Hi,
attached a patch to update man page and doc.
Tomas
From 6aae0cca6e3347bd3b02af45aa27c61d25407f61 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Fri, 5 Aug 2016 09:25:05 +0200
Subject: [PATCH] Update ipa-replica-install documentation
Update the ipa-replica-install man page and help to
Hi,
please review the attached patch.
Thanks,
Tomas
From 9787d13cd7f0f3b8ce65ca84a7759f180a74d6d8 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Tue, 9 Aug 2016 14:09:24 +0200
Subject: [PATCH] Fix ipa-caalc-add-service error message
When service is not found in ipa-caalc-add-service
Hi,
the attached patch fixes an error message when user provides an empty
key while adding otp token.
https://fedorahosted.org/freeipa/ticket/6200
--
Tomas Krizek
From 806e0cf73dcc3ccbfd620b7865561682ea2e37f5 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Tue, 16 Aug 2016 14:10:49 +0200
ACK, works for me.
On 08/16/2016 10:43 AM, Pavel Vomacka wrote:
Hello,
Please review attached patches which adds warning that only one CA
server is installed.
https://fedorahosted.org/freeipa/ticket/5828
--
Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list
under oneliner rule
--
Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
message when service does not exists
https://fedorahosted.org/freeipa/ticket/6171
Best regards,
Ganna Kaihorodova
Associate Software Quality Engineer
:
--
Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Co
Hi,
please review the attached patch.
Make sure the hostname isn't resolved to link local IPv6(feXX:...)
during testing, which doesn't work (and isn't supposed to).
--
Tomas Krizek
From d4a7a4e637951fca5331e9dc0622df912e828a26 Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Da
Seems like a good idea, I'm attaching the updated patch. Autofill does
work when the param is required.
On 08/19/2016 04:19 PM, Martin Basti wrote:
On 16.08.2016 17:35, Tomas Krizek wrote:
Hi,
the attached patch fixes an error message when user provides an empty
key while addin
I've attached the updated patch. Hopefully I didn't forget anything else
this time.
On 08/22/2016 05:48 PM, Martin Basti wrote:
On 22.08.2016 10:22, Tomas Krizek wrote:
Seems like a good idea, I'm attaching the updated patch. Autofill
does work when the param is required.
In that case, the first version of the patch solves the issue.
I'm attaching the patch once again, but it's the same as the one in the
original message.
On 08/23/2016 11:53 AM, Jan Cholasta wrote:
On 22.8.2016 19:08, Tomas Krizek wrote:
I've attached the updated patch. Hop
Fixed the typo in error message.
On 08/23/2016 12:15 PM, Tomas Krizek wrote:
In that case, the first version of the patch solves the issue.
I'm attaching the patch once again, but it's the same as the one in
the original message.
On 08/23/2016 11:53 AM, Jan Cholasta wrote:
On 22
works as expected -> ACK.
-- Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 09/02/2016 09:05 AM, Florence Blanc-Renaud wrote:
On 09/02/2016 08:08 AM, Jan Cholasta wrote:
On 1.9.2016 19:37, Tomas Krizek wrote:
On 09/01/2016 03:58 PM, Florence Blanc-Renaud wrote:
Hi,
please find attached a patch for ipa-certupdate in CA-less deployment.
https://fedorahosted.org
module.
I'm open to suggestions
Martin^2
I'd use a double underscore variable:
name, __, gender = user['mbasti']
It is quicker to write than _dummy and it also provides a better
readability, because I can immediately identify the symbol as special.
Unlike _dummy which I
On 09/22/2016 06:00 PM, Martin Basti wrote:
On 22.09.2016 17:59, Tomas Krizek wrote:
On 09/22/2016 04:39 PM, Martin Basti wrote:
Hello all,
In 4.5, I would like to remove all unused variables from code and
enable pylint check. Due to big amount of unused variables in the
code this will be
opose:
refactoring-XXX
feature-XXX
Thoughts? Anyone against?
Hi,
I think feature branches are a good idea. Once they're merged, I would
delete them.
I'm for the refactoring-XXX naming convention.
--
Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list:
https:/
list:
http://www.redhat.com/mailman/listinfo/freeipa-users
--
Tomas Krizek
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
removing the REQUIRE
and logging an error instead.
Thanks.
--
Tomas Krizek
From b801fb06a77f2ec8867884bc769d5bb1db0e1c2e Mon Sep 17 00:00:00 2001
From: Tomas Krizek
Date: Mon, 19 Dec 2016 12:39:07 +0100
Subject: [PATCH] handle termination of syncrepl watcher thread
In some cases, the thread co
no nice way for the signal handler to retrieve/set the
> 'existing' flag. Do you think we could move 'ldap_inst->exiting=TRUE'
> and pthread_kill in a same wrapper function (for example
> watcher_shutdown).
>
> thanks
> thierry
>
> On 12/19/2016 01:04
> 4. Should we continue to `tail -n 5000` the log as we currently do,
>>>or just rely on exported log?
If you're talking about the log in the travis web interface, I would
keep it. It's easily accessible from the browser.
>>> Thanks,
>>> Fraser
>> Fr
rry I generalized too much, the original topic was moving away
> from python-nss (of which I am even more sorry as you're the author).
>
We could use some ideas on how to handle replica installations in FIPS.
We might use some flag in LDAP to indicate that a topology is
FIPS-enabled.
On 01/12/2017 04:17 PM, Rob Crittenden wrote:
> Tomas Krizek wrote:
>> On 12/19/2016 04:41 PM, Standa Laznicka wrote:
>>> On 12/19/2016 03:07 PM, John Dennis wrote:
>>>> On 12/19/2016 03:12 AM, Standa Laznicka wrote:
>>>>> On 12/16/2016 03:23 PM, Rob C
On 01/13/2017 05:44 PM, Petr Vobornik wrote:
> On 01/13/2017 03:49 PM, Rob Crittenden wrote:
>> Tomas Krizek wrote:
>>> On 01/12/2017 04:17 PM, Rob Crittenden wrote:
>>>> Tomas Krizek wrote:
>>>>> On 12/19/2016 04:41 PM, Standa Laznicka wrote:
>
On 01/25/2017 12:46 PM, Tomas Krizek wrote:
> On 01/13/2017 05:44 PM, Petr Vobornik wrote:
>> On 01/13/2017 03:49 PM, Rob Crittenden wrote:
>>> Tomas Krizek wrote:
>>>> On 01/12/2017 04:17 PM, Rob Crittenden wrote:
>>>>> Tomas Krizek wrote:
>>
ses these fingerprints. The
> OpenSSL equivalent doesn't include them by default.
>
> You may be able to deprecate fingerprints altogether.
>
> rob
I think it's useful to display the certificate's fingerprint. I'm in
favor of removing md5 and adding sha256 ins
On 02/22/2017 12:28 AM, Fraser Tweedale wrote:
> On Tue, Feb 21, 2017 at 05:23:07PM +0100, Standa Laznicka wrote:
>> On 02/21/2017 04:24 PM, Tomas Krizek wrote:
>>> On 02/21/2017 03:23 PM, Rob Crittenden wrote:
>>>> Standa Laznicka wrote:
>>>>> Hello,
&
On 02/22/2017 01:44 PM, Fraser Tweedale wrote:
> On Wed, Feb 22, 2017 at 01:41:22PM +0100, Tomas Krizek wrote:
>> On 02/22/2017 12:28 AM, Fraser Tweedale wrote:
>>> On Tue, Feb 21, 2017 at 05:23:07PM +0100, Standa Laznicka wrote:
>>>> On 02/21/2017 04:24 PM, Tomas Kri
On 02/24/2017 08:34 AM, Standa Laznicka wrote:
> On 02/24/2017 08:29 AM, Jan Cholasta wrote:
>> On 23.2.2017 19:06, Martin Basti wrote:
>>>
>>>
>>> On 23.02.2017 15:09, Tomas Krizek wrote:
>>>> On 02/22/2017 01:44 PM, Fraser Tweedale wrote:
>&
n. Maybe that reason is no longer applicable with all the current
> automation but I'd personally prefer Lukas's suggestion of requiring
> them by default but providing clear output on how to disable them if
> desired. This way the average user can easily work around it and it
On 03/06/2017 01:44 PM, Lukas Slebodnik wrote:
> On (06/03/17 13:35), Tomas Krizek wrote:
>> On 03/03/2017 09:22 PM, Rob Crittenden wrote:
>>> Lukas Slebodnik wrote:
>>>> On (03/03/17 17:07), Lukas Slebodnik wrote:
>>>>> ehlo,
>>>>>
>&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 03/06/2017 02:10 PM, Lukas Slebodnik wrote:
> On (06/03/17 13:49), Tomas Krizek wrote:
>> On 03/06/2017 01:44 PM, Lukas Slebodnik wrote:
>>> On (06/03/17 13:35), Tomas Krizek wrote:
>>>> On 03/03/2017 09:22 PM, Rob
ess.
--
Tomas Krizek
PGP: 4A8B A48C 2AED 933B D495 C509 A1FB A5F7 EF8C 4869
signature.asc
Description: OpenPGP digital signature
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.
the
upcoming weeks.
== Feedback ==
Please provide comments, report bugs, and send any other feedback via the
freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
<http://www.redhat.com/mailman/listinfo/freeipa-users>
--
Tomas Krizek
PGP: 4A8B A48C 2AED 933
es
> * Wait until HTTPS principal entry is replicated to replica
> * wait_for_entry: use only DN as parameter
>
> === Stanislav Laznicka (2) ===
> * Add debug log in case cookie retrieval went wrong
> * Fix cookie with Max-Age processing
>
> === Tomas Krizek (1) ===
> * se
===
> * Tests: fix test_forward_zones in test_xmlrpc/test_dns_plugin
> * DNS server upgrade: do not fail when DNS server did not respond
> * Fix ipa-replica-prepare's error message about missing local CA instance
>
> === Petr Vobornik (1) ===
> * ca-less tests: fix getting cert
ly blocker tag in PR. But
> testblocker tag in pagure does. Actually I'm thinking about changing
> Pagure priority names to: "highest, high, medium, low, patchwelcome"
>
+1, but I'd prefer "critical" instead of "highest"
--
Tomas Krizek
PGP: 4A8B A
can be quite long and someone might post an
old/unrelated error by accident. Using '-r' will ensure the user will
see the most recent and relevant log output.
--
Tomas Krizek
PGP: 4A8B A48C 2AED 933B D495 C509 A1FB A5F7 EF8C 4869
signature.asc
Description: OpenPGP digital signat
On 05/02/2017 12:57 PM, Standa Laznicka wrote:
> On 04/28/2017 02:41 PM, Martin Bašti wrote:
>>
>> On 28.04.2017 14:17, Tomas Krizek wrote:
>>> On 04/28/2017 10:15 AM, Petr Vobornik wrote:
>>>> Hi all,
>>>>
>>>> I created "blocke
38 matches
Mail list logo
