Rob Crittenden writes:
> Would it be more robust to call kdestroy -A or is that just overkill in
> this case?
I believe it would be superior to call `kdestroy -A`, yes.
signature.asc
Description: PGP signature
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat
David Kupka writes:
> --8<- trac-ticket-template-proposal --->8--
> Related SW versions:
> On server:
> {{{
> $ rpm -q freeipa-server pki-base 389-ds-base bind samba krb5-server
> certmonger
> }}}
> On client:
> {{{
> $ rpm -q freeipa-client krb5-workstation certmonge
Lukas Slebodnik writes:
> On (03/05/16 12:29), Robbie Harwood wrote:
>>David Kupka writes:
>>
>>> --8<- trac-ticket-template-proposal --->8--
>>> Related SW versions:
>>> On server:
>>> {{{
>>> $
Stanislav Laznicka writes:
> From 7a55f169181ab8647cd2d919f35c004b14d5bc7f Mon Sep 17 00:00:00 2001
> From: Stanislav Laznicka
> Date: Fri, 27 May 2016 16:12:31 +0200
> Subject: [PATCH] Added krb5.conf.d/ to included dirs in krb5.conf
>
> The include of /etc/krb5.conf.d/ is required for crypto-p
Alexander Bokovoy writes:
> On Fri, 27 May 2016, Robbie Harwood wrote:
>>Stanislav Laznicka writes:
>>
>>> From 7a55f169181ab8647cd2d919f35c004b14d5bc7f Mon Sep 17 00:00:00 2001
>>> From: Stanislav Laznicka
>>> Date: Fri, 27 May 2016 16:12:31 +0200
Alexander Bokovoy writes:
> On Sat, 28 May 2016, Robbie Harwood wrote:
>> Alexander Bokovoy writes:
>>> On Fri, 27 May 2016, Robbie Harwood wrote:
>>>> Stanislav Laznicka writes:
>>>>> From: Stanislav Laznicka
>>>>>
>>&g
Michael Simacek writes:
> - Original Message -
>> From: "Christian Heimes"
>> To: freeipa-devel@redhat.com, msima...@redhat.com
>> Sent: Tuesday, July 21, 2015 2:23:06 PM
>> Subject: Re: [Freeipa-devel] [PATCH] Port from python-kerberos library to
>> python-gssapi
>>
>> On 2015-07-21 1
Michael Simacek writes:
> This is a first part of my effort to port FreeIPA from Python3-incompatible
> Kerberos libraries to python-gssapi. This patch should replace python-kerberos
> with python-gssapi (both use C GSSAPI behind the scenes).
Okay, Solly and I went through this again, and there
Some comments from Solly and I inline:
Michael Šimáček writes:
> On 2015-07-22 15:47, Simo Sorce wrote:
>> Comments inline.
>>
>> - Original Message -
>>> From: "Michael Simacek"
>>> To: freeipa-devel@redhat.com
>>> Sent: Tuesday, July 21, 2015 8:02:26 AM
>>> Subject: [Freeipa-devel] [P
Michael Šimáček writes:
> GSSAPI doesn't provide any method (that I'm aware of) to get default
> ccache name. In most cases this is not needed as we can simply not
> pass any name and it will use the default. The ldap plugin had to be
> adjusted for this - the connect method now takes new use_gss
Michael Šimáček writes:
> On 2015-07-29 19:20, Robbie Harwood wrote:
>
>> Michael Šimáček writes:
>>
>>> -# The keytab may have stale key material (from older trust-add run)
>>> -if not os.path.isfile(oneway_ccache_name):
>>> -
Michael Šimáček writes:
> Attaching new revision of the patch that performs the full negotiation
> cycle.
Looks good to me, thanks!
signature.asc
Description: PGP signature
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Co
Michael Šimáček writes:
> Attaching new revision of the patch. Changes from the previous:
> - ldap2's connect now chooses the bind type same way as in ipaldap
> - get_default_realm usages replaced by api.env.realm
> - fixed missing third kinit attempt in trust-fetch-domains
> - removed rewrapping
Michael Šimáček writes:
> On 2015-08-20 12:32, Michael Šimáček wrote:
>
> Michael Šimáček writes:
>
>> Attaching new revision of the patch. Changes from the previous:
>> - ldap2's connect now chooses the bind type same way as in ipaldap
>> - get_default_realm usages replaced
Simo Sorce writes:
> On Thu, 2015-08-20 at 14:42 -0400, Robbie Harwood wrote:
>> Michael Šimáček writes:
>>
>>> On 2015-08-20 12:32, Michael Šimáček wrote:
>>>
>>>>>>> Michael Šimáček writes:
>>>>>>>
>>>>
Michael Šimáček writes:
> python-gssapi had a bug in exception handling that caused exceptions to
> be shadowed by LookupError. The new version should fix the problem.
>
> https://fedorahosted.org/freeipa/ticket/5225
Yes, exactly. Looks good!
signature.asc
Description: PGP signature
--
Mana
Michael Šimáček writes:
> On 2015-08-24 17:49, Simo Sorce wrote:
>
>> On Mon, 2015-08-24 at 17:18 +0200, Michael Šimáček wrote:
>>
>>> On 2015-08-24 14:50, Jan Cholasta wrote:
>>>
On 23.8.2015 23:27, Michael Šimáček wrote:
3) ipa-adtrust-install fails with:
admin password
Jan Cholasta writes:
> On 25.8.2015 12:46, Michael Šimáček wrote:
>> On 2015-08-25 12:38, Alexander Bokovoy wrote:
>>> On Tue, 25 Aug 2015, Michael Šimáček wrote:
>>>> On 2015-08-24 20:29, Robbie Harwood wrote:
>>>>> Michael Šimáček writes:
Petr Vobornik writes:
> mod_auth_gssapi > 1.4.0 implements support for unique ccaches names.
Excited to see this appear! Sessions are not in use so there's no need
to worry about a sweeper. This looks correct to me. Thanks Petr!
signature.asc
Description: PGP signature
--
Manage your subsc
Nathaniel McCallum writes:
> On Fri, 2016-09-30 at 14:19 +0200, Martin Kosek wrote:
>> On 09/23/2016 09:54 AM, Jakub Hrozek wrote:
>>> On Thu, Sep 22, 2016 at 06:09:43PM +0200, Petr Vobornik wrote:
As you know, FedoraHosted.org will be decommissioned.
https://communityblog.fedorap
Standa Laznicka writes:
> Hello,
>
> Current gssproxy in Fedora 25 "updates" repository (gssproxy-0.6.2-2) is
> broken. For a freshly-installed IPA server, the infamous error
>
> "ipa: ERROR: Major (851968): Unspecified GSS failure. Minor code may
> provide more information, Minor (2598845123)
21 matches
Mail list logo
