-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/2014 08:29 PM, Petr Spacek wrote:
> Hello,
>
> Fix record parsing to prevent child zone corruption.
>
> Child zone hosted on the same server as parent zone was
> corrupted by bug in update_record().
> Child zone's apex was modified by update
On Tue, 2014-04-08 at 11:01 +0200, Petr Spacek wrote:
> On 8.4.2014 10:49, Jan Cholasta wrote:
> > On 8.4.2014 10:31, Petr Spacek wrote:
> >> On 8.4.2014 10:29, Jan Cholasta wrote:
> >>> On 8.4.2014 10:19, Petr Spacek wrote:
> On 8.4.2014 10:14, Jan Cholasta wrote:
> > On 8.4.2014 10:09, A
On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote:
> Hello,
>
>
> Not sure how relevant this patch is to the current documentation
> considering (I believe) that wildcards are supported in versions 3.3
> and up. Patch for https://fedorahosted.org/freeipa/ticket/3616
>
>
> Thanks,
>
>
> Gab
On 04/08/2014 05:17 PM, Petr Viktorin wrote:
> On 04/08/2014 04:39 PM, Martin Kosek wrote:
>> On 04/08/2014 01:14 PM, Petr Viktorin wrote:
>>> On 04/08/2014 12:53 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
>> ...
The patch is functional, but I am not really a big
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
> On 04/08/2014 12:46 PM, Martin Kosek wrote:
>> On 04/08/2014 11:03 AM, Petr Viktorin wrote:
>>> On 04/07/2014 01:30 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
> Hello,
> This adds read permissions to read Sudo com
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
> Hello,
> These add read permissions to read user groups and hostgroups.
>
> For most attributes, anonymous read access is given.
> For member, memberOf, memberUID, read access is given only to authenticated
> users.
Didn't we agree that we want to m
On 04/07/2014 01:34 PM, Petr Viktorin wrote:
> On 04/07/2014 01:28 PM, Martin Kosek wrote:
>> On 04/03/2014 12:09 PM, Petr Viktorin wrote:
>>> Hello,
>>> This adds read permissions to read HBAC rules, services, and service groups.
>>>
>>> Read access is given to all authenticated users.
>>
>> So fa
Hi,
the following batch deals with the following:
* cleans up apache's semaphores prior to installing IPA (CA install can
get stuck when IPA is reinstalled many times)
* allows to pass extra arguments to install_client task
* uses trailing dot in the hostname as fqdn which should not be
overridde
On 9.4.2014 10:29, Martin Basti wrote:
On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote:
Hello,
Not sure how relevant this patch is to the current documentation
considering (I believe) that wildcards are supported in versions 3.3
and up. Patch for https://fedorahosted.org/freeipa/ticket/36
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
> Hello,
> This adds read permissions to read hosts.
>
> Read access is given to all authenticated users.
> For reading host membership info, there is a separate permission that also
> defaults to all authenticated users.
>
> The userPassword attribute
On 9.4.2014 10:03, Tomas Hozza wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/01/2014 08:29 PM, Petr Spacek wrote:
Hello,
Fix record parsing to prevent child zone corruption.
Child zone hosted on the same server as parent zone was
corrupted by bug in update_record().
Child zone's
Hello,
Add bind-lite-devel to BuildRequires.
Pushed to master: 0a3160bd3a4195429d082d7d48ffa596212c4b82
Bump NVR to 4.2.
Pushed to master: 2568801743900684e00cc466deef1c5919d3480f
--
Petr^2 Spacek
From 0a3160bd3a4195429d082d7d48ffa596212c4b82 Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: We
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
--
Massimiliano Perrone
Tel +39 393 9121310
Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 085973
http://www.tirasa.net
Apache Syncope PMC Member
http://people.apa
On 04/09/2014 12:07 PM, Tomas Babej wrote:
Hi,
the following batch deals with the following:
* cleans up apache's semaphores prior to installing IPA (CA install can
get stuck when IPA is reinstalled many times)
What happens if Apache is running for some reason? Should we also stop
it before
On 04/09/2014 10:59 AM, Martin Kosek wrote:
On 04/07/2014 01:34 PM, Petr Viktorin wrote:
On 04/07/2014 01:28 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read permissions to read HBAC rules, services, and service groups.
Read access is given to all aut
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:17 PM, Petr Viktorin wrote:
On 04/08/2014 04:39 PM, Martin Kosek wrote:
On 04/08/2014 01:14 PM, Petr Viktorin wrote:
On 04/08/2014 12:53 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
...
The patch is functio
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin wrote:
> On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
> > On Mon, 07 Apr 2014 09:43:10 +0200
> > Petr Viktorin wrote:
> >
> >> On 03/27/2014 03:37 PM, Misnyovszki Adam wrote:
> >>> On Wed, 26 Mar 2014 13:15:55 +0100
> >>> Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
On Mon, 07 Apr 2014 09:43:10 +0200
Petr Viktorin wrote:
On 03/27/2014 03:37 PM, Misnyovszki Adam wrote:
On Wed, 26 Mar 2014 13:15:55 +010
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
> Hi guys,
> is there any way to check the user status on ldap server?
>
> Thanks and regards,
>
> Massi
>
Hello,
It depends what you mean by status. We have a command to get a lock/auth status
of a user with user-status command:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This typically happens when BIND
is processing LDAP updates during shutdown.
I noticed this crash during sanity testing 4.2 rele
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks and regards,
Massi
Hello,
It depends what you mean by status. We have a command to get a lock/auth status
of
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
> On 04/09/2014 02:01 PM, Martin Kosek wrote:
>> On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
>>> Hi guys,
>>> is there any way to check the user status on ldap server?
>>>
>>> Thanks and regards,
>>>
>>> Massi
>>>
On 04/09/2014 01:45 PM, Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin wrote:
On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
On Mon, 07 Apr 2014 09:43:10 +0200
Petr Viktorin wrote:
On 03/27/2014 03:37 PM, Misnyovszki
I am good with it.
Gabe
On Wed, Apr 9, 2014 at 4:20 AM, Petr Spacek wrote:
> On 9.4.2014 10:29, Martin Basti wrote:
>
>> On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote:
>>
>>> Hello,
>>>
>>>
>>> Not sure how relevant this patch is to the current documentation
>>> considering (I believe)
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
> On 04/08/2014 02:25 PM, Petr Viktorin wrote:
> > Hello,
> > These add read permissions to read user groups and hostgroups.
> >
> > For most attributes, anonymous read access is given.
> > For member, memberOf, memberUID, read access is given
On 04/09/2014 02:40 PM, Martin Kosek wrote:
On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
Hi guys,
is there any way to check the user status on ldap server?
Thanks a
On 04/09/2014 03:15 PM, Massimiliano Perrone (tirasa.net) wrote:
> On 04/09/2014 02:40 PM, Martin Kosek wrote:
>> On 04/09/2014 02:37 PM, Massimiliano Perrone (tirasa.net) wrote:
>>> On 04/09/2014 02:01 PM, Martin Kosek wrote:
On 04/09/2014 01:30 PM, Massimiliano Perrone (tirasa.net) wrote:
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04/09/2014 02:07 PM, Petr Spacek wrote:
> Hello,
>
> Prevent NULL dereference before sync_concurr_limit_signal() calls.
>
> Missing check was causing NULL dereference in case where
> manager_get_ldap_instance() failed. This typically happens when
On Wed, 09 Apr 2014 14:53:34 +0200
Petr Viktorin wrote:
> On 04/09/2014 01:45 PM, Petr Viktorin wrote:
> > On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
> >> On Tue, 08 Apr 2014 17:31:25 +0200
> >> Petr Viktorin wrote:
> >>
> >>> On 04/08/2014 04:17 PM, Misnyovszki Adam wrote:
> On Mon, 0
On 04/09/2014 03:21 PM, Misnyovszki Adam wrote:
On Wed, 09 Apr 2014 14:53:34 +0200
Petr Viktorin wrote:
On 04/09/2014 01:45 PM, Petr Viktorin wrote:
On 04/09/2014 01:43 PM, Misnyovszki Adam wrote:
On Tue, 08 Apr 2014 17:31:25 +0200
Petr Viktorin wrote:
On 04/08/2014 04:17 PM, Misnyovszki
On 04/09/2014 03:04 PM, Simo Sorce wrote:
> On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
>> On 04/08/2014 02:25 PM, Petr Viktorin wrote:
>>> Hello,
>>> These add read permissions to read user groups and hostgroups.
>>>
>>> For most attributes, anonymous read access is given.
>>> For membe
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be faster than the bind itself.
Think about the amplification effect in an environment with 20
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM, Martin Kosek wrote:
On 04/03/2014 12:09 PM, Petr Viktorin wrote:
Hello,
This adds read per
On 9.4.2014 15:50, Ludwig Krispenz wrote:
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be faster than the bind itself.
Think about the ampl
On 04/09/2014 03:56 PM, Petr Viktorin wrote:
> On 04/09/2014 10:31 AM, Martin Kosek wrote:
>> On 04/08/2014 05:19 PM, Petr Viktorin wrote:
>>> On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
> On 04/07/2014 01:30 PM, Martin Kosek wrote:
>> On 04
On 04/09/2014 07:57 AM, Petr Spacek wrote:
On 9.4.2014 15:50, Ludwig Krispenz wrote:
On 04/09/2014 12:31 AM, Simo Sorce wrote:
On Tue, 2014-04-08 at 12:00 +0200, Ludwig Krispenz wrote:
Replication storms. In my opinion the replication of a mod of one or
two attribute in a entry will be faster
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
> > Something like this is what we have experienced for real and cause
> us to
> > actually disable replication of all the lockout related attributes
> in
> > the past.
> But also here it can get complicated, we cannot really use
> failedlo
On 04/09/2014 03:26 PM, Martin Kosek wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add read permissions to read user groups and hostgroups.
For most attributes, anonymous read a
On 04/09/2014 04:02 PM, Martin Kosek wrote:
On 04/09/2014 03:56 PM, Petr Viktorin wrote:
On 04/09/2014 10:31 AM, Martin Kosek wrote:
On 04/08/2014 05:19 PM, Petr Viktorin wrote:
On 04/08/2014 12:46 PM, Martin Kosek wrote:
On 04/08/2014 11:03 AM, Petr Viktorin wrote:
On 04/07/2014 01:30 PM, M
On 04/09/2014 08:09 AM, Simo Sorce wrote:
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
Something like this is what we have experienced for real and cause
us to
actually disable replication of all the lockout related attributes
in
the past.
But also here it can get complicated,
On 04/09/2014 02:58 PM, Gabe Alford wrote:
I am good with it.
Gabe
Pushed to docs master: be130d05c2111d31465e57238c5390a5c4ab9de2
On Wed, Apr 9, 2014 at 4:20 AM, Petr Spacek mailto:pspa...@redhat.com>> wrote:
On 9.4.2014 10:29, Martin Basti wrote:
On Tue, 2014-04-08 at 21:19 -
On 9.4.2014 15:20, Tomas Hozza wrote:
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case where
manager_get_ldap_instance() failed. This typically happens when BIND
is processing
On 04/09/2014 04:17 PM, Rich Megginson wrote:
On 04/09/2014 08:09 AM, Simo Sorce wrote:
On Wed, 2014-04-09 at 15:50 +0200, Ludwig Krispenz wrote:
Something like this is what we have experienced for real and cause
us to
actually disable replication of all the lockout related attributes
in
t
The meta-permissions.
Read access is given to all authenticated users. Reading membership info
(i.e. privileges) is split into a separate permission.
Another permission is added that allows read access to all ACIs.
If we don't want to open that up for everyone, I could limit this to
only ACIs
On 04/09/2014 04:09 PM, Petr Viktorin wrote:
> On 04/09/2014 03:26 PM, Martin Kosek wrote:
>> On 04/09/2014 03:04 PM, Simo Sorce wrote:
>>> On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
> Hello,
> These add read permissions to read
On 04/09/2014 05:08 PM, Martin Kosek wrote:
On 04/09/2014 04:09 PM, Petr Viktorin wrote:
On 04/09/2014 03:26 PM, Martin Kosek wrote:
On 04/09/2014 03:04 PM, Simo Sorce wrote:
On Wed, 2014-04-09 at 10:53 +0200, Martin Kosek wrote:
On 04/08/2014 02:25 PM, Petr Viktorin wrote:
Hello,
These add
On 04/09/2014 04:54 PM, Petr Viktorin wrote:
> The meta-permissions.
:-)
> Read access is given to all authenticated users. Reading membership info (i.e.
> privileges) is split into a separate permission.
>
> Another permission is added that allows read access to all ACIs.
> If we don't want to
On (09/04/14 16:38), Petr Spacek wrote:
>On 9.4.2014 15:20, Tomas Hozza wrote:
>>On 04/09/2014 02:07 PM, Petr Spacek wrote:
>>>Hello,
>>>
>>>Prevent NULL dereference before sync_concurr_limit_signal() calls.
>>>
>>>Missing check was causing NULL dereference in case where
>>>manager_get_ldap_instanc
On 9.4.2014 17:39, Lukas Slebodnik wrote:
On (09/04/14 16:38), Petr Spacek wrote:
On 9.4.2014 15:20, Tomas Hozza wrote:
On 04/09/2014 02:07 PM, Petr Spacek wrote:
Hello,
Prevent NULL dereference before sync_concurr_limit_signal() calls.
Missing check was causing NULL dereference in case wher
I came across these articles that may be of some use in this topic. I
humbly admit that I am no expert on this topic, and these may not be of any
use. Plus, I am not a fan of the product, but maybe it helps?
http://technet.microsoft.com/en-us/library/cc772726%28v=ws.10%29.aspx
http://blogs.technet
Hello,
Bump NVR to 4.3.
Pushed to master: 89f1751ff8f8582d628652060eff3bf5a9d7254a
--
Petr^2 Spacek
From 89f1751ff8f8582d628652060eff3bf5a9d7254a Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Wed, 9 Apr 2014 17:59:32 +0200
Subject: [PATCH] Bump NVR to 4.3.
Signed-off-by: Petr Spacek
---
The FreeIPA team is proud to announce bind-dyndb-ldap version 4.3.
It can be downloaded from https://fedorahosted.org/released/bind-dyndb-ldap/
The new version has also been built for Fedora 20 and and is on its way to
updates-testing:
https://admin.fedoraproject.org/updates/bind-dyndb-ldap-4.
Petr Viktorin wrote:
On 03/14/2014 07:58 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/12/2014 07:48 PM, Rob Crittenden wrote:
[...]
Here are a couple more enhancements I'm considering, this seems simpler
than inter-diff since it is so small.
Not really. Having a patch file with a s
Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/14/2014 07:58 PM, Rob Crittenden wrote:
Petr Viktorin wrote:
On 03/12/2014 07:48 PM, Rob Crittenden wrote:
[...]
Here are a couple more enhancements I'm considering, this seems
simpler
than inter-diff since it is so small.
Not really. Havin
On 04/08/2014 02:42 PM, Rob Crittenden wrote:
Justin Brown wrote:
Dmitri,
I'd be more than happy to, but I'm having trouble figuring out where
it should go. Could you send me a link to a similar design page?
I'd put it under here: http://www.freeipa.org/page/V4_Proposals
There is a template
On 04/10/2014 02:57 AM, Dmitri Pal wrote:
> On 04/08/2014 02:42 PM, Rob Crittenden wrote:
>> Justin Brown wrote:
...
> b) Example: freeipa-server-install --setup-dns --forwarder=192.168.0.2
> --forwarder=192.168.0.3
Let's talk about CLI. Shouldn't we add just one option - "--no-firewall"? I
would
56 matches
Mail list logo