Hi Petr,
we already discussed on IRC, but see some comments below
On 03/28/2014 04:11 PM, Petr Viktorin wrote:
Hello,
I'm trying to add ACIs to allow read access to containers, and I need
some input.
The DS's access control system is not designed to allow access to a
single entry but not its
On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
> Hi Petr,
>
> we already discussed on IRC, but see some comments below
> On 03/28/2014 04:11 PM, Petr Viktorin wrote:
>> Hello,
>> I'm trying to add ACIs to allow read access to containers, and I need some
>> input.
>>
>> The DS's access control syst
On Mon, 31 Mar 2014, Martin Kosek wrote:
On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
Hi Petr,
we already discussed on IRC, but see some comments below
On 03/28/2014 04:11 PM, Petr Viktorin wrote:
Hello,
I'm trying to add ACIs to allow read access to containers, and I need some
input.
The D
On 03/31/2014 12:52 PM, Alexander Bokovoy wrote:
> On Mon, 31 Mar 2014, Martin Kosek wrote:
>> On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
>>> Hi Petr,
>>>
>>> we already discussed on IRC, but see some comments below
>>> On 03/28/2014 04:11 PM, Petr Viktorin wrote:
Hello,
I'm trying to
On 03/31/2014 12:32 PM, Martin Kosek wrote:
On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
Hi Petr,
we already discussed on IRC, but see some comments below
On 03/28/2014 04:11 PM, Petr Viktorin wrote:
Hello,
I'm trying to add ACIs to allow read access to containers, and I need some
input.
T
On Mon, 2014-03-31 at 10:41 +0200, Ludwig Krispenz wrote:
> Hi Petr,
>
> we already discussed on IRC, but see some comments below
> On 03/28/2014 04:11 PM, Petr Viktorin wrote:
> > Hello,
> > I'm trying to add ACIs to allow read access to containers, and I need
> > some input.
> >
> > The DS's ac
Hello list,
thread "[Freeipa-devel] Read access to container entries" reminds me an idea I
have in mind for a while:
We could check effective ACIs [1] for interesting objects (Kerberos master
key, trust objects etc.) and make sure that there is nothing like 'read by
anonymous' etc.
Method
On 03/31/2014 02:59 PM, Petr Spacek wrote:
Hello list,
thread "[Freeipa-devel] Read access to container entries" reminds me
an idea I have in mind for a while:
We could check effective ACIs [1] for interesting objects (Kerberos
master key, trust objects etc.) and make sure that there is not
On 03/31/2014 01:52 PM, Ludwig Krispenz wrote:
>
> On 03/31/2014 12:32 PM, Martin Kosek wrote:
>> On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
...
>>> In general I think we should implement 1), there will be other scenarios
>>> where
>>> it could be useful. If something is needed imemdiately I
Petr Spacek wrote:
Hello list,
thread "[Freeipa-devel] Read access to container entries" reminds me an
idea I have in mind for a while:
We could check effective ACIs [1] for interesting objects (Kerberos
master key, trust objects etc.) and make sure that there is nothing like
'read by anonymous
On 03/31/2014 03:23 PM, Martin Kosek wrote:
On 03/31/2014 01:52 PM, Ludwig Krispenz wrote:
On 03/31/2014 12:32 PM, Martin Kosek wrote:
On 03/31/2014 10:41 AM, Ludwig Krispenz wrote:
...
In general I think we should implement 1), there will be other scenarios where
it could be useful. If some
On 03/31/2014 03:23 PM, Rob Crittenden wrote:
> Petr Spacek wrote:
>> Hello list,
>>
>> thread "[Freeipa-devel] Read access to container entries" reminds me an
>> idea I have in mind for a while:
>>
>> We could check effective ACIs [1] for interesting objects (Kerberos
>> master key, trust objects
On 03/31/2014 02:53 PM, Simo Sorce wrote:
> On Mon, 2014-03-31 at 10:41 +0200, Ludwig Krispenz wrote:
...
>>> 3) Add a special attribute to mark "public" containers, and add an ACI
>>> with a filter on that. Something like objectClass=ipaPublicContainer
>>> would do.
>> there is one more option
>
On 03/27/2014 11:27 AM, Jan Pazdziora wrote:
> On Wed, Mar 26, 2014 at 05:30:13PM -0600, Gabe Alford wrote:
>> All,
>>
>> Please review this patch for https://fedorahosted.org/freeipa/ticket/4156
>> Added links to documentation on configuring NetworkManager.
>
> Thank you for the patch.
>
> ACK.
On Mon, 2014-03-31 at 15:39 +0200, Martin Kosek wrote:
> On 03/31/2014 02:53 PM, Simo Sorce wrote:
> > On Mon, 2014-03-31 at 10:41 +0200, Ludwig Krispenz wrote:
> ...
> >>> 3) Add a special attribute to mark "public" containers, and add an ACI
> >>> with a filter on that. Something like objectClas
https://fedorahosted.org/freeipa/ticket/4293
--
Petr Vobornik
From dc4eaf9d622b4eac9fb3d942b23083bfb903be9a Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 1 Apr 2014 08:45:08 +0200
Subject: [PATCH] migration: fix import of wsgiref.util
https://fedorahosted.org/freeipa/ticket/4293
---
i
On Thu, Mar 27, 2014 at 01:14:52PM +0100, Tomas Babej wrote:
> Hi,
>
> When cleaning the range_info struct, simple free of the struct
> is not enough, we have to free contents of char pointers in the
> struct as well.
>
> https://fedorahosted.org/freeipa/ticket/4276
[...]
> 1 file changed, 13
17 matches
Mail list logo
