Re: [Freeipa-devel] dnssec tests fail due to KeyError at is_record_signed method

On 08/25/2015 08:59 PM, Oleg Fayans wrote: Hi Martin, As I was running the dnssec integration tests, I noticed that 4 out of 5 tests fail with the assumption of the dns zone being signed. Here is the stdout of the tests: http://pastebin.test.redhat.com/307944 The failure occurs in the

Re: [Freeipa-devel] ipa-devel repos on jdennis.fedorapeople.org

On Mon, 2015-08-31 at 09:36 -0400, Stephen Gallagher wrote: > On Thu, 2015-08-27 at 08:20 -0400, John Dennis wrote: > > On 08/27/2015 04:27 AM, Petr Spacek wrote: > > > On 15.7.2015 09:44, Jan Pazdziora wrote: > > > > On Tue, Jul 14, 2015 at 12:49:23PM -0400, John Dennis wrote: > > > > > On

[Freeipa-devel] [PATCH 0086] Migrate OTP import script to python-cryptography

https://fedorahosted.org/freeipa/ticket/5192From dec73420432015b45ead1474e87eda5fafb5ebe0 Mon Sep 17 00:00:00 2001 From: Nathaniel McCallum Date: Mon, 31 Aug 2015 10:46:19 -0400 Subject: [PATCH] Migrate OTP import script to python-cryptography

[Freeipa-devel] [PATCH] 920 webui: improve performance of search in association dialog

By adding no_members option to commands which supports it. It then skips memberof procession on the server side. https://fedorahosted.org/freeipa/ticket/5271 -- Petr Vobornik From 39beb39966dff537b82aca1204cc124f52677ba7 Mon Sep 17 00:00:00 2001 From: Petr Vobornik Date:

Re: [Freeipa-devel] [PATCH 0302] DNSSEC: remove "DNSSEC is experimental" warnings

On 08/31/2015 02:52 PM, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5265 > > Patch attached. > > Should I remove also message class "DNSSECWarning" which is not used now, or > just keep it there because ti has already registered error code? > > Martin^2 > > Just for the

Re: [Freeipa-devel] How to support Designate?

On 08/31/2015 01:35 AM, Petr Spacek wrote: On 26.8.2015 20:09, Rich Megginson wrote: On 08/25/2015 09:08 AM, Petr Spacek wrote: On 8.7.2015 19:56, Rich Megginson wrote: On 07/08/2015 10:11 AM, Petr Spacek wrote: Assuming that Designate wants to own DNS and be Primary Master, it would be

[Freeipa-devel] [PATCH 0053-0056] DNSSEC: Fix deadlocks & export to LDAP

Hello, Attached patch set should fix the deadlock you discovered + few more issues I spotted when testing the original patch. Known problems (more patches needed): - /etc/opendnssec/zonelist.xml should be restored during server uninstall - ccache for ipa-ods-exporter should be removed during

Re: [Freeipa-devel] How to support Designate?

On Mon, 2015-08-31 at 10:15 -0600, Rich Megginson wrote: > On 08/31/2015 01:35 AM, Petr Spacek wrote: > > On 26.8.2015 20:09, Rich Megginson wrote: > >> On 08/25/2015 09:08 AM, Petr Spacek wrote: > >>> On 8.7.2015 19:56, Rich Megginson wrote: > On 07/08/2015 10:11 AM, Petr Spacek wrote: >

Re: [Freeipa-devel] [PATCH] 377 Using LDAPI to setup CA and KRA agents.

On 8/31/2015 6:18 AM, Martin Basti wrote: On 08/27/2015 09:41 PM, Endi Sukma Dewata wrote: The CA and KRA installation code has been modified to use LDAPI to create the CA and KRA agents directly in the CA and KRA database. This way it's no longer necessary to use the Directory Manager

Re: [Freeipa-devel] How to support Designate?

On 08/31/2015 11:00 AM, Simo Sorce wrote: On Mon, 2015-08-31 at 10:15 -0600, Rich Megginson wrote: On 08/31/2015 01:35 AM, Petr Spacek wrote: On 26.8.2015 20:09, Rich Megginson wrote: On 08/25/2015 09:08 AM, Petr Spacek wrote: On 8.7.2015 19:56, Rich Megginson wrote: On 07/08/2015 10:11 AM,

Re: [Freeipa-devel] [PATCH 0002] Port from python-krbV to python-gssapi

On 26/08/15 09:42, Jan Cholasta wrote: On 25.8.2015 21:00, Simo Sorce wrote: On Tue, 2015-08-25 at 20:45 +0200, Michael Šimáček wrote: On 2015-08-25 18:43, Robbie Harwood wrote: Jan Cholasta writes: On 25.8.2015 12:46, Michael Šimáček wrote: On 2015-08-25 12:38,

Re: [Freeipa-devel] cert profiles - test plan + patches

On 08/18/2015 04:06 PM, Milan Kubík wrote: On 08/11/2015 03:17 AM, Fraser Tweedale wrote: On Mon, Aug 10, 2015 at 11:36:31AM +0200, Milan Kubík wrote: On 08/05/2015 02:57 PM, Milan Kubík wrote: Hi list, I'm sending the test plan [1] for certificate profiles and preliminary patches for it.

Re: [Freeipa-devel] How to support Designate?

On 26.8.2015 20:09, Rich Megginson wrote: > On 08/25/2015 09:08 AM, Petr Spacek wrote: >> On 8.7.2015 19:56, Rich Megginson wrote: >>> On 07/08/2015 10:11 AM, Petr Spacek wrote: Assuming that Designate wants to own DNS and be Primary Master, it would be awesome if they could support

Re: [Freeipa-devel] [PATCH 0291, 0292] Limit max age of replication changelog

On 07/31/2015 10:24 AM, Martin Basti wrote: On 30/07/15 15:43, Ludwig Krispenz wrote: On 07/30/2015 03:14 PM, Martin Basti wrote: On 22/07/15 17:03, Martin Basti wrote: On 20/07/15 19:04, Mark Reynolds wrote: On 07/20/2015 12:50 PM, Martin Basti wrote: On 20/07/15 17:48, Petr Vobornik

Re: [Freeipa-devel] [PATCH] 377 Using LDAPI to setup CA and KRA agents.

On 08/27/2015 09:41 PM, Endi Sukma Dewata wrote: The CA and KRA installation code has been modified to use LDAPI to create the CA and KRA agents directly in the CA and KRA database. This way it's no longer necessary to use the Directory Manager password or CA and KRA admin certificate.

Re: [Freeipa-devel] [PATCH] 1115 Use %license tag in spec file

On 08/17/2015 04:20 PM, Rob Crittenden wrote: Use %license instead of %doc in spec file to ship the license. rob ACK Pushed to: master: 7ed51586ca8ccaafab6bb11bb5161dc25800fddf ipa-4-2: 30cfae7823d1a77438bab94726139f9764456a88 -- Manage your subscription for the Freeipa-devel mailing

Re: [Freeipa-devel] [PATCH] 377 Using LDAPI to setup CA and KRA agents.

On 31.8.2015 22:15, Endi Sukma Dewata wrote: On 8/31/2015 6:18 AM, Martin Basti wrote: On 08/27/2015 09:41 PM, Endi Sukma Dewata wrote: The CA and KRA installation code has been modified to use LDAPI to create the CA and KRA agents directly in the CA and KRA database. This way it's no longer

Re: [Freeipa-devel] [PATCHSET] Replica promotion patches

On 08/26/2015 11:27 PM, Simo Sorce wrote: > This patchset implements https://fedorahosted.org/freeipa/ticket/2888 > and introduces a number of required changes and dependencies to achieve > this goal. > This work requires the custodia project to securely transfer keys > between ipa servers. >

Re: [Freeipa-devel] [PATCHSET] Replica promotion patches

On Mon, 2015-08-31 at 14:45 +0200, Tomas Babej wrote: > > On 08/26/2015 11:27 PM, Simo Sorce wrote: > > This patchset implements https://fedorahosted.org/freeipa/ticket/2888 > > and introduces a number of required changes and dependencies to achieve > > this goal. > > This work requires the

Re: [Freeipa-devel] [PATCHSET] Replica promotion patches

On 08/31/2015 02:56 PM, Simo Sorce wrote: > On Mon, 2015-08-31 at 14:45 +0200, Tomas Babej wrote: >> >> On 08/26/2015 11:27 PM, Simo Sorce wrote: >>> This patchset implements https://fedorahosted.org/freeipa/ticket/2888 >>> and introduces a number of required changes and dependencies to achieve

Re: [Freeipa-devel] cert profiles - test plan + patches

On Mon, Aug 31, 2015 at 12:24:13PM +0200, Martin Basti wrote: > > > On 08/18/2015 04:06 PM, Milan Kubík wrote: > >On 08/11/2015 03:17 AM, Fraser Tweedale wrote: > >>On Mon, Aug 10, 2015 at 11:36:31AM +0200, Milan Kubík wrote: > >>>On 08/05/2015 02:57 PM, Milan Kubík wrote: > Hi list, >

[Freeipa-devel] [PATCH 0302] DNSSEC: remove "DNSSEC is experimental" warnings

https://fedorahosted.org/freeipa/ticket/5265 Patch attached. Should I remove also message class "DNSSECWarning" which is not used now, or just keep it there because ti has already registered error code? Martin^2 From 6a1f1ffa76cd89972ebda19a55bf7d0abe750341 Mon Sep 17 00:00:00 2001 From:

Re: [Freeipa-devel] ipa-devel repos on jdennis.fedorapeople.org

On Thu, 2015-08-27 at 10:27 +0200, Petr Spacek wrote: > On 15.7.2015 09:44, Jan Pazdziora wrote: > > On Tue, Jul 14, 2015 at 12:49:23PM -0400, John Dennis wrote: > > > On 07/14/2015 12:03 PM, Petr Spacek wrote: > > > > Hello, > > > > > > > > Is anyone using repos > > > >

Re: [Freeipa-devel] ipa-devel repos on jdennis.fedorapeople.org

On Thu, 2015-08-27 at 08:20 -0400, John Dennis wrote: > On 08/27/2015 04:27 AM, Petr Spacek wrote: > > On 15.7.2015 09:44, Jan Pazdziora wrote: > > > On Tue, Jul 14, 2015 at 12:49:23PM -0400, John Dennis wrote: > > > > On 07/14/2015 12:03 PM, Petr Spacek wrote: > > > > > Hello, > > > > > > > > >