On 04/03/2014 09:46 AM, Justin Brown wrote: > Petr, > > I'll try another replica for testing tomorrow, and unfortunately the > logs were purged when I reinstalled. The error message was not helpful > and said something along the lines of CA installation failed, but did > not list any reason. I'll get you the exact message tomorrow. I'll > also try some more network tests as I have all of the ports that you > listed plus some additional Dogtag ports, which I've come to > understand are now proxied through 7389. > >> Patches are welcome :-) > > Yes, you've got me. ;) I'll review the Firewalld packaging in more > detail and try to come up with a workable solution. It's not currently > possible to do meta-services in firewalld, and I'm sure the FreeIPA > developers don't want a hard dependency on firewalld via a > hypothetical freeipa-server-firewalld dependency. I'm sure some > solution is possible -- maybe even just in the documentation. > > Thanks, > Justin
Hi Justin, Petr is right, patches and contributions are extremely welcome :-) Let me just pass the initial information in case you'd want to accept this challenge: How to contribute: http://www.freeipa.org/page/Contribute/Code Trac ticket with related information and links to Bugzillas: https://fedorahosted.org/freeipa/ticket/2110 Actually I do not think that freeipa-server-firewalld or similar is that bad idea. We already thought of shipping our own firewalld file(s) and such subpackage may be a way to go. This is something that can be discussed on freeipa-devel list. Martin _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users