subject:"\[Freeipa\-devel\] \[PATCH 0061\] Remove 50\-lockout\-policy.update file"

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

2015-10-30 Thread Alexander Bokovoy


On Thu, 29 Oct 2015, Gabe Alford wrote:

Hello,

Fix for https://fedorahosted.org/freeipa/ticket/5418

ACK but can you please add something like this in the commit message:


Remove lockout policy update file because all currently supported
FreeIPA versions already have krbPwdMaxFailure defaulting to 6 and
krbPwdLockoutDuration defaulting to 600.

Keeping lockout policy update file prevents from creating a more strict
policy in environments where it is subject to regulatory compliance.




Thanks,

Gabe



From 7a9086162717bc414a1d65ea71a2d65729f6fa7e Mon Sep 17 00:00:00 2001
From: Gabe 
Date: Thu, 29 Oct 2015 20:30:35 -0600
Subject: [PATCH] Remove 50-lockout-policy.update file

https://fedorahosted.org/freeipa/ticket/5418
---
install/updates/50-lockout-policy.update | 4 
install/updates/Makefile.am  | 1 -
2 files changed, 5 deletions(-)
delete mode 100644 install/updates/50-lockout-policy.update

diff --git a/install/updates/50-lockout-policy.update 
b/install/updates/50-lockout-policy.update
deleted file mode 100644
index 
a5730709e2b649466118502ece1cc530c10e0b40..
--- a/install/updates/50-lockout-policy.update
+++ /dev/null
@@ -1,4 +0,0 @@
-dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
-replace:krbPwdLockoutDuration:10::600
-replace: krbPwdMaxFailure:3::6
-
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index 
26e4c04ed66a4a2061a3bb3ca2f4a6cd84502598..04ddeb96de4e88d5909f13b13885d3207184e798
 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -39,7 +39,6 @@ app_DATA =\
45-roles.update \
50-7_bit_check.update   \
50-dogtag10-migration.update\
-   50-lockout-policy.update\
50-groupuuid.update \
50-hbacservice.update   \
50-krbenctypes.update   \
--
2.4.3




--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code



--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

2015-10-30 Thread Alexander Bokovoy


On Fri, 30 Oct 2015, Gabe Alford wrote:

From 24bcde6042d90322883350b5fd97aa41f2e4d77d Mon Sep 17 00:00:00 2001
From: Gabe 
Date: Fri, 30 Oct 2015 06:27:11 -0600
Subject: [PATCH] Remove 50-lockout-policy.update file

Remove lockout policy update file because all currently supported versions
have krbPwdMaxFailure defaulting to 6 and krbPwdLockoutDuration defaulting to 
600.

Keeping lockout policy update file prevents from creating a more scrict policy 
in
environments subject to regulatory compliance

https://fedorahosted.org/freeipa/ticket/5418
---
install/updates/50-lockout-policy.update | 4 
install/updates/Makefile.am  | 1 -
2 files changed, 5 deletions(-)
delete mode 100644 install/updates/50-lockout-policy.update


ACK

--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

2015-10-30 Thread Gabe Alford

Can do Alexander. Here is the updated patch.


Gabe

On Fri, Oct 30, 2015 at 12:56 AM, Alexander Bokovoy 
wrote:

> On Thu, 29 Oct 2015, Gabe Alford wrote:
>
>> Hello,
>>
>> Fix for https://fedorahosted.org/freeipa/ticket/5418
>>
> ACK but can you please add something like this in the commit message:
>
> 
> Remove lockout policy update file because all currently supported
> FreeIPA versions already have krbPwdMaxFailure defaulting to 6 and
> krbPwdLockoutDuration defaulting to 600.
>
> Keeping lockout policy update file prevents from creating a more strict
> policy in environments where it is subject to regulatory compliance.
> 
>
>
>> Thanks,
>>
>> Gabe
>>
>
> From 7a9086162717bc414a1d65ea71a2d65729f6fa7e Mon Sep 17 00:00:00 2001
>> From: Gabe 
>> Date: Thu, 29 Oct 2015 20:30:35 -0600
>> Subject: [PATCH] Remove 50-lockout-policy.update file
>>
>> https://fedorahosted.org/freeipa/ticket/5418
>> ---
>> install/updates/50-lockout-policy.update | 4 
>> install/updates/Makefile.am  | 1 -
>> 2 files changed, 5 deletions(-)
>> delete mode 100644 install/updates/50-lockout-policy.update
>>
>> diff --git a/install/updates/50-lockout-policy.update
>> b/install/updates/50-lockout-policy.update
>> deleted file mode 100644
>> index
>> a5730709e2b649466118502ece1cc530c10e0b40..
>> --- a/install/updates/50-lockout-policy.update
>> +++ /dev/null
>> @@ -1,4 +0,0 @@
>> -dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
>> -replace:krbPwdLockoutDuration:10::600
>> -replace: krbPwdMaxFailure:3::6
>> -
>> diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
>> index
>> 26e4c04ed66a4a2061a3bb3ca2f4a6cd84502598..04ddeb96de4e88d5909f13b13885d3207184e798
>> 100644
>> --- a/install/updates/Makefile.am
>> +++ b/install/updates/Makefile.am
>> @@ -39,7 +39,6 @@ app_DATA =\
>> 45-roles.update \
>> 50-7_bit_check.update   \
>> 50-dogtag10-migration.update\
>> -   50-lockout-policy.update\
>> 50-groupuuid.update \
>> 50-hbacservice.update   \
>> 50-krbenctypes.update   \
>> --
>> 2.4.3
>>
>>
> --
>> Manage your subscription for the Freeipa-devel mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>> Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
>>
>
>
> --
> / Alexander Bokovoy
>
From 24bcde6042d90322883350b5fd97aa41f2e4d77d Mon Sep 17 00:00:00 2001
From: Gabe 
Date: Fri, 30 Oct 2015 06:27:11 -0600
Subject: [PATCH] Remove 50-lockout-policy.update file

Remove lockout policy update file because all currently supported versions
have krbPwdMaxFailure defaulting to 6 and krbPwdLockoutDuration defaulting to 600.

Keeping lockout policy update file prevents from creating a more scrict policy in
environments subject to regulatory compliance

https://fedorahosted.org/freeipa/ticket/5418
---
 install/updates/50-lockout-policy.update | 4 
 install/updates/Makefile.am  | 1 -
 2 files changed, 5 deletions(-)
 delete mode 100644 install/updates/50-lockout-policy.update

diff --git a/install/updates/50-lockout-policy.update b/install/updates/50-lockout-policy.update
deleted file mode 100644
index a5730709e2b649466118502ece1cc530c10e0b40..
--- a/install/updates/50-lockout-policy.update
+++ /dev/null
@@ -1,4 +0,0 @@
-dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
-replace:krbPwdLockoutDuration:10::600
-replace: krbPwdMaxFailure:3::6
-
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index 26e4c04ed66a4a2061a3bb3ca2f4a6cd84502598..04ddeb96de4e88d5909f13b13885d3207184e798 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -39,7 +39,6 @@ app_DATA =\
 	45-roles.update			\
 	50-7_bit_check.update	\
 	50-dogtag10-migration.update	\
-	50-lockout-policy.update	\
 	50-groupuuid.update		\
 	50-hbacservice.update		\
 	50-krbenctypes.update		\
-- 
1.8.3.1

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

[Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

2015-10-29 Thread Gabe Alford

Hello,

Fix for https://fedorahosted.org/freeipa/ticket/5418

Thanks,

Gabe
From 7a9086162717bc414a1d65ea71a2d65729f6fa7e Mon Sep 17 00:00:00 2001
From: Gabe 
Date: Thu, 29 Oct 2015 20:30:35 -0600
Subject: [PATCH] Remove 50-lockout-policy.update file

https://fedorahosted.org/freeipa/ticket/5418
---
 install/updates/50-lockout-policy.update | 4 
 install/updates/Makefile.am  | 1 -
 2 files changed, 5 deletions(-)
 delete mode 100644 install/updates/50-lockout-policy.update

diff --git a/install/updates/50-lockout-policy.update b/install/updates/50-lockout-policy.update
deleted file mode 100644
index a5730709e2b649466118502ece1cc530c10e0b40..
--- a/install/updates/50-lockout-policy.update
+++ /dev/null
@@ -1,4 +0,0 @@
-dn: cn=global_policy,cn=$REALM,cn=kerberos,$SUFFIX
-replace:krbPwdLockoutDuration:10::600
-replace: krbPwdMaxFailure:3::6
-
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index 26e4c04ed66a4a2061a3bb3ca2f4a6cd84502598..04ddeb96de4e88d5909f13b13885d3207184e798 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -39,7 +39,6 @@ app_DATA =\
 	45-roles.update			\
 	50-7_bit_check.update	\
 	50-dogtag10-migration.update	\
-	50-lockout-policy.update	\
 	50-groupuuid.update		\
 	50-hbacservice.update		\
 	50-krbenctypes.update		\
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

Re: [Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

[Freeipa-devel] [PATCH 0061] Remove 50-lockout-policy.update file

4 matches

Site Navigation

Mail list logo

Footer information