Re: [Freeipa-devel] [PATCH 0242] Set the default attributes for RootDSE

On 07/15/2014 09:13 AM, Tomas Babej wrote: > Hi, > > With 389 DS 1.3.3 upwards we can leverage the nsslapd-return-default-opattr > attribute to enumerate the list of attributes that should be returned > even if not specified explicitly. Use the behaviour to get the same > attributes > returned fro

Re: [Freeipa-devel] [PATCHES 0114-0115] DNS: allow to add root zone '.'

On 09/23/2014 05:45 PM, Petr Vobornik wrote: On 25.8.2014 14:52, Martin Basti wrote: [...] 1. Please follow pep8 for the new code. # git diff HEAD~7 -U0 | pep8 --diff --ignore=E501 Produces 25 erros. Only E124 and E128 could be ignored if they are part of old code. FWIW, our style guide is

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

On 09/22/2014 05:02 PM, Alexander Bokovoy wrote: > On Mon, 22 Sep 2014, Simo Sorce wrote: >> On Mon, 22 Sep 2014 15:36:01 +0200 >> David Kupka wrote: >> >>> On 09/18/2014 09:42 PM, Martin Kosek wrote: >>> > On 09/18/2014 09:11 PM, Simo Sorce wrote: >>> >> On Thu, 18 Sep 2014 14:57:45 -0400 >>> >>

Re: [Freeipa-devel] [PATCH] 0637 upgradeinstance: Restore listeners on failure

On 08/22/2014 06:07 PM, Petr Viktorin wrote: > https://fedorahosted.org/freeipa/ticket/4499 > > Actually I wonder why we use backup_state/restore_state for these settings. > Rob, was there a reason for not just always setting nsslapd-port: 389 and > nsslapd-security: on? This works pretty nicely,

[Freeipa-devel] FreeIPA on RHEL/CentOS 7.0

Hello, I just rebuilt latest fixed pki-core&tomcat for our Copr (http://copr.fedoraproject.org/coprs/mkosek/freeipa/builds/). We are now very close to having a functional repo for RHEL/CentOS 7.0. With couple minor changes to the spec file, I was able to install FreeIPA 4.0.3 and it's dependencie

Re: [Freeipa-devel] [PATCH] 0105 FIX: LDAP_updater

On 09/23/2014 02:51 PM, Martin Basti wrote: On 22/09/14 14:04, Petr Viktorin wrote: On 09/01/2014 04:31 PM, Martin Basti wrote: On 24/07/14 09:06, Martin Basti wrote: On 23/07/14 15:17, Martin Basti wrote: This patch fixes ordering problem of schema updates Martin should it be in IPA 4.0.x ?

[Freeipa-devel] [PATCH] 757 webui: do not offer ipa-ad-winsync and ipa-ipa-trust range types

webui: do not offer ipa-ad-winsync and ipa-ipa-trust range types They are not supported by API. -- Petr Vobornik ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] FreeIPA on RHEL/CentOS 7.0

On 24.9.2014 11:00, Martin Kosek wrote: Hello, I just rebuilt latest fixed pki-core&tomcat for our Copr (http://copr.fedoraproject.org/coprs/mkosek/freeipa/builds/). We are now very close to having a functional repo for RHEL/CentOS 7.0. With couple minor changes to the spec file, I was able to

Re: [Freeipa-devel] [PATCH] 129 ipa-kdb: fix unit tests

On Tue, Jul 22, 2014 at 05:24:51PM +0200, Sumit Bose wrote: > Hi, > > it looks like the ipa-kdb unit test is broken. This patch tries to fix > it. > > bye, > Sumit ACK Without the patch, I got: ipa_kdb_tests-ipa_kdb_common.o: In function `ipadb_ldap_attr_has_value': /home/remote/jhrozek/devel/f

Re: [Freeipa-devel] [PATCH] 0645 ipa-replica-prepare: Wait for the DNS entry to be resolvable

On 09/23/2014 06:00 PM, Petr Spacek wrote: On 22.9.2014 14:09, Petr Viktorin wrote: On 09/22/2014 01:48 PM, Petr Spacek wrote: On 22.9.2014 10:38, Martin Kosek wrote: On 09/22/2014 10:31 AM, Petr Spacek wrote: On 22.9.2014 10:14, Martin Kosek wrote: On 09/19/2014 07:29 PM, Petr Viktorin wrot

Re: [Freeipa-devel] [PATCH] JSON client: Log pretty-printed request and response with -vv or above

On 09/23/2014 04:15 PM, Petr Viktorin wrote: On 09/23/2014 03:13 PM, Petr Viktorin wrote: https://fedorahosted.org/freeipa/ticket/4233 After talking to Rob, I've changed what the -v means a bit more: A single -v just turns on INFO logging, as before: $ ipa -v ping ipa: INFO: trying https://v

Re: [Freeipa-devel] [PATCH] 0645 ipa-replica-prepare: Wait for the DNS entry to be resolvable

On 24.9.2014 13:47, Petr Viktorin wrote: On 09/23/2014 06:00 PM, Petr Spacek wrote: On 22.9.2014 14:09, Petr Viktorin wrote: On 09/22/2014 01:48 PM, Petr Spacek wrote: On 22.9.2014 10:38, Martin Kosek wrote: On 09/22/2014 10:31 AM, Petr Spacek wrote: On 22.9.2014 10:14, Martin Kosek wrote:

Re: [Freeipa-devel] [PATCHES] 0631-0632 Integration tests for backup & restore

On 09/23/2014 12:17 PM, Tomas Babej wrote: On 08/06/2014 04:52 PM, Petr Viktorin wrote: On 08/06/2014 04:36 PM, Petr Viktorin wrote: Hello, These patches add integration tests for backup & restore. They depend on my earlier backup/restore patches, 0624-0627. I'm also attaching a patch for

Re: [Freeipa-devel] [PATCH] JSON client: Log pretty-printed request and response with -vv or above

On 09/24/2014 01:50 PM, David Kupka wrote: On 09/23/2014 04:15 PM, Petr Viktorin wrote: On 09/23/2014 03:13 PM, Petr Viktorin wrote: https://fedorahosted.org/freeipa/ticket/4233 After talking to Rob, I've changed what the -v means a bit more: A single -v just turns on INFO logging, as before

Re: [Freeipa-devel] [PATCH][RFC] 13 - Log pretty-printed request and response

On 04/16/2014 05:42 PM, Rob Crittenden wrote: Misnyovszki Adam wrote: Hi, this patch enables logging json dumps of request and response, using the --log-payload switch in ipa cli. RFC tag is to ensure that I handled the --log-payload switch correctly in ipa cli. Be careful, it only logs, so --lo

Re: [Freeipa-devel] [PATCH] 0645 ipa-replica-prepare: Wait for the DNS entry to be resolvable

On 09/24/2014 01:54 PM, Petr Spacek wrote: On 24.9.2014 13:47, Petr Viktorin wrote: On 09/23/2014 06:00 PM, Petr Spacek wrote: On 22.9.2014 14:09, Petr Viktorin wrote: On 09/22/2014 01:48 PM, Petr Spacek wrote: On 22.9.2014 10:38, Martin Kosek wrote: On 09/22/2014 10:31 AM, Petr Spacek wrote

[Freeipa-devel] [PATCH] 482 Update contributors

Add missing developers contributing to project git. Cancel "Past and Occcasional" section and merge the people in the right categories. Update .mailmap so that the Developer list can be easily re-generated. -- Martin Kosek Supervisor, Software Engineering - Identity Management Team Red Hat Inc.

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

On Wed, 24 Sep 2014 10:22:29 +0200 Martin Kosek wrote: > On 09/22/2014 05:02 PM, Alexander Bokovoy wrote: > > On Mon, 22 Sep 2014, Simo Sorce wrote: > >> On Mon, 22 Sep 2014 15:36:01 +0200 > >> David Kupka wrote: > >> > >>> On 09/18/2014 09:42 PM, Martin Kosek wrote: > >>> > On 09/18/2014 09:11

Re: [Freeipa-devel] [PATCH 130] extdom: add support for new version

On Tue, Sep 23, 2014 at 05:11:01PM +0200, Sumit Bose wrote: > Hi, > > this patch should fix https://fedorahosted.org/freeipa/ticket/4031 and > with the corresponding SSSD part it would be possible to get the full > list of group memberships with the id command even for user who didn't > log in bef

Re: [Freeipa-devel] [PATCH] 755 webui-ci: case-insensitive record check

On 24.9.2014 04:43, Endi Sukma Dewata wrote: On 9/22/2014 9:49 AM, Petr Vobornik wrote: [PATCH] webui-ci: case-insensitive record check Indirect association are no longer lower cased, which caused a issue in CI. Is the use of "|=" operator intentional? I don't see the "has" variable defined a

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka wrote: On 09/18/2014 06:34 PM, Martin Basti wrote: ... 1) +if options.unattended: +for ip in ip_addresses: +if search_reverse_zones and find_reverse_zone(str(ip)): +

Re: [Freeipa-devel] [PATCH 0126 - 0127] DNS: remove --class option

On 23/09/14 18:53, Martin Basti wrote: On 23/09/14 18:35, Petr Spacek wrote: On 22.9.2014 19:21, Martin Basti wrote: On 22/09/14 13:17, Petr Vobornik wrote: On 19.9.2014 16:15, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/3414 Patch attached. Patch 126: 1. I think t

Re: [Freeipa-devel] [PATCH] 755 webui-ci: case-insensitive record check

On 9/24/2014 8:26 AM, Petr Vobornik wrote: On 24.9.2014 04:43, Endi Sukma Dewata wrote: On 9/22/2014 9:49 AM, Petr Vobornik wrote: [PATCH] webui-ci: case-insensitive record check Indirect association are no longer lower cased, which caused a issue in CI. Is the use of "|=" operator intention

Re: [Freeipa-devel] [PATCH] 749-754 webui: new ID views section

On 9/19/2014 7:29 AM, Petr Vobornik wrote: Hello, attached patches implements Web UI part of ID Views. Backend is currently on review as well - thread "[PATCHES 247-259] ID views - management part". https://fedorahosted.org/freeipa/ticket/4535 I expect that backed can change and that the UI mi

Re: [Freeipa-devel] [PATCH] 749-754 webui: new ID views section

On 24.9.2014 16:30, Endi Sukma Dewata wrote: On 9/19/2014 7:29 AM, Petr Vobornik wrote: Hello, attached patches implements Web UI part of ID Views. Backend is currently on review as well - thread "[PATCHES 247-259] ID views - management part". https://fedorahosted.org/freeipa/ticket/4535 I ex

Re: [Freeipa-devel] [PATCH 0126 - 0127] DNS: remove --class option

On 09/24/2014 04:07 PM, Martin Basti wrote: > On 23/09/14 18:53, Martin Basti wrote: >> On 23/09/14 18:35, Petr Spacek wrote: >>> On 22.9.2014 19:21, Martin Basti wrote: On 22/09/14 13:17, Petr Vobornik wrote: > On 19.9.2014 16:15, Martin Basti wrote: >> Ticket: https://fedorahosted.or

[Freeipa-devel] [PATCH 0128] dnszone-remove-permission should raise NotFound if permission doesn't exist

Patch attached This probably should go to 4.0.x, 4.1 and master -- Martin Basti From 0c34bd80c6d22456b1194ec769c16dd289166e74 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 24 Sep 2014 16:46:27 +0200 Subject: [PATCH] FIX: dnszone-remove-permission should raise error dnszone-remove-per

Re: [Freeipa-devel] [PATCH 0128] dnszone-remove-permission should raise NotFound if permission doesn't exist

On 09/24/2014 04:55 PM, Martin Basti wrote: > Patch attached > > This probably should go to 4.0.x, 4.1 and master It is obvious that this interface was designed this way. So you should elaborate more on the "should" part, list use cases where current approach does not work, link to tickets, ...

Re: [Freeipa-devel] [PATCHES] 0633-0634 Move setting SELinux booleans to platform code; Set SELinux booleans when restoring

On 08/15/2014 10:40 PM, Petr Viktorin wrote: A fix for https://fedorahosted.org/freeipa/ticket/4157 This depends on my patches 0631-0632 (for backup/restore integration tests). Our setsebool code was repeated a few times. Instead of adding another copy, I refactored what we have into a plat

[Freeipa-devel] [PATCHES] 336-339 Installer certificate options usability fixes

Hi, the attached patches fix and . (Note that design page for this is TBD.) Honza -- Jan Cholasta >From ad61849f6070db621d0ed98010bca5fc657e9ff1 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Wed

Re: [Freeipa-devel] FreeIPA on RHEL/CentOS 7.0

On Wed, Sep 24, 2014 at 11:00:21AM +0200, Martin Kosek wrote: > > I just rebuilt latest fixed pki-core&tomcat for our Copr > (http://copr.fedoraproject.org/coprs/mkosek/freeipa/builds/). We are now very > close to having a functional repo for RHEL/CentOS 7.0. > > With couple minor changes to the

Re: [Freeipa-devel] [PATCH 0128] dnszone-remove-permission should raise NotFound if permission doesn't exist

On 24/09/14 17:30, Martin Kosek wrote: On 09/24/2014 04:55 PM, Martin Basti wrote: Patch attached This probably should go to 4.0.x, 4.1 and master It is obvious that this interface was designed this way. So you should elaborate more on the "should" part, list use cases where current approach d

Re: [Freeipa-devel] [PATCHES] 319, 324-335 CA management and renewal fixes

Dne 23.9.2014 v 20:39 Rob Crittenden napsal(a): Jan Cholasta wrote: Hi, the attached patches fix various bugs and shortcomings in the CA management and renewal code. Related tickets: , . (Patch 319 was

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

On 24/09/14 15:44, David Kupka wrote: On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka wrote: On 09/18/2014 06:34 PM, Martin Basti wrote: ... 1) +if options.unattended: +for ip in ip_addresses: +if search_reverse_zones and find_rev

Re: [Freeipa-devel] [PATCH] 755 webui-ci: case-insensitive record check

On Wed, Sep 24, 2014 at 09:16:52AM -0500, Endi Sukma Dewata wrote: > On 9/24/2014 8:26 AM, Petr Vobornik wrote: > >On 24.9.2014 04:43, Endi Sukma Dewata wrote: > >>On 9/22/2014 9:49 AM, Petr Vobornik wrote: > >>>[PATCH] webui-ci: case-insensitive record check > >>> > >>>Indirect association are no

[Freeipa-devel] [PATCH 0033] Remove trivial path constants

Hello, Patch for https://fedorahosted.org/freeipa/ticket/4399. Let me know if I missed any. Thanks, Gabe From f55ea771a16f1083ad2ea4cdf4cb81abc9e5c194 Mon Sep 17 00:00:00 2001 From: Gabe Date: Wed, 24 Sep 2014 20:14:11 -0600 Subject: [PATCH] Remove trivial path constants from modules https://f

Re: [Freeipa-devel] [PATCH] 749-754 webui: new ID views section

On 9/24/2014 9:43 AM, Petr Vobornik wrote: On 24.9.2014 16:30, Endi Sukma Dewata wrote: On 9/19/2014 7:29 AM, Petr Vobornik wrote: Hello, attached patches implements Web UI part of ID Views. Backend is currently on review as well - thread "[PATCHES 247-259] ID views - management part". https:

Re: [Freeipa-devel] FreeIPA on RHEL/CentOS 7.0

On 09/24/2014 06:19 PM, Jan Pazdziora wrote: > On Wed, Sep 24, 2014 at 11:00:21AM +0200, Martin Kosek wrote: >> >> I just rebuilt latest fixed pki-core&tomcat for our Copr >> (http://copr.fedoraproject.org/coprs/mkosek/freeipa/builds/). We are now very >> close to having a functional repo for RHEL/

Re: [Freeipa-devel] FreeIPA on RHEL/CentOS 7.0

On Thu, Sep 25, 2014 at 08:55:46AM +0200, Martin Kosek wrote: > On 09/24/2014 06:19 PM, Jan Pazdziora wrote: > > On Wed, Sep 24, 2014 at 11:00:21AM +0200, Martin Kosek wrote: > >> > >> I just rebuilt latest fixed pki-core&tomcat for our Copr > >> (http://copr.fedoraproject.org/coprs/mkosek/freeipa/