Previously the user's city parameter is defined to use the 'locality'
attribute. This was a problem because the attribute would be returned
as 'l' by the directory server causing a mismatch. Now the parameter
has been changed to use the 'l' attribute.
https://fedorahosted.org/freeipa/ticket/985
The json_metadata() has been updated to return ipa.Objects and
ipa.Methods. The i18n_messages() has been updated to include other
messages that are not available from the metadata.
https://fedorahosted.org/freeipa/ticket/899
--
Endi S. Dewata
From 95713cc08453380ed686f265eeb0836b76388a87 Mon Sep
On 2011-02-17 22:52, Rob Crittenden wrote:
Pavel Zůna wrote:
On 2011-02-17 05:09, Rob Crittenden wrote:
Pavel Zůna wrote:
My efforts in fixing localization all around the framework and
preparing
it for localizing docstrings have resulted in a lot of patches. Because
I understand they have beco
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 05:19 AM, Rob Crittenden wrote:
> Right before rc1 I discovered a problem in ipa-replica-prepare. It was
> crashign when trying to generate the SSL certificates. The first time it
> failed on nss_shutdown() claiming that NSS wasn't initia
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm not sure about checking the flags - this might be a little too much
validation.
https://fedorahosted.org/freeipa/ticket/840
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is a minor optimization that didn't occur to me yesterday when I
was reviewing Rob's patch - sorry.
The patch only adds _srv_ as the first entry if service discovery
succeeded during ipa-client-install. This gets rid of the DNS timeout
for cases
On Fri, 18 Feb 2011 05:06:34 +
JR Aquino wrote:
> On Feb 17, 2011, at 8:38 PM, "Adam Young" wrote:
>
> > I tried to follow the steps to setup Sudo on a client here:
> > https://fedoraproject.org/wiki/QA:Testcase_freeipav2_sudo
> >
> > Of course, since my serve wasn't example.com, I had to
On Feb 18, 2011, at 5:01 AM, "Simo Sorce" wrote:
> On Fri, 18 Feb 2011 05:06:34 +
> JR Aquino wrote:
>
>> On Feb 17, 2011, at 8:38 PM, "Adam Young" wrote:
>>
>>> I tried to follow the steps to setup Sudo on a client here:
>>> https://fedoraproject.org/wiki/QA:Testcase_freeipav2_sudo
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The doc= value was misleading. The "minimum" value in SOA record defines
how long should NXDOMAIN responses be cached. As per RFC 2308, the
maximum allowed value should be 3 hours.
Also, many parameters allowed negative values which really don't make
On Fri, 18 Feb 2011 13:18:36 +
JR Aquino wrote:
> I'm afraid not Simo.
> As you recall. Both /etc/sudoers and the 2 Sudo containers in FreeIPA
> are protected. There is a deliberate default aci which prevents
> anonymous users from enumerating everyones Sudo information.
>
> This means it i
On 2/18/11 5:49 AM, "Simo Sorce" wrote:
>On Fri, 18 Feb 2011 13:18:36 +
>JR Aquino wrote:
>
>> I'm afraid not Simo.
>> As you recall. Both /etc/sudoers and the 2 Sudo containers in FreeIPA
>> are protected. There is a deliberate default aci which prevents
>> anonymous users from enumerating
On 02/18/2011 04:10 AM, Martin Kosek wrote:
On Thu, 2011-02-17 at 12:29 -0500, Adam Young wrote:
Looks good. Only problem is on braces. we have a code standard that
is like this
IPA.something = function () {
not
IPA.something = function ()
{
This is due to Javascript being ambiguous in
On 02/11/2011 03:32 PM, Adam Young wrote:
On 02/10/2011 10:57 PM, Endi Sukma Dewata wrote:
Hi Kyle,
I added the expand/collapse all link into the details page.
See the following demo:
http://edewata.fedorapeople.org/freeipa/install/ui/index.html#navigation=0&identity=0&user-facet=details&user-
David O'Brien wrote:
Jan Zelený wrote:
Rob Crittenden wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/831
Jan
I think I'd like David's take on this, but my initial reaction is I'd
prefer the word maximum to maximal.
rob
The second patch is in attachment. Based on David's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/17/2011 04:35 AM, Rob Crittenden wrote:
> Add default roles and permissions for HBAC, SUDO and pw policy
>
> Created some default roles as examples. In doing so I realized that we
> were completely missing default rules for HBAC, SUDO and passwo
On 02/18/2011 03:13 AM, Endi Sukma Dewata wrote:
The json_metadata() has been updated to return ipa.Objects and
ipa.Methods. The i18n_messages() has been updated to include other
messages that are not available from the metadata.
https://fedorahosted.org/freeipa/ticket/899
On 02/18/2011 03:11 AM, Endi Sukma Dewata wrote:
Previously the user's city parameter is defined to use the 'locality'
attribute. This was a problem because the attribute would be returned
as 'l' by the directory server causing a mismatch. Now the parameter
has been changed to use the 'l' attribu
On 02/18/2011 03:14 AM, Endi Sukma Dewata wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
___
Freeipa-devel mailing list
Fr
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/18/2011 05:19 AM, Rob Crittenden wrote:
Right before rc1 I discovered a problem in ipa-replica-prepare. It was
crashign when trying to generate the SSL certificates. The first time it
failed on nss_shutdown() claiming that
Nathan Kinder wrote:
Works for me, I thought I acked this last night. I guess not so ACK.
pushed to master.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On 02/18/2011 03:15 AM, Endi Sukma Dewata wrote:
https://fedorahosted.org/freeipa/ticket/899
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
If applied without 106 it breaks the unit tests,
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/17/2011 04:35 AM, Rob Crittenden wrote:
Add default roles and permissions for HBAC, SUDO and pw policy
Created some default roles as examples. In doing so I realized that we
were completely missing default rules for HBAC,
John Dennis wrote:
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Jakub Hrozek wrote:
On Thu, Feb 17, 2011 at 11:30:03AM +0100, Jan Zelený wrote:
Better, thanks. I'd also like to change the code which is using this function,
so the conversion doesn't take place twice.
I think it's safe. The documentation on unicode() says:
---
More precisely, if object is a
Jan Zeleny wrote:
JR Aquino wrote:
On 2/17/11 3:23 AM, "Jan Zelený" wrote:
JR Aquino wrote:
This patch fixes the netgroup plugin's behavior of adding duplicate
entries
when the managed entry plugin creates a netgroup with a mepManagedEntry
This problem is documented in ticket:
https://fed
David O'Brien wrote:
Jan Zelený wrote:
"David O'Brien" wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/784
https://fedorahosted.org/freeipa/ticket/786
https://fedorahosted.org/freeipa/ticket/787
Jan
nack
A few typos and style issues:
- _("File were to store the keytab inf
Jan Zeleny wrote:
Jakub Hrozek wrote:
https://fedorahosted.org/freeipa/ticket/932
ack
Jan
The sssd project has added this for us so we no longer need to do this.
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com
Add exit code info to the ipa command man page.
The tool I use, manedit, also escaped all dashes. Seems benign so I left it.
ticket 803
rob
freeipa-rcrit-733-man.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat
On Fri, Feb 18, 2011 at 11:11:25AM -0500, Rob Crittenden wrote:
> Add exit code info to the ipa command man page.
>
> The tool I use, manedit, also escaped all dashes. Seems benign so I left it.
Yep, renders OK.
>
> ticket 803
>
> rob
Ack
___
Freei
On 2/17/11 2:20 PM, "Rob Crittenden" wrote:
>JR Aquino wrote:
>> On 2/17/11 11:02 AM, "Rob Crittenden" wrote:
>>
>>> Make managed netgroups (those created as a result of creating a
>>> hostgroup) should be immutable. This aci will deny writes to a managed
>>> netgroup.
>>>
>>> ticket 962
>>>
>>>
Jakub Hrozek wrote:
On Fri, Feb 18, 2011 at 11:11:25AM -0500, Rob Crittenden wrote:
Add exit code info to the ipa command man page.
The tool I use, manedit, also escaped all dashes. Seems benign so I left it.
Yep, renders OK.
ticket 803
rob
Ack
pushed to master
__
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This is a minor optimization that didn't occur to me yesterday when I
was reviewing Rob's patch - sorry.
The patch only adds _srv_ as the first entry if service discovery
succeeded during ipa-client-install. This gets rid of the
JR Aquino wrote:
On 2/17/11 2:20 PM, "Rob Crittenden" wrote:
JR Aquino wrote:
On 2/17/11 11:02 AM, "Rob Crittenden" wrote:
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a managed
netgroup.
ticket 962
rob
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The doc= value was misleading. The "minimum" value in SOA record defines
how long should NXDOMAIN responses be cached. As per RFC 2308, the
maximum allowed value should be 3 hours.
Also, many parameters allowed negative values wh
On Fri, 18 Feb 2011 15:27:59 -0500
Rob Crittenden wrote:
> Jakub Hrozek wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > This is a minor optimization that didn't occur to me yesterday when
> > I was reviewing Rob's patch - sorry.
> >
> > The patch only adds _srv_ as the first
Fixes #266
I haven't been able to test this as the Windows machine we have
available decided to not behave today.
I may try again next week assuming I have time.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
>From c8044a8ba346c0b0e5858e327a8b6e949bea6dd1 Mon Sep 17 00:00:00 2001
From: Simo Sor
On 02/18/2011 03:10 PM, Simo Sorce wrote:
Fixes #266
I haven't been able to test this as the Windows machine we have
available decided to not behave today.
I may try again next week assuming I have time.
ack
Simo.
___
Freeipa-devel mailing list
Fr
This patch demonstrates how to use the plugin framework with the
existing entities. The plugin framework provides a name space for the
classes, functions and variables specific for the plugin. Any code
executed inside the init() method will be 'safe' because at that point
the metadata and i18n
--
Endi S. Dewata
From 945f937059587c2fe00a4874e6752baa3412c9f4 Mon Sep 17 00:00:00 2001
From: Endi S. Dewata
Date: Fri, 18 Feb 2011 18:15:21 -0600
Subject: [PATCH] Applied plugin framework on aci.
---
install/ui/aci.js| 87 +++--
install/ui/te
On 02/18/2011 06:48 PM, Endi Sukma Dewata wrote:
This patch demonstrates how to use the plugin framework with the
existing entities. The plugin framework provides a name space for the
classes, functions and variables specific for the plugin. Any code
executed inside the init() method will be 's
Here's a rough hack. It follows the steps in the test script. I tested
it out and it works.
BASEDN=`awk '/basedn/ {print $3}' < /etc/ipa/default.conf`
IPASERVER=`awk '/server/ {print $3}' < /etc/ipa/default.conf`
DOMAIN=`awk '/domain/ {print $3}' < /etc/ipa/default.conf`
CONFDIR=`mktemp -d`
On 02/18/2011 05:12 PM, Endi Sukma Dewata wrote:
On 2/18/2011 1:08 PM, Endi Sukma Dewata wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
Needs rebase, due to mkosek's
On 2/18/2011 10:35 PM, Adam Young wrote:
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
https://fedorahosted.org/freeipa/ticket/899
Needs rebase, due to mkosek's big patch.
Attached is an updated version. I had to c
43 matches
Mail list logo