[Freeipa-devel] [freeipa PR#367][edited] Remove nsslib from IPA

2017-02-02 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Author: stlaz Title: #367: Remove nsslib from IPA Action: edited Changed field: body Original value: """ This batch of patches removes NSSConnection along with the whole ipapython.nsslib from IPA and replaces it wit

[Freeipa-devel] [freeipa PR#367][edited] Remove nsslib from IPA

2017-02-02 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Author: stlaz Title: #367: Remove nsslib from IPA Action: edited Changed field: body Original value: """ This batch of patches removes NSSConnection along with the whole ipapython.nsslib from IPA and replaces it wit

[Freeipa-devel] [freeipa PR#402][+ack] [master] wait_for_entry improvements

2017-01-31 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/402 Title: #402: [master] wait_for_entry improvements Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#435][comment] py3: fix replica install regression

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/435 Title: #435: py3: fix replica install regression stlaz commented: """ Works for me. """ See the full comment at https://github.com/freeipa/freeipa/pull/435#issuecomment-277948678 -- Manage your subscription for

[Freeipa-devel] [freeipa PR#435][+ack] py3: fix replica install regression

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/435 Title: #435: py3: fix replica install regression Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#396][comment] Explicitly remove support of SSLv2

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Title: #396: Explicitly remove support of SSLv2 stlaz commented: """ Did not realize merging to Env from default constants was happening in the end of `_finalize_core()`, moved the checks in config.py accordingly. Also, for some

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#446][edited] Certdb passwd

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: Certdb passwd Action: edited Changed field: title Original value: """ Certdb passwd """ -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/

[Freeipa-devel] [freeipa PR#445][opened] Remove is_fips_enabled checks in installers and ipactl

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/445 Author: stlaz Title: #445: Remove is_fips_enabled checks in installers and ipactl Action: opened PR body: """ https://fedorahosted.org/freeipa/ticket/5695 """ To pull the PR as Git branch: git remote add ghfree

[Freeipa-devel] [freeipa PR#443][synchronized] Stronger check for DM password during server install

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Author: stlaz Title: #443: Stronger check for DM password during server install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/443/head:pr443 git checkout

[Freeipa-devel] [freeipa PR#446][edited] No NSS database passwords in ipa-client-install

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: edited Changed field: body Original value: """ With this patchset, ipa-client-install should not ask for NSS database password. Prer

[Freeipa-devel] [freeipa PR#451][comment] certdb: remove unused keysize property

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/451 Title: #451: certdb: remove unused keysize property stlaz commented: """ If you want to remove them, you may want to check for other properties as well (I see `valid_months` at least). """ See the full comment

[Freeipa-devel] [freeipa PR#450][opened] Add FIPS-token password of HTTPD NSS database

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: opened PR body: """ This change is required for httpd to function properly in FIPS https://fedorahosted.org/freeipa/ticket/5695 """

[Freeipa-devel] [freeipa PR#445][synchronized] Remove is_fips_enabled checks in installers and ipactl

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/445 Author: stlaz Title: #445: Remove is_fips_enabled checks in installers and ipactl Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/445/head:pr445 git

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-02 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ In the latest patchset, the "ipaCert" is removed from the "/etc/httpd/alias/" NSSDB and all the machinery around the certificate is moved accordingly.

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-07 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#437][comment] FIPS: replica install check

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/437 Title: #437: FIPS: replica install check stlaz commented: """ LGTM """ See the full comment at https://github.com/freeipa/freeipa/pull/437#issuecomment-278279899 -- Manage your subscription for the Fre

[Freeipa-devel] [freeipa PR#440][+ack] [Py3] fix various issues in tests related to BytesWarning

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/440 Title: #440: [Py3] fix various issues in tests related to BytesWarning Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#443][opened] Stronger check for DM password during server install

2017-02-08 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Author: stlaz Title: #443: Stronger check for DM password during server install Action: opened PR body: """ DM password is used as an NSS database password during server installation, therefore it must comply to NSS databa

[Freeipa-devel] [freeipa PR#416][comment] replica install: relax domain level check for promotion

2017-02-05 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/416 Title: #416: replica install: relax domain level check for promotion stlaz commented: """ @frasertweedale Alright. I am definitely not against having it separated since we came to the realization that replica install checks ca

[Freeipa-devel] [freeipa PR#416][comment] replica install: relax domain level check for promotion

2017-02-03 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/416 Title: #416: replica install: relax domain level check for promotion stlaz commented: """ The purpose of `check_domain_level()` was to have a unified means of checking whether the domain level in the rest of the dom

[Freeipa-devel] [freeipa PR#401][comment] [4.4] Wait until http principal entry is replicated to replica

2017-01-24 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/401 Title: #401: [4.4] Wait until http principal entry is replicated to replica stlaz commented: """ Seems to work in the problematic ca-less environment, ACK. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#401][+ack] [4.4] Wait until http principal entry is replicated to replica

2017-01-24 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/401 Title: #401: [4.4] Wait until http principal entry is replicated to replica Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#482][edited] Don't count service/host/user cert md5 fprints in FIPS

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Author: stlaz Title: #482: Don't count service/host/user cert md5 fprints in FIPS Action: edited Changed field: title Original value: """ Don't count service/host/user cert md5 fprints in FIPS """ -- Manage you

[Freeipa-devel] [freeipa PR#491][opened] Don't prepend option names with additional '--'

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/491 Author: stlaz Title: #491: Don't prepend option names with additional '--' Action: opened PR body: """ The options now have '--' prepended by their names already, don't add it. https://fedorahosted.org/freeipa/ticket/6392 Th

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ Rebased on current master. """ See the full comment at https://github.com/freeipa/freeipa/pull/367#issuecomment-281281981 -- Manage your subscription for

[Freeipa-devel] [freeipa PR#489][opened] Fix error in ca_cert_files validator

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/489 Author: stlaz Title: #489: Fix error in ca_cert_files validator Action: opened PR body: """ ClientInstall expects a single ca_cert_file as a string but the framework gives it a list. https://fedorahosted.org/freeipa/ticket/66

[Freeipa-devel] [freeipa PR#482][synchronized] Don't count service/host/user cert md5 fprints in FIPS

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Author: stlaz Title: #482: Don't count service/host/user cert md5 fprints in FIPS Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/482/head:pr482 git

[Freeipa-devel] [freeipa PR#482][comment] Remove MD5 certificate fingerprints

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Title: #482: Remove MD5 certificate fingerprints stlaz commented: """ @rcritten thanks for noticing the discrepancy in the previous version of the commit, it was a leftover from previous implementation. I reworked the commi

[Freeipa-devel] [freeipa PR#301][+ack] scripts, tests: explicitly set confdir in the rest of server code

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/301 Title: #301: scripts, tests: explicitly set confdir in the rest of server code Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#301][comment] scripts, tests: explicitly set confdir in the rest of server code

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/301 Title: #301: scripts, tests: explicitly set confdir in the rest of server code stlaz commented: """ This PR implements the stuff that was agreed on in later comments in https://github.com/freeipa/freeipa/pull/280 and act

[Freeipa-devel] [freeipa PR#495][opened] Fix ipa-server-upgrade

2017-02-22 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/495 Author: stlaz Title: #495: Fix ipa-server-upgrade Action: opened PR body: """ I was to eager to ACK https://github.com/freeipa/freeipa/pull/471. Running ipa-server-upgrade would fail to stop ipa_memcached if it's alre

[Freeipa-devel] [freeipa PR#471][comment] Fix some privilege separation regressions

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions stlaz commented: """ The raised issues seem to have been fixed. ACK. """ See the full comment at https://github.com/freeipa/freeipa/pull/471#issuecom

[Freeipa-devel] [freeipa PR#471][+ack] Fix some privilege separation regressions

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#484][comment] FIPS: Remove pkispawn cruft

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/484 Title: #484: FIPS: Remove pkispawn cruft stlaz commented: """ Always tend to forget about the upgrade part, will do, thanks  """ See the full comment at https://github.com/freeipa/freeipa/pull/484#issuecom

[Freeipa-devel] [freeipa PR#471][comment] Fix some privilege separation regressions

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions stlaz commented: """ Note that `KRA_AGENT_PEM` will not be moved to the correct folder if KRA is not installed but that's fine with me. `/bin/systemctl status ipa_memcached

[Freeipa-devel] [freeipa PR#484][comment] FIPS: Remove pkispawn cruft

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/484 Title: #484: FIPS: Remove pkispawn cruft stlaz commented: """ Hm, originally had this over the nsslib removal patchset but the rebase was not as successful as I thought, will fix the issues. """ See the full

[Freeipa-devel] [freeipa PR#482][opened] Don't count service/host/user cert md5 fprints in FIPS

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Author: stlaz Title: #482: Don't count service/host/user cert md5 fprints in FIPS Action: opened PR body: """ To be "backward compatible" we cannot remove `md5_fingerprint` so we at least supply the reason why it

[Freeipa-devel] [freeipa PR#482][edited] Don't count service/host/user cert md5 fprints in FIPS

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Author: stlaz Title: #482: Don't count service/host/user cert md5 fprints in FIPS Action: edited Changed field: body Original value: """ To be "backward compatible" we cannot remove `md5_fingerprint` so we at lea

[Freeipa-devel] [freeipa PR#484][opened] FIPS: Remove pkispawn cruft

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/484 Author: stlaz Title: #484: FIPS: Remove pkispawn cruft Action: opened PR body: """ `pkispawn` leaves some ugly files after its successful run. This patch: a) makes sure the files are removed (say no to `__del__` in `DogtagInstanc

[Freeipa-devel] [freeipa PR#484][comment] FIPS: Remove pkispawn cruft

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/484 Title: #484: FIPS: Remove pkispawn cruft stlaz commented: """ All should be fixed now. """ See the full comment at https://github.com/freeipa/freeipa/pull/484#issuecomment-281120295 -- Manage your subscription

[Freeipa-devel] [freeipa PR#484][synchronized] FIPS: Remove pkispawn cruft

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/484 Author: stlaz Title: #484: FIPS: Remove pkispawn cruft Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/484/head:pr484 git checkout pr484 From

[Freeipa-devel] [freeipa PR#482][comment] Don't count service/host/user cert md5 fprints in FIPS

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Title: #482: Don't count service/host/user cert md5 fprints in FIPS stlaz commented: """ I am fine with not providing `md5_fingerprint` at all but that would require the tests to be fixed as well and I am not sure h

[Freeipa-devel] [freeipa PR#504][comment] Add SHA256 fingerprints

2017-02-24 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/504 Title: #504: Add SHA256 fingerprints stlaz commented: """ As discussed about hundred times before, do not touch `install/share/copy-schema-to-ca.py`. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-24 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ The issues from the previous build should be resolved now, can be reviewed, hopefully the build passes. """ See the full comment at https://githu

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-23 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ Some more fixes for Travis to check. """ See the full comment at https://github.com/freeipa/freeipa/pull/367#issuecomment-281950085 -- Manage your subs

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-23 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ Hopefully all issues were addressed + `radb` removed. If the Travis check passes then this is ready for review again. """ See the full comment at https://g

[Freeipa-devel] [freeipa PR#482][comment] Remove MD5 certificate fingerprints

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/482 Title: #482: Remove MD5 certificate fingerprints stlaz commented: """ I don't have a problem adding it in this PR, it needs to be resolved according to the outcome of the freeipa-devel thread anyway. > On 21 Feb 2017, at 1

[Freeipa-devel] [freeipa PR#437][+ack] FIPS: replica install check

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/437 Title: #437: FIPS: replica install check Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#437][comment] FIPS: replica install check

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/437 Title: #437: FIPS: replica install check stlaz commented: """ 3 LGTM + tests passing seems like a good enough reason for ACK to me. """ See the full comment at https://github.com/freeipa/freeipa/pull/437#issuecom

[Freeipa-devel] [freeipa PR#453][comment] Cleanup certdb

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/453 Title: #453: Cleanup certdb stlaz commented: """ @tiran Thanks for reminding me. I was waiting for some of my fixes to get pushed as well, I will go through your PR first thing tomorrow. """ See the full comment

[Freeipa-devel] [freeipa PR#485][+ack] Fix session logout

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/485 Title: #485: Fix session logout Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#485][comment] Fix session logout

2017-02-21 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/485 Title: #485: Fix session logout stlaz commented: """ Works as expected. """ See the full comment at https://github.com/freeipa/freeipa/pull/485#issuecomment-281402720 -- Manage your subscription for the Fre

[Freeipa-devel] [freeipa PR#481][+ack] Minor typo fix in DNS install plugin

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/481 Title: #481: Minor typo fix in DNS install plugin Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#486][comment] Migrate OTP import script to python-cryptography

2017-02-20 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/486 Title: #486: Migrate OTP import script to python-cryptography stlaz commented: """ Thanks for the patch, less `nss` is always good. It seems that python-cryptography might have added the `backend` attribute to some constructors

[Freeipa-devel] [freeipa PR#495][synchronized] Fix ipa-server-upgrade

2017-02-22 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/495 Author: stlaz Title: #495: Fix ipa-server-upgrade Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/495/head:pr495 git checkout pr495 From

[Freeipa-devel] [freeipa PR#495][comment] Fix ipa-server-upgrade

2017-02-22 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/495 Title: #495: Fix ipa-server-upgrade stlaz commented: """ I see where this is going, added the ticket to the commit message. """ See the full comment at https://github.com/freeipa/freeipa/pull/495#issuecom

[Freeipa-devel] [freeipa PR#496][opened] Use newer Certificate.serial_number in krainstance.py

2017-02-22 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/496 Author: stlaz Title: #496: Use newer Certificate.serial_number in krainstance.py Action: opened PR body: """ This bit was missed in https://github.com/freeipa/freeipa/pull/458 """ To pull the PR as Git branch:

[Freeipa-devel] [freeipa PR#367][comment] Remove nsslib from IPA

2017-02-22 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Title: #367: Remove nsslib from IPA stlaz commented: """ First set of fixes to comments arrived, throwing it to Travis. """ See the full comment at https://github.com/freeipa/freeipa/pull/367#issuecomment-28171049

[Freeipa-devel] [freeipa PR#493][comment] Update Contributors.txt

2017-02-23 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/493 Title: #493: Update Contributors.txt stlaz commented: """ I don't give two poops and a popsicle about the order of names in the Contributors.txt file. ACK. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#493][+ack] Update Contributors.txt

2017-02-23 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/493 Title: #493: Update Contributors.txt Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#446][reopened] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: reopened To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#464][opened] :arrow_up: Bump required python-cryptography version

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/464 Author: stlaz Title: #464: :arrow_up: Bump required python-cryptography version Action: opened PR body: """ Since we started using `Certificate.serial_number` instead of `.serial` from python-cryptography (https://github.com/

[Freeipa-devel] [freeipa PR#464][edited] :arrow_up: Bump required python-cryptography version

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/464 Author: stlaz Title: #464: :arrow_up: Bump required python-cryptography version Action: edited Changed field: title Original value: """ :arrow_up: Bump required python-cryptography version """ -- Manage you

[Freeipa-devel] [freeipa PR#446][closed] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: closed To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#464][synchronized] Bump required python-cryptography version

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/464 Author: stlaz Title: #464: Bump required python-cryptography version Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/464/head:pr464 git checkout pr464 From

[Freeipa-devel] [freeipa PR#450][synchronized] Add FIPS-token password of HTTPD NSS database

2017-02-09 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/450/head:pr450 git checkout pr450

[Freeipa-devel] [freeipa PR#443][comment] Stronger check for DM password during server install

2017-02-09 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Title: #443: Stronger check for DM password during server install stlaz commented: """ @HonzaCholasta: +1, you're right, I should investigate more on how to change this behavior, either we or Dogtag don't behave correctly

[Freeipa-devel] [freeipa PR#446][comment] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Title: #446: No NSS database passwords in ipa-client-install stlaz commented: """ NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`. It's necessary to create a pwdfile.txt in system-wide cert store so tha

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#446][comment] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Title: #446: No NSS database passwords in ipa-client-install stlaz commented: """ NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`. It's necessary to create a pwdfile.txt in Dogtag cert store so that a

[Freeipa-devel] [freeipa PR#446][comment] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Title: #446: No NSS database passwords in ipa-client-install stlaz commented: """ NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`. It's necessary to create a pwdfile.txt in Dogtag cert store so that a

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#450][synchronized] Add FIPS-token password of HTTPD NSS database

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/450/head:pr450 git checkout pr450

[Freeipa-devel] [freeipa PR#450][synchronized] Add FIPS-token password of HTTPD NSS database

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/450/head:pr450 git checkout pr450

[Freeipa-devel] [freeipa PR#367][synchronized] Remove nsslib from IPA

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/367 Author: stlaz Title: #367: Remove nsslib from IPA Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/367/head:pr367 git checkout pr367 From

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#446][comment] No NSS database passwords in ipa-client-install

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Title: #446: No NSS database passwords in ipa-client-install stlaz commented: """ This patchset seems more like a cleanup after the privilege separation one, although adding a password to certutil calls is still the main topic

[Freeipa-devel] [freeipa PR#450][comment] Add FIPS-token password of HTTPD NSS database

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Title: #450: Add FIPS-token password of HTTPD NSS database stlaz commented: """ You shouldn't turn FIPS on post-install (is what I think you mean), correct. """ See the full comment at https://github.com/freeipa

[Freeipa-devel] [freeipa PR#397][comment] Improve wheel building and provide ipaserver wheel for local testing

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/397 Title: #397: Improve wheel building and provide ipaserver wheel for local testing stlaz commented: """ @pvoborni The remaining usages are server/CA certificates verification in `certdb.py` and and apparently some encryption/dec

[Freeipa-devel] [freeipa PR#397][comment] Improve wheel building and provide ipaserver wheel for local testing

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/397 Title: #397: Improve wheel building and provide ipaserver wheel for local testing stlaz commented: """ @pvoborni The remaining usages are server/CA certificates verification in `certdb.py` and and apparently some encryption/dec

[Freeipa-devel] [freeipa PR#446][edited] No NSS database passwords in ipa-client-install

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: edited Changed field: title Original value: """ No NSS database passwords in ipa-client-install """ -- Manage your subscription

[Freeipa-devel] [freeipa PR#396][synchronized] Explicitly remove support of SSLv2

2017-02-15 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/396 Author: stlaz Title: #396: Explicitly remove support of SSLv2 Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/396/head:pr396 git checkout pr396 From

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-14 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#450][synchronized] Add FIPS-token password of HTTPD NSS database

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/450/head:pr450 git checkout pr450

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-09 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#455][comment] Backup /root/kracert.p12

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/455 Title: #455: Backup /root/kracert.p12 stlaz commented: """ Works as expected, ACK. """ See the full comment at https://github.com/freeipa/freeipa/pull/455#issuecomment-278939314 -- Manage your subscription for

[Freeipa-devel] [freeipa PR#455][+ack] Backup /root/kracert.p12

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/455 Title: #455: Backup /root/kracert.p12 Label: +ack -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [freeipa PR#446][synchronized] No NSS database passwords in ipa-client-install

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: No NSS database passwords in ipa-client-install Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/446/head:pr446 git checkout pr446

[Freeipa-devel] [freeipa PR#450][synchronized] Add FIPS-token password of HTTPD NSS database

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Author: stlaz Title: #450: Add FIPS-token password of HTTPD NSS database Action: synchronized To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/450/head:pr450 git checkout pr450

[Freeipa-devel] [freeipa PR#450][comment] Add FIPS-token password of HTTPD NSS database

2017-02-10 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/450 Title: #450: Add FIPS-token password of HTTPD NSS database stlaz commented: """ That was my original approach to it but we had offline talk with @HonzaCholasta and got to the point that it might be better to do it this way. From m

[Freeipa-devel] [freeipa PR#471][comment] Fix some privilege separation regressions

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions stlaz commented: """ Upgrade still fails when run for the first time during `dnf update`: http://pastebin.com/H4kt6hVb When I run it by hand after this failure, it get

[Freeipa-devel] [freeipa PR#471][comment] Fix some privilege separation regressions

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/471 Title: #471: Fix some privilege separation regressions stlaz commented: """ Upgrade still fails when run for the first time during `dnf update`: http://pastebin.com/H4kt6hVb When I run it by hand after this failure, it get

[Freeipa-devel] [freeipa PR#443][+rejected] Stronger check for DM password during server install

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Title: #443: Stronger check for DM password during server install Label: +rejected -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa PR#443][comment] Stronger check for DM password during server install

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Title: #443: Stronger check for DM password during server install stlaz commented: """ Closing as REJECTED, this will be sorted out in another way. """ See the full comment at https://github.com/freeipa/freeipa/p

[Freeipa-devel] [freeipa PR#443][closed] Stronger check for DM password during server install

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/443 Author: stlaz Title: #443: Stronger check for DM password during server install Action: closed To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/443/head:pr443 git checkout pr443

[Freeipa-devel] [freeipa PR#446][edited] Add password file to certutil calls in ipapython.certdb module

2017-02-16 Thread stlaz
URL: https://github.com/freeipa/freeipa/pull/446 Author: stlaz Title: #446: Add password file to certutil calls in ipapython.certdb module Action: edited Changed field: body Original value: """ With this patchset, ipa-client-install should not ask for NSS database password

  1   2   3   4   5   6   7   >