of equivalent Python code. > > Honza > > > This looks fine to me, however, I wonder, why this approach was ever taken? The sys.setdefaultencoding is avail

Re: [Freeipa-devel] import rpm causes failure during IPA caless install

On 01/08/2016 01:45 PM, Martin Basti wrote: > Hello all, > > fix for ticket https://fedorahosted.org/freeipa/ticket/5535 > requires to import rpm module > > This import somehow breaks nsslib in IPA > https://fedorahosted.org/freeipa/ticket/5572 > > > We have 2 ways how to fix it: > > 1) move

Re: [Freeipa-devel] import rpm causes failure during IPA caless install

On 01/08/2016 03:31 PM, Lukas Slebodnik wrote: > On (08/01/16 14:14), Jan Cholasta wrote: >> On 8.1.2016 14:09, Martin Basti wrote: >>> >>> >>> On 08.01.2016 14:00, Martin Kosek wrote: On 01/08/2016 01:45 PM, Martin Basti wrote: > Hello all, > > fix for ticket https://fedorahoste

Re: [Freeipa-devel] [PATCH 0118] fix Py3 incompatible exception instantiation in replica install code

wever, there are additional occurrences in the code base, attaching a patch. Tomas From 7475c1650e5cc5478a65166d853822b93419cd5e Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 8 Jan 2016 18:23:35 +0100 Subject: [PATCH] py3: Remove py3 incompatible exception handling --- doc/guide/guide

Re: [Freeipa-devel] [PATCH 536] ipapython: remove default_encoding_utf8

On 01/12/2016 10:24 AM, Jan Cholasta wrote: > On 6.1.2016 12:33, Christian Heimes wrote: >> On 2016-01-05 11:30, Tomas Babej wrote: >>> >>> >>> On 01/05/2016 08:54 AM, Jan Cholasta wrote: >>>> Hi, >>>> >>>> the attached

[Freeipa-devel] [PATCH 0397] ipapython: Use custom datetime to LDAP generalized time

/freeipa/ticket/5579 Tomas From d746dd233c07b0dc81f539f502844a16e5cc97e2 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 15 Jan 2016 12:20:12 +0100 Subject: [PATCH] ipapython: Use custom datetime to LDAP generalized time converter For the dates older than 1900, Python is unable to convert the

[Freeipa-devel] [PATCH 0398] logger: Use warning instead of warn

Hi, this should build up to another pylint-related patch Martin^2 has in works. Tomas From b5e445c1dfdd469a7b85ba418b910f2a85fa470f Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 15 Jan 2016 16:25:33 +0100 Subject: [PATCH] logger: Use warning instead of warn --- install/tools/ipa

Re: [Freeipa-devel] [PATCH 0398] logger: Use warning instead of warn

On 01/15/2016 05:12 PM, Martin Basti wrote: > > > On 15.01.2016 16:27, Tomas Babej wrote: >> Hi, >> >> this should build up to another pylint-related patch Martin^2 has in works. >> >> Tomas >> >> >> > NACK :) > > *

[Freeipa-devel] [PATCH 0399] ipa-getkeytab: Handle the possibility of not obtaining a result

Hi, The ldap_result operation can time out, returning a NULL result, which in turn causes the parsing operation to crash. https://fedorahosted.org/freeipa/ticket/5642 Tomas From 3b4482cdd5494890a220bfd935874fa84677524c Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Tue, 26 Jan 2016 17:32:29

Re: [Freeipa-devel] [PATCH] webui: 949 crash nicely if sessionStorage is not available

ACK On 01/26/2016 06:57 PM, Petr Vobornik wrote: > https://fedorahosted.org/freeipa/ticket/5643 > > -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH] webui: 949 crash nicely if sessionStorage is not available

On 01/26/2016 06:59 PM, Tomas Babej wrote: > ACK > > On 01/26/2016 06:57 PM, Petr Vobornik wrote: >> https://fedorahosted.org/freeipa/ticket/5643 >> >> > Pushed to master: 6e1eb5bc8f83faa38203bd308896d0b15f359b24 -- Manage your subscription for the Fre

Re: [Freeipa-devel] [PATCH 543] CA install: explicitly set dogtag_version to 10

On 01/27/2016 12:10 PM, Martin Babinsky wrote: > On 01/27/2016 09:27 AM, Jan Cholasta wrote: >> On 26.1.2016 10:23, Martin Babinsky wrote: >>> On 01/26/2016 10:14 AM, Martin Babinsky wrote: On 01/25/2016 08:56 AM, Alexander Bokovoy wrote: > On Mon, 25 Jan 2016, Jan Cholasta wrote: >>

Re: [Freeipa-devel] [PATCH 540] cert renewal: import all external CA certs on IPA CA cert renewal

On 01/27/2016 08:06 AM, Martin Babinsky wrote: > On 01/25/2016 08:19 AM, Jan Cholasta wrote: >> On 22.1.2016 12:28, Jan Cholasta wrote: >>> On 22.1.2016 10:34, Martin Babinsky wrote: On 01/21/2016 10:27 AM, Jan Cholasta wrote: > Hi, > > the attached patch fixes >

Re: [Freeipa-devel] [PATCH 540] cert renewal: import all external CA certs on IPA CA cert renewal

On 01/27/2016 02:53 PM, Jan Cholasta wrote: > On 27.1.2016 14:41, Tomas Babej wrote: >> >> >> On 01/27/2016 08:06 AM, Martin Babinsky wrote: >>> On 01/25/2016 08:19 AM, Jan Cholasta wrote: >>>> On 22.1.2016 12:28, Jan Cholasta wrote: >>>>>

Re: [Freeipa-devel] [PATCH 155] ipa-kdb: get_authz_data_types() make sure entry can be NULL

On 01/06/2016 12:15 PM, Sumit Bose wrote: > Hi, > > this patch fixes and issue found by Simo when he called > get_authz_data_types() with the second argument being NULL. > This function determines which type of authorization data should be > added to the Kerberos ticket. There are global default

Re: [Freeipa-devel] [PATCH 155] ipa-kdb: get_authz_data_types() make sure entry can be NULL

On 01/27/2016 04:04 PM, Tomas Babej wrote: > > > On 01/06/2016 12:15 PM, Sumit Bose wrote: >> Hi, >> >> this patch fixes and issue found by Simo when he called >> get_authz_data_types() with the second argument being NULL. >> This function determines whi

<    5   6   7   8   9   10   11   >