-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/03/2010 06:52 PM, Rob Crittenden wrote:
This tool was designed to fix CVE-2008-3274. This configuration is
default now in V2 so this isn't needed now.
https://fedorahosted.org/freeipa/ticket/331
rob
Ack
-BEGIN PGP SIGNATURE-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/03/2010 04:52 PM, Rob Crittenden wrote:
Add gdm, gdm-password and kdm as default hbac services.
ticket https://fedorahosted.org/freeipa/ticket/307
rob
Ack
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using
On 11/05/2010 05:25 PM, Endi Sukma Dewata wrote:
On 11/3/2010 12:03 PM, Endi Sukma Dewata wrote:
On 11/3/2010 8:55 AM, Adam Young wrote:
I suspect then that the service add dialog is wrong. This behaviour has
been spec'ed and working for a long time. What does it break?
The
Use a different user for the dogtag DS instance. This prevents an error
during uninstall of trying to remove the dirsrv user when the dogtag DS
instance is removed.
I also added a ipactl stop to the beginning of the uninstall process. We
will try to stop each service individually during
On 11/8/2010 9:13 AM, Adam Young wrote:
On 11/05/2010 05:25 PM, Endi Sukma Dewata wrote:
On 11/3/2010 12:03 PM, Endi Sukma Dewata wrote:
On 11/3/2010 8:55 AM, Adam Young wrote:
I suspect then that the service add dialog is wrong. This behaviour has
been spec'ed and working for a long time.
Hi,
Please do not forget to check the Affects CLI and newly added Affects
DOC checkboxes when closing tickets when the work done changes the
signature or output of the CLI or needs to be documented.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
From 321c0afc7d0998ce120c9c68bb20e4f3672c0c68 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Mon, 8 Nov 2010 12:57:16 -0500
Subject: [PATCH] Disable Enable user
UI updated to use the enable and disable methods, and to correctly report them
Implementation has a few
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/04/2010 08:21 PM, Rob Crittenden wrote:
The netgroup plugin was missing the usercategory and hostcategory
associations. This adds them and fixes displaying membership in
netgroup_show.
rob
The code looks OK and works,
Fix for IPA v1.2.2 bug https://bugzilla.redhat.com/show_bug.cgi?id=650725
The problem is in Fedora 14 the kerberos binaries were moved so our
tools all fail. This makes the run() call more generic by using PATH to
find binaries.
rob
From 5c26c970f01d9fa5e1f0783d6b3326578c46eb94 Mon Sep 17
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/03/2010 06:52 PM, Rob Crittenden wrote:
This tool was designed to fix CVE-2008-3274. This configuration is
default now in V2 so this isn't needed now.
https://fedorahosted.org/freeipa/ticket/331
rob
Ack
pushed to
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/03/2010 04:52 PM, Rob Crittenden wrote:
Add gdm, gdm-password and kdm as default hbac services.
ticket https://fedorahosted.org/freeipa/ticket/307
rob
Ack
pushed to master
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Uses a new subclass IPAOptionParser in scripts instead of OptionParser
from the standard python library. IPAOptionParser uses its own IPAOption
class to store options, which adds a new 'sensitive' attribute.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/08/2010 09:00 PM, Rob Crittenden wrote:
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Uses a new subclass IPAOptionParser in scripts instead of OptionParser
from the standard python library. IPAOptionParser uses its own
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/08/2010 07:52 PM, Rob Crittenden wrote:
So we don't have to change the type later. It is expected that at some
point these will have additional values.
rob
OK, that's what I thought, but I wanted to have this confirmed before
giving an
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(resending to the list, I accidentally replied to Rob only before..)
On 11/02/2010 04:24 AM, Rob Crittenden wrote:
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
https://fedorahosted.org/freeipa/ticket/154
This patch configures IPA to use the currently strongest available
enctype for the master key.
Fixes #456
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From c46dd2d57ee59248152f0ab7ef07645fe36af83d Mon Sep 17 00:00:00 2001
From: Simo Sorce sso...@redhat.com
Date: Mon, 1 Nov 2010 09:33:14
On 11/8/2010 12:01 PM, Adam Young wrote:
The functionality works, but there are some issues:
1. The JSON files contain some trailing whitespaces.
2. The server seems to be using true and False for nsaccountlock
value. So it might be safer to use case-insensitive comparison or
normalize
This set of patches implement the first part of ticket #55
The patchset only adds the ability to install pkinit with the
selfsigned CA (or with externally provided certs).
If you need to use/test dogtag you can pass the --no-pkinit option for
the time being as etting up pkinit is performed by
On 11/08/2010 05:01 PM, Endi Sukma Dewata wrote:
On 11/7/2010 7:13 PM, Adam Young wrote:
The Time Dialog needs a format. I couldn't guess a value that it would
accept. The retry/cancel message is really confusing, too. Tried 1200,
12:00 and 1200-1300.
1. Put in text showing the format.
2.
On 11/08/2010 06:44 PM, Endi Sukma Dewata wrote:
On 11/8/2010 12:01 PM, Adam Young wrote:
The functionality works, but there are some issues:
1. The JSON files contain some trailing whitespaces.
2. The server seems to be using true and False for nsaccountlock
value. So it might be safer
On 11/8/2010 5:44 PM, Endi Sukma Dewata wrote:
The functionality works, but there are some issues:
1. The JSON files contain some trailing whitespaces.
2. The server seems to be using true and False for nsaccountlock
value. So it might be safer to use case-insensitive comparison or
normalize
On 11/08/2010 09:04 PM, Endi Sukma Dewata wrote:
On 11/8/2010 5:44 PM, Endi Sukma Dewata wrote:
The functionality works, but there are some issues:
1. The JSON files contain some trailing whitespaces.
2. The server seems to be using true and False for nsaccountlock
value. So it might be
On 11/8/2010 12:30 PM, Adam Young wrote:
ACK and pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 11/8/2010 7:41 PM, Adam Young wrote:
ACK and pushed to master. I also fixed 2 issues and pushed them using
1-liner rule.
1. Renamed button.deletes to button.remove in widget.js.
2. Renamed button.delete to button.remove in json_metadata.json.
--
Endi S. Dewata
If the parent and child entries have the same attribute as primary
key (such as in the DNS schema), we need to rename the parent key
to prevent a param name conflict. It has no side effects, because
the primary key name is always taken from the LDAPObject params,
never from the method params.
Finally, there it is. :)
I redesigned the whole thing to fit the baseldap model.
Here's some example on how it's used:
# create zone 'example.com'
# ipa dnszone-add example.com --name=ns.example.com
--admin=ad...@example.com
# create a resource in zone 'example.com' named 'machine1'
#
Ticket #452
Pavel
From e03d082523a677b1d57e829ba10c31fd7f8d87b5 Mon Sep 17 00:00:00 2001
From: Pavel Zuna pz...@redhat.com
Date: Mon, 8 Nov 2010 22:45:27 -0500
Subject: [PATCH] Replace 'Locking' in `ipa help user` with 'Disabling'.
Ticket #452
---
ipalib/plugins/user.py |2 +-
1 files
On 2010-11-09 05:07, Pavel Zůna wrote:
Finally, there it is. :)
I redesigned the whole thing to fit the baseldap model.
Here's some example on how it's used:
# create zone 'example.com'
# ipa dnszone-add example.com --name=ns.example.com
--admin=ad...@example.com
# create a resource in zone
28 matches
Mail list logo