[Freeipa-devel] [PATCH] Fix crash in ipa help for NO_CLI plugins.
Fix #854 Pavel From 6c9f25fa6c50034db4967e64590cc9d46bdf8e0b Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 12:47:34 -0500 Subject: [PATCH] Fix crash in ipa help for NO_CLI plugins. Fix #854 --- ipalib/cli.py | 16 ++-- 1 files changed, 2 insertions(+), 14 deletions(-) diff --git a/ipalib/cli.py b/ipalib/cli.py index 5543301..9735d2e 100644 --- a/ipalib/cli.py +++ b/ipalib/cli.py @@ -730,19 +730,6 @@ class help(frontend.Local): for t in topics: topic = self._topics[t] print ' %s %s' % (to_cli(t).ljust(self._mtl), topic[0]) - -if False: -topic_commands = self._topics[t][2] -mod_list = [self._get_command_module(c.module) for c in topic_commands] -mod_list = list(set(mod_list)) - -for mod in mod_list: -m = '%s.%s' % (self._PLUGIN_BASE_MODULE, mod) -if 'topic' in dir(sys.modules[m]): -doc = sys.modules[m].topic[1] -else: -doc = (sys.modules[m].__doc__ or '').strip().split('\n', 1)[0] -print ' %s %s' % (to_cli(t).ljust(self._mtl), doc) print '' print 'Try `ipa --help` for a list of global options.' @@ -759,6 +746,7 @@ class help(frontend.Local): mcl = self._topics[topic][1] commands = self._topics[topic][2] else: +commands = [] for t in self._topics: if type(self._topics[t][2]) is not dict: continue @@ -772,8 +760,8 @@ class help(frontend.Local): doc = (sys.modules[m].__doc__ or '').strip() print doc -print '' if len(commands) 1: +print '' print 'Topic commands:' for c in commands: print ' %s %s' % (to_cli(c.name).ljust(mcl), c.summary) -- 1.7.1.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] Fix minor bug in host-add logic.
Fix #798 Pavel From c5872d7d532429341c86cf1ba10a24709b510664 Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 13:47:21 -0500 Subject: [PATCH] Fix minor bug in host-add logic. Ticket #798 --- ipalib/plugins/host.py |4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index d5c5174..e3f38fc 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -323,9 +323,9 @@ class host_add(LDAPCreate): entry_attrs['krbprincipalname'] = 'host/%s@%s' % ( keys[-1], self.api.env.realm ) -if 'krbprincipalaux' not in entry_attrs: +if 'krbprincipalaux' not in entry_attrs['objectclass']: entry_attrs['objectclass'].append('krbprincipalaux') -if 'krbprincipal' not in entry_attrs: +if 'krbprincipal' not in entry_attrs['objectclass']: entry_attrs['objectclass'].append('krbprincipal') else: if 'krbprincipalaux' in entry_attrs['objectclass']: -- 1.7.1.1 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 022 Inconsistent error message for ipa group-detach
When attempting to detach a private group that doesn't exist, the error message returned is not consistent with the error returned by the other topic commands. This patch adds a standard message. https://fedorahosted.org/freeipa/ticket/291 From 20639738dbd689839f24775ea4899be3adb8103e Mon Sep 17 00:00:00 2001 From: Martin Kosek mko...@redhat.com Date: Wed, 2 Feb 2011 15:29:38 +0100 Subject: [PATCH] Inconsistent error message for ipa group-detach When attempting to detach a private group that doesn't exist, the error message returned is not consistent with the error returned by the other topic commands. This patch adds a standard message. https://fedorahosted.org/freeipa/ticket/291 --- ipalib/plugins/group.py |5 - 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 078d535b0de9da543d0202a020e06c642e598b01..b981731e3532fc3eb76520413011613bb2dc9f3e 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -294,7 +294,10 @@ class group_detach(LDAPQuery): group_dn = self.obj.get_dn(*keys, **options) user_dn = self.api.Object['user'].get_dn(*keys) -(user_dn, user_attrs) = ldap.get_entry(user_dn) +try: +(user_dn, user_attrs) = ldap.get_entry(user_dn) +except errors.NotFound: +self.obj.handle_not_found(*keys) is_managed = self.obj.has_objectclass(user_attrs['objectclass'], 'mepmanagedentry') if (not ldap.can_write(user_dn, objectclass) or not (ldap.can_write(user_dn, mepManagedEntry)) and is_managed): -- 1.7.3.5 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 664 entitlement support
Jakub Hrozek wrote: On 02/01/2011 08:25 PM, Rob Crittenden wrote: Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/01/2011 04:15 PM, Rob Crittenden wrote: Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/31/2011 04:29 PM, Rob Crittenden wrote: Jakub Hrozek wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/05/2011 04:38 PM, Rob Crittenden wrote: This patch adds a plugin and tools for managing entitlements for host machines. Testing is rather complex so I've attached a script to help set up the Candlepin server. You'll need to ping me out of band for the backend data. This configures the Candlepin server with an in-memory database so any time tomcat6 is restarted you'll need to reload the data. You have to run candlepin.setup as root. This will configure your Fedora tomcat6 instance. Once your candlepin server is setup and IPA is installed do something like: $ ipa entitle-register admin (password is admin) $ ipa entitle-consume 25 $ ipa entitle-status (verify that it is 25) # ipa-compliance (should be 1 of 50) Our tools can consume only, not return entitlements. tickets 28, 79 and 278. rob can you rebase the patch so it applies cleanly on the current master? attached rob Functionally, the patch seems to be working fine -- great job!. I just have a couple of minor comments: * I think a recent change to delegation.ldif conflicts with the patch. I was able to do a 3-way merge, but please check it merges OK. * During build, rpm-build complains about /etc/cron.d/ipa-compliance being listed twice * the two commented lines in ipa-compliance that test Bind using DM and Bind using GSSAPI should be removed * I think that the ipa-compliance tool never deletes the directory with the ccache (tmpdir) * in ipa-compliance: + if not truncated: + hostcount = len(entries) + else: + # FIXME: raise an error + pass I'm not opposed to FIXMEs in the code, but maybe there should be a ticket so we don't forget them. Also, hostcount should be initialized in the else: branch, later on, the code accesses it and would blow up. * In the entitlement plugin, the 'hidden' attributes could have flags=['no_option', 'no_output'] so they don't show up in the UI * If I consume all the entitlements with ipa entitle-consume and ask for more, I get an internal server error - we should probably catch the RestlibException from candlepin * when I started testing I made a typo in the candlepin instance hostname. ipa entitle-register then blew up.. The traceback looks like it comes from rhsm. I don't think we absolutely need to fix it now, but we should at least track it in a ticket. Here is a diff of the changes you suggested, I think they cover all the bases. rob Looks good, thank you. If you can send a new patch with these squashed in, I'll just run a couple of quick tests and ack. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk1ISqEACgkQHsardTLnvCUQDgCfbHeiSCEhhyzepiEkr6Qp6S/W CtkAoKmz9r+b6bVck0Cviul4eiyskc0D =6Jh9 -END PGP SIGNATURE- attached Ack but please check that the 3-way rebase is OK and also please import socket in ipalib/plugins/entitle.py, currently it is an undefined symbol. Fixed, rebased and pushed to master. I also fixed up a couple of permissions, adding the ipapermission objectclass. Thanks for the review, it is a relief to get this off my plate. rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Fix crash in ipa help for NO_CLI plugins.
Pavel Zuna pz...@redhat.com wrote: Fix #854 Pavel ack Jan ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Fix minor bug in host-add logic.
Pavel Zuna pz...@redhat.com wrote: Fix #798 Pavel ack Jan ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 698 Translate exception messages
On 02/01/2011 11:36 PM, Rob Crittenden wrote: Pavel mentioned this morning that translations didn't seem to be working. I remembered that I did some things on the cli so I re-tested. Turned out that exceptions aren't being translated. I'm not at all sure this patch does the right thing, so take it with a grain of salt. What it does is translates the message before stuffing it into the exception. Note that this will also translate messages returned via XML-RPC so I wonder if we need to force LANG to en_US.UTF-8 there. In any case, this seems to fix the client side anyway. I'm open to criticism on this one. To test do something like: $ kinit admin $ export LANG=es_US.UTF-8 $ ipa user-add --first=Kermit --last=Frog kfrog $ ipa user-add --first=Kermit --last=Frog kfrog You should get a DuplicateEntry() response in Spanish. rob nack. While this patch works, it doesn't solve the problem at its root. After some investigation I figured out, that functions initializing translations in ipalib/request.py are not called from anywhere. All the translation code in ipalib/request.py is currently deprecated in favor of ipalib/text.py. I'm preparing a patch, that removes the unused code and replaces references to it. Pavel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 023 ipa-server-install inconsistent capitalization
A cosmetic patch to IPA server installation output aimed to make capitalization in installer output consistent. Several installation tasks started with a lowercase letter and several installation task steps started with an uppercase letter. https://fedorahosted.org/freeipa/ticket/776 From 5d26538f0fde0cc801a805d54c0c34ee7ba7f754 Mon Sep 17 00:00:00 2001 From: Martin Kosek mko...@redhat.com Date: Wed, 2 Feb 2011 16:24:30 +0100 Subject: [PATCH] ipa-server-install inconsistent capitalization A cosmetic patch to IPA server installation output aimed to make capitalization in installer output consistent. Several installation tasks started with a lowercase letter and several installation task steps started with an uppercase letter. https://fedorahosted.org/freeipa/ticket/776 --- install/tools/ipa-server-install |6 +++--- ipaserver/install/dsinstance.py |2 +- ipaserver/install/httpinstance.py | 10 +- ipaserver/install/krbinstance.py |2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 64eccd8741869754323c8227af255a3c42accd55..6c0873f37becc8df6acfa889a8f2de813a0a61cf 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -856,14 +856,14 @@ def main(): ds.apply_updates() # Restart ds and krb after configurations have been changed -service.print_msg(restarting the directory server) +service.print_msg(Restarting the directory server) ds.restart() -service.print_msg(restarting the KDC) +service.print_msg(Restarting the KDC) krb.restart() # Restart httpd to pick up the new IPA configuration -service.print_msg(restarting the web server) +service.print_msg(Restarting the web server) http.restart() # Create a BIND instance diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index 0a33697d2c6a51f4a8514dbb225bb7f1fea93d62..be6b50483ac85bb93bcb13d56c30aeb4bcf68370 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -280,7 +280,7 @@ class DsInstance(service.Service): self.__setup_sub_dict() self.__common_setup() -self.step(Setting up initial replication, self.__setup_replica) +self.step(setting up initial replication, self.__setup_replica) self.step(adding replication acis, self.__add_replication_acis) self.__common_post_setup() diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index 46a5676f22dcb8ac2582f6255f86d7ce47202f45..4f876c9b80021758007202e6e606d84085c14f3d 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -73,13 +73,13 @@ class HTTPInstance(service.Service): self.step(disabling mod_ssl in httpd, self.__disable_mod_ssl) -self.step(Setting mod_nss port to 443, self.__set_mod_nss_port) -self.step(Setting mod_nss password file, self.__set_mod_nss_passwordfile) -self.step(Adding URL rewriting rules, self.__add_include) +self.step(setting mod_nss port to 443, self.__set_mod_nss_port) +self.step(setting mod_nss password file, self.__set_mod_nss_passwordfile) +self.step(adding URL rewriting rules, self.__add_include) self.step(configuring httpd, self.__configure_http) -self.step(Setting up ssl, self.__setup_ssl) +self.step(setting up ssl, self.__setup_ssl) if autoconfig: -self.step(Setting up browser autoconfig, self.__setup_autoconfig) +self.step(setting up browser autoconfig, self.__setup_autoconfig) self.step(publish CA cert, self.__publish_ca_cert) self.step(creating a keytab for httpd, self.__create_http_keytab) self.step(configuring SELinux for httpd, self.__selinux_config) diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 86804ce086fb7bd7c2bc69d40a7b89320519d25c..ecb842772ebe7112b0a4ffbe8593d8fe8c529b0b 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -204,7 +204,7 @@ class KrbInstance(service.Service): self.step(adding the password extension to the directory, self.__add_pwd_extop_module) if setup_pkinit: self.step(installing X509 Certificate for PKINIT, self.__setup_pkinit) -self.step(Enable GSSAPI for replication, self.__convert_to_gssapi_replication) +self.step(enable GSSAPI for replication, self.__convert_to_gssapi_replication) self.__common_post_setup() -- 1.7.3.5 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] Remove deprecated i18n code from ipalib.request and all references to it.
This ticket effectively fixes the translation of exception messages. Ticket #903 Pavel From b051be4d816f94ebab3fc932b3d2372d1cf0345a Mon Sep 17 00:00:00 2001 From: Pavel Zuna pz...@redhat.com Date: Wed, 2 Feb 2011 15:37:14 -0500 Subject: [PATCH] Remove deprecated i18n code from ipalib/request and all references to it. Ticket #903 --- ipalib/errors.py |2 +- ipalib/parameters.py |2 +- ipalib/request.py | 40 - tests/test_ipalib/test_request.py | 161 - 4 files changed, 2 insertions(+), 203 deletions(-) delete mode 100644 tests/test_ipalib/test_request.py diff --git a/ipalib/errors.py b/ipalib/errors.py index 20cd52b..63648d2 100644 --- a/ipalib/errors.py +++ b/ipalib/errors.py @@ -101,7 +101,7 @@ current block assignments: from inspect import isclass -from request import ugettext, ungettext +from text import _ as ugettext, ngettext as ungettext from constants import TYPE_ERROR diff --git a/ipalib/parameters.py b/ipalib/parameters.py index 22b0321..23177b3 100644 --- a/ipalib/parameters.py +++ b/ipalib/parameters.py @@ -102,7 +102,7 @@ a more detailed description for clarity. import re from types import NoneType from util import make_repr -from request import ugettext +from text import _ as ugettext from plugable import ReadOnly, lock, check_name from errors import ConversionError, RequirementError, ValidationError from errors import PasswordMismatch diff --git a/ipalib/request.py b/ipalib/request.py index 9a11fb9..15b26f5 100644 --- a/ipalib/request.py +++ b/ipalib/request.py @@ -23,8 +23,6 @@ Per-request thread-local data. import threading -import locale -import gettext from base import ReadOnly, lock from constants import OVERRIDE_ERROR, CALLABLE_ERROR @@ -58,41 +56,3 @@ def destroy_context(): value.disconnect() context.__dict__.clear() - -def ugettext(message): -if hasattr(context, 'ugettext'): -return context.ugettext(message) -return message.decode('UTF-8') - - -def ungettext(singular, plural, n): -if hasattr(context, 'ungettext'): -return context.ungettext(singular, plural, n) -if n == 1: -return singular.decode('UTF-8') -return plural.decode('UTF-8') - - -def set_languages(*languages): -if hasattr(context, 'languages'): -raise StandardError(OVERRIDE_ERROR % -('context', 'languages', context.languages, languages) -) -if len(languages) == 0: -languages = locale.getdefaultlocale()[:1] -context.languages = languages -assert type(context.languages) is tuple - - -def create_translation(domain, localedir, *languages): -if hasattr(context, 'ugettext') or hasattr(context, 'ungettext'): -raise StandardError( -'create_translation() already called in thread %r' % -threading.currentThread().getName() -) -set_languages(*languages) -translation = gettext.translation(domain, -localedir=localedir, languages=context.languages, fallback=True -) -context.ugettext = translation.ugettext -context.ungettext = translation.ungettext diff --git a/tests/test_ipalib/test_request.py b/tests/test_ipalib/test_request.py deleted file mode 100644 index 548156d..000 --- a/tests/test_ipalib/test_request.py +++ /dev/null @@ -1,161 +0,0 @@ -# Authors: -# Jason Gerard DeRose jder...@redhat.com -# -# Copyright (C) 2008 Red Hat -# see file 'COPYING' for use and warranty contextrmation -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see http://www.gnu.org/licenses/. - - -Test the `ipalib.request` module. - - -import threading -import locale -from tests.util import raises, assert_equal -from tests.util import TempDir, dummy_ugettext, dummy_ungettext -from ipalib.constants import OVERRIDE_ERROR -from ipalib import request - - -def test_ugettext(): - -Test the `ipalib.request.ugettext` function. - -f = request.ugettext -context = request.context -message = 'Hello, world!' - -# Test with no context.ugettext: -assert not hasattr(context, 'ugettext') -assert_equal(f(message), u'Hello, world!') - -# Test with dummy context.ugettext: -assert not hasattr(context, 'ugettext') -dummy = dummy_ugettext() -context.ugettext = dummy -assert f(message) is dummy.translation -assert dummy.message is message - -#
Re: [Freeipa-devel] [PATCH] Fix minor bug in host-add logic.
Jan Zelený wrote: Pavel Zunapz...@redhat.com wrote: Fix #798 Pavel ack Jan pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Fix crash in ipa help for NO_CLI plugins.
Jan Zelený wrote: Pavel Zunapz...@redhat.com wrote: Fix #854 Pavel ack Jan pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 024 Typos in freeIPA messages
This patch fixes several reported typos in IPA messages and in comments. https://fedorahosted.org/freeipa/ticket/848 From 9fe64c02a30b165b41268f8f8631bbd0bcf48602 Mon Sep 17 00:00:00 2001 From: Martin Kosek mko...@redhat.com Date: Wed, 2 Feb 2011 17:15:35 +0100 Subject: [PATCH] Typos in freeIPA messages This patch fixes several reported typos in IPA messages and in comments. https://fedorahosted.org/freeipa/ticket/848 --- API.txt |4 ++-- doc/examples/examples.py|2 +- ipalib/plugins/automount.py |4 ++-- ipalib/plugins/migration.py |4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/API.txt b/API.txt index e08a35f9b2e70eacdcd23c9e01efaa87d0d793e9..992ba9908e18c9dd20741787eaa5185084f93951 100644 --- a/API.txt +++ b/API.txt @@ -204,7 +204,7 @@ command: automountlocation_import args: 2,1,1 arg: Str('cn', attribute=True, cli_name='location', label=Gettext('Location', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) arg: Str('masterfile', label=Gettext('Master file', domain='ipa', localedir=None)) -option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) +option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) output: Output('result', None, None) command: automountlocation_show args: 1,4,3 @@ -1467,7 +1467,7 @@ option: Str('groupcontainer?', autofill=True, cli_name='group_container', defaul option: List('userobjectclass?', autofill=True, cli_name='user_objectclass', default=(u'person',), label=Gettext('User object class', domain='ipa', localedir=None), multivalue=True) option: List('groupobjectclass?', autofill=True, cli_name='group_objectclass', default=(u'groupOfUniqueNames', u'groupOfNames'), label=Gettext('Group object class', domain='ipa', localedir=None), multivalue=True) option: StrEnum('schema?', autofill=True, cli_name='schema', default=u'RFC2307bis', label=Gettext('LDAP schema', domain='ipa', localedir=None), values=(u'RFC2307bis', u'RFC2307')) -option: Flag('continue?', autofill=True, default=False,lag('continue?', autofill=True, default=False, doc=Gettext('Continous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) +option: Flag('continue?', autofill=True, default=False,lag('continue?', autofill=True, default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) option: List('exclude_groups?', autofill=True, cli_name='exclude_groups', default=(), multivalue=True) option: List('exclude_users?', autofill=True, cli_name='exclude_users', default=(), multivalue=True) output: Output('result', type 'dict', Gettext('Lists of objects migrated; categorized by type.', domain='ipa', localedir=None)) diff --git a/doc/examples/examples.py b/doc/examples/examples.py index b59dc908fbac8ea809d6f32e35c3ff646d1de9a0..0ae212601bf4e2a844f69da68f7fb8daf42bbf69 100644 --- a/doc/examples/examples.py +++ b/doc/examples/examples.py @@ -366,7 +366,7 @@ class exuser_find(Method): # standard_list_of_entries is an output pattern that # define a dict with a list of entries, their count # and a truncated flag. The truncated flag is used to mark -# truncated (uncomplete) search results - for example due to +# truncated (incomplete) search results - for example due to # timeouts. has_output = output.standard_list_of_entries diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index ec306ac715dd458a33b85ae9b570826fe5df2c9b..9c2c0ad13daf9b388232890db64ded687456cbed 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -67,7 +67,7 @@ Locations: ipa automountlocation-import baltimore /etc/auto.master The import will fail if any duplicate entries are found. For -continous operation where errors are ignored use the --continue +continuous operation where errors are ignored use the --continue option. Maps: @@ -318,7 +318,7 @@ class automountlocation_import(LDAPQuery): takes_options = ( Flag('continue?', cli_name='continue', - doc=_('Continous operation mode. Errors are reported but the process continues'), + doc=_('Continuous operation mode. Errors are reported but the process continues'), ), ) diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index fff0afd1c321016208dffe62fe97292519a57293..4e3a4b00efddca5ade0513c0fce12f830f6f5b4f 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@
Re: [Freeipa-devel] [PATCH] 024 Typos in freeIPA messages
Martin Kosek wrote: This patch fixes several reported typos in IPA messages and in comments. https://fedorahosted.org/freeipa/ticket/848 Can you add the user that submitted the original patch for this to Contributors.txt? rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 024 Typos in freeIPA messages
On Wed, 2011-02-02 at 11:20 -0500, Rob Crittenden wrote: Martin Kosek wrote: This patch fixes several reported typos in IPA messages and in comments. https://fedorahosted.org/freeipa/ticket/848 Can you add the user that submitted the original patch for this to Contributors.txt? rob Sure, patch attached. I have updated Contributors file with the missing people I know if. Martin From 22d6be899dc5ae2b16c570e489bfcd8da100d792 Mon Sep 17 00:00:00 2001 From: Martin Kosek mko...@redhat.com Date: Wed, 2 Feb 2011 17:15:35 +0100 Subject: [PATCH] Typos in freeIPA messages This patch fixes several reported typos in IPA messages and in comments. Contributors file has been updated + the original author of the patch reporting the typos was added. https://fedorahosted.org/freeipa/ticket/848 --- API.txt |4 ++-- Contributors.txt| 10 +++--- doc/examples/examples.py|2 +- ipalib/plugins/automount.py |4 ++-- ipalib/plugins/migration.py |4 ++-- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/API.txt b/API.txt index e08a35f9b2e70eacdcd23c9e01efaa87d0d793e9..992ba9908e18c9dd20741787eaa5185084f93951 100644 --- a/API.txt +++ b/API.txt @@ -204,7 +204,7 @@ command: automountlocation_import args: 2,1,1 arg: Str('cn', attribute=True, cli_name='location', label=Gettext('Location', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) arg: Str('masterfile', label=Gettext('Master file', domain='ipa', localedir=None)) -option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) +option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) output: Output('result', None, None) command: automountlocation_show args: 1,4,3 @@ -1467,7 +1467,7 @@ option: Str('groupcontainer?', autofill=True, cli_name='group_container', defaul option: List('userobjectclass?', autofill=True, cli_name='user_objectclass', default=(u'person',), label=Gettext('User object class', domain='ipa', localedir=None), multivalue=True) option: List('groupobjectclass?', autofill=True, cli_name='group_objectclass', default=(u'groupOfUniqueNames', u'groupOfNames'), label=Gettext('Group object class', domain='ipa', localedir=None), multivalue=True) option: StrEnum('schema?', autofill=True, cli_name='schema', default=u'RFC2307bis', label=Gettext('LDAP schema', domain='ipa', localedir=None), values=(u'RFC2307bis', u'RFC2307')) -option: Flag('continue?', autofill=True, default=False,lag('continue?', autofill=True, default=False, doc=Gettext('Continous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) +option: Flag('continue?', autofill=True, default=False,lag('continue?', autofill=True, default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) option: List('exclude_groups?', autofill=True, cli_name='exclude_groups', default=(), multivalue=True) option: List('exclude_users?', autofill=True, cli_name='exclude_users', default=(), multivalue=True) output: Output('result', type 'dict', Gettext('Lists of objects migrated; categorized by type.', domain='ipa', localedir=None)) diff --git a/Contributors.txt b/Contributors.txt index 79f8188b942096bc21ff657522c4abba84ac17f0..6cc9b1f4f120dacc8fb8520c9076310d063cd269 100644 --- a/Contributors.txt +++ b/Contributors.txt @@ -4,18 +4,22 @@ The following people have contributed to the FreeIPA project. (Listed in alphabetical order within category) Developers: + Jr Aquino Rob Crittenden Nalin Dahyabhai John Dennis Jason DeRose Endi Dewata + Jakub Hrozek + Martin Kosek Nathan Kinder Rich Megginson Martin Nagy Simo Sorce Andrew Wnuk + Adam Young + Jan Zeleny Pavel Zůna - Jr Aquino Documentation: David O'Brien @@ -54,16 +58,16 @@ Managment: Karl Wirth Past and Occasional Contributors: + Yuri Chornoivan Frank Cusack Don Davis Gunther Deschner Stephen Gallagher - Jakub Hrozek + Ian Kumlien Karl MacMillan Jon McCann Kevin McCarthy Jim Meyering Pete Rowley Andreas Schneider - Ian Kumlien diff --git a/doc/examples/examples.py b/doc/examples/examples.py index b59dc908fbac8ea809d6f32e35c3ff646d1de9a0..0ae212601bf4e2a844f69da68f7fb8daf42bbf69 100644 --- a/doc/examples/examples.py +++ b/doc/examples/examples.py @@ -366,7 +366,7 @@ class exuser_find(Method): # standard_list_of_entries is an output pattern that # define a dict with a list of entries, their count # and a truncated flag. The truncated flag is used to mark -
[Freeipa-devel] [PATCH] 699 fix city and state in framework
City and state in the user object were using the wrong LDAP attributes. I also added a unit test for address. This will cause the ui to display undefined for city and state, Adam said he'd take a look. ticket 889 rob freeipa-rcrit-699-city.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 024 Typos in freeIPA messages
Martin Kosek wrote: On Wed, 2011-02-02 at 11:20 -0500, Rob Crittenden wrote: Martin Kosek wrote: This patch fixes several reported typos in IPA messages and in comments. https://fedorahosted.org/freeipa/ticket/848 Can you add the user that submitted the original patch for this to Contributors.txt? rob Sure, patch attached. I have updated Contributors file with the missing people I know if. Martin ack, pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] Added undo for permission target.
https://fedorahosted.org/freeipa/ticket/885 -- Endi S. Dewata From bc6f406a758d519500c90f948e8e30753760b50e Mon Sep 17 00:00:00 2001 From: Endi S. Dewata edew...@redhat.com Date: Wed, 2 Feb 2011 10:35:23 -0600 Subject: [PATCH] Added undo for permission target. https://fedorahosted.org/freeipa/ticket/885 --- install/ui/aci.js| 314 -- install/ui/dialog.js |2 +- install/ui/ipa.css |6 - install/ui/test/aci_tests.js | 95 - install/ui/widget.js | 39 -- 5 files changed, 269 insertions(+), 187 deletions(-) diff --git a/install/ui/aci.js b/install/ui/aci.js index 67c2d5f87bd748ce793eb2428d1750ea3cd2d943..036731237ee8a0f3bd80957520e9ee9ca546bf21 100644 --- a/install/ui/aci.js +++ b/install/ui/aci.js @@ -24,7 +24,7 @@ /* REQUIRES: ipa.js, details.js, search.js, add.js, entity.js */ -IPA.attribute_table_widget = function(spec) { +IPA.attributes_widget = function(spec) { spec = spec || {}; @@ -35,38 +35,43 @@ IPA.attribute_table_widget = function(spec) { var id = spec.name; var dd_class = other; -that.create = function(container){ +that.create = function(container) { var dd = $('dd/', { 'class': dd_class }).appendTo(container); -var span = $('span/', { -name: 'attrs' -}).appendTo(dd); - that.table = $('table/', { id:id, -'class':'search-table aci-attribute-table'}). +'class':'search-table aci-attribute-table' +}). append('thead/'). -append($('tbody/')). -appendTo(span); +append('tbody/'). +appendTo(dd); var tr = $('tr/tr').appendTo($('thead', that.table)); -tr.append($('th/',{ +tr.append($('th/', { style:height:2em; vertical-align:bottom;, html:$('input/',{ type: checkbox, click: function(){ $('.aci-attribute'). attr('checked', $(this).attr('checked')); -}}) +}, +change: function() { +that.show_undo(); +} +}) })). append('th class=aci-attribute-columnAttribute/th'); + +if (that.undo) { +that.create_undo(dd); +} + if (that.object_type){ that.populate (that.object_type); } - }; that.load = function(record) { @@ -85,11 +90,11 @@ IPA.attribute_table_widget = function(spec) { that.update = function() { that.populate(that.object_type); -that.checkboxes_update(); that.append(); +that.checkboxes_update(); }; -that.populate = function(object_type){ +that.populate = function(object_type) { $('tbody tr', that.table).remove(); @@ -100,22 +105,21 @@ IPA.attribute_table_widget = function(spec) { var aciattrs = metadata.aciattrs; -var attr_per_col = 400; -var col_span = aciattrs.length / attr_per_col + 1; - var tbody = $('tbody', that.table); -var td; -for (var a = 0; a aciattrs.length ; a += 1){ -var value = aciattrs[a].toLowerCase(); -var aci_tr = $('tr/').appendTo(tbody); -td = $('td/').appendTo(aci_tr); +for (var i=0; iaciattrs.length ; i++){ +var value = aciattrs[i].toLowerCase(); +var aci_tr = $('tr/').appendTo(tbody); + +var td = $('td/').appendTo(aci_tr); td.append($('input/',{ type: 'checkbox', -id: 'aciattr-'+value, -name: 'attrs', +name: that.name, value: value, -'class': 'aci-attribute' +'class': 'aci-attribute', +change: function() { +that.show_undo(); +} })); td = $('td/').appendTo(aci_tr); td.append($('label/',{ @@ -130,14 +134,13 @@ IPA.attribute_table_widget = function(spec) { var unmatched = []; for (var i=0; ithat.values.length; i++) { -var cb = $('#aciattr-'+that.values[i]); -if (!cb.length){ +var input = $('input[name='+that.name+'][value='+that.values[i]+']', that.container); +if (!input.length) { unmatched.push(that.values[i]); } -cb.attr('checked',true); } -if (unmatched.length 0){ +if (unmatched.length 0) { var tbody = $('tbody', that.table); for (var j=0; junmatched.length; j++) { @@ -147,11 +150,12 @@ IPA.attribute_table_widget = function(spec) { var td = $('td/').appendTo(tr); td.append($('input/', { type: 'checkbox', -
Re: [Freeipa-devel] [PATCH] 699 fix city and state in framework
Rob Crittenden wrote: City and state in the user object were using the wrong LDAP attributes. I also added a unit test for address. This will cause the ui to display undefined for city and state, Adam said he'd take a look. ticket 889 rob With updated API.txt rob freeipa-rcrit-699-2-city.patch Description: application/mbox ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] Added undo for permission target.
On 02/02/2011 03:40 PM, Endi Sukma Dewata wrote: https://fedorahosted.org/freeipa/ticket/885 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK Pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 699 fix city and state in framework
On 02/02/2011 03:48 PM, Rob Crittenden wrote: Rob Crittenden wrote: City and state in the user object were using the wrong LDAP attributes. I also added a unit test for address. This will cause the ui to display undefined for city and state, Adam said he'd take a look. ticket 889 rob With updated API.txt rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ACK and pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] admiyo-0187-city-and-state
On 02/02/2011 04:53 PM, Adam Young wrote: requires freeipa-rcrit-699-2-city.patch ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Hadn't removed the broken custom widget From afce50a3e4cf0d5f7f264ba7b5b36dba8bc100b5 Mon Sep 17 00:00:00 2001 From: Adam Young ayo...@redhat.com Date: Wed, 2 Feb 2011 16:51:36 -0500 Subject: [PATCH] city and state using approapriate lcoality and state abbreviations for the attributes: l and st --- install/ui/user.js | 37 +++-- 1 files changed, 3 insertions(+), 34 deletions(-) diff --git a/install/ui/user.js b/install/ui/user.js index fcec05e2214770d903f947e1cf63b927a6adde02..4caa0aea6178e2d4e0f14f8068bc20d83d1f0509 100644 --- a/install/ui/user.js +++ b/install/ui/user.js @@ -72,8 +72,8 @@ IPA.entity_factories.user = function (){ section( IPA.stanza({label: IPA.messages.details.mailing}). input({name:'street'}). -input({name:'location'}). -input({name:'state', load:user_state_load}). +input({name:'l',label:'City'}). +input({name:'st',label:'State/Province'}). input({name:'postalcode'})). section( IPA.stanza({label:IPA.messages.details.employee}). @@ -227,39 +227,8 @@ function user_password_load(result) { }); link.appendTo(dd); -} +}; var select_temp = 'select title=st/select'; var option_temp = 'option value=VV/option'; -var states = [ -'AL', 'AK', 'AS', 'AZ', 'AR', 'CA', 'CO', 'CT', 'DE', 'DC', 'FM', -'FL', 'GA', 'GU', 'HI', 'ID', 'IL', 'IN', 'IA', 'KS', 'KY', 'LA', -'ME', 'MH', 'MD', 'MA', 'MI', 'MN', 'MS', 'MO', 'MT', 'NE', 'NV', -'NH', 'NJ', 'NM', 'NY', 'NC', 'ND', 'MP', 'OH', 'OK', 'OR', 'PW', -'PA', 'PR', 'RI', 'SC', 'SD', 'TN', 'TX', 'UT', 'VT', 'VI', 'VA', -'WA', 'WV', 'WI', 'WY', '' -]; -function user_state_load(result) { -var that = this; - -$('dd', that.container).remove(); - -//var next = dt.next(); -//next.css('clear', 'none'); -//next.css('width', '70px'); - -var dd = IPA.create_first_dd(this.name); -dd.append(select_temp); -dd.appendTo(that.container); - -var sel = dd.children().first(); -for (var i = 0; i states.length; ++i) -sel.append(option_temp.replace(/V/g, states[i])); - -var st = result['st']; -if (st) -sel.val(st); -else -sel.val(''); -} -- 1.7.3.5 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] admiyo-0187-city-and-state
On 02/02/2011 05:03 PM, Rob Crittenden wrote: Adam Young wrote: On 02/02/2011 04:53 PM, Adam Young wrote: requires freeipa-rcrit-699-2-city.patch ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel Hadn't removed the broken custom widget ack Pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
[Freeipa-devel] [PATCH] 049 Make nsslib IPv6 aware
Hi, attached is a patch to nsslib.py that changes its semantics so it is able to work with different address families. It is the last piece of IPv6 support. Aside from the hunks in the patch, I still need to set Requires: in the patch (don't know the exact version yet). Also, the attached patch always tries IPv4 first and only falls back to IPv6. I think there should be a config option that tells IPA to prefer one of the address families or use it exclusively for performance reasons. Please note that the patch requires the latest changes to python-nss in order to work correctly. Since John is still working on python-nss packages, this patch should be treated as a preview and not pushed even if it is deemed OK. At this stage, I'd like to get at least the general approach and code reviewed so I can fix it tomorrow. Thank you, Jakub From 4b85251c303e8519939b702254ee0def932f8ed6 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek jhro...@redhat.com Date: Wed, 2 Feb 2011 13:57:16 +0100 Subject: [PATCH] Make nsslib IPv6 aware --- ipapython/nsslib.py | 89 +- 1 files changed, 73 insertions(+), 16 deletions(-) diff --git a/ipapython/nsslib.py b/ipapython/nsslib.py index 129f1a0..7abbcf0 100644 --- a/ipapython/nsslib.py +++ b/ipapython/nsslib.py @@ -21,12 +21,14 @@ import sys import httplib import getpass +import socket import logging from nss.error import NSPRError import nss.io as io import nss.nss as nss import nss.ssl as ssl +import nss.error as error def auth_certificate_callback(sock, check_sig, is_server, certdb): cert_is_valid = False @@ -113,11 +115,65 @@ def client_auth_data_callback(ca_names, chosen_nickname, password, certdb): return False return False -class NSSConnection(httplib.HTTPConnection): +class NSSAddressFamilyFallback(object): +def __init__(self, family): +self.sock_family = family +self.family = self._get_nss_family(self.sock_family) + +def _get_nss_family(self, sock_family): + +Translate a family from python socket module to nss family. + +if sock_family in [ socket.AF_INET, socket.AF_UNSPEC ]: +return io.PR_AF_INET +elif sock_family == socket.AF_INET6: +return io.PR_AF_INET6 +else: +raise ValueError('Uknown socket family %d\n', sock_family) + +def _get_next_family(self): +if self.sock_family == socket.AF_UNSPEC and \ + self.family == io.PR_AF_INET: +return io.PR_AF_INET6 + +return None + +def _connect_socket_family(self, host, port, family): +logging.debug(connect_socket_family: host=%s port=%s family=%s, + host, port, io.addr_family_name(family)) +try: + net_addr = io.NetworkAddress(host, port, family) +except ValueError, e: + raise NSPRError(error.PR_ADDRESS_NOT_SUPPORTED_ERROR, e.message) +logging.debug(connect: %s, net_addr) +self.sock.connect(net_addr, family) + +def _create_socket(self): +self.sock = io.Socket(family=self.family) + +def connect_socket(self, host, port): +try: +self._connect_socket_family(host, port, self.family) +except NSPRError, e: +if e.errno == error.PR_ADDRESS_NOT_SUPPORTED_ERROR: +next_family = self._get_next_family() +if next_family: +self.family = next_family +self._create_socket() +self._connect_socket_family(host, port, self.family) +else: +logging.debug('No next family to try..') +raise e +else: +raise e + +class NSSConnection(httplib.HTTPConnection, NSSAddressFamilyFallback): default_port = httplib.HTTPSConnection.default_port -def __init__(self, host, port=None, strict=None, dbdir=None): +def __init__(self, host, port=None, strict=None, + dbdir=None, family=socket.AF_UNSPEC): httplib.HTTPConnection.__init__(self, host, port, strict) +NSSAddressFamilyFallback.__init__(self, family) if not dbdir: raise RuntimeError(dbdir is required) @@ -130,10 +186,12 @@ class NSSConnection(httplib.HTTPConnection): nss.nss_init(dbdir) ssl.set_domestic_policy() nss.set_password_callback(self.password_callback) +self._create_socket() +def _create_socket(self): # Create the socket here so we can do things like let the caller # override the NSS callbacks -self.sock = ssl.SSLSocket() +self.sock = ssl.SSLSocket(family=self.family) self.sock.set_ssl_option(ssl.SSL_SECURITY, True) self.sock.set_ssl_option(ssl.SSL_HANDSHAKE_AS_CLIENT, True) @@ -142,7 +200,8 @@ class NSSConnection(httplib.HTTPConnection): # Provide a callback to verify the servers