-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
with a recent patch, the license of FreeIPA has changed from GPLv2 only
to GPLv3 or later. This mail is just a reminder to change the license
blob in any new files or perhaps skeletons for new files in your editor
to include the new license blob.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/20/2010 04:16 PM, Jan Zelený wrote:
Jan Zelený jzel...@redhat.com wrote:
Jakub Hrozek jhro...@redhat.com wrote:
On 12/09/2010 09:54 AM, Jan Zelený wrote:
Jan Zelený jzel...@redhat.com wrote:
Jan Zelený jzel...@redhat.com wrote:
Now each
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 12:27 PM, Jan Zelený wrote:
Field idnszoneactive is marked as optional with no_create and no_update,
because it is set to true by default (see class dnszone_add, I'm not sure
this
is the right approach though) and for enabling and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/20/2010 11:05 PM, Simo Sorce wrote:
I guess it work properly if you kdestroy and use the DM password ?
Simo.
Yes is does. ipa-replica-manage del fqdn works, plus I inspected the
directory contents before adding and after removing a
On 12/21/2010 12:20 AM, Adam Young wrote:
1. Can't add an ACI. Before, I was able to get away with a blank
filter, but that doesn't seem to work anymore.
As a short term work around, I can do the object type as the default,
and have the user switch it on edit, but that seems pretty
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/14/2010 04:33 PM, Simo Sorce wrote:
This patch adds ACI on cn=config to replicas too.
Fixes: #617
Simo.
Does not apply cleanly on master anymore, but did apply with git am -3
and the code is OK.
So ACK, but please rebase before
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:06 AM, Simo Sorce wrote:
Rename the add command to connect, this makes it evident it is the
opposite of disconnect. add was also ambiguos, one could think it
could be used to add a new replica, while it can only add agreements
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/20/2010 09:04 PM, Simo Sorce wrote:
On Mon, 20 Dec 2010 18:22:48 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:02 AM, Simo Sorce wrote:
This command will delete a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:09 AM, Simo Sorce wrote:
With the previous incarnation it wasn't possible to get a list of all
replicas, only of the replicas directly connected to the one on which
the command was run.
This new version will return all known
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The way I changed the installer with the IPv6 fix, it would require a
record in DNS for the machine hostname and fail if there was none.
The previous (and correct) behaviour is to work even if there is only
record in /etc/hosts and only warn if there
*-mod operations were not functioning properly after the recent 'rename' patch.
Pavel
From 4f59a29a7f16a4dbdb8a39766968102a21fae1ed Mon Sep 17 00:00:00 2001
From: Pavel Zuna pz...@redhat.com
Date: Tue, 21 Dec 2010 16:17:28 +0100
Subject: [PATCH] Fix the mod operations.
---
On Tue, 21 Dec 2010 16:29:23 +0100
Jakub Hrozek jhro...@redhat.com wrote:
The way I changed the installer with the IPv6 fix, it would require a
record in DNS for the machine hostname and fail if there was none.
The previous (and correct) behaviour is to work even if there is only
record in
On Tue, 21 Dec 2010 16:42:03 +0100
Pavel Zuna pz...@redhat.com wrote:
*-mod operations were not functioning properly after the recent
'rename' patch.
ACK
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Print the attribute CLI name instead of its 'real' name. The real name is
usually the name of the corresponding LDAP attribute, which is confusing to the
user.
This way we get:
Invalid 'login': blablabla
instead of:
Invalid 'uid': blablabla
Another example:
General talk about username format including username length and how to change
it in ipa config.
Ticket #436
Pavel
From 6874f8d1ecc340832961b28b84b5140c65f6ca2b Mon Sep 17 00:00:00 2001
From: Pavel Zuna pz...@redhat.com
Date: Tue, 21 Dec 2010 12:23:40 -0500
Subject: [PATCH 2/2] Update built-in
JR Aquino wrote:
Attached are both patches with one modification to 0001:
-add:schema-compat-container-group: 'cn=SUDOers, $SUFFIX'
+add:schema-compat-container-group: 'ou=SUDOers, $SUFFIX'
Please ack and push to master.
ack, pushed to master
On 12/15/10 8:16 PM, JR
JR Aquino wrote:
Here is the final patch for sudorule external host and user support.
This patch also adds support for adding/removing IpaSudoOpt values. (We
some how missed this till the last hour)
This addresses item #6 in ticket 570:
(https://fedorahosted.org/freeipa/ticket/570)
(This ticket
Simo Sorce wrote:
On Tue, 21 Dec 2010 16:42:03 +0100
Pavel Zunapz...@redhat.com wrote:
*-mod operations were not functioning properly after the recent
'rename' patch.
ACK
Simo.
pushed to master
___
Freeipa-devel mailing list
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 12:27 PM, Jan Zelený wrote:
Field idnszoneactive is marked as optional with no_create and no_update,
because it is set to true by default (see class dnszone_add, I'm not sure this
is the right approach though) and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 03:10 PM, Jakub Hrozek wrote:
On 12/20/2010 09:04 PM, Simo Sorce wrote:
On Mon, 20 Dec 2010 18:22:48 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:02 AM, Simo Sorce
Pavel Zuna wrote:
Print the attribute CLI name instead of its 'real' name. The real name
is usually the name of the corresponding LDAP attribute, which is
confusing to the user.
This way we get:
Invalid 'login': blablabla
instead of:
Invalid 'uid': blablabla
Another example:
Invalid
Hello all,
attached patches fix handling of ANY queries in bind-dyndb-ldap
backend.
The first patch implements dns_rdatasetiter interface which is needed by
allrdatasets() DB method (implemented in the second patch).
The allrdatasets() database method is used by the named daemon to handle
ANY
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
This depends on Adam's patch 0118.
In meta data make ACI attributes lower-case, sorted. Add possible
attributes.
The metadata contains a list of possible attributes that an ACI for that
object might need. Add a new variable to hold
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 08:14 AM, Simo Sorce wrote:
These commands had a very confusing syntax as well as issues (init was
running the memberof task on the wrong server).
The commands has been renamed to make it clearer what they do.
init -
commit 2cb53ec8d0271c8db0f09203fdc60878a66cbdb6
Author: Adam Young ayo...@redhat.com
Date: Tue Dec 21 13:37:23 2010 -0500
populate the group select upon initial creation
Fixes the delegation add dialog
diff --git a/install/static/aci.js b/install/static/aci.js
index d536e34..f31449f
On Tue, 21 Dec 2010 19:09:46 +0100
Jakub Hrozek jhro...@redhat.com wrote:
The patch looks good to me, but the hunk in
ipaserver/install/service.py seems to be completely unrelated. Did
you run git commit -am by accident?
As discussed on IRC this is necessary to make things work when we are
On Tue, 21 Dec 2010 18:47:36 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 03:10 PM, Jakub Hrozek wrote:
On 12/20/2010 09:04 PM, Simo Sorce wrote:
On Mon, 20 Dec 2010 18:22:48 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/21/2010 08:57 AM, Adam Young wrote:
On 12/21/2010 12:20 AM, Adam Young wrote:
1. Can't add an ACI. Before, I was able to get away with a blank
filter, but that doesn't seem to work anymore.
As a short term work around, I can do the object type as the default,
and have the user switch
On 12/21/2010 07:48 PM, Simo Sorce wrote:
On Tue, 21 Dec 2010 18:47:36 +0100
Jakub Hrozekjhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 03:10 PM, Jakub Hrozek wrote:
On 12/20/2010 09:04 PM, Simo Sorce wrote:
On Mon, 20 Dec 2010 18:22:48 +0100
Jakub
On 12/21/2010 07:43 PM, Simo Sorce wrote:
On Tue, 21 Dec 2010 19:09:46 +0100
Jakub Hrozekjhro...@redhat.com wrote:
The patch looks good to me, but the hunk in
ipaserver/install/service.py seems to be completely unrelated. Did
you run git commit -am by accident?
As discussed on IRC this is
On 12/20/2010 09:10 PM, Simo Sorce wrote:
When a replication agreement is removed also make sure to remove
referrals to the replicas to avoid dangling referrals.
This patch also fixes acis related to replica as the fix is also
required to be able to change the referrals attributes.
Simo.
With this patch all agreements to the replica being deleted are
properly removed even when we have to force the replica removal because
it is not available anymore.
As a bonus this command too now works with just Kerberos credentials of
a user that have enough privileges.
Simo.
--
Simo Sorce
There are some issues deep down the replication instance that prevent
us from successfully add new connections between replicas using
SASL/GSSAPI credentials.
Force the request for the DM password for now so that the command can
work.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From
On Tue, 21 Dec 2010 14:58:56 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/14/2010 04:33 PM, Simo Sorce wrote:
This patch adds ACI on cn=config to replicas too.
Fixes: #617
Simo.
Does not apply cleanly on master anymore,
On Tue, 21 Dec 2010 21:57:29 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/21/2010 07:48 PM, Simo Sorce wrote:
On Tue, 21 Dec 2010 18:47:36 +0100
Jakub Hrozekjhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/21/2010 03:10 PM, Jakub Hrozek wrote:
On Tue, 21 Dec 2010 15:10:40 +0100
Jakub Hrozek jhro...@redhat.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/16/2010 02:06 AM, Simo Sorce wrote:
Rename the add command to connect, this makes it evident it is
the opposite of disconnect. add was also ambiguos, one could
On Tue, 21 Dec 2010 15:48:40 +0100
Jakub Hrozek jhro...@redhat.com wrote:
Ack, but only if you squash in the attached one-liner which actually
makes ipa-replica-manage list work with --verbose. Right now it would
fail with unexpected error: utcoffset() takes exactly 1 argument (2
given)
On Tue, 21 Dec 2010 23:17:53 +0100
Jakub Hrozek jhro...@redhat.com wrote:
Ack.
Pushed to master.
As discussed with Simo on IRC, calling del_link() when performing
ipa-replica-manage del fqdn would be handled in a follow-up patch.
Patch 0039 does this and I have sent it to the list.
On Tue, 21 Dec 2010 22:04:12 +0100
Jakub Hrozek jhro...@redhat.com wrote:
On 12/21/2010 07:43 PM, Simo Sorce wrote:
On Tue, 21 Dec 2010 19:09:46 +0100
Jakub Hrozekjhro...@redhat.com wrote:
The patch looks good to me, but the hunk in
ipaserver/install/service.py seems to be completely
On Tue, 21 Dec 2010 18:58:49 +0100
Adam Tkac at...@redhat.com wrote:
attached patches fix handling of ANY queries in bind-dyndb-ldap
backend.
The first patch implements dns_rdatasetiter interface which is needed
by allrdatasets() DB method (implemented in the second patch).
The
On Wed, 15 Dec 2010 21:37:46 +
JR Aquino jr.aqu...@citrix.com wrote:
There was a typo for the manpage, this is a one liner to fix.
-.\ A man page for ipa-ldap-updater
+.\ A man page for ipa-compat-manage
Ack,
pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
On Tue, 21 Dec 2010 09:57:27 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Move permissions and privileges to their own container. They don't
really belong in cn=accounts any more. This leaves just roles
there.
ticket 638
On Tue, 21 Dec 2010 10:53:35 -0500
Simo Sorce sso...@redhat.com wrote:
On Tue, 21 Dec 2010 16:29:23 +0100
Jakub Hrozek jhro...@redhat.com wrote:
The way I changed the installer with the IPv6 fix, it would require
a record in DNS for the machine hostname and fail if there was none.
This handles the ACI creation problem.
From c802dba511a8f6ca7bddf5ce0c516561899b3e80 Mon Sep 17 00:00:00 2001
From: Adam Young ayo...@redhat.com
Date: Tue, 21 Dec 2010 15:14:08 -0500
Subject: [PATCH] hidden filter
The filter field on aci add is hidden, and prefilled with an object class that
Mam page fixes after all the changes I made to the ipa-replica-manage
command.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
From 7de8def8cc1b40d52a863c5dec304a65f462d313 Mon Sep 17 00:00:00 2001
From: Simo Sorce sso...@redhat.com
Date: Tue, 21 Dec 2010 19:40:36 -0500
Subject: [PATCH] Fix
On Fri, 17 Dec 2010 17:47:39 +0100
Zoran Pericic zperi...@inet.hr wrote:
On 12/16/2010 08:06 PM, Simo Sorce wrote:
Obvious ACK,
I will put the change in myself unless you can send me a git
formatted patch I can git am into my tree.
Thunerbird converted tabs to spaces. I hope this is
Attached find a patch in the proper git format.
Adam can you push it if you think it is ok ?
Thanks,
Simo.
On Fri, 17 Dec 2010 18:15:22 +0100
Zoran Pericic zperi...@inet.hr wrote:
On 12/16/2010 08:25 PM, Simo Sorce wrote:
+(str_casecmp_char(ldap_inst-sasl_mech, GSSAPI) == 0)) {
Setting an empty set of target attributes should raise an exception.
It is possible to create an ACI with attributes and then try to set that
to None via a mod command later. We need to catch this and raise an
exception.
ticket 647
rob
From 839a5d572e2d38a2b4786c75b0f257cbb6fb96ca Mon Sep
Simo Sorce wrote:
Mam page fixes after all the changes I made to the ipa-replica-manage
command.
Simo.
NACK
I'd like to change these:
1. Forces a full re-initialization of the IPA server pulling data from a
server specified with the --from option
to:
Forces a full re-initialization of
49 matches
Mail list logo