On 17.9.2014 20:04, Tomas Hozza wrote:
On Tue 16 Sep 2014 07:32:39 PM CEST, Petr Spacek wrote:
Hello,
attached patches fix
https://bugzilla.redhat.com/show_bug.cgi?id=1142150
https://bugzilla.redhat.com/show_bug.cgi?id=1142152
... and improve related error messages.
I will push it to
On Thu 18 Sep 2014 08:49:05 AM CEST, Petr Spacek wrote:
On 17.9.2014 20:04, Tomas Hozza wrote:
On Tue 16 Sep 2014 07:32:39 PM CEST, Petr Spacek wrote:
Hello,
attached patches fix
https://bugzilla.redhat.com/show_bug.cgi?id=1142150
https://bugzilla.redhat.com/show_bug.cgi?id=1142152
...
On 18.9.2014 09:12, Tomas Hozza wrote:
On Thu 18 Sep 2014 08:49:05 AM CEST, Petr Spacek wrote:
On 17.9.2014 20:04, Tomas Hozza wrote:
On Tue 16 Sep 2014 07:32:39 PM CEST, Petr Spacek wrote:
Hello,
attached patches fix
https://bugzilla.redhat.com/show_bug.cgi?id=1142150
https://fedorahosted.org/freeipa/ticket/4421
--
David Kupka
From 77faaa3c7887550b493f86f90f654da8e1f42eee Mon Sep 17 00:00:00 2001
From: David Kupka dku...@redhat.com
Date: Tue, 2 Sep 2014 16:11:55 +0200
Subject: [PATCH] Allow multiple krbprincipalnames.
Allow user to specify multiple
On 09/18/2014 10:19 AM, David Kupka wrote:
+'System: Add krbCanonicalName to a Host': {
+'ipapermright': {'write'},
+'ipapermdefaultattr': {'krbcanonicalname'},
+'default_privileges': {'Host Administrators'},
+},
Would it make sense to add
On 15.9.2014 21:08, Nathaniel McCallum wrote:
On Thu, 2014-08-28 at 22:54 -0400, Nathaniel McCallum wrote:
This prevents any local attempt at rapid token code replay. If two
token codes hit the system at roughly the same moment, only the
first write will succeed. All subsequent authentications
On 09/17/2014 07:25 AM, David Kupka wrote:
On 09/16/2014 06:09 PM, Martin Basti wrote:
On 16/09/14 15:59, David Kupka wrote:
On 09/12/2014 07:24 PM, Martin Basti wrote:
snip /
Be careful, reviewed on friday! :-)
1)
whitespace error + pep8 error
patch:76: trailing whitespace.
# there is
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this patch. It is always possible it is no
longer needed. Did you test all the client enrollment scenarios?
rob
As far as I'm aware I'm not removing any
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this patch. It is always possible it is no
longer needed. Did you test all the client enrollment scenarios?
On Thu, 18 Sep 2014 16:28:19 +0200
Martin Kosek mko...@redhat.com wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this patch. It is always possible
On 09/18/2014 04:28 PM, Martin Kosek wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this patch. It is always possible it is no
longer needed. Did you
On 09/18/2014 04:40 PM, Simo Sorce wrote:
On Thu, 18 Sep 2014 16:28:19 +0200
Martin Kosek mko...@redhat.com wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an
...
1)
+if options.unattended:
+for ip in ip_addresses:
+if search_reverse_zones and find_reverse_zone(str(ip)):
+# reverse zone is already in LDAP
+continue
+for rz in ret_reverse_zones:
+
This makes ipatokenTOTPwatermark have exactly the same semantics as
ipatokenHOTPcounter.
NOTE: This patch includes an update plugin which will update existing
token objects. This should be low impact since it only updates TOTP
tokens which have never been used. TOTP tokens which have already been
On Thu, 2014-09-18 at 14:00 +0200, Petr Vobornik wrote:
On 15.9.2014 21:08, Nathaniel McCallum wrote:
On Thu, 2014-08-28 at 22:54 -0400, Nathaniel McCallum wrote:
This prevents any local attempt at rapid token code replay. If two
token codes hit the system at roughly the same moment, only
On Thu, 2014-09-18 at 13:56 -0400, Nathaniel McCallum wrote:
This makes ipatokenTOTPwatermark have exactly the same semantics as
ipatokenHOTPcounter.
NOTE: This patch includes an update plugin which will update existing
token objects. This should be low impact since it only updates TOTP
On Thu, 18 Sep 2014 13:56:44 -0400
Nathaniel McCallum npmccal...@redhat.com wrote:
-objectClasses: (2.16.840.1.113730.3.8.16.2.2 NAME 'ipatokenTOTP'
SUP ipaToken STRUCTURAL DESC 'TOTP Token Type' MUST (ipatokenOTPkey $
ipatokenOTPalgorithm $ ipatokenOTPdigits $ ipatokenTOTPclockOffset $
On Thu, 18 Sep 2014 13:59:34 -0400
Nathaniel McCallum npmccal...@redhat.com wrote:
On Thu, 2014-09-18 at 14:00 +0200, Petr Vobornik wrote:
On 15.9.2014 21:08, Nathaniel McCallum wrote:
On Thu, 2014-08-28 at 22:54 -0400, Nathaniel McCallum wrote:
This prevents any local attempt at rapid
On Thu, 2014-09-18 at 14:18 -0400, Simo Sorce wrote:
On Thu, 18 Sep 2014 13:56:44 -0400
Nathaniel McCallum npmccal...@redhat.com wrote:
-objectClasses: (2.16.840.1.113730.3.8.16.2.2 NAME 'ipatokenTOTP'
SUP ipaToken STRUCTURAL DESC 'TOTP Token Type' MUST (ipatokenOTPkey $
On Thu, 18 Sep 2014 14:22:07 -0400
Nathaniel McCallum npmccal...@redhat.com wrote:
On Thu, 2014-09-18 at 14:18 -0400, Simo Sorce wrote:
On Thu, 18 Sep 2014 13:56:44 -0400
Nathaniel McCallum npmccal...@redhat.com wrote:
-objectClasses: (2.16.840.1.113730.3.8.16.2.2 NAME
Martin Kosek wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this patch. It is always possible it is no
longer needed. Did you test all the client
On Thu, 18 Sep 2014 14:57:45 -0400
Rob Crittenden rcrit...@redhat.com wrote:
Martin Kosek wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/4421
You are removing an ACI in this
On 09/18/2014 09:11 PM, Simo Sorce wrote:
On Thu, 18 Sep 2014 14:57:45 -0400
Rob Crittenden rcrit...@redhat.com wrote:
Martin Kosek wrote:
On 09/18/2014 04:06 PM, David Kupka wrote:
On 09/18/2014 03:44 PM, Rob Crittenden wrote:
David Kupka wrote:
23 matches
Mail list logo