On 5/12/21 4:06 PM, Ian Pilcher wrote:
I am getting an odd error when trying to issue a certificate with an IP
address in its SAN. I am using IPA 4.6.8 on RHEL 7.9, so it's a bit
old, but it should work, AFAIK.
This was a user error. I had the wrong object type for the IP address
in the SAN
I am getting an odd error when trying to issue a certificate with an IP
address in its SAN. I am using IPA 4.6.8 on RHEL 7.9, so it's a bit
old, but it should work, AFAIK.
Here is the host for which I want to issue the certificate:
$ ipa host-show node01-idrac.pemlab.rdu2.redhat.com
Host
On 12-05-2021 19:44, Thierry Bordaz wrote:
On 5/12/21 4:55 PM, Kees Bakker wrote:
Hi Thierry,
Just to be clear, changelogmaxage was changed to -1 by me after the
upgrade and I've
confirmed it is now set to -1.
The reason for me to change the value was because of the deadlock.
Apparently, it
On 5/12/21 4:55 PM, Kees Bakker wrote:
Hi Thierry,
Just to be clear, changelogmaxage was changed to -1 by me after the
upgrade and I've
confirmed it is now set to -1.
The reason for me to change the value was because of the deadlock.
Apparently, it did not make much of a difference. It
Am Wed, May 12, 2021 at 02:18:07PM - schrieb pxg51214 r via FreeIPA-users:
> - thank you very much. I will provide your feedback to our devops team.
> - to answer your question: we have a legacy AD to FreeIPA (identity
> synchronization tool) which runs automatically on daily basis and uses
>
Hi Thierry,
Just to be clear, changelogmaxage was changed to -1 by me after the upgrade and
I've
confirmed it is now set to -1.
The reason for me to change the value was because of the deadlock.
Apparently, it did not make much of a difference. It still gets into a deadlock
with the value -1.
- thank you very much. I will provide your feedback to our devops team.
- to answer your question: we have a legacy AD to FreeIPA (identity
synchronization tool) which runs automatically on daily basis and uses a keytab
file for authN. the developer of the tool is no longer with the company and
Hi Kees,
Is changelogmaxage=-1 after the upgrade ?
would you send a full pstack when it hangs ? If pthread_rwlock_wrlock is
trim_changelog then you may hit another flavor of [1] (without known
reason).
regards
thierry
On 5/12/21 2:40 PM, Kees Bakker wrote:
Sorry to revive an old thread.
Sorry to revive an old thread. I'm getting deadlocks again. See below
On 20-04-2020 15:16, thierry bordaz wrote:
[...]This is a known bug [1].
With the same bug there are two deadlock scenario but only one is fixed (for
example in slapi-nis-0.56.4-1 [2]).
A fix for the second one is under
Using freeipa from RHEL8.1, I try to create sudo rules (from the
GUI).
* "foo" and "bar" are ipa users
* "ext" is a local user present on all machines
The rule
allow user "foo" to run "/bin/bash" on any host as user "bar"
works fine, i.e. I can log in as "foo" and run
# su - foo
$
> Am Wed, May 12, 2021 at 06:46:29AM - schrieb iulian roman via
> FreeIPA-users:
>
> Hi,
>
> did you use the IPA 'unix_users' group as primary group for those users
> and given the GID of 'unix_users' in the id-overrides for the users? Or
> did you you a different group as primary group?
>
Am Wed, May 12, 2021 at 06:46:29AM - schrieb iulian roman via FreeIPA-users:
> > Am Tue, May 11, 2021 at 03:09:54PM - schrieb iulian roman via
> > FreeIPA-users:
> >
> > Hi,
> >
> > can you give some more details about the group, where it comes from IPA
> > or AD, and the GID, it is the
Hi,
this is a known selinux-policy issue, tracked at
https://bugzilla.redhat.com/show_bug.cgi?id=1894132
flo
On Mon, May 10, 2021 at 9:42 PM Harry G. Coin via FreeIPA-users <
freeipa-users@lists.fedorahosted.org> wrote:
>
> On 5/10/21 10:58 AM, Harry Coin via FreeIPA-users wrote:
> > In a
> Am Tue, May 11, 2021 at 03:09:54PM - schrieb iulian roman via
> FreeIPA-users:
>
> Hi,
>
> can you give some more details about the group, where it comes from IPA
> or AD, and the GID, it is the original GID of the group or coming from
> an id-override as well?
>
Hi,
There is trust
14 matches
Mail list logo
