[Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

https://fedorahosted.org/freeipa/ticket/5757 Patches attached. From a76d63aea17b3b429defd059a026b2764e92e5b7 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 29 Jun 2016 13:34:19 +0200 Subject: [PATCH 1/2] Enhance logger to allow logfiles with timestamps Keyword

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 09:56, Petr Spacek wrote: On 30.6.2016 09:40, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5757 "The easiest solution would be to add timestamps to logs, or log to different logs from oddjob or from installer (ipareplica-conncheck.local.log and

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 10:14, Jan Cholasta wrote: > On 30.6.2016 10:06, Petr Spacek wrote: >> On 30.6.2016 10:02, Jan Cholasta wrote: >>> On 30.6.2016 09:56, Petr Spacek wrote: On 30.6.2016 09:40, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5757 >>> >>> "The easiest solution would

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 11:07, Martin Basti wrote: On 30.06.2016 10:21, Jan Cholasta wrote: On 30.6.2016 10:12, Petr Spacek wrote: On 30.6.2016 10:14, Jan Cholasta wrote: On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On 30.6.2016 09:56, Petr Spacek wrote: On

Re: [Freeipa-devel] [PATCH 660] replica install: don't allow install against a newer server

On 29.6.2016 17:46, Petr Spacek wrote: On 29.6.2016 14:25, Jan Cholasta wrote: Hi, the attached patch fixes . ACK Thanks. Pushed to master: 99339bf7892fcc1201e06e6a8105b0bb4681c4f4 -- Jan Cholasta -- Manage your subscription for the

Re: [Freeipa-devel] [PATCH 0018][Tests] Fix some of the failing tests in test_ipalib/test_frontend.py

On 29.06.2016 17:51, Ganna Kaihorodova wrote: Hello! ACK Best regards, Ganna Kaihorodova Associate Software Quality Engineer - Original Message - From: "Lenka Doudova" To: "freeipa-devel" Sent: Tuesday, June 21, 2016 10:21:44 AM

Re: [Freeipa-devel] [PATCH 0545] cert.py: split doctring to multiple ugettext strings

On 30.06.2016 13:20, Stanislav Laznicka wrote: On 06/30/2016 01:08 PM, Martin Basti wrote: On 30.06.2016 10:13, Stanislav Laznicka wrote: On 06/30/2016 09:18 AM, Martin Basti wrote: Make life of translators easier, there was recent change in cert.py docstring, so they have to translate

Re: [Freeipa-devel] [PATCH] 0082 cert-request: better error msg when 'add' not supported

On Thu, Jun 30, 2016 at 07:49:04PM +1000, Fraser Tweedale wrote: > On Thu, Jun 30, 2016 at 11:38:35AM +0200, Florence Blanc-Renaud wrote: > > On 06/30/2016 06:29 AM, Fraser Tweedale wrote: > > > On Wed, Jun 29, 2016 at 11:30:14AM +0200, Florence Blanc-Renaud wrote: > > > > On 06/29/2016 07:25 AM,

Re: [Freeipa-devel] [PATCHES 662-665] session: do not initialize session manager on import

On 06/29/2016 04:53 PM, Jan Cholasta wrote: Hi, the attached patches fix . Honza ACK. -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to

Re: [Freeipa-devel] [Test][patch-0052] Test for incorrect client domain

On 30.06.2016 14:40, Oleg Fayans wrote: Hi Martin, Attached is a new version of the patch with two test cases separated. On 06/29/2016 12:23 PM, Martin Basti wrote: On 29.06.2016 10:56, Oleg Fayans wrote: Hello, +assert_error(result, + "Failed to verify that

[Freeipa-devel] [PATCH 0545] cert.py: split doctring to multiple ugettext strings

Make life of translators easier, there was recent change in cert.py docstring, so they have to translate the whole docstring again, so I'm splitting it to multiple parts. Patch attached From c2b71ea436cef0901493a742d15fa762f37677ed Mon Sep 17 00:00:00 2001 From: Martin Basti

Re: [Freeipa-devel] [PATCH 0545] cert.py: split doctring to multiple ugettext strings

On 06/30/2016 09:18 AM, Martin Basti wrote: Make life of translators easier, there was recent change in cert.py docstring, so they have to translate the whole docstring again, so I'm splitting it to multiple parts. Patch attached I'm not sure whether the "See RFC 5280 for more details"

Re: [Freeipa-devel] [WIP] Thin client

On 29.6.2016 10:21, Jan Cholasta wrote: On 29.6.2016 09:22, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to "ipalib: use relative imports for cross-plugin

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.06.2016 10:21, Jan Cholasta wrote: On 30.6.2016 10:12, Petr Spacek wrote: On 30.6.2016 10:14, Jan Cholasta wrote: On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On 30.6.2016 09:56, Petr Spacek wrote: On 30.6.2016 09:40, Martin Basti wrote:

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 06/30/2016 12:32 PM, Lenka Doudova wrote: On 06/29/2016 07:49 PM, Petr Spacek wrote: On 29.6.2016 18:52, Lenka Doudova wrote: On 06/29/2016 06:51 PM, Petr Spacek wrote: On 29.6.2016 18:48, Lenka Doudova wrote: On 06/27/2016 11:05 AM, Lenka Doudova wrote: On 06/27/2016 10:33 AM,

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 06/30/2016 12:41 PM, Lenka Doudova wrote: > > > On 06/30/2016 12:32 PM, Lenka Doudova wrote: >> >> >> On 06/29/2016 07:49 PM, Petr Spacek wrote: >>> On 29.6.2016 18:52, Lenka Doudova wrote: On 06/29/2016 06:51 PM, Petr Spacek wrote: > On 29.6.2016 18:48, Lenka Doudova wrote:

[Freeipa-devel] [PATCH] 0067-72: webui for kerberos aliases

Hello, please review these patches. First two patches fix two minor bugs in custom_command_multivalued_widget. The rest of patches add webui for kerberos aliases. https://fedorahosted.org/freeipa/ticket/5927 -- Pavel^3 Vomacka From d6e0337fd83a4e337c429ecc23038e7af754312e Mon Sep 17

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 30.06.2016 12:58, Lenka Doudova wrote: On 06/30/2016 12:51 PM, Petr Spacek wrote: On 30.6.2016 12:32, Lenka Doudova wrote: On 06/29/2016 07:49 PM, Petr Spacek wrote: On 29.6.2016 18:52, Lenka Doudova wrote: On 06/29/2016 06:51 PM, Petr Spacek wrote: On 29.6.2016 18:48, Lenka Doudova

Re: [Freeipa-devel] [PATCH] 0062, 63: webui: Add button for 'server-del' command

On 06/29/2016 05:42 PM, Petr Vobornik wrote: On 06/24/2016 12:40 PM, Pavel Vomacka wrote: Hello, please review attached patches, they add 'Delete Server' button. 1. there is a whitespace warning while applying patch 63. 2. It breaks expectation of no_init. Instead of var that =

Re: [Freeipa-devel] [PATCHES 662-665] session: do not initialize session manager on import

On 30.6.2016 13:51, Martin Babinsky wrote: On 06/29/2016 04:53 PM, Jan Cholasta wrote: Hi, the attached patches fix . Honza ACK. Thanks. Pushed to master: 2615103c68e68596473260064dbe84585073eb51 -- Jan Cholasta -- Manage your

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 30.6.2016 12:32, Lenka Doudova wrote: > > > On 06/29/2016 07:49 PM, Petr Spacek wrote: >> On 29.6.2016 18:52, Lenka Doudova wrote: >>> >>> On 06/29/2016 06:51 PM, Petr Spacek wrote: On 29.6.2016 18:48, Lenka Doudova wrote: > On 06/27/2016 11:05 AM, Lenka Doudova wrote: >> On

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 06/30/2016 12:51 PM, Petr Spacek wrote: On 30.6.2016 12:32, Lenka Doudova wrote: On 06/29/2016 07:49 PM, Petr Spacek wrote: On 29.6.2016 18:52, Lenka Doudova wrote: On 06/29/2016 06:51 PM, Petr Spacek wrote: On 29.6.2016 18:48, Lenka Doudova wrote: On 06/27/2016 11:05 AM, Lenka

[Freeipa-devel] [PATCH 0548] Fix replica install with CA

https://fedorahosted.org/freeipa/ticket/5966 This only for master branch, ipa-4-3 fix will be different (soon) Patch attached From 1324ea9584aaefc8943bed87460166c68c3bd2c1 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Wed, 29 Jun 2016 19:49:43 +0200 Subject: [PATCH] Fix

Re: [Freeipa-devel] [PATCH 0548] Fix replica install with CA

On 30.06.2016 13:18, Petr Spacek wrote: On 30.6.2016 13:04, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5966 This only for master branch, ipa-4-3 fix will be different (soon) Patch attached ACK Pushed to master: a155f692e7ad7807a5ea28250d1e72b3e821991e -- Manage your

Re: [Freeipa-devel] [PATCH 0545] cert.py: split doctring to multiple ugettext strings

On 06/30/2016 01:08 PM, Martin Basti wrote: On 30.06.2016 10:13, Stanislav Laznicka wrote: On 06/30/2016 09:18 AM, Martin Basti wrote: Make life of translators easier, there was recent change in cert.py docstring, so they have to translate the whole docstring again, so I'm splitting it to

Re: [Freeipa-devel] [PATCH 0096] Add authentication indicators support to Host objects

On 06/29/2016 04:40 PM, Stanislav Laznicka wrote: > On 06/29/2016 04:02 PM, Stanislav Laznicka wrote: >> On 06/29/2016 03:53 PM, Martin Basti wrote: >>> >>> >>> On 29.06.2016 15:52, Stanislav Laznicka wrote: On 06/24/2016 03:14 PM, Martin Basti wrote: > > > On 24.06.2016 15:11,

Re: [Freeipa-devel] [PATCH] 0065, 66: webui: authentication indicators on host page

On 06/29/2016 06:38 PM, Petr Vobornik wrote: > On 06/28/2016 04:32 PM, Pavel Vomacka wrote: >> Hello, >> >> please review attached patches. I moved strings used by authentication >> indicators widget to another dict so the second patch changes strings in >> custom_checkbox widget on service page.

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.06.2016 12:07, Petr Spacek wrote: On 30.6.2016 10:21, Jan Cholasta wrote: On 30.6.2016 10:12, Petr Spacek wrote: On 30.6.2016 10:14, Jan Cholasta wrote: On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On 30.6.2016 09:56, Petr Spacek wrote: On

Re: [Freeipa-devel] [PATCH 0145] DNS: Reinitialize DNS resolver after changing resolv.con

On 29.06.2016 19:38, Petr Spacek wrote: Hello, DNS: Reinitialize DNS resolver after changing resolv.conf Previously the installer did not reinitialize resolver so queries for records created using --ip-address option might not be answered. This led to incorrect results during 'Updating DNS

Re: [Freeipa-devel] [PATCH] 0062, 63: webui: Add button for 'server-del' command

On 06/30/2016 01:57 PM, Pavel Vomacka wrote: > > > On 06/29/2016 05:42 PM, Petr Vobornik wrote: >> On 06/24/2016 12:40 PM, Pavel Vomacka wrote: >>> Hello, >>> >>> please review attached patches, they add 'Delete Server' button. >>> >> 1. there is a whitespace warning while applying patch 63. >>

Re: [Freeipa-devel] [PATCH 0545] cert.py: split doctring to multiple ugettext strings

On 30.06.2016 10:13, Stanislav Laznicka wrote: On 06/30/2016 09:18 AM, Martin Basti wrote: Make life of translators easier, there was recent change in cert.py docstring, so they have to translate the whole docstring again, so I'm splitting it to multiple parts. Patch attached I'm not

[Freeipa-devel] [PATCH] 0085 Fix upgrade when Dogtag also upgraded from 10.2 -> 10.3

Hullo, The attached patch fixes https://fedorahosted.org/freeipa/ticket/6011. Cheers, Fraser From c92ed38c0ef41814dec6ddf4a003948af5bc0beb Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 30 Jun 2016 21:01:07 +1000 Subject: [PATCH] Fix upgrade when Dogtag also

Re: [Freeipa-devel] [PATCH 0548] Fix replica install with CA

On 30.6.2016 13:04, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5966 > > This only for master branch, ipa-4-3 fix will be different (soon) > > Patch attached ACK -- Petr^2 Spacek -- Manage your subscription for the Freeipa-devel mailing list:

Re: [Freeipa-devel] [PATCH] 0064: webui: simplify confirmation messages in confirmation dialogs

On 06/30/2016 10:39 AM, Pavel Vomacka wrote: > > > On 06/29/2016 04:40 PM, Petr Vobornik wrote: >> On 06/27/2016 05:50 PM, Pavel Vomacka wrote: >>> Hello, >>> >>> Please review attached patch which simplifies confirmation messages for >>> 'remove cert hold' and 'restore cert' actions. >>> >> I'd

Re: [Freeipa-devel] [PATCH 0053] Fix wrong imports in copy-schema-to-ca

On 28.06.2016 16:35, Petr Spacek wrote: On 28.6.2016 14:52, Stanislav Laznicka wrote: Hello, The attached patch fixes wrong imports in copy-schema-to-ca.py script. https://fedorahosted.org/freeipa/ticket/6003 ACK Pushed to master: f3858be6e353fadf0b1da1c31b908264ddd636c5 -- Manage your

Re: [Freeipa-devel] [PATCH] 0007 Fix ipa-server-certinstall with certs signed by 3rd-party CA

On 06/29/2016 02:17 PM, Stanislav Laznicka wrote: > On 06/22/2016 09:29 PM, Florence Blanc-Renaud wrote: >> Hi, >> >> This patch fixes ipa-server-certinstall when used with 3rd-party certs. >> The scenario is the following: >> - install the server with an embedded CA >> - use ipa-cacert-manage to

Re: [Freeipa-devel] [PATCH 0144] Fix `Conflicts` with ipa-python

On 30.06.2016 15:36, Stanislav Laznicka wrote: On 06/29/2016 02:36 PM, Petr Spacek wrote: Hello, Fix `Conflicts` with ipa-python The conflicts should have constant version in it because it is related to package split. https://fedorahosted.org/freeipa/ticket/6004 I've tested the same

Re: [Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

On 06/30/2016 04:12 PM, Oleg Fayans wrote: Hi Lenka, The changes in test_trust.py are fine. As for tasks.py: 1. I'd rename sync_time_hostname to just sync_time and 2. I would start ntpd again in the same method: it's no good to keep this thing in mind each time you call it. If you start ntpd

Re: [Freeipa-devel] [PATCH] 958 admintools: missing python3-ipaclient dependency

On 30.6.2016 16:07, Martin Basti wrote: On 06.06.2016 18:40, Petr Vobornik wrote: On 06/06/2016 07:28 AM, Jan Cholasta wrote: Hi, On 3.6.2016 18:29, Petr Vobornik wrote: admintools doesn't pull python[2|3]-ipaclient by default which ends with exception if CLI is used. Please use this

Re: [Freeipa-devel] [WIP] Thin client

On 30.6.2016 16:25, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to "ipalib: use relative imports for cross-plugin imports" should be good for review. The

Re: [Freeipa-devel] [PATCH 0144] Fix `Conflicts` with ipa-python

On 06/29/2016 02:36 PM, Petr Spacek wrote: Hello, Fix `Conflicts` with ipa-python The conflicts should have constant version in it because it is related to package split. https://fedorahosted.org/freeipa/ticket/6004 I've tested the same change in RHEL 7.2->7.3 upgrade and it worked just

Re: [Freeipa-devel] [PATCH 0096] Add authentication indicators support to Host objects

On Thu, 2016-06-30 at 13:42 +0200, Petr Vobornik wrote: > On 06/29/2016 04:40 PM, Stanislav Laznicka wrote: > > > > On 06/29/2016 04:02 PM, Stanislav Laznicka wrote: > > > > > > On 06/29/2016 03:53 PM, Martin Basti wrote: > > > > > > > > > > > > > > > > On 29.06.2016 15:52, Stanislav Laznicka

[Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

Hi, attaching patch with some basic coverage for external trust feature. Bit more detailed info in commit message. Since the feature requires me to run commands previously used only for forest root domains even for subdomains, I made some changes in ipatests/test_integration/tasks.py file,

Re: [Freeipa-devel] [PATCH] 958 admintools: missing python3-ipaclient dependency

On 30.06.2016 16:20, Jan Cholasta wrote: On 30.6.2016 16:07, Martin Basti wrote: On 06.06.2016 18:40, Petr Vobornik wrote: On 06/06/2016 07:28 AM, Jan Cholasta wrote: Hi, On 3.6.2016 18:29, Petr Vobornik wrote: admintools doesn't pull python[2|3]-ipaclient by default which ends with

Re: [Freeipa-devel] [PATCH] 0083 Fix regression on ipa-4-3 branch

On 30.06.2016 06:37, Fraser Tweedale wrote: The attached patch fixes a regression on the ipa-4-3 branch, caused by commit 3d71c43504ea7837ea14bb9dd4a469c07337293f. Thanks, Fraser ACK, thanks Pushed to ipa-4-3: 8ce40940300e0e37191251a8a26bb8a4b5fcd604 -- Manage your subscription for the

Re: [Freeipa-devel] [PATCH 0096] Add authentication indicators support to Host objects

On 06/30/2016 03:55 PM, Nathaniel McCallum wrote: > On Thu, 2016-06-30 at 13:42 +0200, Petr Vobornik wrote: >> On 06/29/2016 04:40 PM, Stanislav Laznicka wrote: >>> >>> On 06/29/2016 04:02 PM, Stanislav Laznicka wrote: On 06/29/2016 03:53 PM, Martin Basti wrote: > > > >

Re: [Freeipa-devel] [PATCH] 0082 cert-request: better error msg when 'add' not supported

On 06/30/2016 01:30 PM, Fraser Tweedale wrote: On Thu, Jun 30, 2016 at 07:49:04PM +1000, Fraser Tweedale wrote: On Thu, Jun 30, 2016 at 11:38:35AM +0200, Florence Blanc-Renaud wrote: On 06/30/2016 06:29 AM, Fraser Tweedale wrote: On Wed, Jun 29, 2016 at 11:30:14AM +0200, Florence Blanc-Renaud

Re: [Freeipa-devel] [PATCH] 958 admintools: missing python3-ipaclient dependency

On 06.06.2016 18:40, Petr Vobornik wrote: On 06/06/2016 07:28 AM, Jan Cholasta wrote: Hi, On 3.6.2016 18:29, Petr Vobornik wrote: admintools doesn't pull python[2|3]-ipaclient by default which ends with exception if CLI is used. Please use this ticket URL:

Re: [Freeipa-devel] [WIP] Thin client

On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to "ipalib: use relative imports for cross-plugin imports" should be good for review. The rest is subject to change (WARNING: I

Re: [Freeipa-devel] [PATCH] 0082 cert-request: better error msg when 'add' not supported

On 30.06.2016 15:16, Florence Blanc-Renaud wrote: On 06/30/2016 01:30 PM, Fraser Tweedale wrote: On Thu, Jun 30, 2016 at 07:49:04PM +1000, Fraser Tweedale wrote: On Thu, Jun 30, 2016 at 11:38:35AM +0200, Florence Blanc-Renaud wrote: On 06/30/2016 06:29 AM, Fraser Tweedale wrote: On Wed, Jun

Re: [Freeipa-devel] [PATCH] 0077 Check for CA subject name collision before attempting creation

On 24.06.2016 10:34, Milan Kubík wrote: On 06/24/2016 09:34 AM, Fraser Tweedale wrote: Hi, Attached patch fixes https://fedorahosted.org/freeipa/ticket/5981. Cheers, Fraser Thanks for the patch, ACK. Pushed to master: 16f33ddb51523fe9a4c68e9151901ece10a5 -- Manage your subscription

Re: [Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

Hi Lenka, The changes in test_trust.py are fine. As for tasks.py: 1. I'd rename sync_time_hostname to just sync_time and 2. I would start ntpd again in the same method: it's no good to keep this thing in mind each time you call it. Besides, I would split the changes into 2 patches: one for

Re: [Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

On 06/30/2016 04:12 PM, Oleg Fayans wrote: Hi Lenka, The changes in test_trust.py are fine. As for tasks.py: 1. I'd rename sync_time_hostname to just sync_time and There's already one sync_time function with different contents, it seemed nicer to create a new function than adding some

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On 30.6.2016 09:56, Petr Spacek wrote: On 30.6.2016 09:40, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5757 "The easiest solution would be to add timestamps to logs, or log to different logs from

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 10:12, Petr Spacek wrote: On 30.6.2016 10:14, Jan Cholasta wrote: On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On 30.6.2016 09:56, Petr Spacek wrote: On 30.6.2016 09:40, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5757 "The

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 09:40, Martin Basti wrote: > https://fedorahosted.org/freeipa/ticket/5757 > > > Patches attached. I would rather use timestamp format with dashes between numbers to make it easier to read and parse for humans. Compare: 201606270954 201606290954 201606300954 with

[Freeipa-devel] [PATCH] 0009 Do not log error when removing a non-existing file

Hi, this patch fixes issue 1) of the following ticket: Uninstallation complains about missing 'ipa.conf' Issue 2) is not reproducible on the master, and issue 3) is handled in a separate ticket. https://fedorahosted.org/freeipa/ticket/6012 >From 01f8955634e8dbdc9a976ac72250aa38c1969b3c Mon

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 10:21, Jan Cholasta wrote: > On 30.6.2016 10:12, Petr Spacek wrote: >> On 30.6.2016 10:14, Jan Cholasta wrote: >>> On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: > On 30.6.2016 09:56, Petr Spacek wrote: >> On 30.6.2016 09:40, Martin Basti

Re: [Freeipa-devel] [PATCH] 0082 cert-request: better error msg when 'add' not supported

On Thu, Jun 30, 2016 at 11:38:35AM +0200, Florence Blanc-Renaud wrote: > On 06/30/2016 06:29 AM, Fraser Tweedale wrote: > > On Wed, Jun 29, 2016 at 11:30:14AM +0200, Florence Blanc-Renaud wrote: > > > On 06/29/2016 07:25 AM, Fraser Tweedale wrote: > > > > The attached patch fixes > > > >

Re: [Freeipa-devel] [PATCH] 0064: webui: simplify confirmation messages in confirmation dialogs

On 06/29/2016 04:40 PM, Petr Vobornik wrote: On 06/27/2016 05:50 PM, Pavel Vomacka wrote: Hello, Please review attached patch which simplifies confirmation messages for 'remove cert hold' and 'restore cert' actions. I'd change: You can select a reason from the pull-down list. To:

Re: [Freeipa-devel] [PATCH 661] backup: use in-server API in ipa-backup and ipa-restore

On 29.6.2016 19:06, Milan Kubík wrote: On 06/29/2016 02:54 PM, Jan Cholasta wrote: Hi, the attached patch fixes . Honza The restore works with the patch. ACK. Thanks. Pushed to master: ce93b091d2ffbafedc721551f437631eed0e5a86 -- Jan

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 30.6.2016 10:02, Jan Cholasta wrote: > On 30.6.2016 09:56, Petr Spacek wrote: >> On 30.6.2016 09:40, Martin Basti wrote: >>> https://fedorahosted.org/freeipa/ticket/5757 > > "The easiest solution would be to add timestamps to logs, or log to different > logs from oddjob or from installer

Re: [Freeipa-devel] [WIP] Thin client

On 30.6.2016 10:32, Jan Cholasta wrote: On 29.6.2016 10:21, Jan Cholasta wrote: On 29.6.2016 09:22, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub: . All commits up to

Re: [Freeipa-devel] [WIP] Thin client

On 30/06/16 10:45, Jan Cholasta wrote: On 30.6.2016 10:32, Jan Cholasta wrote: On 29.6.2016 10:21, Jan Cholasta wrote: On 29.6.2016 09:22, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub:

Re: [Freeipa-devel] [WIP] Thin client

On 30.6.2016 10:51, David Kupka wrote: On 30/06/16 10:45, Jan Cholasta wrote: On 30.6.2016 10:32, Jan Cholasta wrote: On 29.6.2016 10:21, Jan Cholasta wrote: On 29.6.2016 09:22, David Kupka wrote: On 28/04/16 14:45, Jan Cholasta wrote: Hi, I have pushed my thin client WIP branch to GitHub:

Re: [Freeipa-devel] [PATCH] 0082 cert-request: better error msg when 'add' not supported

On 06/30/2016 06:29 AM, Fraser Tweedale wrote: On Wed, Jun 29, 2016 at 11:30:14AM +0200, Florence Blanc-Renaud wrote: On 06/29/2016 07:25 AM, Fraser Tweedale wrote: The attached patch fixes https://fedorahosted.org/freeipa/ticket/5991. Thanks, Fraser Hi Fraser, A few cosmetic comments:

Re: [Freeipa-devel] [PATCH 0022][Tests] Prevent trust test failures cause by adding duplicate DNS forward zone

On 06/29/2016 07:49 PM, Petr Spacek wrote: On 29.6.2016 18:52, Lenka Doudova wrote: On 06/29/2016 06:51 PM, Petr Spacek wrote: On 29.6.2016 18:48, Lenka Doudova wrote: On 06/27/2016 11:05 AM, Lenka Doudova wrote: On 06/27/2016 10:33 AM, Martin Babinsky wrote: On 06/27/2016 10:28 AM, Petr

Re: [Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

On 06/30/2016 03:47 PM, Lenka Doudova wrote: Hi, attaching patch with some basic coverage for external trust feature. Bit more detailed info in commit message. Since the feature requires me to run commands previously used only for forest root domains even for subdomains, I made some changes in

Re: [Freeipa-devel] [PATCH] 0067-72: webui for kerberos aliases

On 06/30/2016 02:48 PM, Pavel Vomacka wrote: > Hello, > > please review these patches. First two patches fix two minor bugs in > custom_command_multivalued_widget. > > The rest of patches add webui for kerberos aliases. > > https://fedorahosted.org/freeipa/ticket/5927 > A preliminary review -

[Freeipa-devel] [PATCH] Fix minor typo

Hi, /ipaserver/plugins/cert.py:120: Verify that a certificate is owner by a specific user: It might be Verify that a certificate is owned by a specific user: Thanks for reviewing this possible typo fix. Best regards, Yuri 0001-Fix-minor-typo.patch Description: Binary data -- Manage your

Re: [Freeipa-devel] [PATCH 0546-0547] use timestamps for ipareplica-conncheck.log

On 06/30/2016 01:54 PM, Martin Basti wrote: On 30.06.2016 12:07, Petr Spacek wrote: On 30.6.2016 10:21, Jan Cholasta wrote: On 30.6.2016 10:12, Petr Spacek wrote: On 30.6.2016 10:14, Jan Cholasta wrote: On 30.6.2016 10:06, Petr Spacek wrote: On 30.6.2016 10:02, Jan Cholasta wrote: On

Re: [Freeipa-devel] [PATCH 0548] Fix replica install with CA

On 30.06.2016 13:20, Martin Basti wrote: On 30.06.2016 13:18, Petr Spacek wrote: On 30.6.2016 13:04, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/5966 This only for master branch, ipa-4-3 fix will be different (soon) Patch attached ACK Pushed to master:

Re: [Freeipa-devel] [PATCH] 961 webui: prevent infinite reload for users with krbbprincipal alias set

On 06/30/2016 07:34 PM, Petr Vobornik wrote: Web UI has an inbuilt mechanism to reload in case response from a server contains a different principal than the one loaded during Web UI startup. see rpc.js:381 With kerberos aliases support the loaded principal could be different because

[Freeipa-devel] [PATCH] 961 webui: prevent infinite reload for users with krbbprincipal alias set

Web UI has an inbuilt mechanism to reload in case response from a server contains a different principal than the one loaded during Web UI startup. see rpc.js:381 With kerberos aliases support the loaded principal could be different because krbprincipalname contained multiple values. In such

[Freeipa-devel] [PATCH 0146] Fix internal errors in host-add and other commands caused by DNS resolutio

Hello, Fix internal errors in host-add and other commands caused by DNS resolution Previously resolver was returning CheckedIPAddress objects. This internal server error in cases where DNS actually returned reserved IP addresses. Now the resolver is returning UnsafeIPAddress objects which do

Re: [Freeipa-devel] [PATCH] pwpolicy: Do not expire passwords when maxlife is set to 0 (infinity).

On 04/05/16 17:22, Pavel Vomacka wrote: On 05/04/2016 04:36 PM, Simo Sorce wrote: On Wed, 2016-05-04 at 15:39 +0200, Martin Kosek wrote: On 05/02/2016 02:28 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/2795 That patch looks suspiciously short given the struggles I saw in

Re: [Freeipa-devel] [WIP] Kerberos principal aliases pt. 2

On 28/06/16 20:08, Martin Babinsky wrote: On 06/24/2016 09:52 AM, Martin Babinsky wrote: Hi list, I am furiously working on tickets related to the proper support and API for managing kerberos principal aliases for hosts, users, and services[1-5]. To better track and comment on my progress, I

[Freeipa-devel] [PATCH] 0086 Add --ca option to cert-status

On Fri, Jul 01, 2016 at 05:55:35AM +0200, Jan Cholasta wrote: > On 29.6.2016 12:18, Jan Cholasta wrote: > > On 29.6.2016 10:47, Fraser Tweedale wrote: > > > On Wed, Jun 29, 2016 at 10:04:05AM +0200, Jan Cholasta wrote: > > > > Hi, > > > > > > > > On 29.6.2016 06:11, Fraser Tweedale wrote: > > > >

Re: [Freeipa-devel] [PATCH] 0081 Add --ca option to cert-revoke and cert-remove-hold

On 29.6.2016 12:18, Jan Cholasta wrote: On 29.6.2016 10:47, Fraser Tweedale wrote: On Wed, Jun 29, 2016 at 10:04:05AM +0200, Jan Cholasta wrote: Hi, On 29.6.2016 06:11, Fraser Tweedale wrote: Dear team, The attached patch implements the --ca option for the rest of the cert-blah commands

Re: [Freeipa-devel] [PATCH 0025][Tests] RFE: External trust

On 06/30/2016 05:01 PM, Martin Babinsky wrote: On 06/30/2016 03:47 PM, Lenka Doudova wrote: Hi, attaching patch with some basic coverage for external trust feature. Bit more detailed info in commit message. Since the feature requires me to run commands previously used only for forest root

Re: [Freeipa-devel] [PATCH] 0086 Add --ca option to cert-status

On 1.7.2016 06:47, Fraser Tweedale wrote: On Fri, Jul 01, 2016 at 05:55:35AM +0200, Jan Cholasta wrote: On 29.6.2016 12:18, Jan Cholasta wrote: On 29.6.2016 10:47, Fraser Tweedale wrote: On Wed, Jun 29, 2016 at 10:04:05AM +0200, Jan Cholasta wrote: Hi, On 29.6.2016 06:11, Fraser Tweedale

Re: [Freeipa-devel] [PATCH] 0072..0075 Lightweight CA renewal

On 29.6.2016 10:41, Fraser Tweedale wrote: On Wed, Jun 29, 2016 at 09:30:17AM +0200, Jan Cholasta wrote: On 29.6.2016 08:55, Jan Cholasta wrote: On 24.6.2016 08:49, Fraser Tweedale wrote: On Thu, Jun 23, 2016 at 09:51:02AM +0200, Jan Cholasta wrote: Hi, On 21.6.2016 08:24, Fraser Tweedale