On Thu, Sep 22, 2011 at 08:25:01AM +0200, Jan Cholasta wrote:
> On 21.9.2011 23:55, Dmitri Pal wrote:
> >On 09/21/2011 10:27 AM, Adam Young wrote:
> >>On 09/20/2011 11:11 AM, Martin Kosek wrote:
> >>>On Tue, 2011-09-20 at 10:02 -0400, Adam Young wrote:
> This discussion got me thinking, always
On 09/16/2011 07:16 PM, Endi Sukma Dewata wrote:
The service type field in the service adder dialog has been modified
to use an editable combobox.
Ticket #1633.
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/l
On 21.9.2011 21:31, Rob Crittenden wrote:
Jan Cholasta wrote:
On 25.8.2011 18:21, Jan Cholasta wrote:
What this patch does:
* Make sure arguments are validated and default values are filled in
before calling a command.
* Add new parameter flag "validate_search" to force validation on search
ar
On 09/21/2011 10:10 PM, Endi Sukma Dewata wrote:
> On 9/21/2011 6:50 AM, Petr Vobornik wrote:
>
> Fixed. The dialog fields don't need undo, so the text() needs to be
> overridden to disable undo. This can be improved again later.
The override isn't necessary because it wasn't there before and all
On Wed, 2011-09-21 at 10:29 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > The replication plugin is no longer shipped as a separate package.
> > Remove the code checking its existence.
> >
> > https://fedorahosted.org/freeipa/ticket/1815
>
> ACK
>
Pushed to master, ipa-2-1.
Martin
___
On Wed, 2011-09-21 at 15:31 -0400, Rob Crittenden wrote:
> Jan Cholasta wrote:
> > On 25.8.2011 18:21, Jan Cholasta wrote:
> >> What this patch does:
> >>
> >> * Make sure arguments are validated and default values are filled in
> >> before calling a command.
> >> * Add new parameter flag "validate
On 09/17/2011 12:18 AM, Endi Sukma Dewata wrote:
The details facet for DNS zone has been modified to use dnszone-
enable/disable for idnszoneactive and dnszone-mod for other fields.
Ticket #1813
___
Freeipa-devel mailing list
Freeipa-devel@redhat.co
On 22.9.2011 13:27, Martin Kosek wrote:
On Wed, 2011-09-21 at 15:31 -0400, Rob Crittenden wrote:
Jan Cholasta wrote:
On 25.8.2011 18:21, Jan Cholasta wrote:
What this patch does:
* Make sure arguments are validated and default values are filled in
before calling a command.
* Add new parameter
On Wed, 2011-09-21 at 11:22 +0200, Martin Kosek wrote:
> On Tue, 2011-09-20 at 11:22 -0500, Endi Sukma Dewata wrote:
> > On 9/20/2011 6:15 AM, Martin Kosek wrote:
> > >>> ACK. Proposal looks like it will work fairly easily with the UI.
> > >>> We'll have to make some chagnes due to the Add doing s
Martin Kosek wrote:
On Wed, 2011-09-21 at 11:22 +0200, Martin Kosek wrote:
On Tue, 2011-09-20 at 11:22 -0500, Endi Sukma Dewata wrote:
On 9/20/2011 6:15 AM, Martin Kosek wrote:
ACK. Proposal looks like it will work fairly easily with the UI.
We'll have to make some chagnes due to the Add doin
On 09/21/2011 10:07 PM, Stephen Gallagher wrote:
I've ben working on the multiple search base feature in SSSD and I've
had some thoughts that might be relevant to the FreeIPA v3 core
effort. The idea behind multiple search bases is fairly simple;
instead of simply checking one subtree for user or
Martin Kosek wrote:
Fix get_url_list() so that the configured master server is there
just once. This fix lets /usr/bin/ipa try connecting to all IPA
masters just once and not print confusing server list with
dupled master.
https://fedorahosted.org/freeipa/ticket/1817
ACK
_
On Thu, 2011-09-22 at 09:05 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > Fix get_url_list() so that the configured master server is there
> > just once. This fix lets /usr/bin/ipa try connecting to all IPA
> > masters just once and not print confusing server list with
> > dupled master.
>
Simo Sorce wrote:
While investigating ticket 1808 Rob found this issue.
Patch attached.
Fixes: https://fedorahosted.org/freeipa/ticket/1812
Tested and solves the problem here.
Simo.
ack, pushed to master and ipa-2-1
rob
___
Freeipa-devel mailing
On Thu, 2011-09-22 at 09:04 -0400, John Dennis wrote:
> On 09/21/2011 10:07 PM, Stephen Gallagher wrote:
> > I've ben working on the multiple search base feature in SSSD and I've
> > had some thoughts that might be relevant to the FreeIPA v3 core
> > effort. The idea behind multiple search bases is
On Wed, 2011-09-21 at 10:28 -0400, Rob Crittenden wrote:
> Marko Myllynen wrote:
> > Hi,
> >
> >>> stdint.h must be included for uintptr_t at least on Ubuntu Oneiric,
> >>> without it ipa-client compilation fails.
> >>
> >> There is an ipa-client make target that should make things somewhat
> >> ea
On Wed, 2011-09-21 at 10:47 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Fri, 2011-09-16 at 10:16 -0400, Rob Crittenden wrote:
> >> Rob Crittenden wrote:
> >>> Normalize and validate user principals in user and passwd plugins. The
> >>> uid in the principal should be lower-case.
> >>>
Simo Sorce wrote:
Although we were properly checking that the user successfully
authenticated (either through a password bind or a GSSAPI bind) we were
not enforcing the requirement to provide us with the old password, and
this is better security hygiene.
Fixes: https://fedorahosted.org/freeipa/
Obfuscate the one-time password in the client installer log.
rob
>From e454f840460b6703d8327a235844adcbc310f48d Mon Sep 17 00:00:00 2001
From: Rob Crittenden
Date: Thu, 22 Sep 2011 11:52:58 -0400
Subject: [PATCH] Don't log one-time password in logs when configuring client.
https://fedorahosted.
On 09/20/2011 02:19 AM, Endi Sukma Dewata wrote:
The IPA.association_adder_dialog has been modified to use an exclusion
list to hide entries that are already enrolled.
The IPA.adder_dialog has been modified to store the columns directly
in the available & selected tables.
Ticket #1797
__
Hi,
If /tmp happens to be empty os.removedirs() happily removes it...
Seen on Ubuntu Oneiric.
Cheers,
--
Marko Myllynen
>From 296dd30279503c2f6891cf5916a1a6e56c9512d4 Mon Sep 17 00:00:00 2001
From: Marko Myllynen
Date: Thu, 22 Sep 2011 19:41:50 +0300
Subject: [PATCH] Don't remove /tmp when re
Marko Myllynen wrote:
Hi,
If /tmp happens to be empty os.removedirs() happily removes it...
Seen on Ubuntu Oneiric.
Cheers,
https://fedorahosted.org/freeipa/ticket/1843
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.co
On 9/22/2011 11:14 AM, Petr Vobornik wrote:
On 09/20/2011 02:19 AM, Endi Sukma Dewata wrote:
The IPA.association_adder_dialog has been modified to use an exclusion
list to hide entries that are already enrolled.
The IPA.adder_dialog has been modified to store the columns directly
in the availab
On 9/22/2011 6:59 AM, Petr Vobornik wrote:
On 09/17/2011 12:18 AM, Endi Sukma Dewata wrote:
The details facet for DNS zone has been modified to use dnszone-
enable/disable for idnszoneactive and dnszone-mod for other fields.
Ticket #1813
ACK
Pushed to master and ipa-2-1.
Btw it doesn't ma
Rob Crittenden wrote:
Rob Crittenden wrote:
Alexander Bokovoy wrote:
On Tue, 13 Sep 2011, Jan Cholasta wrote:
What about IDN hosts? With this change we would require them to be
always in Punycode?
Oh, hadn't considered that, I was just following the relevent RFCs. Is
there a way we can easi
On 9/22/2011 7:24 AM, Martin Kosek wrote:
2) Some DNS records may be pretty large. MX record data is small, but
for example CERT records have an entire certificate stored in it.
Wouldn't there be a problem if we place the large DNS record in URL?
This is how the DNS record list page could be re
On 09/21/2011 10:07 PM, Stephen Gallagher wrote:
> I've ben working on the multiple search base feature in SSSD and I've had
> some thoughts that might be relevant to the FreeIPA v3 core effort. The idea
> behind multiple search bases is fairly simple; instead of simply checking one
> subtree fo
On 09/22/2011 03:37 AM, Jakub Hrozek wrote:
> On Thu, Sep 22, 2011 at 08:25:01AM +0200, Jan Cholasta wrote:
>> On 21.9.2011 23:55, Dmitri Pal wrote:
>>> On 09/21/2011 10:27 AM, Adam Young wrote:
On 09/20/2011 11:11 AM, Martin Kosek wrote:
> On Tue, 2011-09-20 at 10:02 -0400, Adam Young wro
On 09/22/2011 08:31 PM, Endi Sukma Dewata wrote:
On 9/22/2011 7:24 AM, Martin Kosek wrote:
2) Some DNS records may be pretty large. MX record data is small, but
for example CERT records have an entire certificate stored in it.
Wouldn't there be a problem if we place the large DNS record in URL?
On Thu, 2011-09-22 at 19:31 -0500, Endi Sukma Dewata wrote:
> On 9/22/2011 7:24 AM, Martin Kosek wrote:
> >> 2) Some DNS records may be pretty large. MX record data is small, but
> >> for example CERT records have an entire certificate stored in it.
> >> Wouldn't there be a problem if we place the
On Thu, 2011-09-22 at 22:05 -0400, Adam Young wrote:
> On 09/22/2011 08:31 PM, Endi Sukma Dewata wrote:
> >> OPEN QUESTION: should we implement these new commands also for discrete
> >> DNS records types to be consistent? I mean for example A, , CNAME,
> >> PTR, ... They would look like
> >>
>
On Thu, 2011-09-22 at 11:55 -0400, Rob Crittenden wrote:
> Obfuscate the one-time password in the client installer log.
>
> rob
NACK. You missed a case when OTP is interactively prompted (-W parameter
is passed).
Martin
___
Freeipa-devel mailing list
32 matches
Mail list logo
