[Freeipa-devel] [PATCH] 0001 Fix ipa-client-install --uninstall crash

2014-07-04 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4273 David Kupka From b9a2b18accf3dd41304d244b00aeeb4887d72784 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Fri, 4 Jul 2014 08:26:23 +0200 Subject: [PATCH] Fix ipa-client-install --uninstall crash Fix ipa-client-install crash when

Re: [Freeipa-devel] [PATCH] 0001 Fix ipa-client-install --uninstall crash

2014-07-08 Thread David Kupka
On 07/07/2014 09:15 PM, Petr Viktorin wrote: On 07/04/2014 08:47 AM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4273 David Kupka Hi, This works fine. Just two nitpicks in the log message: - %s means convert to string, so the str() is redundant - the logger methods take items

[Freeipa-devel] [PATCH] 0002 Improve password validity check

2014-07-18 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/2796 -- David Kupka From c0fb9fe49a8b7eb190414571df211c87ba9c3166 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Fri, 18 Jul 2014 10:06:55 +0200 Subject: [PATCH] Improve password validity check. Allow use of characters that no longer

[Freeipa-devel] [PATCH] 0003 Test generated passwords composed of all allowed charactes

2014-07-18 Thread David Kupka
Test verifying that IPA server is able to install using passwords composed of all but forbidden characters. Related to https://fedorahosted.org/freeipa/ticket/2796 -- David Kupka From e4d1c384288f4b5c5d08f9f3abd9393b3b868c80 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Fri

Re: [Freeipa-devel] [PATCH] 0002 Improve password validity check

2014-07-21 Thread David Kupka
On 07/18/2014 12:52 PM, Martin Kosek wrote: On 07/18/2014 12:33 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/2796 1) Would it be easier/more convenient to just implement following simple check instead of bad_prefix/bad_suffix? if password.strip() != password: raise

[Freeipa-devel] [PATCH] Always record that pkicreate has been executed

2014-07-21 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/2796 -- David Kupka From 5d1e323d87aa4bf2b21ed11b062e68e56fe9d887 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Mon, 21 Jul 2014 15:57:18 +0200 Subject: [PATCH] Always record that pkicreate has been executed. Record that pkicreate

[Freeipa-devel] Reasons for not using certmonger DBus API

2014-07-23 Thread David Kupka
While solving ticket #4280 I noticed that we are messing with certmonger's files right under its hands. That can lead to some unpleasant race condition issues. Is there any reason why not to call certmonger via DBus and ask it to stop tracking the requests? -- David Kupka

[Freeipa-devel] [PATCH] 0005 Verify otptoken timespan is valid

2014-07-23 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4244 -- David Kupka From 513fd9b6cf7502ed08e31318dd9425bc12392720 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 23 Jul 2014 15:32:18 +0200 Subject: [PATCH] Verify otptoken timespan is valid When creating or modifying otptoken

[Freeipa-devel] [PATCH] 0006 Fix group-remove-member crash when group is removed from a protected group

2014-07-23 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4448 -- David Kupka From 306fd94ae35f153bd7eabf80217219ec25b2189b Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 23 Jul 2014 16:02:17 +0200 Subject: [PATCH] Fix group-remove-member crash when group is removed from a protected group

Re: [Freeipa-devel] [PATCH] 0002 Improve password validity check

2014-07-24 Thread David Kupka
On 07/22/2014 08:55 AM, Martin Kosek wrote: On 07/21/2014 04:08 PM, David Kupka wrote: On 07/18/2014 12:52 PM, Martin Kosek wrote: On 07/18/2014 12:33 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/2796 1) Would it be easier/more convenient to just implement following simple

[Freeipa-devel] [PATCH] 0007 test group: remove group from protected group

2014-07-24 Thread David Kupka
Simple test scenario from ticket #4448. Last test will fail until patch freeipa-dkupka-0006 gets accepted. -- David Kupka From 240f48865ebb93a9a4d71250f3bcef1c48c453bb Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Thu, 24 Jul 2014 14:45:50 +0200 Subject: [PATCH] test group

Re: [Freeipa-devel] [PATCH] 0007 test group: remove group from protected group

2014-07-29 Thread David Kupka
On 07/28/2014 06:41 PM, Petr Viktorin wrote: On 07/24/2014 03:11 PM, David Kupka wrote: Simple test scenario from ticket #4448. Last test will fail until patch freeipa-dkupka-0006 gets accepted. Thanks! These look fine, but since the new tests don't require that the rest of `test_group

Re: [Freeipa-devel] [PATCH] 0005 Verify otptoken timespan is valid

2014-07-29 Thread David Kupka
On 07/29/2014 01:21 PM, Jan Cholasta wrote: Dne 24.7.2014 v 10:00 David Kupka napsal(a): On 07/23/2014 05:07 PM, Jan Cholasta wrote: Hi, On 23.7.2014 15:46, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4244 1) Use isinstance(X, Y) instead of type(X) is Y. Thanks

Re: [Freeipa-devel] [PATCH] 0005 Verify otptoken timespan is valid

2014-07-29 Thread David Kupka
On 07/29/2014 03:28 PM, Jan Cholasta wrote: Dne 29.7.2014 v 14:11 David Kupka napsal(a): On 07/29/2014 01:21 PM, Jan Cholasta wrote: Dne 24.7.2014 v 10:00 David Kupka napsal(a): On 07/23/2014 05:07 PM, Jan Cholasta wrote: Hi, On 23.7.2014 15:46, David Kupka wrote: https

Re: [Freeipa-devel] Reasons for not using certmonger DBus API

2014-07-30 Thread David Kupka
searching wrong? If not I looked in certmonger code and think that I will be able to add the missing functionality. But I'm unsure what is the preferred way, I can think of two: 1. set_location method 2. read-write location/ca_external_helper property -- David Kupka

[Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-08-19 Thread David Kupka
FreeIPA will use certmonger D-Bus API as discussed in this thread https://www.redhat.com/archives/freeipa-devel/2014-July/msg00304.html This change should prevent hard-to-reproduce bugs like https://fedorahosted.org/freeipa/ticket/4280 -- David Kupka From

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-08-19 Thread David Kupka
On 08/19/2014 09:58 AM, Martin Kosek wrote: On 08/19/2014 09:05 AM, David Kupka wrote: FreeIPA will use certmonger D-Bus API as discussed in this thread https://www.redhat.com/archives/freeipa-devel/2014-July/msg00304.html This change should prevent hard-to-reproduce bugs like https

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-08-25 Thread David Kupka
On 08/19/2014 05:44 PM, Rob Crittenden wrote: David Kupka wrote: On 08/19/2014 09:58 AM, Martin Kosek wrote: On 08/19/2014 09:05 AM, David Kupka wrote: FreeIPA will use certmonger D-Bus API as discussed in this thread https://www.redhat.com/archives/freeipa-devel/2014-July/msg00304.html

[Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-08-25 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/3575 Also should fix https://bugzilla.redhat.com/show_bug.cgi?id=1128380 as installation is no longer interrupted when multiple IPs are resolved. But it does not add the option to change the IP address during second run. -- David Kupka From

[Freeipa-devel] [PATCH] 0010 Add 'host' setting into default.conf configuration file

2014-08-26 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4481 -- David Kupka From 0bb344026c4b46d726c6b5f3f52ffb0390295feb Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 26 Aug 2014 12:40:13 +0200 Subject: [PATCH] Add 'host' setting into default.conf configuration file. The 'host

Re: [Freeipa-devel] [PATCH] 0010 Add 'host' setting into default.conf configuration file

2014-08-26 Thread David Kupka
On 08/26/2014 03:08 PM, Jan Cholasta wrote: Hi, Dne 26.8.2014 v 13:01 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4481 Doing this will break ipa-client-automount and ipa-certupdate, because they assume that api.env.host contains the hostname of the local system (which

[Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation

2014-08-27 Thread David Kupka
Usually it isn't wise to allow something like this. But in environment with broken DNS (described in ticket) there is probably not many alternatives. https://fedorahosted.org/freeipa/ticket/ -- David Kupka From 6cfa293bffc03610bfc0391a96f0b95021f34c4e Mon Sep 17 00:00:00 2001 From: David

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-08-27 Thread David Kupka
Patch modified according to jcholast's personally-delivered feedback: 1) use action='append' instead of that ugly parsing 2) do not use map(), FreeIPA doesn't like it On 08/25/2014 05:04 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/3575 Also should fix https

Re: [Freeipa-devel] [PATCH] 0010 Add 'host' setting into default.conf configuration file

2014-08-27 Thread David Kupka
On 08/27/2014 11:22 AM, Jan Cholasta wrote: Dne 26.8.2014 v 15:55 Rob Crittenden napsal(a): David Kupka wrote: On 08/26/2014 03:08 PM, Jan Cholasta wrote: Hi, Dne 26.8.2014 v 13:01 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4481 Doing this will break ipa-client

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-08-29 Thread David Kupka
Hope, I've addressed all the issues (except 9 and 11, inline). Let's go for another round :-) On 08/27/2014 11:05 AM, Jan Cholasta wrote: Hi, Dne 25.8.2014 v 15:39 David Kupka napsal(a): On 08/19/2014 05:44 PM, Rob Crittenden wrote: David Kupka wrote: On 08/19/2014 09:58 AM, Martin Kosek

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-02 Thread David Kupka
Forget to add str() conversion to some places when removing map(). Now it should be working again. On 08/27/2014 02:24 PM, David Kupka wrote: Patch modified according to jcholast's personally-delivered feedback: 1) use action='append' instead of that ugly parsing 2) do not use map

[Freeipa-devel] [PATCH] 0012 Add record(s) to /etc/host when IPA is configured as DNS server.

2014-09-02 Thread David Kupka
This patch depends on freeipa-dkupka-0009 as it modifies the same part of code. https://fedorahosted.org/freeipa/ticket/4220 -- David Kupka From 549e682809d9e0ccc6debe6676f22b3f9d1755f4 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 2 Sep 2014 10:49:26 +0200 Subject

Re: [Freeipa-devel] [PATCH] 0012 Add record(s) to /etc/host when IPA is configured as DNS server.

2014-09-02 Thread David Kupka
Ok, the patch no longer depends on 0009. The reason is that 0012 is going to ipa-4.0 and 0009 to ipa-4.1. On 09/02/2014 12:13 PM, David Kupka wrote: This patch depends on freeipa-dkupka-0009 as it modifies the same part of code. https://fedorahosted.org/freeipa/ticket/4220

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-02 Thread David Kupka
The patch now depends on freeipa-dkupka-0012 as both modifies the same part of code. On 09/02/2014 10:29 AM, David Kupka wrote: Forget to add str() conversion to some places when removing map(). Now it should be working again. On 08/27/2014 02:24 PM, David Kupka wrote: Patch modified

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-09-03 Thread David Kupka
On 09/02/2014 01:56 PM, Jan Cholasta wrote: Dne 29.8.2014 v 14:34 David Kupka napsal(a): Hope, I've addressed all the issues (except 9 and 11, inline). Let's go for another round :-) On 08/27/2014 11:05 AM, Jan Cholasta wrote: Hi, Dne 25.8.2014 v 15:39 David Kupka napsal(a): On 08/19/2014

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-09-03 Thread David Kupka
On 09/03/2014 04:05 PM, Jan Cholasta wrote: Dne 3.9.2014 v 12:37 David Kupka napsal(a): On 09/02/2014 01:56 PM, Jan Cholasta wrote: Dne 29.8.2014 v 14:34 David Kupka napsal(a): Hope, I've addressed all the issues (except 9 and 11, inline). Let's go for another round :-) On 08/27/2014 11:05

Re: [Freeipa-devel] [PATCH] 0008 Use certmonger D-Bus API instead of messing with its files.

2014-09-04 Thread David Kupka
On 09/03/2014 04:45 PM, Jan Cholasta wrote: Dne 3.9.2014 v 16:25 David Kupka napsal(a): On 09/03/2014 04:05 PM, Jan Cholasta wrote: Dne 3.9.2014 v 12:37 David Kupka napsal(a): On 09/02/2014 01:56 PM, Jan Cholasta wrote: Dne 29.8.2014 v 14:34 David Kupka napsal(a): Hope, I've addressed all

Re: [Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation

2014-09-04 Thread David Kupka
On 09/03/2014 05:09 PM, Jan Cholasta wrote: Hi, Dne 27.8.2014 v 13:56 David Kupka napsal(a): Usually it isn't wise to allow something like this. But in environment with broken DNS (described in ticket) there is probably not many alternatives. https://fedorahosted.org/freeipa/ticket/ 1

Re: [Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation

2014-09-05 Thread David Kupka
On 09/04/2014 01:22 PM, Jan Cholasta wrote: Dne 4.9.2014 v 12:42 David Kupka napsal(a): On 09/03/2014 05:09 PM, Jan Cholasta wrote: Hi, Dne 27.8.2014 v 13:56 David Kupka napsal(a): Usually it isn't wise to allow something like this. But in environment with broken DNS (described in ticket

[Freeipa-devel] [PATCH] Do not restart apache server when not necessary.

2014-09-05 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4352 -- David Kupka From 9f081c8f1cab3f0d7cb0d55054ae7ad8f1ed8a10 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Fri, 5 Sep 2014 09:55:23 +0200 Subject: [PATCH] Do not restart apache server when not necessary. https://fedorahosted.org

[Freeipa-devel] [PATCH] 0014 Fix typo causing ipa-upgradeconfig to fail

2014-09-10 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4529 -- David Kupka From cd0201fb906bcd7cd67c230a642e245f1b3f60a9 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 10 Sep 2014 11:57:46 +0200 Subject: [PATCH] Fix typo causing ipa-upgradeconfig to fail. Replace 'post-certsave-command

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-12 Thread David Kupka
On 09/08/2014 05:56 PM, Martin Basti wrote: On 02/09/14 16:55, David Kupka wrote: The patch now depends on freeipa-dkupka-0012 as both modifies the same part of code. freeipa-dkupka-0012 is now accepted and merged upstream so there is no need to take this dependency into account. On 09

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-16 Thread David Kupka
DNS +print sys.stderr, or /etc/hosts file and restart the installation. +sys.exit(1) Could you write those extra addresses to output? We need to improve usability of our error messages UX is the king :) -- Martin Basti -- David Kupka From

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-16 Thread David Kupka
On 09/16/2014 06:09 PM, Martin Basti wrote: On 16/09/14 15:59, David Kupka wrote: On 09/12/2014 07:24 PM, Martin Basti wrote: snip / Be careful, reviewed on friday! :-) 1) whitespace error + pep8 error patch:76: trailing whitespace. # there is reverse zone for every ip address warning

[Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

2014-09-18 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4421 -- David Kupka From 77faaa3c7887550b493f86f90f654da8e1f42eee Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 2 Sep 2014 16:11:55 +0200 Subject: [PATCH] Allow multiple krbprincipalnames. Allow user to specify multiple

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-18 Thread David Kupka
On 09/17/2014 07:25 AM, David Kupka wrote: On 09/16/2014 06:09 PM, Martin Basti wrote: On 16/09/14 15:59, David Kupka wrote: On 09/12/2014 07:24 PM, Martin Basti wrote: snip / Be careful, reviewed on friday! :-) 1) whitespace error + pep8 error patch:76: trailing whitespace

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

2014-09-18 Thread David Kupka
On 09/18/2014 03:44 PM, Rob Crittenden wrote: David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4421 You are removing an ACI in this patch. It is always possible it is no longer needed. Did you test all the client enrollment scenarios? rob As far as I'm aware I'm not removing any

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

2014-09-18 Thread David Kupka
On 09/18/2014 04:28 PM, Martin Kosek wrote: On 09/18/2014 04:06 PM, David Kupka wrote: On 09/18/2014 03:44 PM, Rob Crittenden wrote: David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4421 You are removing an ACI in this patch. It is always possible it is no longer needed. Did you

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

2014-09-18 Thread David Kupka
On 09/18/2014 04:40 PM, Simo Sorce wrote: On Thu, 18 Sep 2014 16:28:19 +0200 Martin Kosek mko...@redhat.com wrote: On 09/18/2014 04:06 PM, David Kupka wrote: On 09/18/2014 03:44 PM, Rob Crittenden wrote: David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4421 You are removing

Re: [Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test

2014-09-22 Thread David Kupka
On 09/18/2014 09:42 PM, Martin Kosek wrote: On 09/18/2014 09:11 PM, Simo Sorce wrote: On Thu, 18 Sep 2014 14:57:45 -0400 Rob Crittenden rcrit...@redhat.com wrote: Martin Kosek wrote: On 09/18/2014 04:06 PM, David Kupka wrote: On 09/18/2014 03:44 PM, Rob Crittenden wrote: David Kupka wrote

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-23 Thread David Kupka
) I added one more variable and ask only once. 4) Ask framework gurus, if installutils module is better place for function above Petr^3 said that it's ok to have it in bindinstance.py. -- David Kupka From cea7c3e8eb41798d7f2bba916a95a78c034ee052 Mon Sep 17 00:00:00 2001 From: David

Re: [Freeipa-devel] [PATCH] 323 Fix certmonger code causing the ca_renewal_master update plugin to fail

2014-09-23 Thread David Kupka
On 09/17/2014 03:57 PM, Jan Cholasta wrote: Hi, the attached patch fixes https://fedorahosted.org/freeipa/ticket/4547. Honza Works for me, thanks for patch. ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https

Re: [Freeipa-devel] [PATCH] JSON client: Log pretty-printed request and response with -vv or above

2014-09-24 Thread David Kupka
. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Works for me, thanks, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-24 Thread David Kupka
On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka wrote: On 09/18/2014 06:34 PM, Martin Basti wrote: ... 1) +if options.unattended: +for ip in ip_addresses: +if search_reverse_zones and find_reverse_zone(str(ip

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-25 Thread David Kupka
On 09/24/2014 08:54 PM, Martin Basti wrote: On 24/09/14 15:44, David Kupka wrote: On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka wrote: On 09/18/2014 06:34 PM, Martin Basti wrote: ... 1) +if options.unattended: +for ip in ip_addresses

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-26 Thread David Kupka
On 09/25/2014 04:17 PM, David Kupka wrote: On 09/24/2014 08:54 PM, Martin Basti wrote: On 24/09/14 15:44, David Kupka wrote: On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka wrote: On 09/18/2014 06:34 PM, Martin Basti wrote: ... 1) +if options.unattended

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-26 Thread David Kupka
On 09/26/2014 09:34 AM, Jan Cholasta wrote: Dne 26.9.2014 v 08:28 David Kupka napsal(a): On 09/25/2014 04:17 PM, David Kupka wrote: On 09/24/2014 08:54 PM, Martin Basti wrote: On 24/09/14 15:44, David Kupka wrote: On 09/23/2014 08:25 PM, Martin Basti wrote: On 23/09/14 13:23, David Kupka

Re: [Freeipa-devel] [PATCH] 0010 Add 'host' setting into default.conf configuration file

2014-09-26 Thread David Kupka
On 09/26/2014 09:56 AM, Martin Kosek wrote: On 09/02/2014 10:18 AM, Jan Cholasta wrote: Dne 27.8.2014 v 16:49 David Kupka napsal(a): On 08/27/2014 11:22 AM, Jan Cholasta wrote: Dne 26.8.2014 v 15:55 Rob Crittenden napsal(a): David Kupka wrote: On 08/26/2014 03:08 PM, Jan Cholasta wrote: Hi

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-26 Thread David Kupka
On 09/26/2014 10:30 AM, David Kupka wrote: On 09/26/2014 09:34 AM, Jan Cholasta wrote: Dne 26.9.2014 v 08:28 David Kupka napsal(a): On 09/25/2014 04:17 PM, David Kupka wrote: On 09/24/2014 08:54 PM, Martin Basti wrote: On 24/09/14 15:44, David Kupka wrote: On 09/23/2014 08:25 PM, Martin

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-26 Thread David Kupka
On 09/26/2014 02:47 PM, David Kupka wrote: On 09/26/2014 10:30 AM, David Kupka wrote: On 09/26/2014 09:34 AM, Jan Cholasta wrote: Dne 26.9.2014 v 08:28 David Kupka napsal(a): On 09/25/2014 04:17 PM, David Kupka wrote: On 09/24/2014 08:54 PM, Martin Basti wrote: On 24/09/14 15:44, David

Re: [Freeipa-devel] [PATCH] 0009 Detect and configure all usable IP addresses.

2014-09-26 Thread David Kupka
On 09/26/2014 05:50 PM, Martin Basti wrote: On 26/09/14 14:47, David Kupka wrote: On 09/26/2014 10:30 AM, David Kupka wrote: On 09/26/2014 09:34 AM, Jan Cholasta wrote: Dne 26.9.2014 v 08:28 David Kupka napsal(a): On 09/25/2014 04:17 PM, David Kupka wrote: On 09/24/2014 08:54 PM, Martin

[Freeipa-devel] [PATCH] 0017 Do not require description in UI.

2014-09-29 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4387 -- David Kupka From 8a0ac7417e904c21946e08bbdd759550bffab5ad Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Fri, 26 Sep 2014 02:54:28 -0400 Subject: [PATCH] Do not require description in UI. Description attribute is not required

Re: [Freeipa-devel] [PATCH] 0017 Do not require description in UI.

2014-09-29 Thread David Kupka
On 09/29/2014 10:22 AM, Martin Kosek wrote: On 09/29/2014 10:09 AM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4387 The changes look OK so far, except the test fix. The test_batch_plugin.py test is apparently testing that batch command behaves well in RequirementError

[Freeipa-devel] [PATCH] 0018 Check that port 8443 is available when installing PKI.

2014-09-29 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4564 -- David Kupka From d5748822b8fac3cde01670507f80bfa9c4c04ede Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Mon, 29 Sep 2014 04:27:30 -0400 Subject: [PATCH] Check that port 8443 is available when installing PKI. https

Re: [Freeipa-devel] [PATCH] 0018 Check that port 8443 is available when installing PKI.

2014-10-03 Thread David Kupka
On 10/02/2014 12:42 PM, Martin Kosek wrote: On 09/29/2014 04:48 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4564 Looks and works OK. The port checking should be ideally refactored in 4.2 and *instance.py should use some common hooks to define which ports should be checked

[Freeipa-devel] [PATCH] 0020 Set IPA CA for freeipa certificates

2014-10-07 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4618 -- David Kupka From ab15f67ee35d29cd30b6b6d703a000c3cfe3188b Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 7 Oct 2014 10:19:09 -0400 Subject: [PATCH] Set IPA CA for freeipa certificates. In previous versions (before moving

[Freeipa-devel] [PATCH] 0021 Fix example usage in ipa man page.

2014-10-07 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4587 -- David Kupka From 883e90237fbde1075d00990568cde18773e80611 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 8 Oct 2014 01:43:47 -0400 Subject: [PATCH] Fix example usage in ipa man page. https://fedorahosted.org/freeipa/ticket

Re: [Freeipa-devel] [PATCH] 0021 Fix example usage in ipa man page.

2014-10-08 Thread David Kupka
On 10/08/2014 08:02 AM, Alexander Bokovoy wrote: On Wed, 08 Oct 2014, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4587 -- David Kupka From 883e90237fbde1075d00990568cde18773e80611 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 8 Oct 2014 01:43:47 -0400

Re: [Freeipa-devel] [PATCH] 0021 Fix example usage in ipa man page.

2014-10-08 Thread David Kupka
On 10/08/2014 08:19 AM, David Kupka wrote: On 10/08/2014 08:02 AM, Alexander Bokovoy wrote: On Wed, 08 Oct 2014, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4587 -- David Kupka From 883e90237fbde1075d00990568cde18773e80611 Mon Sep 17 00:00:00 2001 From: David Kupka dku

[Freeipa-devel] [PATCH] 0019 Stop dogtag when updating its configuration in, ipa-upgradeconfig

2014-10-08 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4569 -- David Kupka From a1363fa49a35115cfa15d51d7ae5c298828efc37 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 30 Sep 2014 08:41:49 -0400 Subject: [PATCH] Stop dogtag when updating its configuration in ipa-upgradeconfig

Re: [Freeipa-devel] [PATCH] 0019 Stop dogtag when updating its configuration in, ipa-upgradeconfig

2014-10-08 Thread David Kupka
On 10/08/2014 09:29 AM, Jan Cholasta wrote: Hi, Dne 8.10.2014 v 09:09 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4569 In renew_ca_cert and cainstance.py, dogtag should already be stopped in the places you modified, so why the change? I didn't noticed that it is already

Re: [Freeipa-devel] [PATCH 130] Missing DNS tests

2014-10-09 Thread David Kupka
-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Works for me, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0133] Fix ipactl service ordering

2014-10-09 Thread David Kupka
for me, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 352 Fix certmonger configuration in installer code

2014-10-09 Thread David Kupka
. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Works for me, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com

Re: [Freeipa-devel] [PATCH 0131-0132] Add missing attributes to named.conf

2014-10-10 Thread David Kupka
-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Hi! The upgrade processes looks fine to me. And I didn't find any surprise in the code. So it's A and C/2 from me. For the rest go to Petr^2. -- David Kupka

Re: [Freeipa-devel] [PATCH] 352 Fix certmonger configuration in installer code

2014-10-10 Thread David Kupka
On 10/10/2014 08:50 AM, Martin Kosek wrote: On 10/09/2014 03:56 PM, David Kupka wrote: On 10/08/2014 01:23 PM, Jan Cholasta wrote: Dne 8.10.2014 v 12:27 Jan Cholasta napsal(a): Hi, the attached patch fixes https://fedorahosted.org/freeipa/ticket/4619. Honza Forgot to delete a line

Re: [Freeipa-devel] [PATCH] 0020 Set IPA CA for freeipa certificates

2014-10-14 Thread David Kupka
On 10/14/2014 09:32 AM, Jan Cholasta wrote: Dne 14.10.2014 v 08:55 David Kupka napsal(a): On 10/10/2014 04:04 PM, Jan Cholasta wrote: Hi, Dne 7.10.2014 v 16:56 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4618 This works, but I would prefer if the code did not silently

Re: [Freeipa-devel] [PATCH] 0019 Stop dogtag when updating its configuration in, ipa-upgradeconfig

2014-10-14 Thread David Kupka
On 10/10/2014 03:24 PM, Jan Cholasta wrote: Dne 8.10.2014 v 12:36 David Kupka napsal(a): On 10/08/2014 09:29 AM, Jan Cholasta wrote: Hi, Dne 8.10.2014 v 09:09 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4569 In renew_ca_cert and cainstance.py, dogtag should already

[Freeipa-devel] [PATCH] 0023 Fix typo causing certmonger is provided with wrong path to, ipa-submit.

2014-10-15 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4624 -- David Kupka From c2808f958c9ee99374aadf808ca01bf7047de509 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 14 Oct 2014 06:54:00 -0400 Subject: [PATCH] Fix typo causing certmonger is provided with wrong path to ipa-submit

Re: [Freeipa-devel] [PATCH] Fix printing of reverse zones in ipa-dns-install.

2014-10-15 Thread David Kupka
Submitting the patch again. I sent it from my gmail account accidentally. On 10/15/2014 03:58 PM, Martin Basti wrote: New contributor :-) ACK Thank you! -- David Kupka From 4d094e99ff82f69ad08b0df408d847350e900c7b Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 15

Re: [Freeipa-devel] [PATCHES] 354-356 Check LDAP instead of local configuration to see if IPA CA is enabled

2014-10-17 Thread David Kupka
certificates when IPA is CA-ful. But it can be done later, ticket: https://fedorahosted.org/freeipa/ticket/4644 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- David Kupka

Re: [Freeipa-devel] [PATCHES 0117, 0135-0149] DNSSEC support

2014-10-21 Thread David Kupka
. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 358 Do not check if port 8443 is available in step 2 of external CA install

2014-10-22 Thread David Kupka
for me, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0025 Respect UID and GID soft static allocation.

2014-10-24 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4585 -- David Kupka From 1cb3a44bcf5cba3dd741ac7222720d87f983e38d Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 22 Oct 2014 09:07:44 -0400 Subject: [PATCH] Respect UID and GID soft static allocation. https://fedoraproject.org/wiki

Re: [Freeipa-devel] [PATCH] 0025 Respect UID and GID soft static allocation.

2014-10-24 Thread David Kupka
On 10/24/2014 10:43 AM, Martin Basti wrote: On 24/10/14 09:51, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4585 NACK 1) Why is there line with 'DS System User?' The comment should depend on service. +args = [ +paths.USERADD, +'-g

Re: [Freeipa-devel] [PATCH 0153] fix regression: DNS zonemgr validation raises assertion error

2014-10-24 Thread David Kupka
Works for me, ACK. On 10/24/2014 01:27 PM, Martin Basti wrote: https://fedorahosted.org/freeipa/ticket/4663 Patch attached. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa

Re: [Freeipa-devel] [PATCH] 0025 Respect UID and GID soft static allocation.

2014-10-24 Thread David Kupka
On 10/24/2014 01:06 PM, David Kupka wrote: On 10/24/2014 10:43 AM, Martin Basti wrote: On 24/10/14 09:51, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4585 NACK 1) Why is there line with 'DS System User?' The comment should depend on service. +args

Re: [Freeipa-devel] [PATCH] 333 Handle profile changes in dogtag-ipa-ca-renew-agent

2014-10-29 Thread David Kupka
be no ca-error Honza ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Works for me, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa

Re: [Freeipa-devel] [PATCH] 0025 Respect UID and GID soft static allocation.

2014-10-29 Thread David Kupka
On 10/24/2014 03:05 PM, David Kupka wrote: On 10/24/2014 01:06 PM, David Kupka wrote: On 10/24/2014 10:43 AM, Martin Basti wrote: On 24/10/14 09:51, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4585 NACK 1) Why is there line with 'DS System User?' The comment should depend

Re: [Freeipa-devel] [PATCH] 0025 Respect UID and GID soft static allocation.

2014-10-29 Thread David Kupka
On 10/29/2014 02:34 PM, David Kupka wrote: On 10/24/2014 03:05 PM, David Kupka wrote: On 10/24/2014 01:06 PM, David Kupka wrote: On 10/24/2014 10:43 AM, Martin Basti wrote: On 24/10/14 09:51, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/4585 NACK 1) Why is there line with 'DS

Re: [Freeipa-devel] [PATCH] 335 Fail if certmonger can't see new CA certificate in LDAP in ipa-cacert-manage

2014-11-03 Thread David Kupka
the patch freeipa-jcholast-335. Patches freeipa-jcholast-333 and freeipa-jcholast-334 was pushed earlier. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0026 Stop dirsrv last in ipactl stop.

2014-11-04 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4632 -- David Kupka From 79a716af3a82e7cb419376c727fd655af070904e Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Tue, 4 Nov 2014 03:22:59 -0500 Subject: [PATCH] Stop dirsrv last in ipactl stop. Other services may depend on directory

Re: [Freeipa-devel] [PATCH 0157] Fix installer adds invalid zonemgr email

2014-11-07 Thread David Kupka
be better to use relative value (e.g.: hostmaster instead of hostmaster.my.example.zone.). But this works, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0027 Produce better error in group-add command.

2014-11-07 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4611 -- David Kupka From a3e735c0309c740186d14f2430bdcf84c7d752b4 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 5 Nov 2014 02:40:10 -0500 Subject: [PATCH] Produce better error in group-add command. https://fedorahosted.org/freeipa

[Freeipa-devel] [PATCH] 0028 Remove unneeded internal methods. Move code to public, methods.

2014-11-07 Thread David Kupka
-- David Kupka From 0269a920231a992b67da713d40e29a28fdd32430 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Thu, 6 Nov 2014 17:57:26 -0500 Subject: [PATCH] Remove unneeded internal methods. Move code to public methods. --- ipaplatform/base/services.py | 36

[Freeipa-devel] [PATCH] 0029 Remove service file even if it isn't link.

2014-11-07 Thread David Kupka
Depends on freeipa-dkupka-0028. https://fedorahosted.org/freeipa/ticket/4658 -- David Kupka From 247ab543ed26c8eafa471b8b1d38309dacec9dbb Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Thu, 6 Nov 2014 18:08:58 -0500 Subject: [PATCH] Remove service file even if it isn't link

Re: [Freeipa-devel] [PATCH] 0027 Produce better error in group-add command.

2014-11-10 Thread David Kupka
On 11/10/2014 08:20 AM, Jan Cholasta wrote: Hi, Dne 7.11.2014 v 15:26 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4611 I think you should use MutuallyExclusiveError. Honza Thanks, that's the error class I was searching for. Unfortunately, I didn't know this one so I

Re: [Freeipa-devel] [PATCH 0158] FIX: upgrade refential integrity plugin configuration

2014-11-12 Thread David Kupka
to ipa-4-0. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH 0158] FIX: upgrade refential integrity plugin configuration

2014-11-13 Thread David Kupka
On 11/13/2014 10:18 AM, Martin Basti wrote: On 12/11/14 16:55, David Kupka wrote: On 11/07/2014 03:22 PM, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4622 Patch attached. ___ Freeipa-devel mailing list Freeipa-devel

Re: [Freeipa-devel] [PATCH 0160] Fix objectclass violation during upgrade

2014-11-13 Thread David Kupka
___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Works for me, ACK, thanks. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [PATCH] 0027 Produce better error in group-add command.

2014-11-13 Thread David Kupka
On 11/13/2014 11:24 AM, Jan Cholasta wrote: Dne 10.11.2014 v 13:24 David Kupka napsal(a): On 11/10/2014 08:20 AM, Jan Cholasta wrote: Hi, Dne 7.11.2014 v 15:26 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4611 I think you should use MutuallyExclusiveError. Honza Thanks

Re: [Freeipa-devel] [PATCH 0165] --zonemgr options must be unicode

2014-11-18 Thread David Kupka
On 11/18/2014 12:07 PM, Martin Basti wrote: On 13/11/14 18:28, Martin Basti wrote: To allow IDNA zonemgr email, value must be unicode not ASCII Ticket: https://fedorahosted.org/freeipa/ticket/4724 Patch attached. Patch for ipa-4.0 added. Thanks, works for me, ACK. -- David Kupka

Re: [Freeipa-devel] [PATCH] 374 Fix wrong expiration date on renewed IPA CA certificates

2014-11-19 Thread David Kupka
for me, thanks, ACK. -- David Kupka ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0030 Fix --{user, group}-ignore-attribute in migration plugin.

2014-11-20 Thread David Kupka
https://fedorahosted.org/freeipa/ticket/4620 -- David Kupka From b6aba1531af03ca3511690548de109d585828486 Mon Sep 17 00:00:00 2001 From: David Kupka dku...@redhat.com Date: Wed, 19 Nov 2014 09:57:59 -0500 Subject: [PATCH] Fix --{user,group}-ignore-attribute in migration plugin. Ignore case

Re: [Freeipa-devel] [PATCH] 0030 Fix --{user, group}-ignore-attribute in migration plugin.

2014-11-20 Thread David Kupka
On 11/20/2014 10:03 AM, Jan Cholasta wrote: Dne 20.11.2014 v 09:51 David Kupka napsal(a): https://fedorahosted.org/freeipa/ticket/4620 IMO changing the loop to: for attr in attr_blacklist: entry_attrs.pop(attr, None) would be better, because LDAPEntry already handles case

  1   2   3   4   5   >