[Freeipa-devel] [DOC] Chapter 2 Installation

2013-08-26 Thread Martin Basti
Hello, this patch fix some setup outputs and remove outdated section about updating freeIPA version 2 -- Martin Basti From d0781341370cfa9e434fdff4cc0fe19eaf44eee0 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 26 Aug 2013 15:28:42 +0200 Subject: [PATCH] Chapter 2

[Freeipa-devel] [DOC] 0002 Chapter 3 Installing clients

2013-08-26 Thread Martin Basti
Hello, this patch fix some setup outputs, add tips and order of command in examples -- Martin Basti From 503ea1244427d902cd8547a11ecbe06b751702e4 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 26 Aug 2013 17:00:34 +0200 Subject: [PATCH 2/2] Chapter 3 - installing

[Freeipa-devel] [DOC] Chapter 4 text

2013-09-18 Thread Martin Basti
Patch fix examples in chapter 4, adds new examples, fix out of date information. NOTE: Patch doesn't cover part 4.3 Logging with web UI -- Martin Basti From 3dc1c5590617cb5315acf97cc53bc598c03d407d Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Wed, 18 Sep 2013 16:57:25

Re: [Freeipa-devel] [DOC] 0002 Chapter 3 Installing clients

2013-09-27 Thread Martin Basti
On Mon, 2013-08-26 at 17:25 +0200, Martin Basti wrote: Hello, this patch fix some setup outputs, add tips and order of command in examples -- Martin Basti ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com

Re: [Freeipa-devel] [DOC] Chapter 4 text

2013-09-27 Thread Martin Basti
On Wed, 2013-09-18 at 17:10 +0200, Martin Basti wrote: Patch fix examples in chapter 4, adds new examples, fix out of date information. NOTE: Patch doesn't cover part 4.3 Logging with web UI ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [DOC] Chapter 4 text

2013-10-03 Thread Martin Basti
On Tue, 2013-10-01 at 16:29 +0200, Petr Vobornik wrote: On 09/27/2013 05:52 PM, Martin Basti wrote: On Wed, 2013-09-18 at 17:10 +0200, Martin Basti wrote: Patch fix examples in chapter 4, adds new examples, fix out of date information. NOTE: Patch doesn't cover part 4.3 Logging with web

Re: [Freeipa-devel] [DOC] Chapter 2 Installation

2013-10-04 Thread Martin Basti
On Mon, 2013-09-30 at 17:48 +0200, Petr Vobornik wrote: On 09/27/2013 11:37 AM, Martin Basti wrote: On Fri, 2013-09-27 at 10:50 +0200, Martin Basti wrote: On Mon, 2013-08-26 at 17:16 +0200, Martin Basti wrote: Hello, this patch fix some setup outputs and remove outdated section about

Re: [Freeipa-devel] [PATCHES] 0307-0308 Use direct RPC with specified version in client-install

2013-10-04 Thread Martin Basti
the information to the freeipa.org web site? E.g. How-to join RHEL = 6.2 client to FreeIPA ? BTW, should we have some 'Compatibility' section in docs? Martin? It is only for RHEL, it should be in IdM Guide, maintained by Deon. I'm sorry for nitpicking :-) -- Martin Basti

[Freeipa-devel] [PATCH] 0010 ipa-client-install does not clean up /etc/ipa/ca.crt after a failed attempt

2013-10-15 Thread Martin Basti
Added warning if cert. exists (client) https://fedorahosted.org/freeipa/ticket/3944 -- Martin Basti From 934ebe5277005e314fd1ef7fb92525219429b7af Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 15 Oct 2013 11:31:49 +0200 Subject: [PATCH] Added warning if cert '/etc/ipa

Re: [Freeipa-devel] [PATCH] 0010 ipa-client-install does not clean up /etc/ipa/ca.crt after a failed attempt

2013-10-16 Thread Martin Basti
On Wed, 2013-10-16 at 10:36 +0200, Martin Kosek wrote: On 10/16/2013 10:10 AM, Martin Basti wrote: On Tue, 2013-10-15 at 11:37 +0200, Martin Basti wrote: Added warning if cert. exists (client) https://fedorahosted.org/freeipa/ticket/3944 1) Patch subject uses wrong path to cert Fixed

Re: [Freeipa-devel] [DOC] Image missing: sync-adpwdpolicy

2013-10-17 Thread Martin Basti
, could you find where the image got lost and add it back to the repo? Thank you! It missing from initial commit, I will try to find it in old docs. -- Martin Basti ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman

Re: [Freeipa-devel] [DOC] Image missing: sync-adpwdpolicy

2013-10-17 Thread Martin Basti
it then. :) -- Martin Basti ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 0014 [RFE] ipa migrate-ds should have an argument to specify cert to use for DS connection

2013-10-18 Thread Martin Basti
Patch attached. Ticket: https://fedorahosted.org/freeipa/ticket/3243 -- Martin Basti From 9ad994eaae48f37404a65a99964b58daf0dd5370 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 18 Oct 2013 16:40:27 +0200 Subject: [PATCH] migrate-ds added --ca-cert-file=FILE option

[Freeipa-devel] [PATCH][DOC] 0015 Added section migration using TLS

2013-10-18 Thread Martin Basti
Document changes in patch freeipa-mbasti-0014 Patch attached. -- Martin Basti From 88b67e18a53f339097d200f1a5968123bb067fca Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 18 Oct 2013 17:46:16 +0200 Subject: [PATCH] Added new section migration with TLS Documented ticket

Re: [Freeipa-devel] [PATCHES] 0014, 0016 [RFE] ipa migrate-ds should have an argument to specify cert to use for DS connection

2013-10-21 Thread Martin Basti
On Mon, 2013-10-21 at 09:29 +0200, Martin Kosek wrote: On 10/18/2013 05:00 PM, Martin Basti wrote: Patch attached. Ticket: https://fedorahosted.org/freeipa/ticket/3243 I did not test the patch, just looked at the code and I have few comments: 1) Please put the ipalib/cli.py

Re: [Freeipa-devel] [PATCH][DOC] Configure sudo for FreeIPA 3.1.5

2013-10-22 Thread Martin Basti
/sssd.conf ~~~ etc. This will make the examples easier to read and consistent with the rest of the guide. Martin ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- Martin

[Freeipa-devel] [PATCHES] 0019-0020 Broken Firefox configuration files in freeipa-client package

2013-11-05 Thread Martin Basti
db8548d78f43aa90d35fafb2d25b418381ba23b0 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 4 Nov 2013 11:52:02 +0100 Subject: [PATCH] ipa-client-install: Added options to configure firefox Option --configure-firefox configures firefox to use Kerberos credentials within IPA domain Optional option

Re: [Freeipa-devel] Internationalized domain names in freeIPA

2013-11-07 Thread Martin Basti
On Tue, 2013-11-05 at 18:04 +0100, Petr Viktorin wrote: On 11/05/2013 05:53 PM, John Dennis wrote: On 11/05/2013 11:13 AM, Martin Basti wrote: Hi list, I'm working on ticket: https://fedorahosted.org/freeipa/ticket/3169 UTF-8 DNS names will be converted to punycode ASCII string

Re: [Freeipa-devel] [PATCHES] 0019-0020 Broken Firefox configuration files in freeipa-client package

2013-11-12 Thread Martin Basti
On Fri, 2013-11-08 at 16:28 +0100, Petr Vobornik wrote: On 11/05/2013 10:34 AM, Martin Basti wrote: ipa-client-install now allows to configure firefox using --configure-firefox option and optionally with --firefox-dir=INSTALL_DIR option. Old configuration files was removed. Patches

[Freeipa-devel] [PATCH] 0021 Documentation error in FreeIPA guide Setting up a Kerberized NFS Server

2013-11-12 Thread Martin Basti
One liner, missing example added. https://fedorahosted.org/freeipa/ticket/3997 -- Martin^2 Basti From 2328a853fa6b2607ddad092f9fb77c791ecfcbe9 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 12 Nov 2013 14:06:38 +0100 Subject: [PATCH] Added missing example in setting up

Re: [Freeipa-devel] [PATCHES] 0014, 0016 [RFE] ipa migrate-ds should have an argument to specify cert to use for DS connection

2013-11-21 Thread Martin Basti
On Tue, 2013-11-19 at 10:32 +0100, Petr Viktorin wrote: On 10/21/2013 10:29 AM, Martin Basti wrote: On Mon, 2013-10-21 at 09:29 +0200, Martin Kosek wrote: On 10/18/2013 05:00 PM, Martin Basti wrote: Patch attached. Ticket: https://fedorahosted.org/freeipa/ticket/3243 I did

[Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-01-31 Thread Martin Basti
Reverse domain names in form 0/28.0.10.10.in-addr.arpa. are now allowed. Ticket: https://fedorahosted.org/freeipa/ticket/4143 Patches attached. -- Martin^2 Basti From 052462c2aba165737d7fffe0a3dc2a846a008f5b Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 31 Jan 2014 15

[Freeipa-devel] [PATCH 0026] PTR records can be added without specify FQDN zone name

2014-01-31 Thread Martin Basti
One liner. Ticket: https://fedorahosted.org/freeipa/ticket/4151 Patch attached. -- Martin^2 Basti From b346746e7596b8beda7812e6874fea88a657dfe9 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 31 Jan 2014 16:30:31 +0100 Subject: [PATCH] PTR records can be added without

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-06 Thread Martin Basti
On Thu, 2014-02-06 at 10:59 +0100, Jan Cholasta wrote: Hi, On 31.1.2014 16:06, Martin Basti wrote: Reverse domain names in form 0/28.0.10.10.in-addr.arpa. are now allowed. Ticket: https://fedorahosted.org/freeipa/ticket/4143 Patches attached. I add Petr2 to CC, to inspect RFC

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-06 Thread Martin Basti
On Thu, 2014-02-06 at 16:37 +0100, Jan Cholasta wrote: On 6.2.2014 15:57, Martin Basti wrote: On Thu, 2014-02-06 at 10:59 +0100, Jan Cholasta wrote: Hi, On 31.1.2014 16:06, Martin Basti wrote: Reverse domain names in form 0/28.0.10.10.in-addr.arpa. are now allowed. Ticket: https

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-07 Thread Martin Basti
On Thu, 2014-02-06 at 17:04 +0100, Martin Basti wrote: On Thu, 2014-02-06 at 16:37 +0100, Jan Cholasta wrote: On 6.2.2014 15:57, Martin Basti wrote: On Thu, 2014-02-06 at 10:59 +0100, Jan Cholasta wrote: Hi, On 31.1.2014 16:06, Martin Basti wrote: Reverse domain names in form 0

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-10 Thread Martin Basti
On Mon, 2014-02-10 at 12:22 +0100, Jan Cholasta wrote: On 10.2.2014 08:50, Petr Spacek wrote: On 7.2.2014 10:42, Martin Basti wrote: On Thu, 2014-02-06 at 17:04 +0100, Martin Basti wrote: On Thu, 2014-02-06 at 16:37 +0100, Jan Cholasta wrote: On 6.2.2014 15:57, Martin Basti wrote

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-11 Thread Martin Basti
On Mon, 2014-02-10 at 14:28 +0100, Jan Cholasta wrote: On 10.2.2014 13:14, Martin Basti wrote: On Mon, 2014-02-10 at 12:22 +0100, Jan Cholasta wrote: On 10.2.2014 08:50, Petr Spacek wrote: On 7.2.2014 10:42, Martin Basti wrote: On Thu, 2014-02-06 at 17:04 +0100, Martin Basti wrote

Re: [Freeipa-devel] [PATCHES 0024, 0025] Classless support for reverse domains

2014-02-11 Thread Martin Basti
On Tue, 2014-02-11 at 15:42 +0100, Jan Cholasta wrote: On 11.2.2014 14:29, Martin Basti wrote: On Mon, 2014-02-10 at 14:28 +0100, Jan Cholasta wrote: On 10.2.2014 13:14, Martin Basti wrote: On Mon, 2014-02-10 at 12:22 +0100, Jan Cholasta wrote: On 10.2.2014 08:50, Petr Spacek wrote

Re: [Freeipa-devel] [PATCHES 0024, 0025, 0027] Classless support for reverse domains

2014-02-12 Thread Martin Basti
From ef3dda520faafce4fc9c62cef1597f68630a835c Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 31 Jan 2014 15:52:35 +0100 Subject: [PATCH] DNS tests for classless reverse domains Ticket: https://fedorahosted.org/freeipa/ticket/4143 Backport for IPA-3-3 Conflicts: ipatests

Re: [Freeipa-devel] [PATCHES 0024, 0025, 0027, 0028] Classless support for reverse domains

2014-02-12 Thread Martin Basti
On Wed, 2014-02-12 at 13:12 +0100, Martin Kosek wrote: On 02/12/2014 11:05 AM, Martin Basti wrote: text omitted Pushed both patches to master, but just the first to ipa-3-3 as the test updating patch did not apply (a lot). Martin, you will need to check if DNS tests pass in ipa-3-3, I

Re: [Freeipa-devel] [PATCH 0015] Add wait_for_dns option to default.conf

2014-02-18 Thread Martin Basti
On Tue, 2014-02-18 at 16:45 +0100, Petr Spacek wrote: Hello, Add wait_for_dns option to default.conf. This option makes record changes in DNS tree synchronous. IPA calls will wait until new data are visible over DNS protocol. It is intended only for testing - it should prevent tests

Re: [Freeipa-devel] [PATCH 0015] Add wait_for_dns option to default.conf

2014-02-19 Thread Martin Basti
On Wed, 2014-02-19 at 17:10 +0100, Petr Spacek wrote: On 19.2.2014 15:11, Petr Spacek wrote: On 18.2.2014 17:34, Nathaniel McCallum wrote: On Tue, 2014-02-18 at 17:06 +0100, Petr Viktorin wrote: On 02/18/2014 04:45 PM, Petr Spacek wrote: Hello, Add wait_for_dns option to default.conf.

Re: [Freeipa-devel] [PATCH 0015] Add wait_for_dns option to default.conf

2014-02-20 Thread Martin Basti
On Thu, 2014-02-20 at 14:36 +0100, Petr Spacek wrote: On 19.2.2014 17:55, Martin Basti wrote: On Wed, 2014-02-19 at 17:10 +0100, Petr Spacek wrote: On 19.2.2014 15:11, Petr Spacek wrote: On 18.2.2014 17:34, Nathaniel McCallum wrote: On Tue, 2014-02-18 at 17:06 +0100, Petr Viktorin wrote

Re: [Freeipa-devel] [PATCH] [DOC] Add note about additional nameservers in resolv.conf

2014-03-27 Thread Martin Basti
On Wed, 2014-03-26 at 17:40 -0600, Gabe Alford wrote: All, Please review patch for https://fedorahosted.org/freeipa/ticket/3085 Added note that 'nameserver 127.0.0.1' is added to resolv.conf, that it is recommended to add more replicas to resolv.conf, and the max nameservers allowed in

Re: [Freeipa-devel] [PATCH] [DOC] Add note about additional nameservers in resolv.conf

2014-03-27 Thread Martin Basti
On Thu, 2014-03-27 at 10:33 +0100, Petr Spacek wrote: On 27.3.2014 10:23, Martin Basti wrote: On Wed, 2014-03-26 at 17:40 -0600, Gabe Alford wrote: All, Please review patch for https://fedorahosted.org/freeipa/ticket/3085 Added note that 'nameserver 127.0.0.1' is added to resolv.conf

Re: [Freeipa-devel] [PATCH 0029-0046] Internationalized domain names in DNS plugin

2014-04-04 Thread Martin Basti
On Thu, 2014-04-03 at 15:35 +0200, Jan Cholasta wrote: On 2.4.2014 14:07, Martin Basti wrote: Helo list, this patchset allows to use internationalized domian in DNS plugin. - dns names are stored in ACE form(punycoded) in LDAP - raw option shows dns data in ACE form, otherwise dns names

Re: [Freeipa-devel] [PATCH 0029-0046] Internationalized domain names in DNS plugin

2014-04-04 Thread Martin Basti
On Fri, 2014-04-04 at 12:59 +0200, Petr Spacek wrote: On 3.4.2014 15:35, Jan Cholasta wrote: On 2.4.2014 14:07, Martin Basti wrote: Patch 30: 2) +if isinstance(labels, str): +if not labels: +raise ValueError('empty string') ... +elif

Re: [Freeipa-devel] [PATCH 0029-0046] Internationalized domain names in DNS plugin

2014-04-04 Thread Martin Basti
On Fri, 2014-04-04 at 15:46 +0200, Martin Basti wrote: On Fri, 2014-04-04 at 12:59 +0200, Petr Spacek wrote: On 3.4.2014 15:35, Jan Cholasta wrote: On 2.4.2014 14:07, Martin Basti wrote: Patch 30: 2) +if isinstance(labels, str): +if not labels

Re: [Freeipa-devel] [PATCH 0029-0046] Internationalized domain names in DNS plugin

2014-04-09 Thread Martin Basti
On Tue, 2014-04-08 at 11:01 +0200, Petr Spacek wrote: On 8.4.2014 10:49, Jan Cholasta wrote: On 8.4.2014 10:31, Petr Spacek wrote: On 8.4.2014 10:29, Jan Cholasta wrote: On 8.4.2014 10:19, Petr Spacek wrote: On 8.4.2014 10:14, Jan Cholasta wrote: On 8.4.2014 10:09, Alexander Bokovoy

Re: [Freeipa-devel] [PATCH] [DOC] document that wildcards are not supported in FreeIPA = 3.2

2014-04-09 Thread Martin Basti
On Tue, 2014-04-08 at 21:19 -0600, Gabe Alford wrote: Hello, Not sure how relevant this patch is to the current documentation considering (I believe) that wildcards are supported in versions 3.3 and up. Patch for https://fedorahosted.org/freeipa/ticket/3616 Thanks, Gabe

[Freeipa-devel] Forward zone V4/Design draft

2014-04-17 Thread Martin Basti
Hello, I created draft to split forward and master zone. http://www.freeipa.org/page/V4/Forward_zones#Questions There is question: should it be implemented as new command set, or as --type={master|forward} parameter only. For details see link above in section Questions. Martin^2 Basti

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-05-28 Thread Martin Basti
On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote: freeipa-server-foreman-smartproxy# [ 40%] It works for me. I install 3.5, upgrade to 4.0 and it works -- Martin^2 Basti ___ Freeipa-devel mailing list

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-05-28 Thread Martin Basti
On Wed, 2014-05-28 at 13:56 +0200, Martin Kosek wrote: On 05/28/2014 01:50 PM, Martin Basti wrote: On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote: freeipa-server-foreman-smartproxy# [ 40%] It works for me. I install 3.5, upgrade to 4.0

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-05-28 Thread Martin Basti
On Wed, 2014-05-28 at 13:56 +0200, Martin Kosek wrote: On 05/28/2014 01:50 PM, Martin Basti wrote: On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote: freeipa-server-foreman-smartproxy# [ 40%] It works for me. I install 3.5, upgrade to 4.0

Re: [Freeipa-devel] [PATCHES] 0052-0055 Separate master and forward DNS zones to separate objectClasses

2014-05-28 Thread Martin Basti
On Wed, 2014-05-28 at 18:48 +0200, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/3210 Patches attached. TODO: upgrade procedure http://www.freeipa.org/page/V4/Forward_zones#Updates_and_Upgrades WebUI ticket: https://fedorahosted.org/freeipa/ticket/4357

[Freeipa-devel] [PATCH] 0057 Fix indentation

2014-05-30 Thread Martin Basti
Patch fixes indentation in one function in ipalib/util.py -- Martin^2 Basti From dda5b130fc6546a53e85301a4e93c6f6130e0074 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 30 May 2014 13:49:02 +0200 Subject: [PATCH] Fix indentation There was 5 spaces instead of 4, my bad

[Freeipa-devel] [PATCH] 0058 Test DNS: dnsrecord-* zone.test. zone.test. should work

2014-05-30 Thread Martin Basti
:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 30 May 2014 13:58:21 +0200 Subject: [PATCH] Test DNS: dnsrecord-* zone.test. zone.test. should work Old ipa versions allows only dnsrecord-* zone.test. @ This issue was fixed in ticket: https://fedorahosted.org/freeipa/ticket/3169 Ticket

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-06-02 Thread Martin Basti
On Mon, 2014-06-02 at 16:21 +0200, Jan Cholasta wrote: On 2.6.2014 13:50, Martin Basti wrote: Rebased patches attached I got this test failure: == ERROR: test suite for class

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-06-02 Thread Martin Basti
On Mon, 2014-06-02 at 17:09 +0200, Martin Basti wrote: On Mon, 2014-06-02 at 16:21 +0200, Jan Cholasta wrote: On 2.6.2014 13:50, Martin Basti wrote: Rebased patches attached I got this test failure: == ERROR

Re: [Freeipa-devel] [PATCH 0029-0046, 0047] Internationalized domain names in DNS plugin

2014-06-03 Thread Martin Basti
fa6c3133d921a4089c8493813eeade986f80af19 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 16 May 2014 12:21:04 +0200 Subject: [PATCH] Modified dns related global functions * Modified functions to use DNSName type * Removed unused functions Part of ticket: IPA should allow internationalized domain names https

[Freeipa-devel] [PATCH 0065] Regression fix in host.py

2014-06-10 Thread Martin Basti
DNS requires absolute zone name, host must provide it. IDNA patch caused this. Patch attached. -- Martin^2 Basti From bac9f62a7062d6fb25e9135d8fd62767411e46e0 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 10 Jun 2014 15:57:30 +0200 Subject: [PATCH] Make zonenames

Re: [Freeipa-devel] [PATCHES] 0052-0055 Separate master and forward DNS zones to separate objectClasses

2014-06-12 Thread Martin Basti
On Wed, 2014-06-11 at 17:41 +0200, Martin Basti wrote: On Mon, 2014-06-02 at 13:57 +0200, Martin Basti wrote: Rebased patches attached ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa

Re: [Freeipa-devel] [PATCH] 0059-0064 Update DNSSEC attributes/record types

2014-06-12 Thread Martin Basti
On Thu, 2014-06-12 at 13:17 +0200, Petr Vobornik wrote: On 9.6.2014 17:28, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4328 Petr please make the WebUI patch review (0062) :-) Patches attached. Patch #0059: LGTM Patch #0060: 1. Please add

[Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-13 Thread Martin Basti
Patches attached, require patches mbasti 0052-0055. -- Martin^2 Basti From 4d7025f5bd5f3d069dda2da6d4795d3796778c5f Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 13 Jun 2014 10:15:23 +0200 Subject: [PATCH 1/2] Added upgrade step executed before schmema is upgraded

[Freeipa-devel] [PATCH 0068] Fix ipa.service restart

2014-06-17 Thread Martin Basti
Patch attached. Ticket: https://fedorahosted.org/freeipa/ticket/4243 -- Martin^2 Basti From 548b78dab657d9eced4a924ec16e7108e1bd9d2b Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 17 Jun 2014 16:12:47 +0200 Subject: [PATCH] Fix ipa.service restart Ticket: https

Re: [Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-18 Thread Martin Basti
On Fri, 2014-06-13 at 10:28 +0200, Martin Basti wrote: Patches attached, require patches mbasti 0052-0055. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Rebased patches attached. PEP8

Re: [Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-18 Thread Martin Basti
On Wed, 2014-06-18 at 13:44 +0200, Martin Basti wrote: On Fri, 2014-06-13 at 10:28 +0200, Martin Basti wrote: Patches attached, require patches mbasti 0052-0055. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com

[Freeipa-devel] [PATCH 0069] Missing dependency in BUILD.txt

2014-06-18 Thread Martin Basti
Patch attached -- Martin^2 Basti From 097e2d582cfedf1e8de5015a7a9f3c4fb919e9c4 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 6 Jun 2014 18:02:11 +0200 Subject: [PATCH] Missing dependency in BUILD.txt --- BUILD.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions

[Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-18 Thread Martin Basti
Due to compability with older versions, only IDNA domains should be checked Patch attached. -- Martin^2 Basti From fd329148639ce5b5707f37d1b450597f3ca4bcb7 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Wed, 18 Jun 2014 15:58:17 +0200 Subject: [PATCH] Check normalization only

Re: [Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-20 Thread Martin Basti
On Fri, 2014-06-20 at 10:32 +0200, Jan Cholasta wrote: On 18.6.2014 16:49, Martin Basti wrote: Due to compability with older versions, only IDNA domains should be checked Patch attached. I'm not particularly happy about the u'\xdf' special case. Isn't there a better way to do

Re: [Freeipa-devel] [PATCH 0019] Clarify LDAPClient docstrings about get_entry, get_entries and find_entrie

2014-06-20 Thread Martin Basti
On Wed, 2014-06-18 at 17:36 +0200, Petr Spacek wrote: Hello, Clarify LDAPClient docstrings about get_entry, get_entries and find_entries. BTW what is the purpose of size_limit in LDAPClient.get_entry()? def get_entry(self, dn, attrs_list=None, time_limit=None,

[Freeipa-devel] [PATCH 0071] Fix - handle python-dns UnicodeError

2014-06-20 Thread Martin Basti
Patch attached -- Martin^2 Basti From a28ead1232de4cf84c31e942ed2be1ed4ab4a3b3 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 20 Jun 2014 12:53:06 +0200 Subject: [PATCH] Fix handle python-dns UnicodeError --- ipapython/dnsutil.py | 9 + 1 file changed, 5

Re: [Freeipa-devel] [PATCH] 0059-0063 Update DNSSEC attributes/record types

2014-06-20 Thread Martin Basti
On Thu, 2014-06-19 at 18:37 +0200, Martin Basti wrote: On Fri, 2014-06-13 at 09:55 +0200, Martin Basti wrote: On Thu, 2014-06-12 at 16:20 +0200, Martin Basti wrote: On Thu, 2014-06-12 at 13:17 +0200, Petr Vobornik wrote: On 9.6.2014 17:28, Martin Basti wrote: Ticket: https

[Freeipa-devel] [PATCHES 0072-0075] Add DLV record (Update DNSSEC attributes in LDAP schema)

2014-06-20 Thread Martin Basti
Patches attached Petr please review WebUI patch. -- Martin^2 Basti From 5492f997702d8b773cd1675a320a79371f5e5b19 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 17 Jun 2014 17:04:46 +0200 Subject: [PATCH 1/4] DNSSEC: DLVRecord type added Ticket: https://fedorahosted.org

[Freeipa-devel] [PATCH 0076] Fix incompatible DNS permission

2014-06-20 Thread Martin Basti
Patch attached. Ticket:https://fedorahosted.org/freeipa/ticket/4383 -- Martin^2 Basti From a01f6f623e7cf9261fa0029f271f8a310812f895 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 20 Jun 2014 13:52:12 +0200 Subject: [PATCH] Fix incompatible DNS permission dns(forward

[Freeipa-devel] [PATCH 0077] Add dnssecinlinesigning attribute to ACI

2014-06-20 Thread Martin Basti
Required patches: mbasti-0060, mbasti-0073 Patch attached. -- Martin^2 Basti From 749807eef26245caec535d1da2ffb48cd69e30a0 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 20 Jun 2014 15:11:57 +0200 Subject: [PATCH] Fix: add dnssecinlinesigning attribute to ACI

Re: [Freeipa-devel] DNSSEC: IPA Installation/Upgrade

2014-06-23 Thread Martin Basti
On Mon, 2014-06-23 at 17:44 +0200, Martin Basti wrote: Hello, I have following issues: #1 Upgrading existing replicas to support DNSSEC won't work for current design (replica-file as storage for temporal replica key). Temporal private key needs to be copied to replica, and no encrypted

Re: [Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-24 Thread Martin Basti
On Tue, 2014-06-24 at 16:36 +0200, Martin Kosek wrote: On 06/18/2014 01:46 PM, Martin Basti wrote: On Wed, 2014-06-18 at 13:44 +0200, Martin Basti wrote: On Fri, 2014-06-13 at 10:28 +0200, Martin Basti wrote: Patches attached, require patches mbasti 0052-0055

Re: [Freeipa-devel] [PATCH 0270-0271] Add TLSA and DLV RR types to LDAP schema

2014-06-25 Thread Martin Basti
On Tue, 2014-06-24 at 17:04 +0200, Petr Spacek wrote: Hello, Add TLSA and DLV RR types to LDAP schema. Those RR types will be handy for DNSSEC users. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

[Freeipa-devel] [PATCH 0078-0079] DNSEC: Add TLSA record

2014-06-25 Thread Martin Basti
Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12 Patches attached. Note: ACI will be updated in another patch which fix ACIs in DNS plugin -- Martin^2 Basti ___ Freeipa-devel mailing list Freeipa-devel@redhat.com

Re: [Freeipa-devel] [PATCH 0078-0079] DNSEC: Add TLSA record

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 14:31 +0200, Martin Basti wrote: Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12 Patches attached. Note: ACI will be updated in another patch which fix ACIs in DNS plugin Patches are here -- Martin^2 Basti From f429d90eadaa7da6719665dc1f9c5fcdf02dcee5

Re: [Freeipa-devel] [PATCH 0076] Fix incompatible DNS permission

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 15:54 +0200, Petr Viktorin wrote: On 06/20/2014 03:28 PM, Martin Basti wrote: Patch attached. Ticket:https://fedorahosted.org/freeipa/ticket/4383 This works, just two comments: To check if an entry exists, instead of calling api.Command['permission_show

Re: [Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 14:36 +0200, Martin Kosek wrote: On 06/24/2014 04:52 PM, Martin Basti wrote: On Tue, 2014-06-24 at 16:36 +0200, Martin Kosek wrote: On 06/18/2014 01:46 PM, Martin Basti wrote: On Wed, 2014-06-18 at 13:44 +0200, Martin Basti wrote: On Fri, 2014-06-13 at 10:28 +0200

Re: [Freeipa-devel] [PATCH 0077] Fix ACI in DNS (was Add dnssecinlinesigning attribute to ACI)

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 12:13 +0200, Petr Viktorin wrote: On 06/20/2014 03:32 PM, Martin Basti wrote: Required patches: mbasti-0060, mbasti-0073 Patch attached. Hi, For the raw ACI in dns.ldif, there are some more hoops to jump through. Remove the ACI from /install/share/dns.ldif

Re: [Freeipa-devel] [PATCH 0077] Fix ACI in DNS (was Add dnssecinlinesigning attribute to ACI)

2014-06-25 Thread Martin Basti
On Wed, 2014-06-25 at 18:47 +0200, Martin Basti wrote: On Wed, 2014-06-25 at 12:13 +0200, Petr Viktorin wrote: On 06/20/2014 03:32 PM, Martin Basti wrote: Required patches: mbasti-0060, mbasti-0073 Patch attached. Hi, For the raw ACI in dns.ldif, there are some more hoops

Re: [Freeipa-devel] [PATCHES 0066-0067] Upgrade procedure for forwardzones

2014-06-27 Thread Martin Basti
that one issue, I am willing to ack. Martin Updated patch attached -- Martin^2 Basti From 13c3470007907e12cb5b2448f537628f1eec5085 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 13 Jun 2014 10:20:23 +0200 Subject: [PATCH] Upgrade special master zones to forward zones

Re: [Freeipa-devel] [PATCH 0078-0079] DNSSEC: Add TLSA record

2014-06-27 Thread Martin Basti
On Thu, 2014-06-26 at 13:57 +0200, Petr Vobornik wrote: On 25.6.2014 14:35, Martin Basti wrote: On Wed, 2014-06-25 at 14:31 +0200, Martin Basti wrote: Ticket https://fedorahosted.org/freeipa/ticket/4328#comment:12 Patches attached. Note: ACI will be updated in another patch which fix

Re: [Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-27 Thread Martin Basti
, Alexander Bokovoy wrote: On Fri, 20 Jun 2014, Martin Basti wrote: On Fri, 2014-06-20 at 10:32 +0200, Jan Cholasta wrote: On 18.6.2014 16:49, Martin Basti wrote: Due to compability with older versions, only IDNA domains should be checked Patch attached. I'm not particularly happy about

[Freeipa-devel] [PATCHES 0080-0081] DNSSEC: Add experimental support for DNSSEC

2014-06-27 Thread Martin Basti
Ticket: https://fedorahosted.org/freeipa/ticket/4408 Patches attached. -- Martin^2 Basti From 294ef8aa1abe4d0ebf0d858f66f12d747b2a1d48 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Fri, 27 Jun 2014 17:04:15 +0200 Subject: [PATCH 1/2] Allow to add non string values to named

Re: [Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-30 Thread Martin Basti
On Fri, 2014-06-27 at 12:21 +0200, Petr Spacek wrote: On 27.6.2014 12:20, Alexander Bokovoy wrote: On Fri, 27 Jun 2014, Petr Spacek wrote: On 27.6.2014 12:04, Alexander Bokovoy wrote: diff --git a/ipalib/parameters.py b/ipalib/parameters.py index 1dff13c..09fed28 100644 ---

Re: [Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-30 Thread Martin Basti
Jun 2014, Jan Cholasta wrote: On 27.6.2014 10:29, Alexander Bokovoy wrote: On Fri, 27 Jun 2014, Jan Cholasta wrote: On 27.6.2014 10:15, Alexander Bokovoy wrote: On Fri, 20 Jun 2014, Martin Basti wrote: On Fri, 2014-06-20 at 10:32 +0200, Jan Cholasta wrote: On 18.6.2014 16:49, Martin Basti

[Freeipa-devel] [PATCH 0082] Forward zones: add warning about forwarders semantic change in dnszone-add/mod

2014-06-30 Thread Martin Basti
Ticket: https://fedorahosted.org/freeipa/ticket/3210#comment:16 Patch attached. -- Martin^2 Basti From 9334ebbe6f7965496faec63c15324dfc3eea6471 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 30 Jun 2014 11:58:46 +0200 Subject: [PATCH] Add warning about semantic change

[Freeipa-devel] [PATCH 0083] Add DNSSEC experimental support warning message

2014-06-30 Thread Martin Basti
Patch attached. -- Martin^2 Basti From e29d8a89485fa9f36446517b69a0082c4a85f747 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 30 Jun 2014 12:32:31 +0200 Subject: [PATCH] Add DNSSEC experimental support warning message Ticket: https://fedorahosted.org/freeipa/ticket

Re: [Freeipa-devel] [PATCH 0070] Normalization check only for IDNA domains

2014-06-30 Thread Martin Basti
On Mon, 2014-06-30 at 11:43 +0300, Alexander Bokovoy wrote: On Mon, 30 Jun 2014, Martin Basti wrote: On Fri, 2014-06-27 at 14:03 +0300, Alexander Bokovoy wrote: On Fri, 27 Jun 2014, Martin Kosek wrote: On 06/27/2014 12:10 PM, Alexander Bokovoy wrote: On Fri, 27 Jun 2014, Petr Spacek wrote

Re: [Freeipa-devel] [PATCH 0083] Add DNSSEC experimental support warning message

2014-06-30 Thread Martin Basti
On Mon, 2014-06-30 at 12:49 +0200, Martin Basti wrote: Patch attached. ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Updated patch attached -- Martin^2 Basti From

Re: [Freeipa-devel] [PATCH 0083] Add DNSSEC experimental support warning message

2014-06-30 Thread Martin Basti
On Mon, 2014-06-30 at 16:57 +0200, Petr Spacek wrote: On 30.6.2014 14:33, Martin Basti wrote: On Mon, 2014-06-30 at 12:49 +0200, Martin Basti wrote: Patch attached. It works for me. Please change the string little bit, I have realized that we should ensure that file permissions

Re: [Freeipa-devel] DNSSEC: IPA Installation/Upgrade

2014-06-30 Thread Martin Basti
On Tue, 2014-06-24 at 11:49 +0200, Petr Spacek wrote: On 23.6.2014 17:49, Martin Basti wrote: On Mon, 2014-06-23 at 17:44 +0200, Martin Basti wrote: Hello, I have following issues: #1 Upgrading existing replicas to support DNSSEC won't work for current design (replica-file as storage

Re: [Freeipa-devel] [PATCH 0078-0079] DNSSEC: Add TLSA record

2014-07-01 Thread Martin Basti
On Mon, 2014-06-30 at 18:07 +0200, Petr Vobornik wrote: On 27.6.2014 14:55, Martin Basti wrote: On Thu, 2014-06-26 at 13:57 +0200, Petr Vobornik wrote: On 25.6.2014 14:35, Martin Basti wrote: On Wed, 2014-06-25 at 14:31 +0200, Martin Basti wrote: Ticket https://fedorahosted.org/freeipa

Re: [Freeipa-devel] [PATCH 0082] Forward zones: add warning about forwarders semantic change in dnszone-add/mod

2014-07-01 Thread Martin Basti
On Mon, 2014-06-30 at 13:57 +0200, Petr Viktorin wrote: On 06/30/2014 12:48 PM, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/3210#comment:16 Patch attached. When you add a new message, you should also define a new class for it in messages.py with a new errno

Re: [Freeipa-devel] [PATCH 0083] Add DNSSEC experimental support warning message

2014-07-01 Thread Martin Basti
On Tue, 2014-07-01 at 12:23 +0200, Petr Spacek wrote: On 1.7.2014 12:20, Martin Kosek wrote: On 07/01/2014 10:55 AM, Petr Spacek wrote: On 1.7.2014 10:49, Petr Viktorin wrote: On 07/01/2014 10:43 AM, Petr Spacek wrote: On 30.6.2014 17:10, Martin Basti wrote: On Mon, 2014-06-30 at 16:57

[Freeipa-devel] [PATCHES 0084-0086] NSEC3PARAM DNS record should be in DNS zone settings

2014-07-01 Thread Martin Basti
Ticket: https://fedorahosted.org/freeipa/ticket/4413 Patches attached -- Martin^2 Basti From f114f904695a60893bf1fd2801b50843e2d33b73 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Mon, 30 Jun 2014 17:17:02 +0200 Subject: [PATCH 1/3] Remove NSEC3PARAM record Ticket: https

Re: [Freeipa-devel] [PATCHES 0084-0086] NSEC3PARAM DNS record should be in DNS zone settings

2014-07-01 Thread Martin Basti
On Tue, 2014-07-01 at 14:24 +0200, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4413 Patches attached ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Rebased

Re: [Freeipa-devel] [PATCH 0082] Forward zones: add warning about forwarders semantic change in dnszone-add/mod

2014-07-01 Thread Martin Basti
On Tue, 2014-07-01 at 12:17 +0200, Petr Viktorin wrote: On 07/01/2014 12:10 PM, Martin Basti wrote: On Mon, 2014-06-30 at 13:57 +0200, Petr Viktorin wrote: On 06/30/2014 12:48 PM, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/3210#comment:16 Patch attached

[Freeipa-devel] [PATCH 0087] Fix: missing tlsarecord in 40-dns.update

2014-07-01 Thread Martin Basti
Patch attached -- Martin^2 Basti From 692ab8ccfa7ee709a7d23bfe2c20b0b79a9c8347 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Tue, 1 Jul 2014 17:25:43 +0200 Subject: [PATCH] Fix: Missing tlsarecord in 40-dns.update --- install/updates/40-dns.update | 2 +- 1 file changed, 1

Re: [Freeipa-devel] [PATCH 0087] Fix: missing tlsarecord in 40-dns.update

2014-07-02 Thread Martin Basti
On Wed, 2014-07-02 at 09:40 +0200, Petr Spacek wrote: On 1.7.2014 17:28, Martin Basti wrote: Patch attached I'm not able to apply it on top of current master (21e1e4ac3bd62c20c6331ea3dc09793e3a869c22). Sorry I lost myself in ACIs, it depends on the patch mbasti-0084-2 and 0085-2

[Freeipa-devel] [PATCH 0088] Use documentation addresses in dns help

2014-07-02 Thread Martin Basti
Patch attached. (Forward zones help preparation) -- Martin^2 Basti From c27017724dcce01d3ba901dc81c129c699952a44 Mon Sep 17 00:00:00 2001 From: Martin Basti mba...@redhat.com Date: Wed, 2 Jul 2014 12:52:14 +0200 Subject: [PATCH] Use documentation addresses in dns help --- ipalib/plugins/dns.py

Re: [Freeipa-devel] [PATCHES 0084-0086] NSEC3PARAM DNS record should be in DNS zone settings

2014-07-02 Thread Martin Basti
On Wed, 2014-07-02 at 09:39 +0200, Petr Viktorin wrote: On 07/01/2014 03:15 PM, Martin Basti wrote: On Tue, 2014-07-01 at 14:24 +0200, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4413 Patches attached Rebased patches attached 0084: in dns.py, you'll

Re: [Freeipa-devel] [PATCH 0088] Use documentation addresses in dns help

2014-07-02 Thread Martin Basti
On Wed, 2014-07-02 at 13:09 +0200, Petr Viktorin wrote: On 07/02/2014 01:02 PM, Martin Basti wrote: Patch attached. (Forward zones help preparation) /me sighs This will invalidate all translations of the DNS plugin help. Is it really necessary for 4.0? Ask petr2, but I have ticket

Re: [Freeipa-devel] [PATCHES 0084-0086] NSEC3PARAM DNS record should be in DNS zone settings

2014-07-02 Thread Martin Basti
On Wed, 2014-07-02 at 13:17 +0200, Martin Basti wrote: On Wed, 2014-07-02 at 09:39 +0200, Petr Viktorin wrote: On 07/01/2014 03:15 PM, Martin Basti wrote: On Tue, 2014-07-01 at 14:24 +0200, Martin Basti wrote: Ticket: https://fedorahosted.org/freeipa/ticket/4413 Patches attached

  1   2   3   4   5   6   7   8   9   10   >