On Mon, 22 Feb 2016, Prashant Bapat wrote:
Sorry not an option. I have couple of 1000s of instances. Aside from
switching OS is there any other option? I mean "*" char is allowed in
standard sudo implementation. To me it seems like there should not be a
host name check on sudo hosts.
On Mon, Feb 22, 2016 at 03:09:51PM +0100, Harald Dunkel wrote:
> Hi folks,
>
> this morning I recognized that the sssd on our mail server
> went away (which is fatal). journalctl -u sssd sssd says
>
> :
> Feb 21 18:01:55 srvvm01.example.com sssd[199]: Killing service [example.com],
> not
I create another rule via web UI and it's fine now...don't remember
why the first one was duplicated.
Is it safe to delete these entries directly from LDAP ? :
ipaUniqueID=faac52c8-d96d-11e5-b61d-00505693334c,cn=sudorules,cn=sudo,dc=xxx,dc=xxx
and
Hi folks,
this morning I recognized that the sssd on our mail server
went away (which is fatal). journalctl -u sssd sssd says
:
Feb 21 18:01:55 srvvm01.example.com sssd[199]: Killing service [example.com],
not responding to pings!
Feb 21 18:01:55 srvvm01.example.com sssd[199]: Killing service
On 02/22/16 01:16, Martin Babinsky wrote:
On 02/19/2016 03:12 PM, Daryl Fonseca-Holt wrote:
Hello,
Doing a bulk load of 150,000+ users to an IPA 4.2.0 server running
RedHat Enterprise Linux 7.
Running 25 parallel ipa user-add at once, waiting for completion, then
starting another 25, and so
On 02/20/2016 05:58 PM, Ian Pilcher wrote:
> I am running IPA 3.0.0 on CentOS 6 (32-bit x86), and I am getting a
> traceback every time pki-cad starts:
>
> Traceback (most recent call last):
> File "/usr/sbin/pki-server", line 89, in
> cli.execute(sys.argv)
> File "/usr/sbin/pki-server",
Hi all,
Following
http://www.freeipa.org/page/Troubleshooting#DNSSEC_signing_does_not_work
was most usefull, It turned out the package
"freeipa-server-dns"was missing. Strange, I am running DNS,
but...:
I upgraded form Fedora
Hello,
I've just deployed a new IPA server 4.2 / Centos 7.2 and I create my
first sudo rule via web UI but it was duplicate (I don't know why...)
Now I have two rules with the same name and I can't delete them :
# ipa sudorule-find --all
2 Sudo Rules matched
On Feb 22, 2016, at 9:21 AM, Ludwig Krispenz
> wrote:
The crash is an abort because of a failed assertion in the kerberos code
Thread 1 (Thread 0x7fa7d4c88700 (LWP 3125)):
#0 0x7fa7e6ace5f7 in raise () from /lib64/libc.so.6
No symbol table
On 22.02.2016 15:55, Alexandre Ellert wrote:
I create another rule via web UI and it's fine now...don't remember
why the first one was duplicated.
Is it safe to delete these entries directly from LDAP ? :
ipaUniqueID=faac52c8-d96d-11e5-b61d-00505693334c,cn=sudorules,cn=sudo,dc=xxx,dc=xxx
and
Greetings,
I have a question about using smart card authentication on Fedora 23.
We have worked out a procedure for setting up smart card login on our
SL7.2 systems and it seems to be working very well. However, when
trying to use the same process on a Fedora 23 system the process starts
The crash is an abort because of a failed assertion in the kerberos code
Thread 1 (Thread 0x7fa7d4c88700 (LWP 3125)):
#0 0x7fa7e6ace5f7 in raise () from /lib64/libc.so.6
No symbol table info available.
#1 0x7fa7e6acfce8 in abort () from /lib64/libc.so.6
No symbol table info available.
On Sat, Feb 20, 2016 at 5:58 PM, Ian Pilcher wrote:
> I am running IPA 3.0.0 on CentOS 6 (32-bit x86), and I am getting a
> traceback every time pki-cad starts:
>
> Traceback (most recent call last):
> File "/usr/sbin/pki-server", line 89, in
> cli.execute(sys.argv)
On 22.2.2016 14:02, Winfried de Heiden wrote:
> Hi all,
>
> Following
> http://www.freeipa.org/page/Troubleshooting#DNSSEC_signing_does_not_work was
> most usefull, It turned out the package "freeipa-server-dns"was missing.
> Strange, I am running DNS, but...:
>
> * I upgraded form Fedora
On 02/22/2016 03:51 PM, Jakub Hrozek wrote:
>
> Is there anything else in the logs (/var/log/sssd/*)
>
Only some events after sssd went away:
srvvm01:/var/log/sssd# cat sssd.log.1
(Sun Feb 21 18:02:21 2016) [sssd] [monitor_restart_service] (0x0010): Process
[nss], definitely stopped!
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
22.02.2016, 10:00, Filip Pytloun kirjoitti:
> My change was already applied in bind9 (1:9.10.3.dfsg.P2-4)
> experimental; urgency=medium
>
> I don't know if it could be shipped by sssd package as the policy
> is for usr.bin.named binary.
oh right,
On 22.2.2016 09:36, Winfried de Heiden wrote:
> Hi all,
>
> I get lot's of messages in my log (journalctl -u named-pkcs11.service -p err
> )
> like these:
>
> Feb 22 09:17:32 ipa.example.com named-pkcs11[8982]: zone example.com/IN
> (signed): could not get zone keys for secure dynamic update
My change was already applied in
bind9 (1:9.10.3.dfsg.P2-4) experimental; urgency=medium
I don't know if it could be shipped by sssd package as the policy is for
usr.bin.named binary.
On 2016/02/22 07:11, Timo Aaltonen wrote:
> 14.02.2016, 09:14, Filip Pytloun kirjoitti:
> > Hello,
> >
> > we
Sorry not an option. I have couple of 1000s of instances. Aside from
switching OS is there any other option? I mean "*" char is allowed in
standard sudo implementation. To me it seems like there should not be a
host name check on sudo hosts.
On 22 February 2016 at 12:22, Alexander Bokovoy
Hi all,
I get lot's of messages in my log (journalctl -u
named-pkcs11.service -p err ) like these:
Feb 22 09:17:32 ipa.example.com named-pkcs11[8982]: zone
example.com/IN (signed): could not get zone keys for secure
dynamic update
Feb
20 matches
Mail list logo