On 09/04/2012 07:44 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2845
Shouldn't this also call verify_fqdn() on the local hostname and not
just the master? I think this would eventually fail in the conncheck but
what if that was skipped?
rob
A few
On 09/05/2012 12:36 PM, Jan Cholasta wrote:
Dne 5.9.2012 12:22, Petr Spacek napsal(a):
On 09/05/2012 11:30 AM, Jan Cholasta wrote:
Dne 5.9.2012 10:04, Martin Kosek napsal(a):
We allowed IP addresses without network specification which lead
to unexpected results when the zone was being
Dne 5.9.2012 12:48, Martin Kosek napsal(a):
On 09/05/2012 12:36 PM, Jan Cholasta wrote:
Dne 5.9.2012 12:22, Petr Spacek napsal(a):
On 09/05/2012 11:30 AM, Jan Cholasta wrote:
Dne 5.9.2012 10:04, Martin Kosek napsal(a):
We allowed IP addresses without network specification which lead
to
On Tue, Aug 14, 2012 at 04:00:21PM +0200, Petr Spacek wrote:
Hello,
this patch fixes $SUBJ$.
Adam, please double-check correctness of this change.
I had two assumptions:
- all locking is done inside dns_db_(un)register() functions
- LDAP instances are decommissioned before
On Wed, Sep 05, 2012 at 01:02:35PM +0200, Jan Cholasta wrote:
Dne 5.9.2012 12:48, Martin Kosek napsal(a):
On 09/05/2012 12:36 PM, Jan Cholasta wrote:
Dne 5.9.2012 12:22, Petr Spacek napsal(a):
On 09/05/2012 11:30 AM, Jan Cholasta wrote:
Dne 5.9.2012 10:04, Martin Kosek napsal(a):
We allowed
On 09/05/2012 01:06 PM, Adam Tkac wrote:
On Wed, Sep 05, 2012 at 01:02:35PM +0200, Jan Cholasta wrote:
Dne 5.9.2012 12:48, Martin Kosek napsal(a):
On 09/05/2012 12:36 PM, Jan Cholasta wrote:
Dne 5.9.2012 12:22, Petr Spacek napsal(a):
On 09/05/2012 11:30 AM, Jan Cholasta wrote:
Dne 5.9.2012
On Wed, Aug 15, 2012 at 01:20:08PM +0200, Petr Spacek wrote:
Hello,
this two patches solves upstream ticket
https://fedorahosted.org/bind-dyndb-ldap/ticket/71
Log successful reconnect
Patch 51:
Adds log_info(): logging facility with log level INFO.
Ack.
Patch 52:
Logs
On Wed, Aug 15, 2012 at 01:23:45PM +0200, Petr Spacek wrote:
Hello,
current code return very generic ISC_R_FAILURE code in nearly all (error)
cases.
This patch distinguishes between different LDAP errors and returns
richer set of return codes from LDAP connection error handling code.
On 09/05/2012 12:26 PM, Petr Viktorin wrote:
On 09/05/2012 12:14 PM, Petr Viktorin wrote:
This works well, but please see some comments below.
On 09/04/2012 04:22 PM, Martin Kosek wrote:
To test, simply run the following command:
ipa dnszone-mod example.com --serial=4294967295
This
On 09/05/2012 01:02 PM, Adam Tkac wrote:
On Tue, Aug 14, 2012 at 04:00:21PM +0200, Petr Spacek wrote:
Hello,
this patch fixes $SUBJ$.
Adam, please double-check correctness of this change.
I had two assumptions:
- all locking is done inside dns_db_(un)register() functions
- LDAP instances are
On 09/05/2012 01:18 PM, Martin Kosek wrote:
You are right, IPv6 networks could have default /64 prefix. However as I wrote
in different mail, I don't recommend to use default IPv4 prefix at all because
FreeIPA targets for company environments where /24 is not so common, not for
home
On 09/03/2012 05:12 PM, Tomas Babej wrote:
Hi,
Both selinuxusermap-add and selinuxusermap-mod commands now behave
consistently in not allowing user/host category or user/host members
and HBAC rule being set at the same time. Also adds a bunch of unit
tests that check this behaviour.
Petr Viktorin wrote:
On 09/04/2012 07:44 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
https://fedorahosted.org/freeipa/ticket/2845
Shouldn't this also call verify_fqdn() on the local hostname and not
just the master? I think this would eventually fail in the conncheck but
what if that was
On 08/21/2012 03:06 PM, Simo Sorce wrote:
- Original Message -
- Original Message -
Hi,
there was an issue reported yesterday on #freeipa
(https://fedorahosted.org/freeipa/ticket/3011). It is easy to
reproduce
'kdb5_util dump' just core dumps. The attached patch adds a
On Wed, 2012-09-05 at 11:30 +0200, Jan Cholasta wrote:
Dne 5.9.2012 10:04, Martin Kosek napsal(a):
We allowed IP addresses without network specification which lead
to unexpected results when the zone was being created. We should rather
strictly require the prefix/netmask specifying the IP
On 09/05/2012 09:22 AM, Martin Kosek wrote:
On 09/05/2012 03:47 AM, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On 08/30/2012 02:53 PM, Rob Crittenden wrote:
Martin Kosek wrote:
Current objectclass updates in a form of replace update instruction
dependent on exact match
Hi,
User-unfriendly errors were caused by re-raising errors
from external python module netaddr.
https://fedorahosted.org/freeipa/ticket/2588
Tomas
From 34f3da391a8e070b29640b0ecdfed6db81b86ce2 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 5 Sep 2012 09:03:18 -0400
On 09/05/2012 03:19 PM, Tomas Babej wrote:
Hi,
User-unfriendly errors were caused by re-raising errors
from external python module netaddr.
https://fedorahosted.org/freeipa/ticket/2588
Tomas
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 09/05/2012 01:29 PM, Adam Tkac wrote:
On Wed, Aug 15, 2012 at 01:20:08PM +0200, Petr Spacek wrote:
Hello,
this two patches solves upstream ticket
https://fedorahosted.org/bind-dyndb-ldap/ticket/71
Log successful reconnect
Patch 51:
Adds log_info(): logging facility with log level
On 08/27/2012 02:40 PM, Dmitri Pal wrote:
On 08/15/2012 05:18 AM, Simo Sorce wrote:
- Original Message -
On 08/14/2012 08:25 PM, Simo Sorce wrote:
See man ldap_result, the entries return with type
LDAP_RES_SEARCH_ENTRY, the last message is instead
LDAP_RES_SEARCH_RESULT which tells
On 09/05/2012 03:42 PM, Petr Viktorin wrote:
On 09/05/2012 03:19 PM, Tomas Babej wrote:
Hi,
User-unfriendly errors were caused by re-raising errors
from external python module netaddr.
https://fedorahosted.org/freeipa/ticket/2588
Tomas
___
On Wed, Sep 05, 2012 at 03:53:36PM +0200, Petr Spacek wrote:
On 09/05/2012 01:29 PM, Adam Tkac wrote:
On Wed, Aug 15, 2012 at 01:20:08PM +0200, Petr Spacek wrote:
Hello,
this two patches solves upstream ticket
https://fedorahosted.org/bind-dyndb-ldap/ticket/71
Log successful reconnect
On 09/05/2012 04:37 PM, Adam Tkac wrote:
On Wed, Sep 05, 2012 at 03:53:36PM +0200, Petr Spacek wrote:
On 09/05/2012 01:29 PM, Adam Tkac wrote:
On Wed, Aug 15, 2012 at 01:20:08PM +0200, Petr Spacek wrote:
Hello,
this two patches solves upstream ticket
On 09/05/2012 01:33 PM, Adam Tkac wrote:
On Wed, Aug 15, 2012 at 01:23:45PM +0200, Petr Spacek wrote:
Hello,
current code return very generic ISC_R_FAILURE code in nearly all (error) cases.
This patch distinguishes between different LDAP errors and returns
richer set of return codes from LDAP
On 9/3/2012 5:59 AM, Petr Vobornik wrote:
Updated patch attached.
ACK.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 9/3/2012 6:28 AM, Petr Vobornik wrote:
b) force refresh when searching with unchanged filter
I did (b). Updated patch attached.
I don't want to implement 'expiration date' at the moment. It's too
widespread change. Maybe in FreeIPA 3.2.
ACK.
--
Endi S. Dewata
On 9/3/2012 8:35 AM, Petr Vobornik wrote:
Notification of success was added to:
* details facet: update
* association facet and association widget: add, delete items
* attribute facet: delete items (notification of add should be handled
in entity adder dialog)
* sudo rule: add, remove
Rob Crittenden wrote:
389-ds-base added logging if the entry cache is smaller than the
database so users will know they need to tune their DS install. Set this
as the minimum for IPA.
rob
Rebased patch.
rob
From 131a95cf91bf1026f7afb2aa73251c92fc7e9822 Mon Sep 17 00:00:00 2001
From: Rob
Rob Crittenden wrote:
Martin Kosek wrote:
On 07/05/2012 08:39 PM, Rob Crittenden wrote:
Martin Kosek wrote:
On 07/03/2012 04:41 PM, Rob Crittenden wrote:
Deleting a replica can leave a replication vector (RUV) on the
other servers.
This can confuse things if the replica is re-added, and it
Add support for the 389-ds posix winsync plugin. This plugin will sync
the POSIX attributes from AD. We need to avoid trying to re-add them in
our plugin.
rob
From 2e1648eb60dfee7b0e3cbee679457f5e5c0fb4d0 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Fri, 31 Aug 2012
On 09/05/2012 12:08 PM, Rob Crittenden wrote:
Add support for the 389-ds posix winsync plugin. This plugin will sync
the POSIX attributes from AD. We need to avoid trying to re-add them
in our plugin.
ack
rob
___
Freeipa-devel mailing list
On 9/3/2012 11:05 AM, Petr Vobornik wrote:
This patch is changing confirmation of actions according to ticket
#3035, see the ticket description.
It does following changes:
* Confirmation of update action was removed.
* Action lists resets to first action (which is usually a NOP: '--
select
Martin Kosek wrote:
On 09/05/2012 09:22 AM, Martin Kosek wrote:
On 09/05/2012 03:47 AM, Rob Crittenden wrote:
Rob Crittenden wrote:
Martin Kosek wrote:
On 08/30/2012 02:53 PM, Rob Crittenden wrote:
Martin Kosek wrote:
Current objectclass updates in a form of replace update instruction
Martin Kosek wrote:
On 08/31/2012 04:53 PM, Petr Viktorin wrote:
On 08/28/2012 03:40 PM, Petr Viktorin wrote:
On 08/17/2012 06:04 PM, Ade Lee wrote:
On Fri, 2012-08-17 at 09:34 -0400, Ade Lee wrote:
On Thu, 2012-08-16 at 18:45 +0200, Martin Kosek wrote:
On 08/16/2012 01:28 PM, Ade Lee
On Wed, Aug 29, 2012 at 08:48:32AM -0400, Ade Lee wrote:
Incidentally, I ran this in permmissive selinux mode. The following
rules are required to be added:
#= certmonger_t ==
corenet_tcp_connect_http_cache_port(certmonger_t)
Jan Cholasta wrote:
Hi,
this patch changes the format of the sshpubkey parameter to the format
used by OpenSSH (see sshd(8)).
Public keys in the old format (raw RFC 4253 blob) are automatically
converted to OpenSSH-style public keys. OpenSSH-style public keys are
now stored in LDAP.
Changed
On Wed, 2012-09-05 at 16:43 -0400, Nalin Dahyabhai wrote:
On Wed, Aug 29, 2012 at 08:48:32AM -0400, Ade Lee wrote:
Incidentally, I ran this in permmissive selinux mode. The following
rules are required to be added:
#= certmonger_t ==
On 9/5/2012 3:14 AM, Petr Vobornik wrote:
Format of ipasshpubkey in users and hosts changed from BYTES to STR. Web
UI no longer gets the value as base64 encoded string in an object.
Label was changed to reflect that the key don't have to be plain base64
encoded blob.
On 9/5/2012 9:08 AM, Petr Vobornik wrote:
Integers were missing most of minimum checks and Decimals boundaries
weren't checked at all in Web UI.
First part is done in ipalib, second in Web UI.
1) [PATCH] 206 Fixed metadata serialization of Numbers and DNs:
There were following problems:
1. DNs
On Wed, Sep 05, 2012 at 05:08:12PM -0400, Ade Lee wrote:
On Wed, 2012-09-05 at 16:43 -0400, Nalin Dahyabhai wrote:
On Wed, Aug 29, 2012 at 08:48:32AM -0400, Ade Lee wrote:
Incidentally, I ran this in permmissive selinux mode. The following
rules are required to be added:
On Wed, 2012-09-05 at 17:08 -0400, Ade Lee wrote:
On Wed, 2012-09-05 at 16:43 -0400, Nalin Dahyabhai wrote:
On Wed, Aug 29, 2012 at 08:48:32AM -0400, Ade Lee wrote:
Incidentally, I ran this in permmissive selinux mode. The following
rules are required to be added:
#=
On 9/5/2012 10:00 AM, Petr Vobornik wrote:
While deleting an entry it now resets a facet if there are unsaved
changes. It prevents pop up of various error dialogs when UI tries to
redirect to search page after successful delete.
https://fedorahosted.org/freeipa/ticket/3047
ACK.
--
Endi S.
On Wed, 2012-09-05 at 17:44 -0400, Simo Sorce wrote:
On Wed, 2012-09-05 at 17:08 -0400, Ade Lee wrote:
On Wed, 2012-09-05 at 16:43 -0400, Nalin Dahyabhai wrote:
On Wed, Aug 29, 2012 at 08:48:32AM -0400, Ade Lee wrote:
Incidentally, I ran this in permmissive selinux mode. The following
On Wed, 2012-09-05 at 16:20 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On 08/31/2012 04:53 PM, Petr Viktorin wrote:
On 08/28/2012 03:40 PM, Petr Viktorin wrote:
On 08/17/2012 06:04 PM, Ade Lee wrote:
On Fri, 2012-08-17 at 09:34 -0400, Ade Lee wrote:
On Thu, 2012-08-16 at 18:45
44 matches
Mail list logo