subject:"\[Freeipa\-devel\] \[PATCH, 2.1\] 0021 Fedora 16 and systemd support"

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-24 Thread Martin Kosek

On Tue, 2011-10-18 at 15:29 +0200, Martin Kosek wrote:
> On Tue, 2011-10-18 at 15:48 +0300, Alexander Bokovoy wrote:
> > On Tue, 18 Oct 2011, Alexander Bokovoy wrote:
> > > > ipa.init was removed from the git, but it was never moved to
> > > > init/SystemV/.
> > > It should have been moved (rm+new file). I'll check what's happening 
> > > there, maybe Simo's patch omitted that one?
> > > 
> > > http://koji.fedoraproject.org/koji/taskinfo?taskID=3437275 is current 
> > > scratch build of 2.1 for F-16. It is 2.1.2+diff up to current ipa-2-1 
> > > git tree + systemd patch.
> > I did another rebase and current version of systemd support for 
> > ipa-2-1 is in systemd-ipa-2-1 branch of my tree:
> > http://fedorapeople.org/gitweb?p=abbra/public_git/freeipa.git;a=shortlog;h=refs/heads/systemd-ipa-2-1
> > 
> 
> Yep, ipa.init is now correctly moved and I was able to compile ipa on
> both F-15 and F-16. I still have few question/issues:
> 
> 1) When ipa is not configured, it is ok that ipa.service status returns
> error. However, I still got ipa.service status error after the ipa was
> configured:
> 
> # systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; disabled)
> Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 1min 50s ago
>   Main PID: 18499 (code=exited, status=6)
> CGroup: name=systemd:/system/ipa.service
> # /usr/sbin/ipactl status
> IPA is not configured (see man pages of ipa-server-install for help)
> 
> # ipa-server-install
> ...
> Applying LDAP updates
> Restarting IPA to initialize updates before performing deletes:
>   [1/2]: stopping directory server
>   [2/2]: starting directory server
> done configuring dirsrv.
> Restarting the directory server
> Restarting the KDC
> Restarting the web server
> Sample zone file for bind has been created in /tmp/sample.zone.teFbNR.db
> ==
> Setup complete
> 
> Next steps:
>   1. You must make sure these network ports are open:
>   TCP Ports:
> * 80, 443: HTTP/HTTPS
> * 389, 636: LDAP/LDAPS
> * 88, 464: kerberos
>   UDP Ports:
> * 88, 464: kerberos
> * 123: ntp
> 
>   2. You can now obtain a kerberos ticket using the command: 'kinit admin'
>  This ticket will allow you to use the IPA tools (e.g., ipa user-add)
>  and the web user interface.
> 
> Be sure to back up the CA certificate stored in /root/cacert.p12
> This file is required to create replicas. The password for this
> file is the Directory Manager password
> 
> # systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
> Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 6min ago
>   Main PID: 18499 (code=exited, status=6)
> CGroup: name=systemd:/system/ipa.service
> 
> 
> 
> 2) ipactl shows stopped dirsrv and CA service even though they should be
> up (cert-show command worked):
> 
> # ipactl status
> Directory Service: RUNNING
> KDC Service: RUNNING
> KPASSWD Service: STOPPED
> HTTP Service: RUNNING
> CA Service: STOPPED
> 
> When I restarted the ipa service, everything was OK including the status
> I mentioned in my previous mail:
> 
> # systemctl restart ipa.service
> # ipactl status
> Directory Service: RUNNING
> KDC Service: RUNNING
> KPASSWD Service: RUNNING
> HTTP Service: RUNNING
> CA Service: RUNNING
> 
> # systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
> Active: active (exited) since Tue, 18 Oct 2011 09:18:32 -0400; 2min 
> 41s ago
>Process: 20069 ExecStart=/usr/sbin/ipactl start (code=exited, 
> status=0/SUCCESS)
> CGroup: name=systemd:/system/ipa.service
> 
> 
> Martin
> 

Ok, final ACK :-) On Friday and today I did a final set of sanity tests
for both branches on F-15 and F-16. Minor issues found during the review
were fixed by Alexander and integrated to the patches.

There is just one pending issue I found - name server cannot talk to
dirsrv on F-16 due to changes in SElinux policy. It is being be tracked
here:

https://bugzilla.redhat.com/show_bug.cgi?id=748366

SELinux guys accepted the issue and it is being worked on.

Pushed to master, ipa-2-1. Good job!

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Alexander Bokovoy

On Tue, 18 Oct 2011, Martin Kosek wrote:
> 1) When ipa is not configured, it is ok that ipa.service status returns
> error. However, I still got ipa.service status error after the ipa was
> configured:
> 
> # systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; disabled)
> Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 1min 50s ago
>   Main PID: 18499 (code=exited, status=6)
> CGroup: name=systemd:/system/ipa.service
> # /usr/sbin/ipactl status
> IPA is not configured (see man pages of ipa-server-install for help)
> 
> # ipa-server-install
> ...
> Applying LDAP updates
> Restarting IPA to initialize updates before performing deletes:
>   [1/2]: stopping directory server
>   [2/2]: starting directory server
> done configuring dirsrv.
> Restarting the directory server
> Restarting the KDC
> Restarting the web server
> Sample zone file for bind has been created in /tmp/sample.zone.teFbNR.db
> ==
> Setup complete
> 
> Next steps:
>   1. You must make sure these network ports are open:
>   TCP Ports:
> * 80, 443: HTTP/HTTPS
> * 389, 636: LDAP/LDAPS
> * 88, 464: kerberos
>   UDP Ports:
> * 88, 464: kerberos
> * 123: ntp
> 
>   2. You can now obtain a kerberos ticket using the command: 'kinit admin'
>  This ticket will allow you to use the IPA tools (e.g., ipa user-add)
>  and the web user interface.
> 
> Be sure to back up the CA certificate stored in /root/cacert.p12
> This file is required to create replicas. The password for this
> file is the Directory Manager password
> 
> # systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
> Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 6min ago
>   Main PID: 18499 (code=exited, status=6)
> CGroup: name=systemd:/system/ipa.service
We were discussing with Simo yesterday that perhaps we need to do 
restart of ipa.service (on systemd platform only) explicitly after 
ipa-server-install.

Right now the last action we do is ipa.enable(), i.e. just enable 
ipa.service. As all services were started before during 
ipa-server-install, we deemed not needed to do any restart in System V 
case.

systemd, however, detects status based on its own tracking of events 
and there is no way to report status of the service other than 
systemd's internal state.

So we might do implicit restart of ipa.service at the end of install. 
That would be another 5-10 seconds delay depending on the hardware.

> 2) ipactl shows stopped dirsrv and CA service even though they should be
> up (cert-show command worked):
This might be related as well -- I've seen multiple times when 
ipa_kpasswd didn't start after ipa-server-install but works after 
restart.
-- 
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Martin Kosek

On Tue, 2011-10-18 at 15:48 +0300, Alexander Bokovoy wrote:
> On Tue, 18 Oct 2011, Alexander Bokovoy wrote:
> > > ipa.init was removed from the git, but it was never moved to
> > > init/SystemV/.
> > It should have been moved (rm+new file). I'll check what's happening 
> > there, maybe Simo's patch omitted that one?
> > 
> > http://koji.fedoraproject.org/koji/taskinfo?taskID=3437275 is current 
> > scratch build of 2.1 for F-16. It is 2.1.2+diff up to current ipa-2-1 
> > git tree + systemd patch.
> I did another rebase and current version of systemd support for 
> ipa-2-1 is in systemd-ipa-2-1 branch of my tree:
> http://fedorapeople.org/gitweb?p=abbra/public_git/freeipa.git;a=shortlog;h=refs/heads/systemd-ipa-2-1
> 

Yep, ipa.init is now correctly moved and I was able to compile ipa on
both F-15 and F-16. I still have few question/issues:

1) When ipa is not configured, it is ok that ipa.service status returns
error. However, I still got ipa.service status error after the ipa was
configured:

# systemctl status ipa.service
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; disabled)
  Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 1min 50s ago
Main PID: 18499 (code=exited, status=6)
  CGroup: name=systemd:/system/ipa.service
# /usr/sbin/ipactl status
IPA is not configured (see man pages of ipa-server-install for help)

# ipa-server-install
...
Applying LDAP updates
Restarting IPA to initialize updates before performing deletes:
  [1/2]: stopping directory server
  [2/2]: starting directory server
done configuring dirsrv.
Restarting the directory server
Restarting the KDC
Restarting the web server
Sample zone file for bind has been created in /tmp/sample.zone.teFbNR.db
==
Setup complete

Next steps:
1. You must make sure these network ports are open:
TCP Ports:
  * 80, 443: HTTP/HTTPS
  * 389, 636: LDAP/LDAPS
  * 88, 464: kerberos
UDP Ports:
  * 88, 464: kerberos
  * 123: ntp

2. You can now obtain a kerberos ticket using the command: 'kinit admin'
   This ticket will allow you to use the IPA tools (e.g., ipa user-add)
   and the web user interface.

Be sure to back up the CA certificate stored in /root/cacert.p12
This file is required to create replicas. The password for this
file is the Directory Manager password

# systemctl status ipa.service
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
  Active: failed since Tue, 18 Oct 2011 09:04:41 -0400; 6min ago
Main PID: 18499 (code=exited, status=6)
  CGroup: name=systemd:/system/ipa.service

2) ipactl shows stopped dirsrv and CA service even though they should be
up (cert-show command worked):

# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: STOPPED
HTTP Service: RUNNING
CA Service: STOPPED

When I restarted the ipa service, everything was OK including the status
I mentioned in my previous mail:

# systemctl restart ipa.service
# ipactl status
Directory Service: RUNNING
KDC Service: RUNNING
KPASSWD Service: RUNNING
HTTP Service: RUNNING
CA Service: RUNNING

# systemctl status ipa.service
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
  Active: active (exited) since Tue, 18 Oct 2011 09:18:32 -0400; 2min 
41s ago
 Process: 20069 ExecStart=/usr/sbin/ipactl start (code=exited, 
status=0/SUCCESS)
  CGroup: name=systemd:/system/ipa.service

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Simo Sorce

On Tue, 2011-10-18 at 14:27 +0300, Alexander Bokovoy wrote:
> On Tue, 18 Oct 2011, Martin Kosek wrote:

> > ipa.init was removed from the git, but it was never moved to
> > init/SystemV/.
> It should have been moved (rm+new file). I'll check what's happening 
> there, maybe Simo's patch omitted that one?

Can certainly be my mistake during the rebase. Patches didn't apply
cleanly so I had to add all new files manually again to the patch. Maybe
I missed ipa.init as it was moved ...

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Alexander Bokovoy

On Tue, 18 Oct 2011, Alexander Bokovoy wrote:
> > ipa.init was removed from the git, but it was never moved to
> > init/SystemV/.
> It should have been moved (rm+new file). I'll check what's happening 
> there, maybe Simo's patch omitted that one?
> 
> http://koji.fedoraproject.org/koji/taskinfo?taskID=3437275 is current 
> scratch build of 2.1 for F-16. It is 2.1.2+diff up to current ipa-2-1 
> git tree + systemd patch.
I did another rebase and current version of systemd support for 
ipa-2-1 is in systemd-ipa-2-1 branch of my tree:
http://fedorapeople.org/gitweb?p=abbra/public_git/freeipa.git;a=shortlog;h=refs/heads/systemd-ipa-2-1

-- 
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Alexander Bokovoy

On Tue, 18 Oct 2011, Martin Kosek wrote:
> I tested our most recent master with simo's rebased patch and your patch
> 0004-Spin-for-connection-success-also-when-socket-is-not-.patch. It
> looks very good, I hit just few issues:
> 
> 1) ipa service reports inactive (dead) status even though LDAP server is
> running:
> 
> systemctl status ipa.service
> ipa.service - Identity, Policy, Audit
> Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
> Active: inactive (dead) since Mon, 17 Oct 2011 10:21:30 -0400; 15s ago
>Process: 25194 ExecStop=/usr/sbin/ipactl stop (code=exited, 
> status=0/SUCCESS)
>Process: 25173 ExecStart=/usr/sbin/ipactl start (code=exited, 
> status=0/SUCCESS)
> CGroup: name=systemd:/system/ipa.service
> 
> Maybe we should return "active" status when dirsrv is running?
We can't. This is systemd's status which we can't influence. And you 
have stopped the service so it is properly showing it as 'inactive'.

I still need to investigate such cases as in correct situation it should be:
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
  Active: active (exited) since Mon, 17 Oct 2011 07:03:17 -0400; 24h ago
 Process: 956 ExecStart=/usr/sbin/ipactl start (code=exited, 
status=0/SUCCESS)
  CGroup: name=systemd:/system/ipa.service

Note that you have ExecStop for process 25194 (which is newer than 
25173) -- which means you have stopped ipa.service yourself.

It should have stopped dirsrv.target, though. Here is how it looks if 
I issue 'systemctl stop ipa.service':
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
  Active: inactive (dead) since Tue, 18 Oct 2011 07:24:30 -0400; 1s ago
 Process: 11004 ExecStop=/usr/sbin/ipactl stop (code=exited, 
status=0/SUCCESS)
 Process: 956 ExecStart=/usr/sbin/ipactl start (code=exited, 
status=0/SUCCESS)
  CGroup: name=systemd:/system/ipa.service

And for dirsrv.target after that:
# systemctl status dirsrv.target
dirsrv.target - 389 Directory Server
  Loaded: loaded (/lib/systemd/system/dirsrv.target; disabled)
  Active: inactive (dead)


> 2) I wasn't able to build IPA on F-15 after the patches were applied:
> $ make rpms
> ...
> + install -m755
> init/SystemV/ipa.init 
> /home/mkosek/freeipa/rpmbuild/BUILDROOT/freeipa-2.99.0GITb607c5c-0.fc15.x86_64/etc/rc.d/init.d/ipa
> install: cannot stat `init/SystemV/ipa.init': No such file or directory
> error: Bad exit status from /var/tmp/rpm-tmp.nwbRUX (%install)
> 
> ipa.init was removed from the git, but it was never moved to
> init/SystemV/.
It should have been moved (rm+new file). I'll check what's happening 
there, maybe Simo's patch omitted that one?

http://koji.fedoraproject.org/koji/taskinfo?taskID=3437275 is current 
scratch build of 2.1 for F-16. It is 2.1.2+diff up to current ipa-2-1 
git tree + systemd patch.
-- 
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-18 Thread Martin Kosek

On Mon, 2011-10-17 at 14:21 +0300, Alexander Bokovoy wrote:
> On Fri, 14 Oct 2011, Simo Sorce wrote:
> > > > Attached a rebased patch with the modifications needed to apply it on
> > > > master.
> > > > 
> > > > Everything seem to work on master but I haven't tested ipa-2-1 so this
> > > > is a partial ACK of the original patch as well.
> > > 
> > > A bit of bad news, I restarted the machine and I am having issue
> > > properly restarting services.
> > > This patch is still better than nothing as otherwise nothing works at
> > > all on f16, but we need to work out why starting services is unreliable.
> > 
> > Ok found the issue and it is a bug in the conversion to systemd.
> > I opened ticket #1990 for this.
> > 
> > Attached find a rebased patch that fixes enough of the bug to let the
> > server work (they keytab part), but it doesn't address the ulimit part.
> KRB5_KTNAME was missing but LimitNOFile is available -- it is now 
> modified in dirsrv@.service file directly. The code in 
> ipapython/platform/fedora16.py goes to a great length to enable that 
> by copying file to /etc/systemd/system, modifying the config, and 
> relinking all dirsrv instances to it. That's how systemd is organized.
> 
> Now, I think I found actual issue preventing proper restarts. 
> wait_for_socket() only considered 'connection refused' as valid error 
> when unable to connect and waiting up until timeout is gone. 
> Unfortunately, directory services start a bit slower than we had hoped 
> and by the time we attempt to connect to local AF_UNIX socket, there 
> is no actual socket on file system yet so we get:
> 
> Oct 17 06:48:36 vm-114 ipactl[954]: Failed to read data from Directory 
> Service: Unknown error when retrieving list of services from LDAP: 
> [Errno 2] No such file or directory
> Oct 17 06:48:36 vm-114 ipactl[954]: Shutting down
> Oct 17 06:48:36 vm-114 ipactl[954]: Starting Directory Service
> 
> After applying attached patch I now have fully working FreeIPA 2.1 git 
> on Fedora 16.
> 

Hi Alexander,

I tested our most recent master with simo's rebased patch and your patch
0004-Spin-for-connection-success-also-when-socket-is-not-.patch. It
looks very good, I hit just few issues:

1) ipa service reports inactive (dead) status even though LDAP server is
running:

systemctl status ipa.service
ipa.service - Identity, Policy, Audit
  Loaded: loaded (/lib/systemd/system/ipa.service; enabled)
  Active: inactive (dead) since Mon, 17 Oct 2011 10:21:30 -0400; 15s ago
 Process: 25194 ExecStop=/usr/sbin/ipactl stop (code=exited, 
status=0/SUCCESS)
 Process: 25173 ExecStart=/usr/sbin/ipactl start (code=exited, 
status=0/SUCCESS)
  CGroup: name=systemd:/system/ipa.service

Maybe we should return "active" status when dirsrv is running?

2) I wasn't able to build IPA on F-15 after the patches were applied:
$ make rpms
...
+ install -m755
init/SystemV/ipa.init 
/home/mkosek/freeipa/rpmbuild/BUILDROOT/freeipa-2.99.0GITb607c5c-0.fc15.x86_64/etc/rc.d/init.d/ipa
install: cannot stat `init/SystemV/ipa.init': No such file or directory
error: Bad exit status from /var/tmp/rpm-tmp.nwbRUX (%install)

ipa.init was removed from the git, but it was never moved to
init/SystemV/.

Martin

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-17 Thread Simo Sorce

On Mon, 2011-10-17 at 14:21 +0300, Alexander Bokovoy wrote:
> On Fri, 14 Oct 2011, Simo Sorce wrote:
> > > > Attached a rebased patch with the modifications needed to apply it on
> > > > master.
> > > > 
> > > > Everything seem to work on master but I haven't tested ipa-2-1 so this
> > > > is a partial ACK of the original patch as well.
> > > 
> > > A bit of bad news, I restarted the machine and I am having issue
> > > properly restarting services.
> > > This patch is still better than nothing as otherwise nothing works at
> > > all on f16, but we need to work out why starting services is unreliable.
> > 
> > Ok found the issue and it is a bug in the conversion to systemd.
> > I opened ticket #1990 for this.
> > 
> > Attached find a rebased patch that fixes enough of the bug to let the
> > server work (they keytab part), but it doesn't address the ulimit part.
> KRB5_KTNAME was missing but LimitNOFile is available -- it is now 
> modified in dirsrv@.service file directly. The code in 
> ipapython/platform/fedora16.py goes to a great length to enable that 
> by copying file to /etc/systemd/system, modifying the config, and 
> relinking all dirsrv instances to it. That's how systemd is organized.
> 
> Now, I think I found actual issue preventing proper restarts. 
> wait_for_socket() only considered 'connection refused' as valid error 
> when unable to connect and waiting up until timeout is gone. 
> Unfortunately, directory services start a bit slower than we had hoped 
> and by the time we attempt to connect to local AF_UNIX socket, there 
> is no actual socket on file system yet so we get:
> 
> Oct 17 06:48:36 vm-114 ipactl[954]: Failed to read data from Directory 
> Service: Unknown error when retrieving list of services from LDAP: 
> [Errno 2] No such file or directory
> Oct 17 06:48:36 vm-114 ipactl[954]: Shutting down
> Oct 17 06:48:36 vm-114 ipactl[954]: Starting Directory Service
> 
> After applying attached patch I now have fully working FreeIPA 2.1 git 
> on Fedora 16.

ACk,
fixes my startup issue as well.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-17 Thread Alexander Bokovoy

On Fri, 14 Oct 2011, Simo Sorce wrote:
> > > Attached a rebased patch with the modifications needed to apply it on
> > > master.
> > > 
> > > Everything seem to work on master but I haven't tested ipa-2-1 so this
> > > is a partial ACK of the original patch as well.
> > 
> > A bit of bad news, I restarted the machine and I am having issue
> > properly restarting services.
> > This patch is still better than nothing as otherwise nothing works at
> > all on f16, but we need to work out why starting services is unreliable.
> 
> Ok found the issue and it is a bug in the conversion to systemd.
> I opened ticket #1990 for this.
> 
> Attached find a rebased patch that fixes enough of the bug to let the
> server work (they keytab part), but it doesn't address the ulimit part.
KRB5_KTNAME was missing but LimitNOFile is available -- it is now 
modified in dirsrv@.service file directly. The code in 
ipapython/platform/fedora16.py goes to a great length to enable that 
by copying file to /etc/systemd/system, modifying the config, and 
relinking all dirsrv instances to it. That's how systemd is organized.

Now, I think I found actual issue preventing proper restarts. 
wait_for_socket() only considered 'connection refused' as valid error 
when unable to connect and waiting up until timeout is gone. 
Unfortunately, directory services start a bit slower than we had hoped 
and by the time we attempt to connect to local AF_UNIX socket, there 
is no actual socket on file system yet so we get:

Oct 17 06:48:36 vm-114 ipactl[954]: Failed to read data from Directory 
Service: Unknown error when retrieving list of services from LDAP: 
[Errno 2] No such file or directory
Oct 17 06:48:36 vm-114 ipactl[954]: Shutting down
Oct 17 06:48:36 vm-114 ipactl[954]: Starting Directory Service

After applying attached patch I now have fully working FreeIPA 2.1 git 
on Fedora 16.

-- 
/ Alexander Bokovoy
>From cb5583ad8023d87fdbf863cd65032d0f11108bc0 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy 
Date: Mon, 17 Oct 2011 14:17:07 +0300
Subject: [PATCH 4/4] Spin for connection success also when socket is not
 (yet) available

We were spinning for socket connection if attempt to connect returned errno 111
(connection refused). However, it is not enough for local AF_UNIX sockets as
heavy applications might not be able to start yet and therefore the whole path
might be missing. So spin for errno 2 (no such file or directory) as well.

Partial fix for
  https://fedorahosted.org/freeipa/ticket/1990
---
 ipaserver/install/installutils.py |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/ipaserver/install/installutils.py 
b/ipaserver/install/installutils.py
index 
5cfc8f0376e25d9eb25206d54ac5bbea47aca9b2..0a36c354e1d2f901bfdef51c151d035ba8ee64ca
 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -507,7 +507,7 @@ def wait_for_open_socket(socket_name, timeout=0):
 s.close()
 break;
 except socket.error, e:
-if e.errno == 111:  # 111: Connection refused
+if e.errno in (2,111):  # 111: Connection refused, 2: File not 
found
 if timeout and time.time() > op_timeout: # timeout exceeded
 raise e
 time.sleep(1)
-- 
1.7.6.4

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-14 Thread Simo Sorce

On Fri, 2011-10-14 at 16:14 -0400, Simo Sorce wrote:
> On Fri, 2011-10-14 at 13:56 -0400, Simo Sorce wrote:
> > On Mon, 2011-10-10 at 17:07 +0300, Alexander Bokovoy wrote:
> > > On Mon, 10 Oct 2011, Alexander Bokovoy wrote:
> > > > rebased, updated package dependencies, and verified against 
> > > > Fedora 16+updates-testing.
> > > > 
> > > > This patch is for ipa-2-1 branch. I need to do few cosmetic changes in 
> > > > freeipa.spec.in to accomodate it to 3.0 (master branch) as ipa_kpasswd 
> > > > is gone there.
> > > Forgot to add that altogether this patch fixes:
> > > 
> > > https://fedorahosted.org/freeipa/ticket/1192 -- support systemd
> > > https://fedorahosted.org/freeipa/ticket/1651 -- update F16 dependencies
> > > https://fedorahosted.org/freeipa/ticket/1871 -- not setting HOSTNAME if 
> > > it was missing from the configuration file
> > > 
> > > The latter one is integrated within the systemd patch because the same 
> > > function is re-used for editing systemd service files and 
> > > /etc/sysconfig/krb5kdc and it simply makes little sense to separate 
> > > them as without editing systemd services for dirsrv, one cannot start 
> > > dirsrv with number of file descriptors required by IPA defaults, and 
> > > krb5kdc configuration should be written properly before krb5kdc is 
> > > started as its systemd service unit uses parameters from the 
> > > configuration file.
> > 
> > Attached a rebased patch with the modifications needed to apply it on
> > master.
> > 
> > Everything seem to work on master but I haven't tested ipa-2-1 so this
> > is a partial ACK of the original patch as well.
> 
> A bit of bad news, I restarted the machine and I am having issue
> properly restarting services.
> This patch is still better than nothing as otherwise nothing works at
> all on f16, but we need to work out why starting services is unreliable.

Ok found the issue and it is a bug in the conversion to systemd.
I opened ticket #1990 for this.

Attached find a rebased patch that fixes enough of the bug to let the
server work (they keytab part), but it doesn't address the ulimit part.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York
>From 60258f377a702c4fbf022dacc10e3d463be35618 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy 
Date: Mon, 10 Oct 2011 15:25:15 +0300
Subject: [PATCH] Add support for systemd environments and use it to support
 Fedora 16

https://fedorahosted.org/freeipa/ticket/1192
---
 Makefile |2 +-
 freeipa.spec.in  |   75 ++-
 init/systemd/ipa.service |   14 +++
 install/tools/ipactl |   12 ++-
 ipa.init |   40 
 ipapython/config.py  |2 +-
 ipapython/platform/base.py   |   14 ++--
 ipapython/platform/fedora16.py   |  113 +
 ipapython/platform/redhat.py |   12 +-
 ipapython/platform/systemd.py|  204 ++
 ipaserver/install/cainstance.py  |4 +-
 ipaserver/install/dsinstance.py  |6 +-
 ipaserver/install/krbinstance.py |2 +-
 13 files changed, 437 insertions(+), 63 deletions(-)
 create mode 100644 init/systemd/ipa.service
 delete mode 100755 ipa.init
 create mode 100644 ipapython/platform/fedora16.py
 create mode 100644 ipapython/platform/systemd.py

diff --git a/Makefile b/Makefile
index 585c6fe1181e44906c05a67a317d66eb4eee445a..a024dea32d00ebedc47f4262f79defc2790aeebd 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ PRJ_PREFIX=freeipa
 RPMBUILD ?= $(PWD)/rpmbuild
 TARGET ?= master
 
-SUPPORTED_PLATFORM=redhat
+SUPPORTED_PLATFORM ?= redhat
 
 # After updating the version in VERSION you should run the version-update
 # target.
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 95f09d11a98c846b5f71b7892dbd779b85e8207b..c306c2bbce22784093fcdc2624ac713099863270 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -24,10 +24,17 @@ Source0:freeipa-%{version}.tar.gz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %if ! %{ONLY_CLIENT}
+%if 0%{?fedora} >= 16
+BuildRequires: 389-ds-base-devel >= 1.2.10
+%else
 BuildRequires:  389-ds-base-devel >= 1.2.9
+%endif
 BuildRequires:  svrcore-devel
 BuildRequires:  /usr/share/selinux/devel/Makefile
 BuildRequires:  policycoreutils >= %{POLICYCOREUTILSVER}
+%if 0%{?fedora} >= 16
+BuildRequires:  systemd-units 
+%endif
 %endif
 BuildRequires:  nspr-devel
 BuildRequires:  nss-devel
@@ -89,7 +96,11 @@ Requires(pre): 389-ds-base >= 1.2.10-0.4.a4
 Requires: openldap-clients
 Requires: nss
 Requires: nss-tools
+%if 0%{?fedora} >= 16
+Requires: krb5-server >= 1.9.1-15
+%else
 Requires: krb5-server
+%endif
 Requires: krb5-server-ldap
 Requires: krb5-pkinit-openssl
 Requires: cyrus-sasl-gssapi%{?_isa}
@@ -102,6 +113,11 @@ Requires: python-ldap
 Requires: python-krbV
 Requires: acl
 Requires: python-pyasn1 >= 0.0.9a
+%if 0%{?fedora} >= 16
+Requires: systemd-units >= 36-3
+Requires(pre): systemd-units
+Requires(post): systemd-uni

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-14 Thread Simo Sorce

On Fri, 2011-10-14 at 13:56 -0400, Simo Sorce wrote:
> On Mon, 2011-10-10 at 17:07 +0300, Alexander Bokovoy wrote:
> > On Mon, 10 Oct 2011, Alexander Bokovoy wrote:
> > > rebased, updated package dependencies, and verified against 
> > > Fedora 16+updates-testing.
> > > 
> > > This patch is for ipa-2-1 branch. I need to do few cosmetic changes in 
> > > freeipa.spec.in to accomodate it to 3.0 (master branch) as ipa_kpasswd 
> > > is gone there.
> > Forgot to add that altogether this patch fixes:
> > 
> > https://fedorahosted.org/freeipa/ticket/1192 -- support systemd
> > https://fedorahosted.org/freeipa/ticket/1651 -- update F16 dependencies
> > https://fedorahosted.org/freeipa/ticket/1871 -- not setting HOSTNAME if it 
> > was missing from the configuration file
> > 
> > The latter one is integrated within the systemd patch because the same 
> > function is re-used for editing systemd service files and 
> > /etc/sysconfig/krb5kdc and it simply makes little sense to separate 
> > them as without editing systemd services for dirsrv, one cannot start 
> > dirsrv with number of file descriptors required by IPA defaults, and 
> > krb5kdc configuration should be written properly before krb5kdc is 
> > started as its systemd service unit uses parameters from the 
> > configuration file.
> 
> Attached a rebased patch with the modifications needed to apply it on
> master.
> 
> Everything seem to work on master but I haven't tested ipa-2-1 so this
> is a partial ACK of the original patch as well.

A bit of bad news, I restarted the machine and I am having issue
properly restarting services.
This patch is still better than nothing as otherwise nothing works at
all on f16, but we need to work out why starting services is unreliable.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-14 Thread Simo Sorce

On Mon, 2011-10-10 at 17:07 +0300, Alexander Bokovoy wrote:
> On Mon, 10 Oct 2011, Alexander Bokovoy wrote:
> > rebased, updated package dependencies, and verified against 
> > Fedora 16+updates-testing.
> > 
> > This patch is for ipa-2-1 branch. I need to do few cosmetic changes in 
> > freeipa.spec.in to accomodate it to 3.0 (master branch) as ipa_kpasswd 
> > is gone there.
> Forgot to add that altogether this patch fixes:
> 
> https://fedorahosted.org/freeipa/ticket/1192 -- support systemd
> https://fedorahosted.org/freeipa/ticket/1651 -- update F16 dependencies
> https://fedorahosted.org/freeipa/ticket/1871 -- not setting HOSTNAME if it 
> was missing from the configuration file
> 
> The latter one is integrated within the systemd patch because the same 
> function is re-used for editing systemd service files and 
> /etc/sysconfig/krb5kdc and it simply makes little sense to separate 
> them as without editing systemd services for dirsrv, one cannot start 
> dirsrv with number of file descriptors required by IPA defaults, and 
> krb5kdc configuration should be written properly before krb5kdc is 
> started as its systemd service unit uses parameters from the 
> configuration file.

Attached a rebased patch with the modifications needed to apply it on
master.

Everything seem to work on master but I haven't tested ipa-2-1 so this
is a partial ACK of the original patch as well.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York
>From 59bc35c496b4a6444e168d68da2a7c8c1508dc2a Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy 
Date: Mon, 10 Oct 2011 15:25:15 +0300
Subject: [PATCH] Add support for systemd environments and use it to support
 Fedora 16

https://fedorahosted.org/freeipa/ticket/1192
---
 Makefile|2 +-
 freeipa.spec.in |   75 ++-
 init/systemd/ipa.service|   14 +++
 install/tools/ipactl|   12 ++-
 ipa.init|   40 
 ipapython/config.py |2 +-
 ipapython/platform/base.py  |   14 ++--
 ipapython/platform/fedora16.py  |  113 +
 ipapython/platform/redhat.py|   12 +-
 ipapython/platform/systemd.py   |  204 +++
 ipaserver/install/cainstance.py |4 +-
 ipaserver/install/dsinstance.py |6 +-
 12 files changed, 436 insertions(+), 62 deletions(-)
 create mode 100644 init/systemd/ipa.service
 delete mode 100755 ipa.init
 create mode 100644 ipapython/platform/fedora16.py
 create mode 100644 ipapython/platform/systemd.py

diff --git a/Makefile b/Makefile
index 585c6fe1181e44906c05a67a317d66eb4eee445a..a024dea32d00ebedc47f4262f79defc2790aeebd 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ PRJ_PREFIX=freeipa
 RPMBUILD ?= $(PWD)/rpmbuild
 TARGET ?= master
 
-SUPPORTED_PLATFORM=redhat
+SUPPORTED_PLATFORM ?= redhat
 
 # After updating the version in VERSION you should run the version-update
 # target.
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 95f09d11a98c846b5f71b7892dbd779b85e8207b..c306c2bbce22784093fcdc2624ac713099863270 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -24,10 +24,17 @@ Source0:freeipa-%{version}.tar.gz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %if ! %{ONLY_CLIENT}
+%if 0%{?fedora} >= 16
+BuildRequires: 389-ds-base-devel >= 1.2.10
+%else
 BuildRequires:  389-ds-base-devel >= 1.2.9
+%endif
 BuildRequires:  svrcore-devel
 BuildRequires:  /usr/share/selinux/devel/Makefile
 BuildRequires:  policycoreutils >= %{POLICYCOREUTILSVER}
+%if 0%{?fedora} >= 16
+BuildRequires:  systemd-units 
+%endif
 %endif
 BuildRequires:  nspr-devel
 BuildRequires:  nss-devel
@@ -89,7 +96,11 @@ Requires(pre): 389-ds-base >= 1.2.10-0.4.a4
 Requires: openldap-clients
 Requires: nss
 Requires: nss-tools
+%if 0%{?fedora} >= 16
+Requires: krb5-server >= 1.9.1-15
+%else
 Requires: krb5-server
+%endif
 Requires: krb5-server-ldap
 Requires: krb5-pkinit-openssl
 Requires: cyrus-sasl-gssapi%{?_isa}
@@ -102,6 +113,11 @@ Requires: python-ldap
 Requires: python-krbV
 Requires: acl
 Requires: python-pyasn1 >= 0.0.9a
+%if 0%{?fedora} >= 16
+Requires: systemd-units >= 36-3
+Requires(pre): systemd-units
+Requires(post): systemd-units
+%endif
 %if 0%{?fedora} >= 15
 Requires: selinux-policy >= 3.9.16-18
 %else
@@ -109,6 +125,12 @@ Requires: selinux-policy >= 3.9.7-27
 %endif
 Requires(post): selinux-policy-base
 Requires: slapi-nis >= 0.21
+%if 0%{?fedora} >= 16
+Requires: pki-ca >= 9.0.15
+Requires: pki-silent >= 9.0.15
+# Only tomcat6 greater than this version provides proper systemd support
+Requires: tomcat6 >= 6.0.32-17
+%else
 %if 0%{?fedora} >= 15
 Requires: pki-ca >= 9.0.15
 Requires: pki-silent >= 9.0.15
@@ -117,13 +139,19 @@ Requires: pki-setup  >= 9.0.15
 Requires: pki-ca >= 9.0.5
 Requires: pki-silent >= 9.0.5
 %endif
+%endif
 Requires: dogtag-pki-common-theme
 Requires: dogtag-pki-ca-theme
 %if 0%{?rhel}
 Requires: subscription-manager
 %endif
+%if 0%{?fedora} >= 16
+Requir

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-10 Thread Alexander Bokovoy

On Mon, 10 Oct 2011, Alexander Bokovoy wrote:
> rebased, updated package dependencies, and verified against 
> Fedora 16+updates-testing.
> 
> This patch is for ipa-2-1 branch. I need to do few cosmetic changes in 
> freeipa.spec.in to accomodate it to 3.0 (master branch) as ipa_kpasswd 
> is gone there.
Forgot to add that altogether this patch fixes:

https://fedorahosted.org/freeipa/ticket/1192 -- support systemd
https://fedorahosted.org/freeipa/ticket/1651 -- update F16 dependencies
https://fedorahosted.org/freeipa/ticket/1871 -- not setting HOSTNAME if it was 
missing from the configuration file

The latter one is integrated within the systemd patch because the same 
function is re-used for editing systemd service files and 
/etc/sysconfig/krb5kdc and it simply makes little sense to separate 
them as without editing systemd services for dirsrv, one cannot start 
dirsrv with number of file descriptors required by IPA defaults, and 
krb5kdc configuration should be written properly before krb5kdc is 
started as its systemd service unit uses parameters from the 
configuration file.
-- 
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

2011-10-10 Thread Alexander Bokovoy

Hi,

rebased, updated package dependencies, and verified against 
Fedora 16+updates-testing.

This patch is for ipa-2-1 branch. I need to do few cosmetic changes in 
freeipa.spec.in to accomodate it to 3.0 (master branch) as ipa_kpasswd 
is gone there.

-- 
/ Alexander Bokovoy
>From f71e9d5f59de43293b4162c933502fd80e5d3aa3 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy 
Date: Mon, 10 Oct 2011 15:25:15 +0300
Subject: [PATCH] Add support for systemd environments and use it to support
 Fedora 16

https://fedorahosted.org/freeipa/ticket/1192
---
 Makefile  |2 +-
 freeipa.spec.in   |   77 ++-
 ipa.init => init/SystemV/ipa.init |0
 init/systemd/ipa.service  |   14 +++
 init/systemd/ipa_kpasswd.service  |   10 ++
 install/tools/ipactl  |   12 ++-
 ipapython/config.py   |2 +-
 ipapython/ipautil.py  |   90 
 ipapython/platform/base.py|   14 ++--
 ipapython/platform/fedora16.py|  113 
 ipapython/platform/redhat.py  |   61 ++-
 ipapython/platform/systemd.py |  204 +
 ipaserver/install/cainstance.py   |4 +-
 ipaserver/install/dsinstance.py   |6 +-
 ipaserver/install/krbinstance.py  |   30 ++
 15 files changed, 552 insertions(+), 87 deletions(-)
 rename ipa.init => init/SystemV/ipa.init (100%)
 create mode 100644 init/systemd/ipa.service
 create mode 100644 init/systemd/ipa_kpasswd.service
 create mode 100644 ipapython/platform/fedora16.py
 create mode 100644 ipapython/platform/systemd.py

diff --git a/Makefile b/Makefile
index 
9d8802587f9fa1130271d3824667d83b637ac9ee..3cd08e2e9dd6b65ae9ad82af08cc68979048b6cd
 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@ PRJ_PREFIX=freeipa
 RPMBUILD ?= $(PWD)/rpmbuild
 TARGET ?= master
 
-SUPPORTED_PLATFORM=redhat
+SUPPORTED_PLATFORM ?= redhat
 
 # After updating the version in VERSION you should run the version-update
 # target.
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 
ed88e445aeb1783ea2011dc6ad62b5e3bf05db8e..927ec1cd839b1a2b2947f28ce754e98c2600b70d
 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -24,10 +24,17 @@ Source0:freeipa-%{version}.tar.gz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %if ! %{ONLY_CLIENT}
+%if 0%{?fedora} >= 16
+BuildRequires: 389-ds-base-devel >= 1.2.10
+%else
 BuildRequires:  389-ds-base-devel >= 1.2.9
+%endif
 BuildRequires:  svrcore-devel
 BuildRequires:  /usr/share/selinux/devel/Makefile
 BuildRequires:  policycoreutils >= %{POLICYCOREUTILSVER}
+%if 0%{?fedora} >= 16
+BuildRequires:  systemd-units 
+%endif
 %endif
 BuildRequires:  nspr-devel
 BuildRequires:  nss-devel
@@ -85,11 +92,19 @@ Requires: %{name}-python = %{version}-%{release}
 Requires: %{name}-client = %{version}-%{release}
 Requires: %{name}-admintools = %{version}-%{release}
 Requires: %{name}-server-selinux = %{version}-%{release}
+%if 0%{?fedora} >= 16
+Requires(pre): 389-ds-base >= 1.2.10-0.1.a1
+%else
 Requires(pre): 389-ds-base >= 1.2.9.7-1
+%endif
 Requires: openldap-clients
 Requires: nss
 Requires: nss-tools
+%if 0%{?fedora} >= 16
+Requires: krb5-server >= 1.9.1-15
+%else
 Requires: krb5-server
+%endif
 Requires: krb5-server-ldap
 Requires: krb5-pkinit-openssl
 Requires: cyrus-sasl-gssapi%{?_isa}
@@ -102,6 +117,11 @@ Requires: python-ldap
 Requires: python-krbV
 Requires: acl
 Requires: python-pyasn1 >= 0.0.9a
+%if 0%{?fedora} >= 16
+Requires: systemd-units >= 36-3
+Requires(pre): systemd-units
+Requires(post): systemd-units
+%endif
 %if 0%{?fedora} >= 15
 Requires: selinux-policy >= 3.9.16-18
 %else
@@ -109,6 +129,12 @@ Requires: selinux-policy >= 3.9.7-27
 %endif
 Requires(post): selinux-policy-base
 Requires: slapi-nis >= 0.21
+%if 0%{?fedora} >= 16
+Requires: pki-ca >= 9.0.15
+Requires: pki-silent >= 9.0.15
+# Only tomcat6 greater than this version provides proper systemd support
+Requires: tomcat6 >= 6.0.32-17
+%else
 %if 0%{?fedora} >= 15
 Requires: pki-ca >= 9.0.15
 Requires: pki-silent >= 9.0.15
@@ -117,13 +143,19 @@ Requires: pki-setup  >= 9.0.15
 Requires: pki-ca >= 9.0.5
 Requires: pki-silent >= 9.0.5
 %endif
+%endif
 Requires: dogtag-pki-common-theme
 Requires: dogtag-pki-ca-theme
 %if 0%{?rhel}
 Requires: subscription-manager
 %endif
+%if 0%{?fedora} >= 16
+Requires(preun): python systemd-units
+Requires(postun): python systemd-units
+%else
 Requires(preun):  python initscripts chkconfig
 Requires(postun): python initscripts chkconfig
+%endif
 
 # We have a soft-requires on bind. It is an optional part of
 # IPA but if it is configured we need a way to require versions
@@ -252,6 +284,9 @@ package.
 %build
 export CFLAGS="$CFLAGS %{optflags}"
 export CPPFLAGS="$CPPFLAGS %{optflags}"
+%if 0%{?fedora} >= 16
+export SUPPORTED_PLATFORM=fedora16
+%endif
 make version-update
 cd ipa-client; ../autogen.sh --prefix=%{_usr} --sysconfdir=%{_sysconfdir} 
--localstatedir=%{_localstatedir} --lib

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

Re: [Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

[Freeipa-devel] [PATCH, 2.1] 0021 Fedora 16 and systemd support

14 matches

Site Navigation

Mail list logo

Footer information