Re: [Freeipa-devel] [PATCH 547] cacert install: fix trust chain validation

On 02/22/2016 06:30 PM, Jan Cholasta wrote: Hi, the attached patch fixes . Honza ACK. -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to Free

Re: [Freeipa-devel] [PATCH 0022-23] Coverity patches

On 24.2.2016 08:46, Stanislav Laznicka wrote: Reworded the commit messages so that they mention Coverity. On 02/22/2016 07:18 AM, Jan Cholasta wrote: On 2.2.2016 13:36, Stanislav Laznicka wrote: On 02/01/2016 02:24 PM, Jan Cholasta wrote: On 1.2.2016 12:11, Petr Spacek wrote: On 1.2.2016 09:

Re: [Freeipa-devel] [PATCH 547] cacert install: fix trust chain validation

On 24.2.2016 09:13, Martin Babinsky wrote: On 02/22/2016 06:30 PM, Jan Cholasta wrote: Hi, the attached patch fixes . Honza ACK. Thanks. Pushed to: master: ef9134640795b736731bfbdb6fe0badb3e817552 ipa-4-3: 4fa8d3bca44b02b81783673dd14954b94ed

Re: [Freeipa-devel] [PATCH 0420] Set BuildRequires to pylint 1.4

On (23/02/16 14:23), Rob Crittenden wrote: >Lukas Slebodnik wrote: >> On (23/02/16 17:09), Martin Basti wrote: >>> We cannot guarantee that versions older than 1.4 will work with freeipa >>> code. >>> >>> Patch attached. >> >>>From a59e72a0b87231c0f2e0d737057550dd532feed7 Mon Sep 17 00:00:00 2001

Re: [Freeipa-devel] Locations design v2: LDAP schema & user interface

On 02/23/2016 06:59 PM, Petr Spacek wrote: > On 23.2.2016 18:14, Simo Sorce wrote: ... >> More seriously I think it is a great idea, but too premature to get all >> the way there now. We need to build schema and CLI that will allow us to >> get there without having to completely change interfaces i

Re: [Freeipa-devel] [PATCH 0084-0086] CI: Add double circle topology

On 24/02/16 08:27, David Kupka wrote: On 23/02/16 17:54, Martin Basti wrote: On 23.02.2016 17:33, Martin Basti wrote: On 23.02.2016 17:30, Martin Basti wrote: On 18.02.2016 10:14, David Kupka wrote: On 12/02/16 16:52, Martin Basti wrote: On 12.02.2016 13:03, Milan Kubík wrote: On 02

Re: [Freeipa-devel] [PATCH 0084-0086] CI: Add double circle topology

On 24.02.2016 10:07, David Kupka wrote: On 24/02/16 08:27, David Kupka wrote: On 23/02/16 17:54, Martin Basti wrote: On 23.02.2016 17:33, Martin Basti wrote: On 23.02.2016 17:30, Martin Basti wrote: On 18.02.2016 10:14, David Kupka wrote: On 12/02/16 16:52, Martin Basti wrote: On

Re: [Freeipa-devel] [PATCH 0413] fix permission: Read Replication Agreements

On 23.2.2016 17:20, Martin Basti wrote: On 22.02.2016 09:00, Jan Cholasta wrote: Hi, On 17.2.2016 14:49, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5631 Patch attached (for master, 4.3, 4.2) 1) All the replication agreement permission ACIs should be located in the same en

Re: [Freeipa-devel] [PATCH 546] client: stop using /etc/pki/nssdb

On 22/02/16 16:06, Jan Cholasta wrote: Hi, the attached patch fixes . Honza Works for me, ACK. -- David Kupka -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to F

Re: [Freeipa-devel] [PATCH 546] client: stop using /etc/pki/nssdb

On 24.2.2016 10:50, David Kupka wrote: On 22/02/16 16:06, Jan Cholasta wrote: Hi, the attached patch fixes . Honza Works for me, ACK. Thanks. Pushed to: master: 11592dde1b232a70f318e01f5271b38890090648 ipa-4-3: a3e8af3b4aae3dd59985b1065f5305

Re: [Freeipa-devel] [PATCH 0420] Set BuildRequires to pylint 1.4

On 02/24/2016 09:50 AM, Lukas Slebodnik wrote: On (23/02/16 14:23), Rob Crittenden wrote: Lukas Slebodnik wrote: On (23/02/16 17:09), Martin Basti wrote: We cannot guarantee that versions older than 1.4 will work with freeipa code. Patch attached. >From a59e72a0b87231c0f2e0d737057550dd532fe

Re: [Freeipa-devel] [PATCH 0413] fix permission: Read Replication Agreements

On 24.02.2016 10:45, Jan Cholasta wrote: On 23.2.2016 17:20, Martin Basti wrote: On 22.02.2016 09:00, Jan Cholasta wrote: Hi, On 17.2.2016 14:49, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5631 Patch attached (for master, 4.3, 4.2) 1) All the replication agreement perm

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On 02/16/2016 02:23 PM, Martin Babinsky wrote: Hi list, WARNING: huge brain dump ahead. During investigation of https://fedorahosted.org/freeipa/ticket/4305 me and Petr Spaced (CC'ed) came to a conclusion that the IPA realm autodiscovery code used by ipa-client-install is so convoluted, complex

Re: [Freeipa-devel] [PATCH 0413] fix permission: Read Replication Agreements

On 24.2.2016 13:07, Martin Basti wrote: On 24.02.2016 10:45, Jan Cholasta wrote: On 23.2.2016 17:20, Martin Basti wrote: On 22.02.2016 09:00, Jan Cholasta wrote: Hi, On 17.2.2016 14:49, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5631 Patch attached (for master, 4.3, 4.2

Re: [Freeipa-devel] [PATCH 0420] Set BuildRequires to pylint 1.4

On (24/02/16 11:06), Petr Vobornik wrote: >On 02/24/2016 09:50 AM, Lukas Slebodnik wrote: >>On (23/02/16 14:23), Rob Crittenden wrote: >>>Lukas Slebodnik wrote: On (23/02/16 17:09), Martin Basti wrote: >We cannot guarantee that versions older than 1.4 will work with freeipa >code.

Re: [Freeipa-devel] [PATCH 0011] Move freeipa certmonger helpers to libexecdir.

David Kupka wrote: > On 23/02/16 16:41, Rob Crittenden wrote: >> David Kupka wrote: >>> On 23/02/16 10:14, Martin Kosek wrote: On 02/23/2016 09:47 AM, David Kupka wrote: > On 22/02/16 16:15, Martin Kosek wrote: >> On 02/22/2016 04:04 PM, Jan Cholasta wrote: >>> On 22.2.2016 15:56,

[Freeipa-devel] [PATCH 0421] Make PTR records check optional for IPA installation

https://fedorahosted.org/freeipa/ticket/5686 Patch attached. From 19a00a076101ff25ba0cd626bab8b5f8a6e6cb68 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 24 Feb 2016 14:33:34 +0100 Subject: [PATCH] Make PTR records check optional for IPA installation PTR records are not mandratory for I

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On Wed, Feb 24, 2016 at 01:31:55PM +0100, Petr Vobornik wrote: > On 02/16/2016 02:23 PM, Martin Babinsky wrote: > >Hi list, > > > >WARNING: huge brain dump ahead. > > > >During investigation of https://fedorahosted.org/freeipa/ticket/4305 me > >and Petr Spaced (CC'ed) came to a conclusion that the

Re: [Freeipa-devel] Locations design v2: LDAP schema & user interface

On Wed, 2016-02-24 at 10:00 +0100, Martin Kosek wrote: > On 02/23/2016 06:59 PM, Petr Spacek wrote: > > On 23.2.2016 18:14, Simo Sorce wrote: > ... > >> More seriously I think it is a great idea, but too premature to get all > >> the way there now. We need to build schema and CLI that will allow us

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On 02/24/2016 03:20 PM, Sumit Bose wrote: On Wed, Feb 24, 2016 at 01:31:55PM +0100, Petr Vobornik wrote: On 02/16/2016 02:23 PM, Martin Babinsky wrote: Hi list, WARNING: huge brain dump ahead. During investigation of https://fedorahosted.org/freeipa/ticket/4305 me and Petr Spaced (CC'ed) came

Re: [Freeipa-devel] [PATCH 0413] fix permission: Read Replication Agreements

On 24.02.2016 13:36, Jan Cholasta wrote: On 24.2.2016 13:07, Martin Basti wrote: On 24.02.2016 10:45, Jan Cholasta wrote: On 23.2.2016 17:20, Martin Basti wrote: On 22.02.2016 09:00, Jan Cholasta wrote: Hi, On 17.2.2016 14:49, Martin Basti wrote: https://fedorahosted.org/freeipa/ticke

Re: [Freeipa-devel] [PATCH 0420] Set BuildRequires to pylint 1.4

On 24.02.2016 13:38, Lukas Slebodnik wrote: On (24/02/16 11:06), Petr Vobornik wrote: On 02/24/2016 09:50 AM, Lukas Slebodnik wrote: On (23/02/16 14:23), Rob Crittenden wrote: Lukas Slebodnik wrote: On (23/02/16 17:09), Martin Basti wrote: We cannot guarantee that versions older than 1.4 w

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On Wed, Feb 24, 2016 at 03:30:40PM +0100, Martin Babinsky wrote: > On 02/24/2016 03:20 PM, Sumit Bose wrote: > >On Wed, Feb 24, 2016 at 01:31:55PM +0100, Petr Vobornik wrote: > >>On 02/16/2016 02:23 PM, Martin Babinsky wrote: > >>>Hi list, > >>> > >>>WARNING: huge brain dump ahead. > >>> > >>>Durin

Re: [Freeipa-devel] [REVIEW] Intial stab towards Authentication Indicators

On Sun, 2016-02-21 at 20:50 -0500, Simo Sorce wrote: > On Sun, 2016-02-21 at 20:20 -0500, Nathaniel McCallum wrote: > > > > https://github.com/npmccallum/freeipa/pull/1 > > > > The above (pseudo) pull request contains four patches against > > FreeIPA > > to enable the insertion of Authentication

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On 02/24/2016 01:31 PM, Petr Vobornik wrote: On 02/16/2016 02:23 PM, Martin Babinsky wrote: Hi list, WARNING: huge brain dump ahead. During investigation of https://fedorahosted.org/freeipa/ticket/4305 me and Petr Spaced (CC'ed) came to a conclusion that the IPA realm autodiscovery code used b

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On 24/02/16 15:55, Sumit Bose wrote: On Wed, Feb 24, 2016 at 03:30:40PM +0100, Martin Babinsky wrote: On 02/24/2016 03:20 PM, Sumit Bose wrote: On Wed, Feb 24, 2016 at 01:31:55PM +0100, Petr Vobornik wrote: On 02/16/2016 02:23 PM, Martin Babinsky wrote: Hi list, WARNING: huge brain dump ahea

Re: [Freeipa-devel] IPA client realm/domain autodiscovery improvements

On Wed, Feb 24, 2016 at 04:08:14PM +0100, David Kupka wrote: > On 24/02/16 15:55, Sumit Bose wrote: > >On Wed, Feb 24, 2016 at 03:30:40PM +0100, Martin Babinsky wrote: > >>On 02/24/2016 03:20 PM, Sumit Bose wrote: > >>>On Wed, Feb 24, 2016 at 01:31:55PM +0100, Petr Vobornik wrote: > On 02/16/20

Re: [Freeipa-devel] [PATCH] 0017 configure DNA shared config entry to allow connection with GSSAPI

On 01/21/2016 05:04 PM, Martin Babinsky wrote: On 01/21/2016 01:37 PM, thierry bordaz wrote: Hi Thierry, I have couple of comments to your patch: 1.) there is a number of PEP8 errors in the patch (http://paste.fedoraproject.org/313246/33893701), please fix them. See http://www.freeipa.o

[Freeipa-devel] [PATCH] revert temporal changes in the vault CI test

Workaround for #5538 works, tests can be restored to original state https://fedorahosted.org/freeipa/ticket/5538 Pushed to: master: a14d68749397a52537594da890fb23e994dd04e2 ipa-4-3: 390f6342952b63d6d27648096d70bc3fdd81dc78 -- Manage your subscription for the Freeipa-devel mailing list: https://

[Freeipa-devel] [PATCH 0423] fix duplicated except

During my playing with pylint, I fixed this issue which allows us to enable additional check in pylint (the nice one). Patch attached, it should go only to master. From 547d41f5835e1dd3a4dcf644948ef104cc50c5dc Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Fri, 12 Feb 2016 17:30:10 +0100 Sub

[Freeipa-devel] [PATCH 0424] Pylint: add missing attributes of exceptions to definition in pylint plugin

Pylint is not able to handle IPA errors objects, because attributes are added into objects dynamically, and pylint 1.5 reports them as no-member errors. https://fedorahosted.org/freeipa/ticket/5615 Patch attached. From 2e70066d10e8d15c3989a8c1c7583cf83c471f38 Mon Sep 17 00:00:00 2001 From: Mar

[Freeipa-devel] [PATCH 0422] CI: allow customized DS install test to run under different domain levels

https://fedorahosted.org/freeipa/ticket/5606 Patch attached. From 1fe93ac24694dc490ddc497b1cbd493cd38e8117 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 24 Feb 2016 17:45:55 +0100 Subject: [PATCH] CI: allow customized DS install test to work with domain levels Test will use tasks meth

Re: [Freeipa-devel] [patch 0034] ipatests: extend permission plugin test with new expected output

On 24.02.2016 08:34, Milan Kubík wrote: On 02/18/2016 03:52 PM, Milan Kubík wrote: On 02/15/2016 04:59 PM, Milan Kubík wrote: Patch attached. Applies on ipa-4-3 as well. Updated version of patch fixes test_old_permission_plugin as well. -- Milan Kubik Review bump. -- Milan Kubik N

Re: [Freeipa-devel] [PATCH] 0007 Refactor test_sudocmd_plugin

Hi, these problems have been fixed. F. - Original Message - > NACK. > Some little changes still required: > * fixing the pep8 errors > * fixing the wrong comment > > [root@master2 freeipa]# pep8 ipatests/test_xmlrpc/test_sudocmd_plugin.py > ipatests/test_xmlrpc/test_sudocmd_plugin.py:

Re: [Freeipa-devel] [PATCH] 0008 Refactor test_sudocmdgroup_plugin, create SudoCmdGroupTracker

Hi, fixed. To be honest, I left that +1char longer lines there on purpose. IMHO it brings better readability and pep8 *.py | wc -l in test_xmlrpc dir returns an overwhelming number anyway. But yeah, some of these weren't really necessary...so I changed them all :) This patch is dependent on 00