This patch allows Windows to send us TGTs using AES.
Simo.
--
Simo Sorce * Red Hat, Inc. * New York
From 6397e6acbe29a7b54539f307d30976deb68b1465 Mon Sep 17 00:00:00 2001
From: Simo Sorce
Date: Wed, 26 Sep 2012 18:34:57 -0400
Subject: [PATCH] Add support for using AES fo cross-realm TGTs
---
Tomas Babej wrote:
Hi,
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.
https://fedorahosted.org/freeipa/ticket/2816
I think this can be pushed as a one-liner.
I think we should list all ports that are required for cli
Martin Kosek wrote:
These 2 patches significantly limit the number of unindexed LDAP searches we do
in IPA. I used our unit test suite as a good source of different LDAP searches
run by our command suite.
Most of the remaining unindexed searches are produced either by our general
term search ("i
Hi,
small addition -- in order to get trusts created properly on new installs
you'll need to apply my patch 0080
https://www.redhat.com/archives/freeipa-devel/2012-September/msg00426.html
this is one fix that we missed in RC1. :(
--
/ Alexander Bokovoy
- Original Message -
> From: "Rob
Martin Kosek wrote:
On 09/26/2012 12:32 PM, Petr Viktorin wrote:
On 09/26/2012 12:25 PM, Petr Viktorin wrote:
I found strange behavior in validate_selinuxuser. Perhaps it's material
for another ticket. This command passes validation:
$ ./ipa config_mod
--ipaselinuxusermapdefault=unconfined_u:
The FreeIPA team is proud to announce version FreeIPA v3.0.0 rc 1.
It can be downloaded from http://www.freeipa.org/page/Downloads.
A build is available in the Fedora 18 and rawhide repositories or for
Fedora 17 via the freeipa-devel repo on www.freeipa.org:
http://freeipa.org/downloads/freeip
On 09/25/2012 02:59 PM, Tomas Babej wrote:
> On 09/25/2012 02:31 PM, Martin Kosek wrote:
>> On 09/25/2012 02:22 PM, Tomas Babej wrote:
>>> Hi,
>>>
>>> Group-mod command no longer allows --rename and/or --external
>>> changes made to the admins group. In such cases, ProtectedEntryError
>>> is being
On 09/26/2012 04:01 PM, Adam Tkac wrote:
On Wed, Sep 26, 2012 at 12:57:33PM +0200, Petr Spacek wrote:
Hello,
Fix zone register locking in zr_set_zone_serial_digest().
Zone register has to be locked against simultaneous writes.
Ack
Pushed to master:
09bdbfc807a63c19d171af5fe3b1337
On 09/26/2012 03:23 PM, Tomas Babej wrote:
> On 09/25/2012 12:37 PM, Tomas Babej wrote:
>> Hi,
>>
>> On adding new user, host-add tries to make it a member of default
>> user group. This, however, can raise AlreadyGroupMember when the
>> user is already member of this group due to automember rule o
On Wed, Sep 26, 2012 at 12:57:33PM +0200, Petr Spacek wrote:
> Hello,
>
> Fix zone register locking in zr_set_zone_serial_digest().
>
> Zone register has to be locked against simultaneous writes.
Ack
> From ad51025a35efe47542f4379049c8e23d1054726c Mon Sep 17 00:00:00 2001
> From: Petr S
On 09/25/2012 12:37 PM, Tomas Babej wrote:
Hi,
On adding new user, host-add tries to make it a member of default
user group. This, however, can raise AlreadyGroupMember when the
user is already member of this group due to automember rule or
default group configured. This patch makes sure Already
Hi,
Connection error message in ipa-client-install now warns the user
about the need of opening 389 port for directory server.
https://fedorahosted.org/freeipa/ticket/2816
I think this can be pushed as a one-liner.
Tomas
>From 0f4ad3917ecf8a9d290923c7fae0a55f4f8d2448 Mon Sep 17 00:00:00 2001
F
On 09/26/2012 01:38 PM, Petr Viktorin wrote:
> On 09/25/2012 10:42 AM, Martin Kosek wrote:
>> When DNS is being installed during ipa-{server,dns,replica}-install,
>> forward and reverse zone is created. However, reverse zone was always
>> created with default zonemgr even when a custom zonemgr was
On 09/25/2012 10:42 AM, Martin Kosek wrote:
When DNS is being installed during ipa-{server,dns,replica}-install,
forward and reverse zone is created. However, reverse zone was always
created with default zonemgr even when a custom zonemgr was passed
to the installer as this functionality was miss
Hello,
Fix zone register locking in zr_set_zone_serial_digest().
Zone register has to be locked against simultaneous writes.
--
Petr^2 Spacek
From ad51025a35efe47542f4379049c8e23d1054726c Mon Sep 17 00:00:00 2001
From: Petr Spacek
Date: Wed, 26 Sep 2012 12:51:06 +0200
Subject: [PATCH]
On 09/26/2012 12:32 PM, Petr Viktorin wrote:
> On 09/26/2012 12:25 PM, Petr Viktorin wrote:
>>
>> I found strange behavior in validate_selinuxuser. Perhaps it's material
>> for another ticket. This command passes validation:
>>
>> $ ./ipa config_mod
>> --ipaselinuxusermapdefault=unconfined_u:s0-s0:
On 09/26/2012 12:25 PM, Petr Viktorin wrote:
I found strange behavior in validate_selinuxuser. Perhaps it's material
for another ticket. This command passes validation:
$ ./ipa config_mod
--ipaselinuxusermapdefault=unconfined_u:s0-s0:c0.c1023
--ipaselinuxusermaporder='unconfined_u:s0-s0:c0.c102
On 09/25/2012 01:54 PM, Martin Kosek wrote:
config-mod is capable of changing default SELinux user map order
and a default SELinux user. Validate the new config values to
prevent bogus default SELinux users to be assigned to IPA users.
https://fedorahosted.org/freeipa/ticket/2993
---
Note: I re
On 09/25/2012 12:37 PM, Tomas Babej wrote:
Hi,
On adding new user, host-add tries to make it a member of default
user group. This, however, can raise AlreadyGroupMember when the
user is already member of this group due to automember rule or
default group configured. This patch makes sure Already
19 matches
Mail list logo