Hi,
this patch simply checks if ipa-join exists in ipa-client folder, if not, skips
tests relying on it.
Uses nose.plugin.skip.
https://fedorahosted.org/freeipa/ticket/2905
Tomas BabejFrom 2f7cb184619fddd40c7d141b42d35892b6cd5aff Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
All suggestions implemented.
Tomas
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Tomas Babej tba...@redhat.com
Cc: freeipa-devel@redhat.com
Sent: Friday, August 3, 2012 11:24:03 AM
Subject: Re: [Freeipa-devel] [Patch] 0001 Add check for existence of ipa-join
in the tree
Hi,
file system permissions on replica files in /var/lib/ipa were
changed to 0600.
https://fedorahosted.org/freeipa/ticket/2847
TomasFrom 21c23582bac3c3ca54b413f95cac948daad90084 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Mon, 6 Aug 2012 08:57:14 -0400
Subject: [PATCH
Hi,
In ipa-client-install, failure of restart of sssd service no longer
causes the crash of the install process. Adds a warning message to
the root logger instead.
https://fedorahosted.org/freeipa/ticket/2827
Tomas
___
Freeipa-devel mailing list
Hi,
I checked the rest of the description as well, seems alright.
https://fedorahosted.org/freeipa/ticket/2959
Tomas
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
I forgot the patch once again.
- Original Message -
From: Tomas Babej tba...@redhat.com
To: freeipa-devel@redhat.com
Sent: Friday, August 10, 2012 12:44:41 PM
Subject: [Freeipa-devel] [PATCH] 0004 Corrects help description of
selinuxusermap.
Hi,
I checked the rest
00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri, 10 Aug 2012 08:59:58 -0400
Subject: [PATCH] Improves exception handling in ipa-replica-prepare.
A backtrace is no longer displayed when trying to prepare a replica
file with the local LDAP server down. Also adds --debug option
Suggestion incorporated.
Tomas
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Tomas Babej tba...@redhat.com
Cc: freeipa-devel@redhat.com
Sent: Friday, August 10, 2012 3:43:06 PM
Subject: Re: [Freeipa-devel] [PATCH] 0004 Corrects help description of
selinuxusermap.
On 08
Issue resolved.
Tomas
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Tomas Babej tba...@redhat.com
Cc: freeipa-devel@redhat.com
Sent: Tuesday, August 14, 2012 9:26:03 AM
Subject: Re: [Freeipa-devel] [PATCH] 0003 Handle SSSD restart crash more gently.
On 08/07/2012 06:14
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Tomas Babej tba...@redhat.com
Cc: freeipa-devel@redhat.com
Sent: Tuesday, August 14, 2012 8:41:44 AM
Subject: Re: [Freeipa-devel] [PATCH] 0004-2 Corrects help description of
selinuxusermap.
Looking at the changes, I think
- Original Message -
From: Martin Kosek mko...@redhat.com
To: Tomas Babej tba...@redhat.com
Cc: freeipa-devel@redhat.com
Sent: Tuesday, August 14, 2012 8:55:19 AM
Subject: Re: [Freeipa-devel] [PATCH] 0005-2 Improves exception handling in
ipa-replica-prepare.
On 08/10/2012 04:32 PM, Tomas
Hi,
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation.
https://fedorahosted.org/freeipa/ticket/2740
TomasFrom ae338576d912f494707653e311517070baedb986 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri, 17 Aug 2012 08:56:45
Hi,
Dependency on samba4-winbind has been added to the package
freeipa-server-trust-ad.
TomasFrom 63123b9a753df05cec06e369c80a58e01601423a Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Mon, 20 Aug 2012 03:57:55 -0400
Subject: [PATCH] Adds dependency on samba4-windbind
Fixed typo in the commit message.
Tomas
- Original Message -
From: Tomas Babej tba...@redhat.com
To: freeipa-devel@redhat.com
Sent: Monday, August 20, 2012 10:08:41 AM
Subject: [Freeipa-devel] [PATCH] 0007 Adds dependency on samba4-windbind.
Hi,
Dependency on samba4-winbind has been
On 08/20/2012 02:05 PM, Alexander Bokovoy wrote:
On Mon, 20 Aug 2012, Petr Vobornik wrote:
On 08/20/2012 10:16 AM, Tomas Babej wrote:
Fixed typo in the commit message.
Tomas
- Original Message -
From: Tomas Babej tba...@redhat.com
To: freeipa-devel@redhat.com
Sent: Monday, August 20
Hi,
Both commands now produce the same output regarding
the attributelevelrights.
https://fedorahosted.org/freeipa/ticket/2875
Tomas
From 67c3a3337fe6ce40510f60ecacfc7b8dc8a6cc9d Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 22 Aug 2012 10:39:01 -0400
Subject: [PATCH
On 08/22/2012 05:15 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Both commands now produce the same output regarding
the attributelevelrights.
https://fedorahosted.org/freeipa/ticket/2875
I think some unit tests would be helpful so we don't regress and we
know which other commands
On 08/23/2012 02:46 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 08/22/2012 05:15 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Both commands now produce the same output regarding
the attributelevelrights.
https://fedorahosted.org/freeipa/ticket/2875
I think some unit tests would
Hi,
Command ipa host-del with --updatedns now can deal both with hosts
which zones are in FQDN form with or without a trailing dot.
https://fedorahosted.org/freeipa/ticket/2809
Tomas
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
fac8d676d2e727977a8a52bdd2990eb2839b54c4 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri, 17 Aug 2012 08:56:45 -0400
Subject: [PATCH] Improves sssd.conf handling during ipa-client uninstall
The sssd.conf file is no longer left behind in case sssd was not
configured before the installation. However, the patch
On 08/31/2012 07:08 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
this is a fairly simple one-liner.
https://fedorahosted.org/freeipa/ticket/3039
Tomas
Looks good. Can you add a unit test so we don't have a regression on
this?
thanks
rob
I tweaked one of the existing unit tests
From 8cfde7e9fde521608557b6767ad91dee1901b45f Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Mon, 3 Sep 2012 10:49:53 -0400
Subject: [PATCH] Make sure selinuxusemap behaves consistently to HBAC rule
Both selinuxusermap-add and selinuxusermap-mod commands now behave
consistently
Hi,
https://fedorahosted.org/freeipa/ticket/2953
Tomas.
From 37765df5653f1c2ef8d4c6382b28269d48ab112a Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 4 Sep 2012 09:20:10 -0400
Subject: [PATCH] Change slapi_mods_init in
ipa_winsync_pre_ad_mod_user_mods_cb
https
Hi,
User-unfriendly errors were caused by re-raising errors
from external python module netaddr.
https://fedorahosted.org/freeipa/ticket/2588
Tomas
From 34f3da391a8e070b29640b0ecdfed6db81b86ce2 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 5 Sep 2012 09:03:18 -0400
On 09/05/2012 03:42 PM, Petr Viktorin wrote:
On 09/05/2012 03:19 PM, Tomas Babej wrote:
Hi,
User-unfriendly errors were caused by re-raising errors
from external python module netaddr.
https://fedorahosted.org/freeipa/ticket/2588
Tomas
On 09/05/2012 01:56 PM, Martin Kosek wrote:
On 09/03/2012 05:12 PM, Tomas Babej wrote:
Hi,
Both selinuxusermap-add and selinuxusermap-mod commands now behave
consistently in not allowing user/host category or user/host members
and HBAC rule being set at the same time. Also adds a bunch of unit
On 09/11/2012 01:14 PM, Martin Kosek wrote:
On 09/06/2012 01:13 PM, Tomas Babej wrote:
On 09/05/2012 01:56 PM, Martin Kosek wrote:
On 09/03/2012 05:12 PM, Tomas Babej wrote:
Hi,
Both selinuxusermap-add and selinuxusermap-mod commands now behave
consistently in not allowing user/host category
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57:44PM +0200, Martin Kosek wrote:
I think that the right behavior of SSSD conf uninstall
On 09/20/2012 02:42 PM, Martin Kosek wrote:
On 09/18/2012 11:21 AM, Tomas Babej wrote:
On 09/12/2012 05:29 PM, Martin Kosek wrote:
On 08/29/2012 02:54 PM, Tomas Babej wrote:
On 08/27/2012 04:55 PM, Martin Kosek wrote:
On 08/27/2012 03:37 PM, Jakub Hrozek wrote:
On Mon, Aug 27, 2012 at 02:57
in such cases.
https://fedorahosted.org/freeipa/ticket/3097
Tomas
From 931d947b27c3e84c09f075c799e04f0ac723ab60 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 25 Sep 2012 06:20:49 -0400
Subject: [PATCH] Improve user addition to default group in host-add
On adding new user, host-add
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases, ProtectedEntryError
is being raised.
https://fedorahosted.org/freeipa/ticket/3098
Tomas
From 667031a12f7c2bc0b95573afc0a7cf572d64cb43 Mon Sep 17 00:00:00 2001
From: Tomas Babej
On 09/25/2012 02:31 PM, Martin Kosek wrote:
On 09/25/2012 02:22 PM, Tomas Babej wrote:
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases, ProtectedEntryError
is being raised.
https://fedorahosted.org/freeipa/ticket/3098
Tomas
From: Tomas Babej tba...@redhat.com
Date: Wed, 26 Sep 2012 08:52:50 -0400
Subject: [PATCH] Adds port to connection error message in ipa-client-install
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.
https://fedorahosted.org
On 09/25/2012 12:37 PM, Tomas Babej wrote:
Hi,
On adding new user, host-add tries to make it a member of default
user group. This, however, can raise AlreadyGroupMember when the
user is already member of this group due to automember rule or
default group configured. This patch makes sure
On 09/26/2012 04:12 PM, Martin Kosek wrote:
On 09/26/2012 03:23 PM, Tomas Babej wrote:
On 09/25/2012 12:37 PM, Tomas Babej wrote:
Hi,
On adding new user, host-add tries to make it a member of default
user group. This, however, can raise AlreadyGroupMember when the
user is already member
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.
https://fedorahosted.org/freeipa/ticket/2816
I think this can be pushed as a one-liner.
I think we
On 09/26/2012 05:44 PM, Martin Kosek wrote:
On 09/25/2012 02:59 PM, Tomas Babej wrote:
On 09/25/2012 02:31 PM, Martin Kosek wrote:
On 09/25/2012 02:22 PM, Tomas Babej wrote:
Hi,
Group-mod command no longer allows --rename and/or --external
changes made to the admins group. In such cases
From: Tomas Babej tba...@redhat.com
Date: Tue, 2 Oct 2012 09:15:33 -0400
Subject: [PATCH] Improve error message in ipa-replica-manage
When executing ipa-replica-manage connect to an unknown or irrelevant
master, we now print a sensible error message informing the user
about this possiblity as well
On 10/03/2012 09:18 AM, Martin Kosek wrote:
On 10/02/2012 02:33 PM, Tomas Babej wrote:
On 09/26/2012 05:44 PM, Martin Kosek wrote:
On 09/25/2012 02:59 PM, Tomas Babej wrote:
On 09/25/2012 02:31 PM, Martin Kosek wrote:
On 09/25/2012 02:22 PM, Tomas Babej wrote:
Hi,
Group-mod command
On 10/02/2012 08:48 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.
https://fedorahosted.org/freeipa
On 10/03/2012 03:31 PM, Tomas Babej wrote:
On 10/02/2012 08:48 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory
On 10/03/2012 07:27 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/03/2012 03:31 PM, Tomas Babej wrote:
On 10/02/2012 08:48 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 09/26/2012 09:32 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install
On 10/02/2012 03:55 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
When executing ipa-replica-manage connect to an unknown or irrelevant
master, we now print a sensible error message informing the user
about this possiblity as well.
https://fedorahosted.org/freeipa/ticket/3105
Tomas
I
messages.
Sample output produced by this patch attached.
https://fedorahosted.org/freeipa/ticket/3059
Tomas
From 8614544d08b1b2b4e85156bebbe629215fb14915 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Thu, 11 Oct 2012 03:32:17 -0400
Subject: [PATCH] Make service naming in ipa
On 10/11/2012 12:32 PM, Martin Kosek wrote:
On 10/11/2012 12:26 PM, Tomas Babej wrote:
Hi,
This patch forces more consistency into ipa-server-install output. All
descriptions of services that are not instances of
SimpleServiceInstance are now in the following format:
Description (Service Name
On 10/17/2012 11:14 AM, Sumit Bose wrote:
On Tue, Oct 16, 2012 at 02:26:24PM +0200, Tomas Babej wrote:
Hi,
commands ipa idrange-add / idrange-mod no longer allows the user
to enter primary or secondary rid range such that has non-zero
intersection with primary or secondary rid range of another
On 10/17/2012 02:34 PM, Sumit Bose wrote:
On Wed, Oct 17, 2012 at 12:59:52PM +0200, Tomas Babej wrote:
On 10/17/2012 11:14 AM, Sumit Bose wrote:
On Tue, Oct 16, 2012 at 02:26:24PM +0200, Tomas Babej wrote:
Hi,
commands ipa idrange-add / idrange-mod no longer allows the user
to enter primary
time.
The rest of the patch is just sorting options lexicographically.
Tomas
From 0ad81fd6cfca017631c705465f940a9b461a52ce Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 17 Oct 2012 08:27:26 -0400
Subject: [PATCH] Refactoring of default.conf man page
Description
On 10/17/2012 08:12 PM, Sumit Bose wrote:
On Wed, Oct 17, 2012 at 03:29:11PM +0200, Tomas Babej wrote:
On 10/17/2012 02:34 PM, Sumit Bose wrote:
On Wed, Oct 17, 2012 at 12:59:52PM +0200, Tomas Babej wrote:
On 10/17/2012 11:14 AM, Sumit Bose wrote:
On Tue, Oct 16, 2012 at 02:26:24PM +0200
On 10/18/2012 11:27 AM, Martin Kosek wrote:
On 10/11/2012 05:11 PM, Tomas Babej wrote:
On 10/11/2012 12:32 PM, Martin Kosek wrote:
On 10/11/2012 12:26 PM, Tomas Babej wrote:
Hi,
This patch forces more consistency into ipa-server-install output. All
descriptions of services
On 10/19/2012 01:44 PM, Martin Kosek wrote:
On 10/19/2012 01:26 PM, Tomas Babej wrote:
On 10/18/2012 11:27 AM, Martin Kosek wrote:
On 10/11/2012 05:11 PM, Tomas Babej wrote:
On 10/11/2012 12:32 PM, Martin Kosek wrote:
On 10/11/2012 12:26 PM, Tomas Babej wrote:
Hi,
This patch forces more
On 10/18/2012 05:14 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
Description for the 'server' and 'wait_for_attr' option has been
added. Option 'server' has been marked as deprecated, as it is not
used anywhere in IPA code. All the options have been sorted
lexicographically.
Please
On 10/19/2012 09:55 AM, Petr Viktorin wrote:
On 10/18/2012 08:01 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/02/2012 03:55 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
When executing ipa-replica-manage connect to an unknown or irrelevant
master, we now print a sensible error
On 10/19/2012 03:16 PM, Martin Kosek wrote:
On 10/19/2012 02:49 PM, Tomas Babej wrote:
On 10/19/2012 01:44 PM, Martin Kosek wrote:
On 10/19/2012 01:26 PM, Tomas Babej wrote:
On 10/18/2012 11:27 AM, Martin Kosek wrote:
On 10/11/2012 05:11 PM, Tomas Babej wrote:
On 10/11/2012 12:32 PM, Martin
On 10/24/2012 04:40 AM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/19/2012 09:55 AM, Petr Viktorin wrote:
On 10/18/2012 08:01 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/02/2012 03:55 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
When executing ipa-replica-manage connect
On 10/25/2012 12:40 PM, Tomas Babej wrote:
On 10/24/2012 04:40 AM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/19/2012 09:55 AM, Petr Viktorin wrote:
On 10/18/2012 08:01 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 10/02/2012 03:55 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi
In many ipa commands you are usually able to mess things up using
--setattr for attributes that are handled by command options.
using --setattr=attributename=:
- I am able to set the attribute to None
using --setattr=attributename=value:
- I am often able to bypass validation in
Hi,
All *-find commands now enable leading/trailing whitespaces in the
search phrase. Behaviour has been implemented directly into
crud.Search class.
https://fedorahosted.org/freeipa/ticket/2981
Tomas
From 6b7f3d99a9592e2f8e1155e12d743a60453f7e83 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba
On 10/31/2012 12:15 PM, Martin Kosek wrote:
On 10/31/2012 10:16 AM, Martin Kosek wrote:
On 10/30/2012 03:08 PM, Tomas Babej wrote:
Hi,
All *-find commands now enable leading/trailing whitespaces in the
search phrase. Behaviour has been implemented directly into
crud.Search class.
https
On 11/15/2012 12:41 PM, Petr Vobornik wrote:
On 11/15/2012 11:54 AM, Tomas Babej wrote:
Hi,
This is server part of #3252.
When user from other realm than FreeIPA's tries to use Web UI
(login via forms-based auth or with valid trusted realm ticket),
the 401 Unauthorized error with X-Ipa
On 11/15/2012 03:10 PM, Simo Sorce wrote:
On Thu, 2012-11-15 at 12:41 +0100, Petr Vobornik wrote:
On 11/15/2012 11:54 AM, Tomas Babej wrote:
Hi,
This is server part of #3252.
When user from other realm than FreeIPA's tries to use Web UI
(login via forms-based auth or with valid trusted realm
On 11/15/2012 04:14 PM, Simo Sorce wrote:
On Thu, 2012-11-15 at 15:51 +0100, Tomas Babej wrote:
On 11/15/2012 03:10 PM, Simo Sorce wrote:
On Thu, 2012-11-15 at 12:41 +0100, Petr Vobornik wrote:
On 11/15/2012 11:54 AM, Tomas Babej wrote:
Hi,
This is server part of #3252.
When user from
and rid_base must be used together
if dom_rid is not set
cat
Unit test for third check has been added.
http://fedorahosted.org/freeipa/ticket/3170
Tomas
From 980ecec7721b53f50318d602dce146e5efc29815 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 5 Dec 2012 08:29:55
objectclass ipatrustedaddomainrange being
added. This patch fixes the issue.
Tomas
From 9e72a92e942d0fe357ae82cf65a1a94ab03fa0e5 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 5 Dec 2012 11:19:57 -0500
Subject: [PATCH] Add trusted domain range objectclass to idrange-mod
When
On 12/13/2012 02:48 PM, Martin Kosek wrote:
On 12/13/2012 11:52 AM, Tomas Babej wrote:
On 12/12/2012 04:32 PM, Martin Kosek wrote:
On 10/26/2012 03:43 PM, Tomas Babej wrote:
Hi,
creating an id range with overlapping primary and secondary
rid range using idrange-add or idrange-mod command now
On 12/14/2012 01:59 PM, Alexander Bokovoy wrote:
On Fri, 14 Dec 2012, Tomas Babej wrote:
On 12/13/2012 02:48 PM, Martin Kosek wrote:
On 12/13/2012 11:52 AM, Tomas Babej wrote:
On 12/12/2012 04:32 PM, Martin Kosek wrote:
On 10/26/2012 03:43 PM, Tomas Babej wrote:
Hi,
creating an id range
Hi,
Sending updated and rebased versions of patches 0024 and 0025.
Tomas
From 6d4903a1c5e255929cdbce2a67d79c6e44b1 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri, 21 Dec 2012 05:34:37 -0500
Subject: [PATCH] Make options checks in idrange-add/mod consistent
Both
if password
policy was changed (#3114) or new users not being able to log
in at all (#3312).
https://fedorahosted.org/freeipa/ticket/3312
https://fedorahosted.org/freeipa/ticket/3114
Tomas
From 58e10e269b2cf1b789094d09207844cbc4f56f99 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date
, Tomas Babej wrote:
Hi,
Since in Kerberos V5 are used 32-bit unix timestamps, setting
maxlife in pwpolicy to values such as days would cause
integer overflow in krbPasswordExpiration attribute.
This would result into unpredictable behaviour such as users
not being able to log in after password
On 01/16/2013 02:47 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 12:52 +0100, Tomas Babej wrote:
On 01/15/2013 11:55 PM, Simo Sorce wrote:
On Tue, 2013-01-15 at 17:36 -0500, Dmitri Pal wrote:
On 01/15/2013 03:59 PM, Simo Sorce wrote:
On Tue, 2013-01-15 at 15:53 -0500, Rob Crittenden wrote
On 01/16/2013 06:01 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 17:57 +0100, Tomas Babej wrote:
On 01/16/2013 02:47 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 12:52 +0100, Tomas Babej wrote:
On 01/15/2013 11:55 PM, Simo Sorce wrote:
On Tue, 2013-01-15 at 17:36 -0500, Dmitri Pal wrote
On 01/16/2013 06:57 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 18:32 +0100, Tomas Babej wrote:
They all use ipadb_ldap_attr_to_time_t() to get their values,
so the following addition to the patch should be sufficient.
It will break dates for other users of the function that do not need
On 01/17/2013 01:56 AM, Dmitri Pal wrote:
On 01/16/2013 12:32 PM, Tomas Babej wrote:
On 01/16/2013 06:01 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 17:57 +0100, Tomas Babej wrote:
On 01/16/2013 02:47 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 12:52 +0100, Tomas Babej wrote:
On 01/15/2013
On 01/17/2013 05:18 PM, Simo Sorce wrote:
On Thu, 2013-01-17 at 15:29 +0100, Tomas Babej wrote:
On 01/17/2013 01:56 AM, Dmitri Pal wrote:
On 01/16/2013 12:32 PM, Tomas Babej wrote:
On 01/16/2013 06:01 PM, Simo Sorce wrote:
On Wed, 2013-01-16 at 17:57 +0100, Tomas Babej wrote:
On 01/16/2013
On 01/22/2013 07:39 PM, Dmitri Pal wrote:
On 01/22/2013 10:57 AM, Simo Sorce wrote:
On Tue, 2013-01-22 at 15:50 +0100, Tomas Babej wrote:
Here I bring the updated version of the patch. Please note, that I
*added* a flag attribute to ipadb_ldap_attr_to_krb5_timestamp
function, that controls
f038bb7b79d5a048e9c9ae7fd7391edabb6ac3ac Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Thu, 24 Jan 2013 15:37:21 -0500
Subject: [PATCH] Add checks for SElinux in install scripts
The checks make sure that SELinux is:
- installed and enabled (on server install)
- installed and enabled
On 01/30/2013 05:12 PM, Tomas Babej wrote:
Hi,
The checks make sure that SELinux is:
- installed and enabled (on server install)
- installed and enabled OR not installed (on client install)
Please note that client installs with SELinux not installed are
allowed since freeipa-client package
Hi,
This was a regression due to change from DatabaseError to NetworkError
when LDAP server is down.
https://fedorahosted.org/freeipa/ticket/2939
Tomas
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
On 01/31/2013 12:03 PM, Tomas Babej wrote:
Hi,
This was a regression due to change from DatabaseError to NetworkError
when LDAP server is down.
https://fedorahosted.org/freeipa/ticket/2939
Tomas
___
Freeipa-devel mailing list
Freeipa-devel
Hi,
this is a fix for a benign typo in ipa-adtrust-install --help description.
Tomas
From 785cd2df77874c524a36eab24257cdaff14a374b Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Thu, 31 Jan 2013 07:58:48 -0500
Subject: [PATCH] Fix a typo in ipa-adtrust-install help
Add SIDs
On 01/30/2013 05:58 PM, Tomas Babej wrote:
On 01/30/2013 05:12 PM, Tomas Babej wrote:
Hi,
The checks make sure that SELinux is:
- installed and enabled (on server install)
- installed and enabled OR not installed (on client install)
Please note that client installs with SELinux
On Fri 01 Feb 2013 08:03:37 PM CET, Rob Crittenden wrote:
Martin Kosek wrote:
On 01/31/2013 12:05 PM, Tomas Babej wrote:
On 01/31/2013 12:03 PM, Tomas Babej wrote:
Hi,
This was a regression due to change from DatabaseError to NetworkError
when LDAP server is down.
https://fedorahosted.org
manually is shown.
https://fedorahosted.org/freeipa/ticket/3133
Tomas
From 72f8802953edaaf5b9f7c34a38601fbccd681c8e Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Mon, 4 Feb 2013 08:33:53 -0500
Subject: [PATCH] Add option to specify SID using domain name to
idrange-add/mod
When
On 02/04/2013 04:21 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 01/30/2013 05:12 PM, Tomas Babej wrote:
Hi,
The checks make sure that SELinux is:
- installed and enabled (on server install)
- installed and enabled OR not installed (on client install)
Please note that client installs
for detailed info.
Tomas
From aa171a4e3bc5295cdf332215e1b2477c7512180a Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Wed, 6 Feb 2013 07:04:03 -0500
Subject: [PATCH 31/32] Improve HBAC rule handling in
selinuxusermap-add/mod/find
Pre-patch handling of HBAC rules in selinuxusermap
On 02/12/2013 06:23 PM, Simo Sorce wrote:
On Tue, 2013-02-12 at 18:03 +0100, Tomas Babej wrote:
On 02/12/2013 05:50 PM, Tomas Babej wrote:
Hi,
This patch adds a check for krbprincipalexpiration attribute to
pre_bind operation
in ipa-pwd-extop dirsrv plugin. If the principal is expired, auth
On 02/12/2013 06:58 PM, Petr Vobornik wrote:
On 02/04/2013 05:23 PM, Tomas Babej wrote:
Hi,
When adding/modifying an ID range for a trusted domain, the newly
added option --dom-name can be used. This looks up SID of the
trusted domain in LDAP and therefore the user is not required
to write
On 02/12/2013 06:00 PM, Alexander Bokovoy wrote:
On Fri, 08 Feb 2013, Tomas Babej wrote:
On 02/08/2013 03:25 PM, Alexander Bokovoy wrote:
On Mon, 04 Feb 2013, Tomas Babej wrote:
Hi,
When adding/modifying an ID range for a trusted domain, the newly
added option --dom-name can be used
On 02/14/2013 05:37 PM, Alexander Bokovoy wrote:
On Thu, 14 Feb 2013, Tomas Babej wrote:
+ Str('ipanttrusteddomainname?',
+ cli_name='dom_name',
+ flags=('no_search', 'virtual_attribute'),
+ label=_('Name of the trusted domain'),
+ ),
New options is added but API.txt wasn't changed. As result
On 02/18/2013 12:36 PM, Alexander Bokovoy wrote:
On Fri, 15 Feb 2013, Tomas Babej wrote:
On 02/14/2013 05:37 PM, Alexander Bokovoy wrote:
On Thu, 14 Feb 2013, Tomas Babej wrote:
+ Str('ipanttrusteddomainname?',
+ cli_name='dom_name',
+ flags=('no_search', 'virtual_attribute'),
+ label=_('Name
will not install if something is backed up or
default.conf file does exist (unless it's installation on master).
https://fedorahosted.org/freeipa/ticket/3331
Tomas
From 6a81800dedab33881a4c3573efa80cac50c84d40 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 19 Feb 2013 17:59
On 12/21/2012 12:15 PM, Tomas Babej wrote:
Hi,
Sending updated and rebased versions of patches 0024 and 0025.
Tomas
Sending rebased version, these got quite rotten.
Tomas
From f21b135d546678544ccf05efd587b46bba88e07a Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Fri
On Tue 19 Feb 2013 08:37:26 PM CET, Rob Crittenden wrote:
Tomas Babej wrote:
On 02/04/2013 04:21 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 01/30/2013 05:12 PM, Tomas Babej wrote:
Hi,
The checks make sure that SELinux is:
- installed and enabled (on server install)
- installed
On 02/19/2013 10:33 PM, Rob Crittenden wrote:
Tomas Babej wrote:
On 02/06/2013 07:57 PM, Rob Crittenden wrote:
Tomas Babej wrote:
Hi,
this pair of patches improves HBAC rule handling in selinuxusermap
commands.
Patch 0031 deals with:
https://fedorahosted.org/freeipa/ticket/3349
Patch 0032
On Wed 20 Feb 2013 02:24:03 PM CET, Alexander Bokovoy wrote:
On Wed, 20 Feb 2013, Tomas Babej wrote:
On 12/21/2012 12:15 PM, Tomas Babej wrote:
Hi,
Sending updated and rebased versions of patches 0024 and 0025.
Tomas
Sending rebased version, these got quite rotten.
Thanks for updating
On 02/21/2013 01:50 PM, Martin Kosek wrote:
On 02/21/2013 01:29 PM, Tomas Babej wrote:
On 02/21/2013 12:47 PM, Martin Kosek wrote:
On 02/20/2013 10:31 AM, Tomas Babej wrote:
Hi,
When installing / uninstalling IPA client, the checks that
determine whether IPA client is installed now take
On 02/21/2013 02:22 PM, Martin Kosek wrote:
On 02/20/2013 03:19 PM, Tomas Babej wrote:
On Wed 20 Feb 2013 02:24:03 PM CET, Alexander Bokovoy wrote:
On Wed, 20 Feb 2013, Tomas Babej wrote:
On 12/21/2012 12:15 PM, Tomas Babej wrote:
Hi,
Sending updated and rebased versions of patches 0024
Hi,
The make-test script now exits with code 1 in case that
any of the test cases that were run failed.
Can we push this without a ticket under one-liner rule?
Tomas
From f4c6cad856be076d1c367edf2e9ced1b3c15b15a Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Sat, 23 Feb
On Fri 22 Feb 2013 04:34:55 PM CET, Martin Kosek wrote:
On 02/22/2013 03:01 PM, Tomas Babej wrote:
On 02/21/2013 02:22 PM, Martin Kosek wrote:
On 02/20/2013 03:19 PM, Tomas Babej wrote:
On Wed 20 Feb 2013 02:24:03 PM CET, Alexander Bokovoy wrote:
On Wed, 20 Feb 2013, Tomas Babej wrote
(enrolled using principal and reenrolled using keytab).
Tomas
From e576009bb7a93daec1cbc4ef94785017f80b2756 Mon Sep 17 00:00:00 2001
From: Tomas Babej tba...@redhat.com
Date: Tue, 26 Feb 2013 13:20:13 +0100
Subject: [PATCH] Add support for re-enrolling hosts using keytab
A host that has been previously
1 - 100 of 961 matches
Mail list logo