Rob Crittenden rcrit...@redhat.com wrote:
Handle bad DM password in ipa-host-net-manage ipa-copmat-manage.
This was resulting in a traceback because while conn was not None it
wasn't connected either.
ticket 920
rob
ack
jan
___
Hi,
I'd like to propose this cleanup patch. I just noticed that the code in these
two files is most likely not used any more (at least I didn't find a place
where
it is used).
What do you think? Is it safe to throw it out? Or are there some places which
are still using it? I'd be more than
Rob Crittenden rcrit...@redhat.com wrote:
Yi found a tricky way to remove required attributes that aren't required
in the schema. The problem was we weren't enforcing parameter.required
in mods (because it was enforcing that every variable with required be
provided).
I added a new check
Jan Zelený jzel...@redhat.com wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Yi found a tricky way to remove required attributes that aren't required
in the schema. The problem was we weren't enforcing parameter.required
in mods (because it was enforcing that every variable with required
Jakub Hrozek jhro...@redhat.com wrote:
https://fedorahosted.org/freeipa/ticket/923
Patch looks good. I'm running some test. Unless they fail, ACK
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Rob Crittenden rcrit...@redhat.com wrote:
Move a bunch of utilities that really only make sense to be run on the
server from the admintools package to the server package.
ticket 947
rob
ack
Jan
___
Freeipa-devel mailing list
Rob Crittenden rcrit...@redhat.com wrote:
Add permission and privilege for updating the IPA configuration in
cn=ipaconfig.
ticket 950
rob
I'm not quite sure how does the patch work. In particular, I wonder about
these two blocks:
+dn: cn=Write IPA
Rob Crittenden rcrit...@redhat.com wrote:
Ignore case when removing members from a group.
ticket 944
rob
ack
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Martin Kosek mko...@redhat.com wrote:
On Mon, 2011-02-14 at 14:37 +0100, Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Add permission and privilege for updating the IPA configuration in
cn=ipaconfig.
ticket 950
rob
I'm not quite sure how does the patch
Adam Young wrote:
On 02/11/2011 10:37 AM, Rob Crittenden wrote:
Jakub Hrozek wrote:
On Thu, Feb 10, 2011 at 01:39:40PM -0500, Rob Crittenden wrote:
The kw could contain another exception which was blowing up the
marshalling. It doesn't seem to be used anywhere and contains
information we've
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Add permission and privilege for updating the IPA configuration in
cn=ipaconfig.
ticket 950
rob
I'm not quite sure how does the patch work. In particular, I wonder about
these two blocks:
+dn: cn=Write IPA
During the ipa-client-install, when prompted for the principal password, it is
possible to start typing and have the password echoed back.
This patch corrects this behavior and addresses bug #959
https://fedorahosted.org/freeipa/ticket/959
binegPaWpIOK0.bin
Description:
Jan Zelený wrote:
Jan Zelenýjzel...@redhat.com wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Yi found a tricky way to remove required attributes that aren't required
in the schema. The problem was we weren't enforcing parameter.required
in mods (because it was enforcing that every variable
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Handle bad DM password in ipa-host-net-manage ipa-copmat-manage.
This was resulting in a traceback because while conn was not None it
wasn't connected either.
ticket 920
rob
ack
jan
pushed to master
On 02/12/2011 03:45 PM, Jakub Hrozek wrote:
I couldn't reproduce the traceback, but the code shows where the error
most probably is.
http://fedorahosted.org/freeipa/ticket/956
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Rob Crittenden wrote:
Jan Zelený wrote:
Jan Zelenýjzel...@redhat.com wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Yi found a tricky way to remove required attributes that aren't
required
in the schema. The problem was we weren't enforcing parameter.required
in mods (because it was
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Ignore case when removing members from a group.
ticket 944
rob
ack
Jan
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Move a bunch of utilities that really only make sense to be run on the
server from the admintools package to the server package.
ticket 947
rob
ack
Jan
pushed to master
___
Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
On Mon, 2011-02-14 at 14:37 +0100, Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Add permission and privilege for updating the IPA configuration in
cn=ipaconfig.
ticket 950
rob
I'm not quite sure how does the patch
JR Aquino wrote:
On 2/11/11 2:26 PM, Rob Crittendenrcrit...@redhat.com wrote:
If neither verbose nor debug were set (and they aren't by default) then
we logged absolutely nothing about framework requests. This adds a
default of who, what, result in the Apache error log.
This is a first-step
Jakub Hrozek wrote:
On Fri, Feb 04, 2011 at 03:20:55PM +0100, Martin Kosek wrote:
This patch fixes the default domain functionality for user email(s).
This setting may be configured via:
ipa config-mod --emaildomain=example.com
Then, when user is added/modified and --mail option is passed,
Jakub Hrozek wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/07/2011 10:54 AM, Jan Zelený wrote:
Jakub Hrozekjhro...@redhat.com wrote:
On Wed, Feb 02, 2011 at 08:54:47AM +0100, Jan Zelený wrote:
At Rob's suggestion I changed the argument type in class help, this is
only oneliner,
Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
On Mon, 2011-02-07 at 10:38 +0100, Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
This patch adds a proper summary text to HBAC command which is
then printed out in CLI. Now, HBAC plugin output is consistent
with other plugins.
Endi Sukma Dewata wrote:
The realm name is necessary to create the correct service.
This was fixed by ticket 941, right?
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Jakub Hrozek wrote:
On Wed, Feb 09, 2011 at 01:53:00PM -0500, Rob Crittenden wrote:
At least in my xterm the prompt for Do you want to proceed and
configure the system with fixed values with no DNS discovery? wraps
around over itself.
This patch shortens the message.
ticket 940
rob
Ack
I
Jakub Hrozek wrote:
https://fedorahosted.org/freeipa/ticket/957
ack, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Remove certificate as service a search option. There is no point on
searching on binary objects.
ticket 912
rob
ack
Jan
I pushed this to master last week.
___
Freeipa-devel mailing
Pavel Zuna wrote:
On 02/08/2011 01:06 PM, Pavel Zuna wrote:
The patch also corrects exception handling in some of the tools.
Fix #874
Pavel
Updated patch attached. Forgot to rename an identifier in exception
handling.
Pavel
This isn't applying cleanly to master, can you rebase it?
rob
On 2/10/11 2:42 AM, Pavel Zuna pz...@redhat.com wrote:
On 02/08/2011 01:06 PM, Pavel Zuna wrote:
The patch also corrects exception handling in some of the tools.
Fix #874
Pavel
Updated patch attached. Forgot to rename an identifier in exception
handling.
Pavel
Pavel Zuna wrote:
On 02/01/2011 11:36 PM, Rob Crittenden wrote:
Pavel mentioned this morning that translations didn't seem to be
working. I remembered that I did some things on the cli so I re-tested.
Turned out that exceptions aren't being translated.
I'm not at all sure this patch does the
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Jan Zelený wrote:
Jan Zelenýjzel...@redhat.com wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.comwrote:
Jan Zelený wrote:
Recent change of DNS module to version caused that
Nalin Dahyabhai wrote:
The group.upg NIS map was an experiment in providing UPG groups
dynamically, and is not one of the maps that I'd ever expect a NIS
client to know to search. We should probably just drop it.
---
install/share/nis.uldif | 12
1 files changed, 0
Martin Kosek wrote:
On Fri, 2011-02-04 at 09:05 +0100, Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
When v2 IPA client is trying to join an IPA v1 server
a strange exception is printed out to the user. This patch
detects this by catching an XML-RPC error reported by ipa-join
binary
On Thu, Feb 10, 2011 at 10:27:43PM -0500, Rob Crittenden wrote:
Rob Crittenden wrote:
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:
If /etc/krb5.conf doesn't exist or contains no default kerberos
realm then 389-ds won't start at all. This is a problem
On 2/11/2011 8:21 PM, Adam Young wrote:
ACK and pushed to master.
--
Endi S. Dewata
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Simo Sorce wrote:
Fixes ticket #937
Simo.
ack, pushed to master
rob
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
On Fri, Feb 11, 2011 at 01:34:39PM -0500, Rob Crittenden wrote:
Add a replace verb to ipa-ldap-updater so an existing value can be
replaced, but only if the value matches the old value in the update.
This would be used for us to replace default values that the
end-user hasn't already
Simo Sorce wrote:
We weren't setting the kerberos metadata when modifying userPassword
for a kerberos enabled record.
Fixes #949
Simo.
ack, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Jakub Hrozek wrote:
On Fri, Feb 11, 2011 at 01:34:39PM -0500, Rob Crittenden wrote:
Add a replace verb to ipa-ldap-updater so an existing value can be
replaced, but only if the value matches the old value in the update.
This would be used for us to replace default values that the
end-user
Jakub Hrozek wrote:
On Thu, Feb 10, 2011 at 10:27:43PM -0500, Rob Crittenden wrote:
Rob Crittenden wrote:
Jakub Hrozek wrote:
On Tue, Feb 08, 2011 at 10:12:27AM -0500, Rob Crittenden wrote:
If /etc/krb5.conf doesn't exist or contains no default kerberos
realm then 389-ds won't start at all.
On Mon, 2011-02-14 at 12:00 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-02-04 at 09:05 +0100, Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
When v2 IPA client is trying to join an IPA v1 server
a strange exception is printed out to the user. This patch
Jakub Hrozek wrote:
Simo did a nice writeup of the changes in
https://fedorahosted.org/freeipa/ticket/931
ack.
Simo also acked this in irc.
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Jan Zeleny wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Rob Crittenden wrote:
Jan Zelený wrote:
Jan Zelenýjzel...@redhat.com wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Yi found a tricky way to remove required attributes that aren't
required
in the schema. The problem was we
Jan Zelený wrote:
Jakub Hrozekjhro...@redhat.com wrote:
https://fedorahosted.org/freeipa/ticket/923
Patch looks good. I'm running some test. Unless they fail, ACK
Jan
pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Jakub Hrozek jhro...@redhat.com wrote:
https://fedorahosted.org/freeipa/ticket/932
ack
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Martin Kosek wrote:
On Mon, 2011-02-14 at 12:00 -0500, Rob Crittenden wrote:
Martin Kosek wrote:
On Fri, 2011-02-04 at 09:05 +0100, Jan Zelený wrote:
Martin Kosekmko...@redhat.com wrote:
When v2 IPA client is trying to join an IPA v1 server
a strange exception is printed out to the user.
JR Aquino wrote:
During the ipa-client-install, when prompted for the principal password, it is
possible to start typing and have the password echoed back.
This patch corrects this behavior and addresses bug #959
https://fedorahosted.org/freeipa/ticket/959
It works well if you provide a
Patch 16-1 submitted to exit if no password is given.
On 2/14/11 12:06 PM, Rob Crittenden rcrit...@redhat.com wrote:
JR Aquino wrote:
During the ipa-client-install, when prompted for the principal
password, it is possible to start typing and have the password echoed
back.
This patch corrects
JR Aquino wrote:
Patch 16-1 submitted to exit if no password is given.
On 2/14/11 12:06 PM, Rob Crittendenrcrit...@redhat.com wrote:
JR Aquino wrote:
During the ipa-client-install, when prompted for the principal
password, it is possible to start typing and have the password echoed
back.
On 02/12/2011 12:13 AM, Rob Crittenden wrote:
The --out option wasn't working at all with cert-show.
Also fix some related problems in write_certificate(), handle either a
DER or base64-formatted incoming certificate and don't explode if the
filename is None.
ticket 954
rob
--out now works
host.py was missing an import for netaddr. Pushed under the 1-liner rule.
ticket 964
rob
freeipa-rcrit-722-netaddr.patch
Description: application/mbox
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
Jakub Hrozek wrote:
On 02/12/2011 12:13 AM, Rob Crittenden wrote:
The --out option wasn't working at all with cert-show.
Also fix some related problems in write_certificate(), handle either a
DER or base64-formatted incoming certificate and don't explode if the
filename is None.
ticket 954
Pushed under a liberal view of the 1-liner rule.
ipa-replica-prepare was failing due to a unicode problem creating the
DNS entries. This is the first one-liner.
The second related to pre-generating the server certificates for dogtag.
It was failing in python-nss when trying to shut down the
To all freeipa-interest, freeipa-users and freeipa-devel list members,
The FreeIPA project team is pleased to announce the availability of the
Release Candidate 1 release of freeIPA 2.0 server [1].
* Binaries are available for F-14 and F-15 [2].
* Please do not hesitate to share feedback,
54 matches
Mail list logo