On Mon, 2012-06-04 at 23:49 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Fri, 2012-05-25 at 17:14 +0200, Martin Kosek wrote:
> >> On Fri, 2012-05-25 at 09:25 -0400, Rob Crittenden wrote:
> >>> Martin Kosek wrote:
> This set of patches handles enabling psearch both for new installa
On Tue, 2012-06-05 at 14:44 +0930, William Brown wrote:
> > I think the example should be something like:
> >
> > Modify the zone to allow dynamic updates for hosts own records in
> > realm EXAMPLE.COM:
> >ipa dnszone-mod example.com --dynamic-update=TRUE
> >
> > This is the equivalent of
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
> On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
> > An update plugin needed root privileges, and aborted the update if an
> > ordinary user user ran it.
> > With this patch the plugin is skipped with a warning in that case.
> >
> > ht
Pushed under the one-liner rule.
---
Help should not point to global forwarders but rather to per-zone
conditional forwarders.
https://fedorahosted.org/freeipa/ticket/2717
>From a39f4d0bebc1ff1d63099ca18fef3a52c595b6de Mon Sep 17 00:00:00 2001
From: Martin Kosek
Date: Tue, 5 Jun 2012 10:42:43
On 06/05/2012 10:06 AM, Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An update plugin needed root privileges, and aborted the update if an
ordinary user user ran it.
With this patch the plugin is skipped with a
On Mon, Jun 04, 2012 at 03:32:36PM +0300, Alexander Bokovoy wrote:
> On Mon, 04 Jun 2012, Martin Kosek wrote:
> >I did another round of testing and this is what I found so far:
> >
> >1) freeipa.spec.in was missing python-crypto BuildRequires (you fixed
> >that)
> >
> >2) Unit tests need to be upda
Raise an error when trying to delete the last user from the 'admins'
group
The 'admin' group name seems like something that shouldn't be hardcoded,
but that's how it's done in the webui and some of our ACIs, and I don't
see another solution short of adding a new attribute.
https://fedorahost
On Mon, 2012-06-04 at 22:59 -0400, Rob Crittenden wrote:
> Simo Sorce wrote:
> > The original ldap driver we used up to 2.2 had 2 options admins could
> > set to limit the amount of writes to the database on certain auditing
> > related operations.
> > In particular disable_last_success is really i
On 06/05/2012 05:01 AM, Rob Crittenden wrote:
Petr Vobornik wrote:
On 05/29/2012 11:29 PM, Rob Crittenden wrote:
Petr Vobornik wrote:
IPA web UI isn't functional when browser doesn't send http headers.
This patch adds a functionality which sets Firefox
network.http.sendRefererHeader configura
Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An update plugin needed root privileges, and aborted the update if an
ordinary user user ran it.
With this patch the plugin is skipped with a warning in that case.
h
Petr Viktorin wrote:
On 06/05/2012 10:06 AM, Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An update plugin needed root privileges, and aborted the update if an
ordinary user user ran it.
With this patch the plu
On Fri, June 1, 2012 15:24, Simo Sorce wrote:
> This is about Ticket 1978 (originally rhbz746036).
>
>
> This RFE asks for storing private SSH Host Keys in FreeIPA.
>
>
> We have been triaging this ticket today, and I have to admit I am biased
> toward simply closing down the ticket.
>
> However
This set of patches
1) Adds a support for uni-directional remote membership to baseldap
plugin (like service->host membership in service managedby attribute) -
patch 272
2) Adds a support for service->host membership to host plugin using the
new interface - patch 273
Martin
>From a1e3928f4d747c33f
On 06/05/2012 03:00 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 06/05/2012 10:06 AM, Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An update plugin needed root privileges, and aborted the update if an
ord
Petr Viktorin wrote:
On 06/05/2012 03:00 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 06/05/2012 10:06 AM, Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An update plugin needed root privileges, and aborte
2012/6/5 Sigbjorn Lie
>
>
> On Fri, June 1, 2012 15:24, Simo Sorce wrote:
> > This is about Ticket 1978 (originally rhbz746036).
> >
> >
> > This RFE asks for storing private SSH Host Keys in FreeIPA.
> >
> >
> > We have been triaging this ticket today, and I have to admit I am biased
> > toward
- Original Message -
> On Mon, Jun 04, 2012 at 03:32:36PM +0300, Alexander Bokovoy wrote:
> > On Mon, 04 Jun 2012, Martin Kosek wrote:
> > >I did another round of testing and this is what I found so far:
> > >
> > >1) freeipa.spec.in was missing python-crypto BuildRequires (you
> > >fixed
>
On 06/05/2012 04:18 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 06/05/2012 03:00 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 06/05/2012 10:06 AM, Martin Kosek wrote:
On Mon, 2012-06-04 at 11:51 -0400, Simo Sorce wrote:
On Mon, 2012-06-04 at 17:22 +0200, Petr Viktorin wrote:
An u
If I understood correctly the json_exclude_attrs already defines the
list of attributes to be excluded, so is it still necessary to define
json_only_presence_options which basically will remove all attributes
except name? Suppose later you're writing the UI console where you can
type the CLI co
Here is a tool that can be used to configure automount in an IPA client.
It can use either SSSD or autofs for automount. It also configures NFSv4
on the client so secure maps will work.
rob
>From 4229bd509164ea2ae00a6fb76cfc3b2a174a4847 Mon Sep 17 00:00:00 2001
From: Rob Crittenden
Date: Tue,
JR Aquino wrote:
On Feb 28, 2012, at 10:43 AM, JR Aquino wrote:
On Feb 23, 2012, at 3:56 PM, JR Aquino wrote:
ipa-server-install has a method for validating forward and reverse via
ipaserver/install/installutils.py
ipa-client-install does not currently have an equivalent
This patch adds vali
Rob Crittenden wrote:
JR Aquino wrote:
When making adjustments to increase the bind security settings of a
FreeIPA server, it is best practice to inherit those settings when
installing a new replica server.
Inherit the following bind security settings when performing a replica
install:
'nsslapd
On 06/05/2012 04:38 PM, Jérôme Fenal wrote:
2012/6/5 Sigbjorn Lie mailto:sigbj...@nixtra.com>>
On Fri, June 1, 2012 15:24, Simo Sorce wrote:
> This is about Ticket 1978 (originally rhbz746036).
>
>
> This RFE asks for storing private SSH Host Keys in FreeIPA.
>
>
Martin Kosek wrote:
This set of patches
1) Adds a support for uni-directional remote membership to baseldap
plugin (like service->host membership in service managedby attribute) -
patch 272
2) Adds a support for service->host membership to host plugin using the
new interface - patch 273
Martin
Petr Viktorin wrote:
Raise an error when trying to delete the last user from the 'admins'
group
The 'admin' group name seems like something that shouldn't be hardcoded,
but that's how it's done in the webui and some of our ACIs, and I don't
see another solution short of adding a new attribute.
On 06/05/2012 05:02 PM, Sigbjorn Lie wrote:
> On 06/05/2012 04:38 PM, Jérôme Fenal wrote:
>> 2012/6/5 Sigbjorn Lie mailto:sigbj...@nixtra.com>>
>>
>>
>>
>> On Fri, June 1, 2012 15:24, Simo Sorce wrote:
>> > This is about Ticket 1978 (originally rhbz746036).
>> >
>> >
>> > This R
On Tue, 2012-06-05 at 17:35 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > This set of patches
> > 1) Adds a support for uni-directional remote membership to baseldap
> > plugin (like service->host membership in service managedby attribute) -
> > patch 272
> > 2) Adds a support for service-
27 matches
Mail list logo