URL: https://github.com/freeipa/freeipa/pull/367
Author: stlaz
Title: #367: Remove nsslib from IPA
Action: edited
Changed field: body
Original value:
"""
This batch of patches removes NSSConnection along with the whole
ipapython.nsslib from IPA and replaces it wit
URL: https://github.com/freeipa/freeipa/pull/367
Author: stlaz
Title: #367: Remove nsslib from IPA
Action: edited
Changed field: body
Original value:
"""
This batch of patches removes NSSConnection along with the whole
ipapython.nsslib from IPA and replaces it wit
URL: https://github.com/freeipa/freeipa/pull/402
Title: #402: [master] wait_for_entry improvements
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/435
Title: #435: py3: fix replica install regression
stlaz commented:
"""
Works for me.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/435#issuecomment-277948678
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/435
Title: #435: py3: fix replica install regression
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/396
Title: #396: Explicitly remove support of SSLv2
stlaz commented:
"""
Did not realize merging to Env from default constants was happening in the end
of `_finalize_core()`, moved the checks in config.py accordingly.
Also, for some
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: Certdb passwd
Action: edited
Changed field: title
Original value:
"""
Certdb passwd
"""
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/
URL: https://github.com/freeipa/freeipa/pull/445
Author: stlaz
Title: #445: Remove is_fips_enabled checks in installers and ipactl
Action: opened
PR body:
"""
https://fedorahosted.org/freeipa/ticket/5695
"""
To pull the PR as Git branch:
git remote add ghfree
URL: https://github.com/freeipa/freeipa/pull/443
Author: stlaz
Title: #443: Stronger check for DM password during server install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/443/head:pr443
git checkout
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: edited
Changed field: body
Original value:
"""
With this patchset, ipa-client-install should not ask for NSS database password.
Prer
URL: https://github.com/freeipa/freeipa/pull/451
Title: #451: certdb: remove unused keysize property
stlaz commented:
"""
If you want to remove them, you may want to check for other properties as well
(I see `valid_months` at least).
"""
See the full comment
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: opened
PR body:
"""
This change is required for httpd to function properly in FIPS
https://fedorahosted.org/freeipa/ticket/5695
"""
URL: https://github.com/freeipa/freeipa/pull/445
Author: stlaz
Title: #445: Remove is_fips_enabled checks in installers and ipactl
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/445/head:pr445
git
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
In the latest patchset, the "ipaCert" is removed from the "/etc/httpd/alias/"
NSSDB and all the machinery around the certificate is moved accordingly.
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/437
Title: #437: FIPS: replica install check
stlaz commented:
"""
LGTM
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/437#issuecomment-278279899
--
Manage your subscription for the Fre
URL: https://github.com/freeipa/freeipa/pull/440
Title: #440: [Py3] fix various issues in tests related to BytesWarning
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/443
Author: stlaz
Title: #443: Stronger check for DM password during server install
Action: opened
PR body:
"""
DM password is used as an NSS database password during server installation,
therefore it must comply to NSS databa
URL: https://github.com/freeipa/freeipa/pull/416
Title: #416: replica install: relax domain level check for promotion
stlaz commented:
"""
@frasertweedale Alright. I am definitely not against having it separated since
we came to the realization that replica install checks ca
URL: https://github.com/freeipa/freeipa/pull/416
Title: #416: replica install: relax domain level check for promotion
stlaz commented:
"""
The purpose of `check_domain_level()` was to have a unified means of checking
whether the domain level in the rest of the dom
URL: https://github.com/freeipa/freeipa/pull/401
Title: #401: [4.4] Wait until http principal entry is replicated to replica
stlaz commented:
"""
Seems to work in the problematic ca-less environment, ACK.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/401
Title: #401: [4.4] Wait until http principal entry is replicated to replica
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/482
Author: stlaz
Title: #482: Don't count service/host/user cert md5 fprints in FIPS
Action: edited
Changed field: title
Original value:
"""
Don't count service/host/user cert md5 fprints in FIPS
"""
--
Manage you
URL: https://github.com/freeipa/freeipa/pull/491
Author: stlaz
Title: #491: Don't prepend option names with additional '--'
Action: opened
PR body:
"""
The options now have '--' prepended by their names already, don't
add it.
https://fedorahosted.org/freeipa/ticket/6392
Th
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
Rebased on current master.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/367#issuecomment-281281981
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/489
Author: stlaz
Title: #489: Fix error in ca_cert_files validator
Action: opened
PR body:
"""
ClientInstall expects a single ca_cert_file as a string but the
framework gives it a list.
https://fedorahosted.org/freeipa/ticket/66
URL: https://github.com/freeipa/freeipa/pull/482
Author: stlaz
Title: #482: Don't count service/host/user cert md5 fprints in FIPS
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/482/head:pr482
git
URL: https://github.com/freeipa/freeipa/pull/482
Title: #482: Remove MD5 certificate fingerprints
stlaz commented:
"""
@rcritten thanks for noticing the discrepancy in the previous version of the
commit, it was a leftover from previous implementation.
I reworked the commi
URL: https://github.com/freeipa/freeipa/pull/301
Title: #301: scripts, tests: explicitly set confdir in the rest of server code
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/495
Author: stlaz
Title: #495: Fix ipa-server-upgrade
Action: opened
PR body:
"""
I was to eager to ACK https://github.com/freeipa/freeipa/pull/471.
Running ipa-server-upgrade would fail to stop ipa_memcached if
it's alre
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
The raised issues seem to have been fixed. ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/471#issuecom
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/484
Title: #484: FIPS: Remove pkispawn cruft
stlaz commented:
"""
Always tend to forget about the upgrade part, will do, thanks
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/484#issuecom
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
Note that `KRA_AGENT_PEM` will not be moved to the correct folder if KRA is not
installed but that's fine with me.
`/bin/systemctl status ipa_memcached
URL: https://github.com/freeipa/freeipa/pull/484
Title: #484: FIPS: Remove pkispawn cruft
stlaz commented:
"""
Hm, originally had this over the nsslib removal patchset but the rebase was not
as successful as I thought, will fix the issues.
"""
See the full
URL: https://github.com/freeipa/freeipa/pull/482
Author: stlaz
Title: #482: Don't count service/host/user cert md5 fprints in FIPS
Action: opened
PR body:
"""
To be "backward compatible" we cannot remove `md5_fingerprint` so we at least
supply the reason why it
URL: https://github.com/freeipa/freeipa/pull/482
Author: stlaz
Title: #482: Don't count service/host/user cert md5 fprints in FIPS
Action: edited
Changed field: body
Original value:
"""
To be "backward compatible" we cannot remove `md5_fingerprint` so we at lea
URL: https://github.com/freeipa/freeipa/pull/484
Author: stlaz
Title: #484: FIPS: Remove pkispawn cruft
Action: opened
PR body:
"""
`pkispawn` leaves some ugly files after its successful run. This patch:
a) makes sure the files are removed (say no to `__del__` in `DogtagInstanc
URL: https://github.com/freeipa/freeipa/pull/484
Title: #484: FIPS: Remove pkispawn cruft
stlaz commented:
"""
All should be fixed now.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/484#issuecomment-281120295
--
Manage your subscription
URL: https://github.com/freeipa/freeipa/pull/504
Title: #504: Add SHA256 fingerprints
stlaz commented:
"""
As discussed about hundred times before, do not touch
`install/share/copy-schema-to-ca.py`.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
The issues from the previous build should be resolved now, can be reviewed,
hopefully the build passes.
"""
See the full comment at
https://githu
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
Some more fixes for Travis to check.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/367#issuecomment-281950085
--
Manage your subs
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
Hopefully all issues were addressed + `radb` removed. If the Travis check
passes then this is ready for review again.
"""
See the full comment at
https://g
URL: https://github.com/freeipa/freeipa/pull/482
Title: #482: Remove MD5 certificate fingerprints
stlaz commented:
"""
I don't have a problem adding it in this PR, it needs to be resolved according
to the outcome of the freeipa-devel thread anyway.
> On 21 Feb 2017, at 1
URL: https://github.com/freeipa/freeipa/pull/437
Title: #437: FIPS: replica install check
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/437
Title: #437: FIPS: replica install check
stlaz commented:
"""
3 LGTM + tests passing seems like a good enough reason for ACK to me.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/437#issuecom
URL: https://github.com/freeipa/freeipa/pull/453
Title: #453: Cleanup certdb
stlaz commented:
"""
@tiran Thanks for reminding me. I was waiting for some of my fixes to get
pushed as well, I will go through your PR first thing tomorrow.
"""
See the full comment
URL: https://github.com/freeipa/freeipa/pull/485
Title: #485: Fix session logout
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/485
Title: #485: Fix session logout
stlaz commented:
"""
Works as expected.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/485#issuecomment-281402720
--
Manage your subscription for the Fre
URL: https://github.com/freeipa/freeipa/pull/481
Title: #481: Minor typo fix in DNS install plugin
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/486
Title: #486: Migrate OTP import script to python-cryptography
stlaz commented:
"""
Thanks for the patch, less `nss` is always good. It seems that
python-cryptography might have added the `backend` attribute to some
constructors
URL: https://github.com/freeipa/freeipa/pull/495
Author: stlaz
Title: #495: Fix ipa-server-upgrade
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/495/head:pr495
git checkout pr495
From
URL: https://github.com/freeipa/freeipa/pull/495
Title: #495: Fix ipa-server-upgrade
stlaz commented:
"""
I see where this is going, added the ticket to the commit message.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/495#issuecom
URL: https://github.com/freeipa/freeipa/pull/496
Author: stlaz
Title: #496: Use newer Certificate.serial_number in krainstance.py
Action: opened
PR body:
"""
This bit was missed in https://github.com/freeipa/freeipa/pull/458
"""
To pull the PR as Git branch:
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
First set of fixes to comments arrived, throwing it to Travis.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/367#issuecomment-28171049
URL: https://github.com/freeipa/freeipa/pull/493
Title: #493: Update Contributors.txt
stlaz commented:
"""
I don't give two poops and a popsicle about the order of names in the
Contributors.txt file. ACK.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/493
Title: #493: Update Contributors.txt
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: reopened
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/464
Author: stlaz
Title: #464: :arrow_up: Bump required python-cryptography version
Action: opened
PR body:
"""
Since we started using `Certificate.serial_number` instead of `.serial` from
python-cryptography
(https://github.com/
URL: https://github.com/freeipa/freeipa/pull/464
Author: stlaz
Title: #464: :arrow_up: Bump required python-cryptography version
Action: edited
Changed field: title
Original value:
"""
:arrow_up: Bump required python-cryptography version
"""
--
Manage you
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/464
Author: stlaz
Title: #464: Bump required python-cryptography version
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/464/head:pr464
git checkout pr464
From
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/450/head:pr450
git checkout pr450
URL: https://github.com/freeipa/freeipa/pull/443
Title: #443: Stronger check for DM password during server install
stlaz commented:
"""
@HonzaCholasta: +1, you're right, I should investigate more on how to change
this behavior, either we or Dogtag don't behave correctly
URL: https://github.com/freeipa/freeipa/pull/446
Title: #446: No NSS database passwords in ipa-client-install
stlaz commented:
"""
NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`.
It's necessary to create a pwdfile.txt in system-wide cert store so tha
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/446
Title: #446: No NSS database passwords in ipa-client-install
stlaz commented:
"""
NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`.
It's necessary to create a pwdfile.txt in Dogtag cert store so that a
URL: https://github.com/freeipa/freeipa/pull/446
Title: #446: No NSS database passwords in ipa-client-install
stlaz commented:
"""
NSSDatabase now defaults its `.password_file` to `.sec_dir + 'passwd.txt'`.
It's necessary to create a pwdfile.txt in Dogtag cert store so that a
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/450/head:pr450
git checkout pr450
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/450/head:pr450
git checkout pr450
URL: https://github.com/freeipa/freeipa/pull/367
Author: stlaz
Title: #367: Remove nsslib from IPA
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/367/head:pr367
git checkout pr367
From
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/446
Title: #446: No NSS database passwords in ipa-client-install
stlaz commented:
"""
This patchset seems more like a cleanup after the privilege separation one,
although adding a password to certutil calls is still the main topic
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
stlaz commented:
"""
You shouldn't turn FIPS on post-install (is what I think you mean), correct.
"""
See the full comment at
https://github.com/freeipa
URL: https://github.com/freeipa/freeipa/pull/397
Title: #397: Improve wheel building and provide ipaserver wheel for local
testing
stlaz commented:
"""
@pvoborni The remaining usages are server/CA certificates verification in
`certdb.py` and and apparently some encryption/dec
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: edited
Changed field: title
Original value:
"""
No NSS database passwords in ipa-client-install
"""
--
Manage your subscription
URL: https://github.com/freeipa/freeipa/pull/396
Author: stlaz
Title: #396: Explicitly remove support of SSLv2
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/396/head:pr396
git checkout pr396
From
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/450/head:pr450
git checkout pr450
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/455
Title: #455: Backup /root/kracert.p12
stlaz commented:
"""
Works as expected, ACK.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/455#issuecomment-278939314
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/455
Title: #455: Backup /root/kracert.p12
Label: +ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: No NSS database passwords in ipa-client-install
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/446/head:pr446
git checkout pr446
URL: https://github.com/freeipa/freeipa/pull/450
Author: stlaz
Title: #450: Add FIPS-token password of HTTPD NSS database
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/450/head:pr450
git checkout pr450
URL: https://github.com/freeipa/freeipa/pull/450
Title: #450: Add FIPS-token password of HTTPD NSS database
stlaz commented:
"""
That was my original approach to it but we had offline talk with @HonzaCholasta
and got to the point that it might be better to do it this way.
From m
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
Upgrade still fails when run for the first time during `dnf update`:
http://pastebin.com/H4kt6hVb
When I run it by hand after this failure, it get
URL: https://github.com/freeipa/freeipa/pull/443
Title: #443: Stronger check for DM password during server install
Label: +rejected
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
URL: https://github.com/freeipa/freeipa/pull/443
Title: #443: Stronger check for DM password during server install
stlaz commented:
"""
Closing as REJECTED, this will be sorted out in another way.
"""
See the full comment at
https://github.com/freeipa/freeipa/p
URL: https://github.com/freeipa/freeipa/pull/443
Author: stlaz
Title: #443: Stronger check for DM password during server install
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/443/head:pr443
git checkout pr443
URL: https://github.com/freeipa/freeipa/pull/446
Author: stlaz
Title: #446: Add password file to certutil calls in ipapython.certdb module
Action: edited
Changed field: body
Original value:
"""
With this patchset, ipa-client-install should not ask for NSS database password
URL: https://github.com/freeipa/freeipa/pull/367
Title: #367: Remove nsslib from IPA
stlaz commented:
"""
In the last update I renamed the proposed config option `ca_certfile` to
`cacert_store` and made a requirement for it to be absolute path. This was done
with possible
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
stlaz commented:
"""
Is there a ticket for the xfail scenario?
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/465#issuecomment-28027582
URL: https://github.com/freeipa/freeipa/pull/471
Title: #471: Fix some privilege separation regressions
stlaz commented:
"""
LGTM
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/471#issuecomment-280305500
--
Manage your subscription for
URL: https://github.com/freeipa/freeipa/pull/465
Title: #465: Tests: search for disabled users
stlaz commented:
"""
Does that mean that `user-find` no longer works?
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/465#issuecomment-28037478
URL: https://github.com/freeipa/freeipa/pull/464
Title: #464: Bump required python-cryptography version
Label: -ack
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA:
1 - 100 of 664 matches
Mail list logo