[Freeipa-users] firewalld management
Hi, FreeIPA is great! One thing I'm missing though is management of firewalld services and ports. Is that something that would fit in FreeIPA? Currently we are using puppet scripts through katello/the foreman, but as this is very error prone we'd like to have it centrally managed a different way. The firewall rules are very essential IMHO and I thought the whole point of firewalld is to have make it more manageable... I already asked the katello guys but they don't appear very interested in implementing something there, then I started thinking it would maybe fit a lot better in freeIPA as it has more overlap with the other network/authentication stuff. It would be wasteful to have another project just for firewalld management. Happy new year everybody! Jorick Met vriendelijke groet, With kind regards, Jorick Astrego Netbulae Virtualization Experts Tel: 053 20 30 270 i...@netbulae.euStaalsteden 4-3A KvK 08198180 Fax: 053 20 30 271 www.netbulae.eu 7547 TA Enschede BTW NL821234584B01 -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
Re: [Freeipa-users] Postponing IPA 3 upgrade
On 02/12/2013 08:30 AM, Christian Horn wrote: On Mon, Feb 11, 2013 at 09:05:40PM +, Steven Jones wrote: Personally Im very worried, 6.2 to 6.3 went badly and this looks like a bigger upgrade I might miss something.. but cant one create a "throw away replica" of the old environment, use that then separatedly and try out the upgrade with it? Christian He could if he has spare hardware laying around. Or if he is running it virtulized you could clone the vm easily and test it on a virtual network not connected to the rest. But if you read Rashard's post correctly, he is afraid of yum automatically updating freeIPA and breaking it. @ Rashard You should not be letting yum update automatically but use Katello, Red Hat Network Satellite or Spacewalk to install updates. Still I would like to know the same. Some other projects use version dependant repo's so you can choose to switch by changing repo, others put the version number in the package name. -- Kind Regards, Jorick Astrego Netbulae B.V. Site: http://www.netbulae.eu ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] CRITICAL Failed to load upload-cacert.ldif
Hi, Running the installer of the latest stable on a fresh Fedora 18, I get the following error during install: [30/36]: Upload CA cert to the directory ipa : CRITICAL Failed to load upload-cacert.ldif: Command '/usr/bin/ldapmodify -v -f /tmp/tmpLFZEuz -H ldap://..:389 -x -D cn=Directory Manager -y /tmp/tmpYzjl4P' returned non-zero exit status 247 [31/36]: initializing group membership -- Kind regards, Jorick Astrego Netbulae B.V. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
