When a randomly generated password contains a space character
as the first or the last character, installation fails on
kdb5_ldap_util calling, which does not accept that. This patch
fixes the generator to generate space only on allowed position.
This patch also ensures that no password is printed
On 01/07/2011 08:59 PM, Rob Crittenden wrote:
Pavel Zůna wrote:
LDAPObject sub-classes can define a custom list of attributes for
effective rights retrieval.
Fix #677
Pavel
Nack. --rights should only return data when --all is also included.
Otherwise it looks ok.
rob
Fixed version attac
Fixes import errors in the framework cause by recent API version changes.
Fix #796
Pavel
>From 3532c0f551edc79e63843ee112dee097dfb6aadf Mon Sep 17 00:00:00 2001
From: Pavel Zuna
Date: Tue, 18 Jan 2011 12:35:59 -0500
Subject: [PATCH] Fix import API_VERSION import error.
Fix #796
---
ipalib/cli
On 01/18/2011 01:40 PM, Pavel Zuna wrote:
Fixes import errors in the framework cause by recent API version changes.
Fix #796
Pavel
self-NACK.
Ignore this patch, didn't realize the API_VERSION constant is auto-generated.
Pavel
___
Freeipa-devel ma
There's no such thing as "maximum" in SOA record RDATA format according to RFC
1035 and there's also no such attribute in the schema.
Fix #788
https://bugzilla.redhat.com/show_bug.cgi?id=670343
Pavel
>From ee65cb0fc69384f2777537d222a762a4f7be5bfe Mon Sep 17 00:00:00 2001
From: Pavel Zuna
Date
Fix #797
Pavel
>From 509a77949474b429bb4d4ee6fa871bdade446625 Mon Sep 17 00:00:00 2001
From: Pavel Zuna
Date: Tue, 18 Jan 2011 13:28:37 -0500
Subject: [PATCH 1/2] Fix crash when building DN of host with name ending with period.
Fix #797
---
ipalib/plugins/host.py |9 +
1 files chan
Pavel Zuna wrote:
Fixes import errors in the framework cause by recent API version changes.
Fix #796
Pavel
nack, VERSION != API_VERSION
What error are you seeing?
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/
Jan Zeleny wrote:
Rob Crittenden wrote:
Update kerberos password policy values on LDAP binds. This is so
locked-out accounts in kerberos don't try things using LDAP instead.
On a failed bind this will update krbLoginFailedCount and
krbLastFailedAuth and will potentially fail the bind altogethe
Endi Sukma Dewata wrote:
On 1/17/2011 10:12 PM, Adam Young wrote:
After this patch is applied running,
jsl -conf jsl.conf
Will report no errors. Running clean is then a requirement for
committing patches to the javascript code base
ACK and pushed to master.
Should this be done as part of
On Tue, 18 Jan 2011 10:00:33 +0100
Jan Zelený wrote:
> The original one was misleading, giving the value exactly opposite
> meaning than it actually was.
>
> https://fedorahosted.org/freeipa/ticket/741
>
> Jan
Ack, pushed to master.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
___
On Tue, 18 Jan 2011 10:36:19 +0100
Jan Zelený wrote:
> Simo Sorce wrote:
> > The ipa_kpasswd daemon apparently can't listyend on udp due to an
> > error in the selinux policies.
> >
> > The attached patch fixes it.
> >
> > Simo.
>
> ack
Thanks,
pushed to master.
Simo.
--
Simo Sorce * Red
On Tue, 18 Jan 2011 10:32:36 +0100
Jan Zelený wrote:
> Simo Sorce wrote:
> > The following 2 patches enhance the ipactl command output (also
> > used in the ipa init script).
> >
> > The first patch fixes ticket #765, the second nis just for coherency
> > with other scripts like this.
> >
> >
On Tue, 18 Jan 2011 10:54:14 +0100
Jan Zelený wrote:
> Rob Crittenden wrote:
> > Set a default for maxint that matches what xmlrpclib can handle.
> > Also handle marshalling errors from xmlrpclib so users don't get a
> > backtrace.
> >
> > This was discovered by a typo in a dns serial number wh
On Tue, 18 Jan 2011 12:49:22 +0100
Martin Kosek wrote:
> When a randomly generated password contains a space character
> as the first or the last character, installation fails on
> kdb5_ldap_util calling, which does not accept that. This patch
> fixes the generator to generate space only on allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 11:15 AM, Jan Zelený wrote:
> I've already posted a patch to SSSD to keep up with this change.
>
> https://fedorahosted.org/freeipa/ticket/762
>
Nack, breaks the installation:
[18/29]: adding default layout
root: CRITICAL Fail
Pushed under the one line rule
commit c596b92591fe18d9fab924e4e34ab595ed574ca4
Author: Adam Young
Date: Tue Jan 18 08:50:23 2011 -0500
dns action controls
was adding the action controls to multiple lines. Now only one
diff --git a/install/static/policy.js b/install/static/policy.js
On 01/18/2011 08:37 AM, Pavel Zuna wrote:
Fix #797
Pavel
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACK
___
Freeipa-devel mailing list
Fre
On 01/18/2011 08:38 AM, Pavel Zuna wrote:
There's no such thing as "maximum" in SOA record RDATA format
according to RFC 1035 and there's also no such attribute in the schema.
Fix #788
https://bugzilla.redhat.com/show_bug.cgi?id=670343
Pavel
___
F
On 1/18/2011 10:01 PM, Rob Crittenden wrote:
After this patch is applied running,
jsl -conf jsl.conf
Will report no errors. Running clean is then a requirement for
committing patches to the javascript code base
Should this be done as part of the build process or are we going to make
individu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 01:48 AM, Simo Sorce wrote:
>
> Fix a ipa-join segfault due to improper handling of NULL credentials.
>
> Fixes ticket #783.
>
> Simo.
>
Ack
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with F
On 01/18/2011 10:36 AM, Endi Sukma Dewata wrote:
On 1/18/2011 10:01 PM, Rob Crittenden wrote:
After this patch is applied running,
jsl -conf jsl.conf
Will report no errors. Running clean is then a requirement for
committing patches to the javascript code base
Should this be done as part of
Hi,
The attached patch addresses this bug:
https://fedorahosted.org/freeipa/ticket/639
The add dialogs for Hosts and Services have been updated to include
a checkbox to force adding hosts/services that are not in DNS.
The widgets has been updated to support tooltips.
--
Endi S. Dewata
From dd2
On 01/18/2011 02:38 AM, Endi Sukma Dewata wrote:
Hi,
The message and buttons in the unprovision dialog box have been
updated according to the latest spec.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo
On 01/18/2011 02:10 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch addresses item #5 of this bug:
https://fedorahosted.org/freeipa/ticket/670
A new CSS class has been added for buttons without icons. The
IPA.button() has been modified to use this class if there is
no icons specified.
___
On 01/18/2011 02:07 AM, Endi Sukma Dewata wrote:
Hi,
The attached patch is a further adjustment for item #3 of this bug:
https://fedorahosted.org/freeipa/ticket/670
The status panel for certificates and Kerberos keys has been
modified to display only the current status with the relevant buttons
On Tue, 18 Jan 2011 16:31:21 +0100
Jakub Hrozek wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 01/18/2011 11:15 AM, Jan Zelený wrote:
> > I've already posted a patch to SSSD to keep up with this change.
> >
> > https://fedorahosted.org/freeipa/ticket/762
> >
>
> Nack, breaks
On Tue, 18 Jan 2011 16:37:58 +0100
Jakub Hrozek wrote:
> On 01/18/2011 01:48 AM, Simo Sorce wrote:
> >
> > Fix a ipa-join segfault due to improper handling of NULL
> > credentials.
> >
> > Fixes ticket #783.
> >
> > Simo.
> >
>
> Ack
Thanks,
pushed to master.
Simo.
--
Simo Sorce * Red
On 1/18/2011 11:50 PM, Adam Young wrote:
The message and buttons in the unprovision dialog box have been
updated according to the latest spec.
ACK, but fix the jsl warnings before pushing.
Fixed and pushed to master.
--
Endi S. Dewata
___
Freeipa
On 1/18/2011 10:42 PM, Endi Sukma Dewata wrote:
The attached patch addresses this bug:
https://fedorahosted.org/freeipa/ticket/639
The add dialogs for Hosts and Services have been updated to include
a checkbox to force adding hosts/services that are not in DNS.
The widgets has been updated to s
Fix #799
Pavel
>From e97aa6d78e0ec32b160bf17deb894b1ba091541c Mon Sep 17 00:00:00 2001
From: Pavel Zuna
Date: Tue, 18 Jan 2011 15:33:40 -0500
Subject: [PATCH 1/2] Fix updating of DNS records by the host plugin.
Fix #799
---
ipalib/plugins/host.py | 10 +-
1 files changed, 5 insertion
Fix #798
Pavel
>From a013e19957b33ca84102efdc0be7448eb3a83423 Mon Sep 17 00:00:00 2001
From: Pavel Zuna
Date: Tue, 18 Jan 2011 15:43:07 -0500
Subject: [PATCH 2/2] Fix password/random logic in host plugin.
Fix #798
---
ipalib/plugins/host.py | 15 +--
1 files changed, 9 insertions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 06:26 PM, Pavel Zuna wrote:
> Fix #799
>
> Pavel
>
Ack (fast ack as I tested the patch off-list before Pavel sent it)
I didn't see the bug during my testing as I only develop against real
Apache installation where this works OK. Pavel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 06:27 PM, Pavel Zuna wrote:
> Fix #798
>
> Pavel
>
Ack (again, fast ack because I tested off-list before sending)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozde
On 01/18/2011 12:24 PM, Endi Sukma Dewata wrote:
On 1/18/2011 10:42 PM, Endi Sukma Dewata wrote:
The attached patch addresses this bug:
https://fedorahosted.org/freeipa/ticket/639
The add dialogs for Hosts and Services have been updated to include
a checkbox to force adding hosts/services that
On 1/19/2011 12:37 AM, Adam Young wrote:
ACK
Pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 01/18/2011 10:34 AM, Adam Young wrote:
On 01/18/2011 08:37 AM, Pavel Zuna wrote:
Fix #797
Pavel
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
ACK
_
On 01/18/2011 10:35 AM, Adam Young wrote:
On 01/18/2011 08:38 AM, Pavel Zuna wrote:
There's no such thing as "maximum" in SOA record RDATA format
according to RFC 1035 and there's also no such attribute in the schema.
Fix #788
https://bugzilla.redhat.com/show_bug.cgi?id=670343
Pavel
__
On 01/18/2011 12:32 PM, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 06:26 PM, Pavel Zuna wrote:
Fix #799
Pavel
Ack (fast ack as I tested the patch off-list before Pavel sent it)
I didn't see the bug during my testing as I only develop against real
Apache
On 01/18/2011 12:32 PM, Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/18/2011 06:27 PM, Pavel Zuna wrote:
Fix #798
Pavel
Ack (again, fast ack because I tested off-list before sending)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using Gn
From c7c5923cf0a22bef89500f9edd54048e3d0217e9 Mon Sep 17 00:00:00 2001
From: Adam Young
Date: Tue, 18 Jan 2011 13:30:17 -0500
Subject: [PATCH] enroll dialog layout
we were squeezing the buttons in the middle of the page. This patch shrinks the two boxes on either side and centers the buttons.
From 5351caf92d3942f094ee8c934994eabd24979d8d Mon Sep 17 00:00:00 2001
From: Adam Young
Date: Tue, 18 Jan 2011 14:16:23 -0500
Subject: [PATCH] update API
removal of idnssoamaximum from dns APIs broke the build. THis fixes it.
---
API.txt |9 +++--
1 files changed, 3 insertions(+), 6
Adam Young wrote:
ack, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Rob Crittenden wrote:
Jan Zeleny wrote:
Rob Crittenden wrote:
Update kerberos password policy values on LDAP binds. This is so
locked-out accounts in kerberos don't try things using LDAP instead.
On a failed bind this will update krbLoginFailedCount and
krbLastFailedAuth and will potentially f
Attached is a rough cut of a patch to try to speed up the cli a little
bit. Basically in production mode it will skip some things during
initialization.
My concept is that we develop in mode != production and release in mode
== production.
I managed to knock a second or so off time to do a u
Rob Crittenden wrote:
Attached is a rough cut of a patch to try to speed up the cli a little
bit. Basically in production mode it will skip some things during
initialization.
My concept is that we develop in mode != production and release in mode
== production.
I managed to knock a second or so
On 01/18/2011 05:35 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
Attached is a rough cut of a patch to try to speed up the cli a little
bit. Basically in production mode it will skip some things during
initialization.
My concept is that we develop in mode != production and release in mode
==
We need to use authenticated lda binds in init scripts as otherwise
starting components fails when the option to restrict anonymous access
to ldap is set.
In order to do that we need to also start the KDC unconditionally, so
it has been removed form the list of services retrieved from ldap and
al
Pushed under the one liner rule
[ayoung@ayoung freeipa]$ git show HEAD
commit bc27191db6c00a89ec7f8bd8a88389dd6fa9bb90
Author: Adam Young
Date: Tue Jan 18 17:57:15 2011 -0500
background into Makefile
diff --git a/install/static/Makefile.am b/install/static/Makefile.am
index 998c4ff..d6a9
Rob Crittenden wrote:
Rob Crittenden wrote:
Attached is a rough cut of a patch to try to speed up the cli a little
bit. Basically in production mode it will skip some things during
initialization.
My concept is that we develop in mode != production and release in mode
== production.
I managed
49 matches
Mail list logo