krb5_init_context return value was not checked. This could lead
to unhandled error issues.
This patch moves the Kerberos context initialization to the
branch where it is needed and handles the error value in a way
that allows program exit in a standard way deallocating all
resources.
https://fedo
On Tue, 2011-01-11 at 10:49 +0100, Martin Kosek wrote:
> krb5_init_context return value was not checked. This could lead
> to unhandled error issues.
>
> This patch moves the Kerberos context initialization to the
> branch where it is needed and handles the error value in a way
> that allows progr
krb5_get_default_realm() and asprintf() return values were ignored.
This could lead to unhandled error issues or memory access
issues.
This patch adds return value checks to all such functions.
As a consequence, one new return value has been added to man page.
https://fedorahosted.org/freeipa/tic
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/11/2011 10:57 AM, Martin Kosek wrote:
> On Tue, 2011-01-11 at 10:49 +0100, Martin Kosek wrote:
>> krb5_init_context return value was not checked. This could lead
>> to unhandled error issues.
>>
>> This patch moves the Kerberos context initializa
On Tue, Jan 11, 2011 at 12:46:29PM +0100, Martin Kosek wrote:
> krb5_get_default_realm() and asprintf() return values were ignored.
> This could lead to unhandled error issues or memory access
> issues.
>
> This patch adds return value checks to all such functions.
> As a consequence, one new retu
On Mon, Jan 10, 2011 at 05:44:09PM -0500, Rob Crittenden wrote:
> Make the config setting ipaDefaultLoginShell an IA5Str to match the
> POSIX schema for loginShell.
>
> ticket 739
>
> rob
> -attributetypes: ( 2.16.840.1.113730.3.8.1.7 NAME 'ipaDefaultLoginShell'
> EQUALITY caseExactMatch SYNTAX
On Mon, Jan 10, 2011 at 02:25:18PM -0500, Rob Crittenden wrote:
> This 3 problems related to ipa host-add-managedby:
>
> 1. Add a label for failed managedby
> 2. Fix a call to print_entry() where the new flags argument was missing
> 3. Add a flag to allow a group to be a member of itself (default
Hi,
Please review the attached patch. Thanks!
All references to hbac in the UI have been replaced with hbacrule.
This is to match the hbacrule plugin. The test data and templates
have been renamed as well.
--
Endi S. Dewata
From 424c5ed23087c1d62d01036ea96852390e336884 Mon Sep 17 00:00:00 2001
Hi,
The attached patch should fix the following bug:
https://fedorahosted.org/freeipa/ticket/672
A section has been added to the SUDO command details page for managing
the association with SUDO command groups. New test data has been added
as well.
--
Endi S. Dewata
From e47452b56b5f57ca5e385a97
Jakub Hrozek wrote:
On Mon, Jan 10, 2011 at 05:44:09PM -0500, Rob Crittenden wrote:
Make the config setting ipaDefaultLoginShell an IA5Str to match the
POSIX schema for loginShell.
ticket 739
rob
-attributetypes: ( 2.16.840.1.113730.3.8.1.7 NAME 'ipaDefaultLoginShell'
EQUALITY caseExactMat
Aravind,
I've posted your question on the FreeIPA Devel list. Could you please
"reply to all" with the following information?
1. What was the origianal problem you were seeing when you googled and
found the --passsync option
2. Is there anything in in any of the logs that seems relevant?
On 01/11/2011 07:56 AM, Adam Young wrote:
Aravind,
I've posted your question on the FreeIPA Devel list. Could you please
"reply to all" with the following information?
1. What was the origianal problem you were seeing when you googled
and found the --passsync option
2. Is there anything
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/11/2011 03:53 PM, Rob Crittenden wrote:
> Jakub Hrozek wrote:
>> On Mon, Jan 10, 2011 at 05:44:09PM -0500, Rob Crittenden wrote:
>>> Make the config setting ipaDefaultLoginShell an IA5Str to match the
>>> POSIX schema for loginShell.
>>>
>>> tick
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/11/2011 03:53 PM, Rob Crittenden wrote:
Jakub Hrozek wrote:
On Mon, Jan 10, 2011 at 05:44:09PM -0500, Rob Crittenden wrote:
Make the config setting ipaDefaultLoginShell an IA5Str to match the
POSIX schema for loginShell.
This patch fixes a situation where an uninitialized pointer
is passed to free().
https://fedorahosted.org/freeipa/ticket/713
>From 7d51aa458999454742935b0746b10433a02f9f2d Mon Sep 17 00:00:00 2001
From: Martin Kosek
Date: Tue, 11 Jan 2011 16:19:31 +0100
Subject: [PATCH] Uninitialized pointer rea
Adam Young wrote:
On 01/10/2011 11:18 AM, Rob Crittenden wrote:
There was an option for debug level in the ldap2 module but it wasn't
used at all. This enables it.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/
Jakub Hrozek wrote:
On Mon, Jan 10, 2011 at 02:25:18PM -0500, Rob Crittenden wrote:
This 3 problems related to ipa host-add-managedby:
1. Add a label for failed managedby
2. Fix a call to print_entry() where the new flags argument was missing
3. Add a flag to allow a group to be a member of its
On Tue, 11 Jan 2011 16:21:38 +0100
Martin Kosek wrote:
> This patch fixes a situation where an uninitialized pointer
> is passed to free().
ACK
SImo.
--
Simo Sorce * Red Hat, Inc * New York
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
htt
Correction to patch.
The previous patch inherited a line for patch #13
This has been corrected in the attached patch.
On 1/10/11 3:11 PM, "JR Aquino" wrote:
>Attached is a patch to fix the sudo compat plugin.
>
>Ticket# 742: https://fedorahosted.org/freeipa/ticket/742
>
>The sudo compat plugin
Omitting return value of calloc in ipa_pwd_extop.c could lead to
memory access issues when memory is full. This patch adds return
value check.
https://fedorahosted.org/freeipa/ticket/717
>From 6444892240f796d5fc2bd6707a64fc731bc0c6eb Mon Sep 17 00:00:00 2001
From: Martin Kosek
Date: Tue, 11 Jan
On Tue, 11 Jan 2011 16:39:57 +0100
Martin Kosek wrote:
> Omitting return value of calloc in ipa_pwd_extop.c could lead to
> memory access issues when memory is full. This patch adds return
> value check.
>
> https://fedorahosted.org/freeipa/ticket/717
ACK,
Simo.
--
Simo Sorce * Red Hat, Inc *
On 01/11/2011 09:25 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch should fix the following bug:
https://fedorahosted.org/freeipa/ticket/672
A section has been added to the SUDO command details page for managing
the association with SUDO command groups. New test data has been added
as well
On 01/11/2011 01:28 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch fixes item #3 of the following bug:
https://fedorahosted.org/freeipa/ticket/671
The table widget now can be enabled/disabled. When disabled, the
checkboxes and links/buttons are grayed out and non functional.
The radio but
On 01/11/2011 09:08 AM, Endi Sukma Dewata wrote:
Hi,
Please review the attached patch. Thanks!
All references to hbac in the UI have been replaced with hbacrule.
This is to match the hbacrule plugin. The test data and templates
have been renamed as well.
__
On 01/10/2011 09:17 PM, Endi Sukma Dewata wrote:
Hi,
This patch fixes the UI part of this bug:
https://fedorahosted.org/freeipa/ticket/742
The radio buttons under the Run Commands section in the SUDO details
page have been changed from allow/deny/specified into all/specified,
and moved under th
pushed under the one line rule
commit 380fed3bb1c08e1d02c442007fdfc64ca56078ca
Author: Adam Young
Date: Tue Jan 11 23:04:38 2011 -0500
enroll button
This was removed in several places where it should still be visible
diff --git a/install/static/associate.js b/install/static/associat
I don't know if this is a real bug or if I have a mis-configuration.
Any advice is appreciated.
I'm setting up a FreeIPA evaluation and I can't get the Web ui show
much of anything. It updates the top right to show the Username of
the user that I kinitted with but nothing else other than the logo
Jeff,
Known issue, and we are searching for the root cause. The workaround
is to crank up logging on mod-rewrite.
Edit the file /etc/httpd/conf.d/ipa-rewrite.conf
and change
RewriteLogLevel 0
to
RewriteLogLevel 9
For some reason, enabling logging hides the problem.
On 01/11/2011 11:22 PM,
The verbose logging does not seem to be a full proof workaround I'm
actually seeing more 400 errors on more files now. However on one of
my browsers I got an AJAX Error: Bad Request I did see it fleetingly
earlier I couldn't reproduce it on command so I didn't mention it.
But now I get that apach
29 matches
Mail list logo