URL: https://github.com/freeipa/freeipa/pull/833
Title: #833: Fixes traceback in log and corrects console output
felipevolpone commented:
"""
@Tiboris if I understood @HonzaCholasta correctly, the fix should be done in
[trustdomain_find
command](https://github.com/freeipa/freeipa/blob/master/i
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
abbra commented:
"""
@martbab, definitely `authconfig` in fc25 is too old for this. On F26 I have
version 7.0.1-1. It does announce support for SSSD smartcard enable
URL: https://github.com/freeipa/freeipa/pull/701
Title: #701: ipa help doesn't always work
neffs commented:
"""
@martbab I pushed this additional change but pylint still reports this error
which is clearly wrong because the line is only executed if it is an instance
of bytes. Could you please
URL: https://github.com/freeipa/freeipa/pull/701
Author: neffs
Title: #701: ipa help doesn't always work
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/701/head:pr701
git checkout pr701
From a806f26fca0eb1
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
Also I get the following error when running authconfig:
```console
authconfig: Authentication module /lib64/security/pam_pkcs11.so is missing.
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
abbra commented:
"""
Note that "directly" may actually mean using a virtualized remote smart card
access which is provided via virtualized USB pass-through done by y
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
abbra commented:
"""
@martbab, this actually makes full sense -- if you want to increase the
security of your IPA masters, you might force using smart cards only to
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
@flo regarding enabling Smart Card login ( add PKCS#11 module, configure SSSD
and such), do we really need to setup this on server? I do not e
URL: https://github.com/freeipa/freeipa/pull/849
Title: #849: session_storage: Correctly handle string/byte types
Label: +pushed
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@
URL: https://github.com/freeipa/freeipa/pull/849
Author: stlaz
Title: #849: session_storage: Correctly handle string/byte types
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/849/head:pr849
git checkout pr849
__
URL: https://github.com/freeipa/freeipa/pull/849
Title: #849: session_storage: Correctly handle string/byte types
martbab commented:
"""
master:
* d665224a85610cccbe7d291e9ed41d2ce7e5b61c session_storage: Correctly handle
string/byte types
"""
See the full comment at
https://github.com/fre
URL: https://github.com/freeipa/freeipa/pull/840
Author: Tiboris
Title: #840: Add Role 'Enrollment Administrator'
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/840/head:pr840
git checkout pr840
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
martbab commented:
"""
master:
* 468eb3c712140399ed2ec346ff4356bffd590e09 Add Role 'Enrollment Administrator'
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/840#issuecommen
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Label: +pushed
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahost
URL: https://github.com/freeipa/freeipa/pull/838
Title: #838: Explicitly ask for py2 dependencies in py2 packages
martbab commented:
"""
master:
* a2147de6e2eb217163d6f106d3220c7b1e7570b5 Explicitly ask for py2 dependencies
in py2 packages
"""
See the full comment at
https://github.com/fre
URL: https://github.com/freeipa/freeipa/pull/838
Author: MartinBasti
Title: #838: Explicitly ask for py2 dependencies in py2 packages
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/838/head:pr838
git checkout pr
URL: https://github.com/freeipa/freeipa/pull/838
Title: #838: Explicitly ask for py2 dependencies in py2 packages
Label: +pushed
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@
URL: https://github.com/freeipa/freeipa/pull/838
Title: #838: Explicitly ask for py2 dependencies in py2 packages
Label: +ack
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lis
URL: https://github.com/freeipa/freeipa/pull/838
Title: #838: Explicitly ask for py2 dependencies in py2 packages
MartinBasti commented:
"""
Resolved
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/838#issuecomment-307393128
___
F
URL: https://github.com/freeipa/freeipa/pull/838
Author: MartinBasti
Title: #838: Explicitly ask for py2 dependencies in py2 packages
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/838/head:pr838
git check
URL: https://github.com/freeipa/freeipa/pull/864
Title: #864: Create indexes for 'serverhostname' attribute
pvoborni commented:
"""
Hi, why did you choose this implementation for the fix? Were removal/changes in
host.get_dn() method considered?
"""
See the full comment at
https://github.com/
URL: https://github.com/freeipa/freeipa/pull/838
Title: #838: Explicitly ask for py2 dependencies in py2 packages
stlaz commented:
"""
Please resolve conflicts. Otherwise LGTM + works on F26
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/838#issuecomment-307380751
URL: https://github.com/freeipa/freeipa/pull/865
Author: tomaskrizek
Title: #865: ipatests: do not collect systemd journal when logfile_dir is
missing
Action: edited
Changed field: body
Original value:
"""
If logs aren't collected to logfile_dir, skip collection of systemd
journal.
Signed-o
URL: https://github.com/freeipa/freeipa/pull/865
Author: tomaskrizek
Title: #865: ipatests: do not collect systemd journal when logfile_dir is
missing
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/865/he
URL: https://github.com/freeipa/freeipa/pull/865
Author: tomaskrizek
Title: #865: ipatests: do not collect systemd journal when logfile_dir is
missing
Action: opened
PR body:
"""
If logs aren't collected to logfile_dir, skip collection of systemd
journal.
Signed-off-by: Tomas Krizek
"""
To
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Label: +ack
___
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
abbra commented:
"""
Got it. Thanks.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/840#issuecomment-307369453
___
FreeIPA-devel ma
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
@flo ah sorry I missed that. I will incorporate it into advise then.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/854#
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Tiboris commented:
"""
I think adding 'Host Enrollment' privilege to 'IT Specialists' is not necessary
because the 'IT Specialists' role has already a 'Host Administrators'
privilege assigned an
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Tiboris commented:
"""
I think adding 'Host Enrollment' privilege to 'IT Specialists' is not necessary
because the 'IT Specialists' role has already a 'Host Administrators'
privilege assigned an
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
flo-renaud commented:
"""
Hi @martbab
I think @abbra was referring to this
[section](https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/h
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Tiboris commented:
"""
On it.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/840#issuecomment-307358845
___
FreeIPA-devel mailing l
URL: https://github.com/freeipa/freeipa/pull/864
Author: Tiboris
Title: #864: Create indexes for 'serverhostname' attribute
Action: opened
PR body:
"""
IPA installation with large number of host entries gets timeout
when invoking ipaserver.plugins.host.get_dn() method.
Resolves: https://pagur
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
That section[1] only instructs to configure `pam_cert_auth=true` in the SSSD's
`pam` section which is already done on both server and client,
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
abbra commented:
"""
The patch works but we also agreed to add 'Host Enrollment' privilege to 'IT
Specialists'. Please add this as a separate commit mentioning the same ticket.
"""
See the full co
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
abbra commented:
"""
It is all documented in
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7-Beta/html/Linux_Domain_Identity_Authentication_
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
@abbra thanks for review. Is `pam_pkcs11` removal necessary for client? Also
what option does the recipe need to pass to `authconfig` to prope
On Fri, Jun 09, 2017 at 10:25:34AM +0200, Martin Bašti wrote:
>
>
> On 09.06.2017 05:46, Fraser Tweedale via FreeIPA-devel wrote:
> > On Thu, Jun 08, 2017 at 05:13:43PM +0200, Martin Bašti wrote:
> > >
> > > On 08.06.2017 09:08, Martin Bašti via FreeIPA-devel wrote:
> > > >
> > > > On 08.06.201
URL: https://github.com/freeipa/freeipa/pull/859
Author: frasertweedale
Title: #859: Add CommonNameToSANDefault to default cert profile
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/859/head:pr859
git che
URL: https://github.com/freeipa/freeipa/pull/863
Author: frasertweedale
Title: #863: [ipa-4-5] Add CommonNameToSANDefault to default cert profile
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/863/head:pr8
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
abbra commented:
"""
LGTM.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/840#issuecomment-307343158
___
FreeIPA-devel mailing list
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
abbra commented:
"""
Thanks. Comments so far:
* client configuration does not make sure to ask for a removal of `pam_pkcs11`
package
* client configuration does not
On 09.06.2017 05:46, Fraser Tweedale via FreeIPA-devel wrote:
On Thu, Jun 08, 2017 at 05:13:43PM +0200, Martin Bašti wrote:
On 08.06.2017 09:08, Martin Bašti via FreeIPA-devel wrote:
On 08.06.2017 02:43, Fraser Tweedale via FreeIPA-devel wrote:
My PR https://github.com/freeipa/freeipa/pull
URL: https://github.com/freeipa/freeipa/pull/854
Title: #854: server-side and client-side advises for configuring smart card auth
martbab commented:
"""
@flo @abbra I have rebased PR and included also a recipe for client
configuration for the sake of completeness.
"""
See the full comment at
URL: https://github.com/freeipa/freeipa/pull/854
Author: martbab
Title: #854: server-side and client-side advises for configuring smart card
auth
Action: edited
Changed field: body
Original value:
"""
This advise plugin generates a script which configures all the components
required for succ
URL: https://github.com/freeipa/freeipa/pull/854
Author: martbab
Title: #854: server-side and client-side advises for configuring smart card
auth
Action: edited
Changed field: title
Original value:
"""
RFC: server-side smart card auth advise plugin
"""
__
URL: https://github.com/freeipa/freeipa/pull/854
Author: martbab
Title: #854: RFC: server-side smart card auth advise plugin
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/854/head:pr854
git checkout pr854
URL: https://github.com/freeipa/freeipa/pull/840
Title: #840: Add Role 'Enrollment Administrator'
Tiboris commented:
"""
Thanks, changed.
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/840#issuecomment-307324655
___
FreeIPA-devel
URL: https://github.com/freeipa/freeipa/pull/840
Author: Tiboris
Title: #840: Add Role 'Enrollment Administrator'
Action: edited
Changed field: body
Original value:
"""
User with the 'Client Administrator' role assigned to is
able to enroll host against a FreeIPA server as a client
using the
URL: https://github.com/freeipa/freeipa/pull/840
Author: Tiboris
Title: #840: Add Role 'Enrollment Administrator'
Action: synchronized
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/840/head:pr840
git checkout pr840
From 58dcb
URL: https://github.com/freeipa/freeipa/pull/840
Author: Tiboris
Title: #840: Add Role 'Enrollment Administrator'
Action: edited
Changed field: title
Original value:
"""
Add Role 'Client Administrator'
"""
___
FreeIPA-devel mailing list -- freeipa-
51 matches
Mail list logo