On Tue, 2012-02-07 at 16:49 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Wed, 2012-02-01 at 16:45 -0500, Rob Crittenden wrote:
> >> We had code all over the place to handle adding and removing external
> >> members from a variety of attributes. I consolidated these all into two
> >> fu
On Tue, 2012-02-07 at 15:37 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Mon, 2012-01-30 at 10:50 -0500, Rob Crittenden wrote:
> >> Rob Crittenden wrote:
> >>> Alexander Bokovoy wrote:
> On Mon, 30 Jan 2012, Rob Crittenden wrote:
> >> Yes, this was my first suggestion. I menti
On 02/07/2012 10:31 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 02/07/2012 01:52 PM, Petr Viktorin wrote:
Honor the default home directory base when creating a new user. Test
included. I also cleaned up the way home directory was created.
This patch removes the default from the --homedir
On Tue, 2012-02-07 at 17:04 +0100, Ondrej Hamada wrote:
> On 02/06/2012 05:03 PM, Martin Kosek wrote:
> > On Mon, 2012-02-06 at 12:14 +0100, Ondrej Hamada wrote:
> >> https://fedorahosted.org/freeipa/ticket/2255
> >> https://fedorahosted.org/freeipa/ticket/2286
> >> https://fedorahosted.org/freeipa
On Tue, 2012-02-07 at 18:19 -0500, Rob Crittenden wrote:
> Don't allow the 'change user password' permission to be able to reset
> the password of the admins group.
>
> rob
NACK
The admin filter works OK, user fbar (in helpdesk role) is now not able
to change admin's password:
# klist
Ticket c
https://fedorahosted.org/freeipa/ticket/2238
This patch modifies bootstrap-template.ldif to create ipausers as a
non-posix group.
--
Petr³
>From cec813fe9ff4699432dd2abb778477b5122e5a67 Mon Sep 17 00:00:00 2001
From: Petr Viktorin
Date: Wed, 8 Feb 2012 06:47:23 -0500
Subject: [PATCH] Make ipa
On Tue, 2012-02-07 at 16:31 -0500, Rob Crittenden wrote:
> Petr Viktorin wrote:
> > On 02/07/2012 01:52 PM, Petr Viktorin wrote:
> >> Honor the default home directory base when creating a new user. Test
> >> included. I also cleaned up the way home directory was created.
> >>
> >> This patch remove
On Tue, 2012-02-07 at 08:56 -0500, Rob Crittenden wrote:
> Convert from a freeform string into a enumeration.
>
> Only values currently allowed are AllowLMhash and AllowNThash.
>
> To add more than one value on the command-line specify --ipaconfigstring
> multiple times.
>
> rob
NACK
1) The p
Martin Kosek wrote:
On Tue, 2012-02-07 at 16:31 -0500, Rob Crittenden wrote:
Petr Viktorin wrote:
On 02/07/2012 01:52 PM, Petr Viktorin wrote:
Honor the default home directory base when creating a new user. Test
included. I also cleaned up the way home directory was created.
This patch remove
Martin Kosek wrote:
On Tue, 2012-02-07 at 15:37 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2012-01-30 at 10:50 -0500, Rob Crittenden wrote:
Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Mon, 30 Jan 2012, Rob Crittenden wrote:
Yes, this was my first suggestion. I mentioned
On 8.2.2012 04:23, Rob Crittenden wrote:
Jan Cholasta wrote:
Dne 7.2.2012 00:04, Rob Crittenden napsal(a):
Jan Cholasta wrote:
Updated & rebased the patches.
I have also attached a patch that Rob made:
[PATCH] Don't use sets when calculating the modlist so order is
preserved.
This is for t
On Wed, 2012-02-08 at 08:22 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Tue, 2012-02-07 at 16:31 -0500, Rob Crittenden wrote:
> >> Petr Viktorin wrote:
> >>> On 02/07/2012 01:52 PM, Petr Viktorin wrote:
> Honor the default home directory base when creating a new user. Test
>
On Wed, 2012-02-08 at 13:28 +0100, Martin Kosek wrote:
> On Tue, 2012-02-07 at 18:19 -0500, Rob Crittenden wrote:
> > Don't allow the 'change user password' permission to be able to reset
> > the password of the admins group.
> >
> > rob
>
> NACK
>
> The admin filter works OK, user fbar (in hel
On Wed, 2012-02-08 at 08:57 -0500, Simo Sorce wrote:
> On Wed, 2012-02-08 at 13:28 +0100, Martin Kosek wrote:
> > On Tue, 2012-02-07 at 18:19 -0500, Rob Crittenden wrote:
> > > Don't allow the 'change user password' permission to be able to reset
> > > the password of the admins group.
> > >
> >
Jan Cholasta wrote:
Patch 62: need a failsafe to remove CCACHE_FILE in case something goes
wrong. I should note too that this won't work on platforms prior to
Python 2.6 (RHEL-5 is one). This is fine, just means host keys won't be
automatically updated.
What exactly won't work on Python 2.6?
Martin Kosek wrote:
On Tue, 2012-02-07 at 08:56 -0500, Rob Crittenden wrote:
Convert from a freeform string into a enumeration.
Only values currently allowed are AllowLMhash and AllowNThash.
To add more than one value on the command-line specify --ipaconfigstring
multiple times.
rob
NACK
1
This patch fixes https://fedorahosted.org/freeipa/ticket/1968 (Add
ability in test framework to compare two values in result), and
documents the testsuite class.
The issue says that “We need a way to enforce that [the UID and GID] are
the same”. I assume this means that the tests will always r
On 2/6/2012 12:35 PM, John Dennis wrote:
rebased because patch 61-2 did not apply to master.
I've looked at the ipa.js, attached is a patch that fixes several issues:
1. The error_handler_login() does nothing if it gets an error other than
401, it was causing the unit tests to fail. It's supp
We currnently only support a single winsync agreement against any given
host so all we need to do is check to see if we have one with the remote
host.
This also adds some minor exception handling cleanup.
https://fedorahosted.org/freeipa/ticket/2130
This depends on my patch 935.
I have a tic
John,
Per discussion with Rob, Simo, and Adam we're considering to make these
changes:
1. For backward compatibility with curl or 3rd party apps, we should
keep the existing authentication without session in /ipa/json and /ipa/xml.
2. For the UI we can use the sessions using different URIs:
On 02/08/2012 03:23 PM, Endi Sukma Dewata wrote:
John,
Per discussion with Rob, Simo, and Adam we're considering to make these
changes:
1. For backward compatibility with curl or 3rd party apps, we should
keep the existing authentication without session in /ipa/json and /ipa/xml.
I originally
On 2/8/2012 6:29 PM, John Dennis wrote:
1. For backward compatibility with curl or 3rd party apps, we should
keep the existing authentication without session in /ipa/json and
/ipa/xml.
I originally wanted to use different URL's but was persuaded not to. I'm
happy to see this recommendation, gen
On Wed, 2012-02-08 at 11:21 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Tue, 2012-02-07 at 08:56 -0500, Rob Crittenden wrote:
> >> Convert from a freeform string into a enumeration.
> >>
> >> Only values currently allowed are AllowLMhash and AllowNThash.
> >>
> >> To add more than one
23 matches
Mail list logo