Few test hints are attached to the ticket.
---
ldap2 plugin returns NotFound error for find_entries/get_entry
queries when the server did not manage to return an entry
due to time limits. This may be confusing for user when the
entry he searches actually exists.
This patch fixes the behavior in
On 04/09/2012 03:55 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2585: ipa permission-add throws
internal server error when name contains '', '' or other special
characters.
The problem is, of course, proper escaping; not only in DNs but also in
ACIs.
On 04/05/2012 04:54 PM, Endi Sukma Dewata wrote:
On 3/29/2012 7:46 AM, Petr Vobornik wrote:
This patch is changing netgroup web ui to look more like hbac or sudo
rule UI. This change allows to define and display user category, host
category and external host.
The core of the change is changing
On 04/05/2012 04:55 PM, Endi Sukma Dewata wrote:
On 4/4/2012 2:18 AM, Petr Vobornik wrote:
It could lead to state where attributes from other object type were
displayed instead of the correct ones.
https://fedorahosted.org/freeipa/ticket/2590
ACK.
Pushed to master, ipa-2-2.
--
Petr
On 4/5/2012 10:58 AM, Petr Vobornik wrote:
Revised patch 118 attached.
I used:
* Forward first
* Forward only
and set 'default_value' to 'first'. So there would be always some value
checked, which indicates what is actually used. There is a little issue
with undo button if policy is not set ''
Petr Viktorin wrote:
On 04/09/2012 03:55 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2585: ipa permission-add throws
internal server error when name contains '', '' or other special
characters.
The problem is, of course, proper escaping; not only in
On 04/10/2012 03:39 PM, Endi Sukma Dewata wrote:
On 4/5/2012 10:58 AM, Petr Vobornik wrote:
Revised patch 118 attached.
I used:
* Forward first
* Forward only
and set 'default_value' to 'first'. So there would be always some value
checked, which indicates what is actually used. There is a
I'm aware that we have backwards compatibility requirements so we have
to stick with unfortunate decisions, but I wanted you to know what I
think. Please tell me I'm wrong!
It is not clear what --{set,add,del}attr and friends should do. On the
one hand they should be powerful -- presumably
On 04/10/2012 03:46 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 04/09/2012 03:55 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2585: ipa permission-add throws
internal server error when name contains '', '' or other special
characters.
The
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we have
to stick with unfortunate decisions, but I wanted you to know what I
think. Please tell me I'm wrong!
It is not clear what --{set,add,del}attr and friends should do. On the
one hand
On 04/06/2012 10:11 AM, John Dennis wrote:
On 04/06/2012 04:40 AM, Martin Kosek wrote:
1) We still crash when the parameter is empty. We may want to make it
required (the same fix Rob did for cert rejection reason):
# echo secret123 | ipa migrate-ds ldap://vm-054.idm.lab.bos.redhat.com
On 10.4.2012 17:03, John Dennis wrote:
On 04/06/2012 10:11 AM, John Dennis wrote:
On 04/06/2012 04:40 AM, Martin Kosek wrote:
1) We still crash when the parameter is empty. We may want to make it
required (the same fix Rob did for cert rejection reason):
# echo secret123 | ipa migrate-ds
On 04/10/2012 05:03 PM, Jan Cholasta wrote:
To be functionally complete, we should also add validated equivalents of
--{add,del}attr to *-mod commands for all multivalue params (think
--add-param and --del-param for each --param).
We need something like that anyway. Requiring users to learn
On Mon, 2012-04-09 at 23:54 -0400, Rob Crittenden wrote:
Password history wasn't working because the qsort comparison function
was comparing pointers, not data. This resulted in a random element
being removed from the history on overflow rather than the oldest.
We sort in reverse so we
Fix --setattr to work on no_update params.
https://fedorahosted.org/freeipa/ticket/2616
--
PetrĀ³
From b22c159e4f4c3d411850b30267fce61e56100acd Mon Sep 17 00:00:00 2001
From: Petr Viktorin pvikt...@redhat.com
Date: Tue, 10 Apr 2012 07:44:21 -0400
Subject: [PATCH] Convert --setattr values for
On 04/10/2012 05:31 PM, Petr Viktorin wrote:
On 04/10/2012 05:03 PM, Jan Cholasta wrote:
On 04/10/2012 05:31 PM, Petr Viktorin wrote:
tl;dr: --setattr work on IPA-managed attributes (with validation) is a
mistake.
+1
It adds no functionality, only complexity. We don't want people
to use
Problem:
In the Privilege page, can list Permissions. This Shows Results for
Direct
Membership. But there is an option to list this for Indirect Membership
also.
There isn't a way to nest permissions, so this option is not needed.
Solution:
This patch removes the memberofindirect_persmission
On Tue, 2012-04-10 at 11:03 -0400, John Dennis wrote:
On 04/06/2012 10:11 AM, John Dennis wrote:
On 04/06/2012 04:40 AM, Martin Kosek wrote:
1) We still crash when the parameter is empty. We may want to make it
required (the same fix Rob did for cert rejection reason):
# echo secret123
https://fedorahosted.org/freeipa/ticket/2571
The update was failing because of the case insensitivity of permission
object DN.
--
Regards,
Ondrej Hamada
FreeIPA team
jabber: oh...@jabbim.cz
IRC: ohamada
From 75772d91024d961fc4193654a8ca128664b2d4d5 Mon Sep 17 00:00:00 2001
From: Ondrej Hamada
On Tue, 2012-04-10 at 17:03 +0200, Jan Cholasta wrote:
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we have
to stick with unfortunate decisions, but I wanted you to know what I
think. Please tell me I'm wrong!
It is not
On 04/09/2012 05:24 PM, John Dennis wrote:
On 03/30/2012 08:57 AM, Petr Viktorin wrote:
On 03/30/2012 02:41 AM, John Dennis wrote:
On 03/28/2012 04:40 AM, Petr Viktorin wrote:
Can install/po/Makefile just call test_i18n.py from the tests/ tree? It
doesn't import any IPA code so there's no
On 04/10/2012 07:07 PM, Martin Kosek wrote:
On Tue, 2012-04-10 at 17:03 +0200, Jan Cholasta wrote:
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we have
to stick with unfortunate decisions, but I wanted you to know what I
think. Please
Petr Viktorin wrote:
On 04/10/2012 07:07 PM, Martin Kosek wrote:
On Tue, 2012-04-10 at 17:03 +0200, Jan Cholasta wrote:
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we have
to stick with unfortunate decisions, but I wanted you to know
On Tue, Apr 10, 2012 at 10:25 AM, Petr Viktorin pvikt...@redhat.com wrote:
On 04/10/2012 07:07 PM, Martin Kosek wrote:
On Tue, 2012-04-10 at 17:03 +0200, Jan Cholasta wrote:
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we have
to
On 04/10/2012 01:48 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 04/10/2012 07:07 PM, Martin Kosek wrote:
On Tue, 2012-04-10 at 17:03 +0200, Jan Cholasta wrote:
On 10.4.2012 16:00, Petr Viktorin wrote:
I'm aware that we have backwards compatibility requirements so we
have
to stick with
Petr Viktorin wrote:
On 04/10/2012 03:46 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 04/09/2012 03:55 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2585: ipa permission-add
throws
internal server error when name contains '', '' or other special
Petr Viktorin wrote:
Fix --setattr to work on no_update params.
https://fedorahosted.org/freeipa/ticket/2616
ACK, pushed to master and ipa-2-2
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Petr Vobornik wrote:
Problem:
In the Privilege page, can list Permissions. This Shows Results for
Direct
Membership. But there is an option to list this for Indirect Membership
also.
There isn't a way to nest permissions, so this option is not needed.
Solution:
This patch removes the
Ondrej Hamada wrote:
https://fedorahosted.org/freeipa/ticket/2571
The update was failing because of the case insensitivity of permission
object DN.
Can you wrap the error in _() and add a couple of test cases for this,
say one for the case insensitivity and one for empty rename attempt?
Petr Viktorin wrote:
On 03/30/2012 11:00 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/26/2012 05:35 PM, Petr Viktorin wrote:
On 03/26/2012 04:54 PM, Rob Crittenden wrote:
Some minor compliants.
Ideally, there would be a routine that sets up the logging and handles
command-line
On Fri, 2012-04-06 at 10:22 +0200, Martin Kosek wrote:
On Thu, 2012-04-05 at 16:47 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On Tue, 2012-04-03 at 10:45 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2012-04-02 at 15:36
On 04/10/2012 04:48 PM, Martin Kosek wrote:
On Fri, 2012-04-06 at 10:22 +0200, Martin Kosek wrote:
On Thu, 2012-04-05 at 16:47 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On Tue, 2012-04-03 at 10:45 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek
Martin Kosek wrote:
On Fri, 2012-04-06 at 10:22 +0200, Martin Kosek wrote:
On Thu, 2012-04-05 at 16:47 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On Tue, 2012-04-03 at 10:45 -0400, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On Mon,
33 matches
Mail list logo