On Mon 01 Apr 2013 10:01:14 PM CEST, Rob Crittenden wrote:
Tomas Babej wrote:
On Tue 19 Feb 2013 08:37:26 PM CET, Rob Crittenden wrote:
Tomas Babej wrote:
On 02/04/2013 04:21 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 01/30/2013 05:12 PM, Tomas Babej wrote:
Hi,
The checks make sure
On 29.3.2013 15:31, Petr Viktorin wrote:
On 03/29/2013 11:20 AM, Jan Cholasta wrote:
On 29.3.2013 11:14, Jan Cholasta wrote:
Also I was able to install IPA with revoked certificates, but it doesn't
seem to break anything - the CRL specified in the certificates' CRL
distribution point is not
On Fri 08 Mar 2013 02:16:26 PM CET, Alexander Bokovoy wrote:
Hi,
http://www.freeipa.org/page/V3/MultipleTrustServers covers RFE to have
multiple domain controllers exposed to trusted domains.
Attached patch also implements needed changes for ipa-adtrust-install
part. Global trust configuration
Hi,
On 29.3.2013 17:23, Petr Vobornik wrote:
On 03/29/2013 05:10 PM, Petr Vobornik wrote:
https://fedorahosted.org/freeipa/ticket/3329
Attaching new rebased version.
It seems everything works fine, ACK.
Honza
--
Jan Cholasta
___
On 03/11/2013 10:26 AM, Martin Kosek wrote:
On 03/06/2013 01:07 PM, Petr Spacek wrote:
On 6.3.2013 09:32, Martin Kosek wrote:
+error=u'CNAME record is not allowed to coexist with
any
other record'),
Sorry for nitpicking again, but I would add note '(RFC 1034, section
On 04/02/2013 10:48 AM, Jan Cholasta wrote:
On 29.3.2013 15:31, Petr Viktorin wrote:
On 03/29/2013 11:20 AM, Jan Cholasta wrote:
On 29.3.2013 11:14, Jan Cholasta wrote:
Also I was able to install IPA with revoked certificates, but it
doesn't
seem to break anything - the CRL specified in the
On 04/02/2013 11:57 AM, Ana Krivokapic wrote:
On 03/11/2013 10:26 AM, Martin Kosek wrote:
On 03/06/2013 01:07 PM, Petr Spacek wrote:
On 6.3.2013 09:32, Martin Kosek wrote:
+error=u'CNAME record is not allowed to coexist with any
other record'),
Sorry for nitpicking again,
On 04/02/2013 11:19 AM, Tomas Babej wrote:
On Fri 08 Mar 2013 02:16:26 PM CET, Alexander Bokovoy wrote:
Hi,
http://www.freeipa.org/page/V3/MultipleTrustServers covers RFE to have
multiple domain controllers exposed to trusted domains.
Attached patch also implements needed changes for
On 03/18/2013 12:58 PM, Petr Viktorin wrote:
Hello,
While the work is not complete, these patches allowed me to install an
IPA server without a CA, using PKCS#12 files for the server certs.
The patches don't break normal installation.
The --selfsign option (but not yet the code behind it) is
On 04/02/2013 12:06 PM, Petr Viktorin wrote:
On 04/02/2013 12:05 PM, Petr Viktorin wrote:
On 04/02/2013 10:48 AM, Jan Cholasta wrote:
On 29.3.2013 15:31, Petr Viktorin wrote:
On 03/29/2013 11:20 AM, Jan Cholasta wrote:
On 29.3.2013 11:14, Jan Cholasta wrote:
Also I was able to install IPA
On 03/29/2013 06:33 PM, Petr Viktorin wrote:
On 03/29/2013 06:17 PM, Petr Vobornik wrote:
Hello,
attaching Web UI part.
Petr
Works well for me, if someone can check if the Javascript looks fine then ACK.
I think that functional review is OK in this case, there are no architectonic
Ana Krivokapic wrote:
On 03/29/2013 04:00 PM, Tomas Babej wrote:
On 03/29/2013 03:48 PM, Ana Krivokapic wrote:
On 03/29/2013 03:11 PM, Tomas Babej wrote:
On 03/29/2013 02:15 PM, Ana Krivokapic wrote:
On 03/26/2013 04:59 PM, Tomas Babej wrote:
Hi,
The ipa-replica-install script tries to add
On 03/22/2013 01:10 PM, Petr Viktorin wrote:
The design page for CA-less installation with user-provided SSL certs is
available at http://freeipa.org/page/V3/CA-less_install. I've also
copied it to this mail.
Does it answer all your questions?
Since the patches were pushed, I've linked the
On 03/20/2013 05:11 PM, Petr Viktorin wrote:
Here is a RFE for https://fedorahosted.org/freeipa/ticket/3494.
It's for dropping the --selfsign option from ipa-server-install. The
functionality itself stays in for now (on upgraded self-signed masters).
http://freeipa.org/page/V3/Drop_selfsign
On 22.3.2013 13:03, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from forward
zones (idnsForwardZone objectClass). Support for forward zones in idnsZone
objectClass is still present to ease upgrades.
See each commit message for all the gory details.
On 04/02/2013 12:12 PM, Martin Kosek wrote:
On 04/02/2013 11:57 AM, Ana Krivokapic wrote:
On 03/11/2013 10:26 AM, Martin Kosek wrote:
On 03/06/2013 01:07 PM, Petr Spacek wrote:
On 6.3.2013 09:32, Martin Kosek wrote:
+error=u'CNAME record is not allowed to coexist with any
Pulls the following fixes:
- upgrade deadlock caused by DNA plugin reconfiguration
- CVE-2013-1897: unintended information exposure when rootdse is
enabled
https://fedorahosted.org/freeipa/ticket/3540
ACKed by Rob on IRC, pushed to master, ipa-3-1.
I will bump this Requires also for Fedora
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease upgrades.
See each commit message
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease upgrades.
See each commit message
On 04/02/2013 04:53 PM, Ana Krivokapic wrote:
On 04/02/2013 12:12 PM, Martin Kosek wrote:
On 04/02/2013 11:57 AM, Ana Krivokapic wrote:
On 03/11/2013 10:26 AM, Martin Kosek wrote:
On 03/06/2013 01:07 PM, Petr Spacek wrote:
On 6.3.2013 09:32, Martin Kosek wrote:
+error=u'CNAME
On 04/02/2013 02:14 AM, Robert Relyea wrote:
On 03/29/2013 07:40 AM, John Dennis wrote:
On 03/29/2013 07:57 AM, Petr Viktorin wrote:
On 03/27/2013 04:40 PM, John Dennis wrote:
On 03/27/2013 11:23 AM, Petr Viktorin wrote:
I don't want to check the subject because this RFE was prompted by
On 2.4.2013 17:17, Adam Tkac wrote:
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease
The FreeIPA team is proud to announce a first PRERELEASE of FreeIPA v3.2.0. We
would like to welcome any early testers of this prerelase to provide us
feedback and help us stabilize this feature release which we plan to release as
final in the beginning of May 2013.
It can be downloaded from
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease upgrades.
See each commit message
On Tue, Apr 02, 2013 at 06:49:53PM +0200, Petr Spacek wrote:
Hello,
Make RBT iterators more resilient.
This patch implements more resilient interface for RBT iterators, as
I promised in thread about patches 123-126.
Now multiple calls to rbt_iter_stop() with the same argument do not
Hello,
Make RBT iterators more resilient.
This patch implements more resilient interface for RBT iterators, as I
promised in thread about patches 123-126.
Now multiple calls to rbt_iter_stop() with the same argument do not hurt.
--
Petr^2 Spacek
From
Hello,
The CA cert (/etc/ipa/ca.crt) was not being removed on client uninstall,
causing failure on subsequent client installation in some cases.
https://fedorahosted.org/freeipa/ticket/3537
--
Regards,
Ana Krivokapic
Associate Software Engineer
FreeIPA team
Red Hat Inc.
From
On 2.4.2013 17:18, Adam Tkac wrote:
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease
On 2.4.2013 18:34, Adam Tkac wrote:
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease
On 2.4.2013 17:30, Adam Tkac wrote:
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease
Hello,
attached patches update NEWS and SPEC files.
Pushed to master:
eb8059eb25912d1c4b262e00ba35d9c44767e1dc
8397ba4ff819825e645b9554fdd17a0d239cc8a9
--
Petr^2 Spacek
From 446104069d43cec34ff373c7e5757844a1bc9ec8 Mon Sep 17 00:00:00 2001
From: Petr Spacek pspa...@redhat.com
Date: Tue, 2 Apr
On 2.4.2013 19:13, Adam Tkac wrote:
On Tue, Apr 02, 2013 at 06:49:53PM +0200, Petr Spacek wrote:
Hello,
Make RBT iterators more resilient.
This patch implements more resilient interface for RBT iterators, as
I promised in thread about patches 123-126.
Now multiple calls to
On 2.4.2013 17:17, Adam Tkac wrote:
On Fri, Mar 22, 2013 at 01:03:12PM +0100, Petr Spacek wrote:
Hello,
this patch set separates master zones (idnsZone objectClass) from
forward zones (idnsForwardZone objectClass). Support for forward
zones in idnsZone objectClass is still present to ease
Hello,
schema was updated to match latest development.
Pushed to master:
3bf0d6fa6e6fe1bd81882a6819e9680e9c069997
b5bb6bc3b731c9e3b9d2efc4fb7a4420803ef55d
9bb52d52189f5e7a74b4994653a40de84fc8f4ea
--
Petr^2 Spacek
From 0f10e921572b77eadf9ef393cb6d65a0297d4a7b Mon Sep 17 00:00:00 2001
From: Petr
The FreeIPA team is proud to announce bind-dyndb-ldap version 3.0.
It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/.
The new version has also been built for Fedora 19:
https://admin.fedoraproject.org/updates/bind-dyndb-ldap-3.0-1.fc19
This release includes several
On 04/02/2013 11:33 AM, Petr Viktorin wrote:
On 04/02/2013 02:14 AM, Robert Relyea wrote:
On 03/29/2013 07:40 AM, John Dennis wrote:
On 03/29/2013 07:57 AM, Petr Viktorin wrote:
On 03/27/2013 04:40 PM, John Dennis wrote:
On 03/27/2013 11:23 AM, Petr Viktorin wrote:
I don't want to check the
On 04/02/2013 02:07 PM, John Dennis wrote:
On 04/02/2013 11:33 AM, Petr Viktorin wrote:
On 04/02/2013 02:14 AM, Robert Relyea wrote:
On 03/29/2013 07:40 AM, John Dennis wrote:
On 03/29/2013 07:57 AM, Petr Viktorin wrote:
On 03/27/2013 04:40 PM, John Dennis wrote:
On 03/27/2013 11:23 AM,
37 matches
Mail list logo