Hi all,
Today I hit the "WARNING: Your system is running out of entropy, you
may experience long delays" message while testing Ade's
ipa-server-install changes.
I got a lot more entropy a lot faster by installing haveged(8), and
I blogged about it here:
http://blog-ftweedal.rhcloud.com/2014/05/mo
On 05/28/2014 08:22 AM, Martin Kosek wrote:
On 05/27/2014 08:18 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
On Tue, 27 May 2014, Simo Sorce wrote:
On Tue, 2014-05-27 at 19:59 +0200, thierry bordaz wrote:
On 05/27/2014 06:56 PM, Simo Sorce wrote:
On Tue,
On 05/28/2014 09:06 AM, Fraser Tweedale wrote:
Hi all,
Today I hit the "WARNING: Your system is running out of entropy, you
may experience long delays" message while testing Ade's
ipa-server-install changes.
I got a lot more entropy a lot faster by installing haveged(8), and
I blogged about it
On 05/27/2014 03:59 PM, Petr Spacek wrote:
> On 27.5.2014 15:54, Petr Spacek wrote:
>> Fix race condition during zone loading.
>>
>> DNS zone has to be added to DNS view before dns_zone_load() is called.
>> It is necessary to prevent dns_zone_load() from racing with
>> dns_zone_setview().
>>
>> Thi
On 05/28/2014 12:08 PM, Petr Viktorin wrote:
> On 05/28/2014 09:06 AM, Fraser Tweedale wrote:
>> Hi all,
>>
>> Today I hit the "WARNING: Your system is running out of entropy, you
>> may experience long delays" message while testing Ade's
>> ipa-server-install changes.
>>
>> I got a lot more entrop
On 04/16/2014 03:42 PM, Simo Sorce wrote:
> On Wed, 2014-04-16 at 14:55 +0200, Martin Kosek wrote:
>> On 04/16/2014 02:49 PM, Petr Viktorin wrote:
>>> On 04/16/2014 02:45 PM, Simo Sorce wrote:
On Wed, 2014-04-16 at 10:20 +0200, Petr Viktorin wrote:
> On 04/16/2014 10:02 AM, Martin Kosek wr
On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote:
> freeipa-server-foreman-smartproxy#
> [ 40%]
It works for me.
I install 3.5, upgrade to 4.0 and it works
--
Martin^2 Basti
___
Freeipa-devel mailing list
Freeipa-d
On 05/28/2014 01:50 PM, Martin Basti wrote:
> On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote:
>> freeipa-server-foreman-smartproxy#
>> [ 40%]
>
> It works for me.
> I install 3.5, upgrade to 4.0 and it works
>
Ok, thanks for testing - I might have improperl
On Wed, 2014-05-28 at 13:56 +0200, Martin Kosek wrote:
> On 05/28/2014 01:50 PM, Martin Basti wrote:
> > On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote:
> >> freeipa-server-foreman-smartproxy#
> >> [ 40%]
> >
> > It works for me.
> > I install 3.5, upgrade to
On Wed, 2014-05-28 at 13:56 +0200, Martin Kosek wrote:
> On 05/28/2014 01:50 PM, Martin Basti wrote:
> > On Mon, 2014-05-26 at 10:33 +0200, Martin Kosek wrote:
> >> freeipa-server-foreman-smartproxy#
> >> [ 40%]
> >
> > It works for me.
> > I install 3.5, upgrade to
On 05/27/2014 01:27 PM, Petr Viktorin wrote:
> See the ticket & commit message.
>
> https://fedorahosted.org/freeipa/ticket/4309
Yup, this fixed the crash. ACK!
Martin
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mai
On 05/26/2014 12:48 PM, Petr Viktorin wrote:
> On 05/14/2014 12:50 PM, Petr Viktorin wrote:
>> On 04/30/2014 10:00 AM, thierry bordaz wrote:
>>> On 04/29/2014 10:07 PM, Martin Kosek wrote:
On 04/29/2014 08:17 PM, Simo Sorce wrote:
> On Tue, 2014-04-29 at 20:00 +0200, Petr Viktorin wrote:
>
On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
> On 05/28/2014 08:22 AM, Martin Kosek wrote:
> > On 05/27/2014 08:18 PM, Simo Sorce wrote:
> >> On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
> >>> On Tue, 27 May 2014, Simo Sorce wrote:
> On Tue, 2014-05-27 at 19:59 +0200
Simo Sorce wrote:
> On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
>> On 05/28/2014 08:22 AM, Martin Kosek wrote:
>>> On 05/27/2014 08:18 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
> On Tue, 27 May 2014, Simo Sorce wrote:
>> On Tue, 2014
On 05/28/2014 02:55 PM, Rob Crittenden wrote:
Simo Sorce wrote:
On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin Kosek wrote:
On 05/27/2014 08:18 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
On Tue, 27 May 2014, Simo
Hello,
Some of IPA plugins assume that everyone has access to everything. Here
are some fixes for that.
Patch 0560 adds a new permission for the UPG Definition, which is
required to add users correctly.
--
PetrĀ³
From 1846d12939dbfc209aeca30820642d1565da6fd1 Mon Sep 17 00:00:00 2001
From: Pet
On 05/28/2014 02:48 PM, Simo Sorce wrote:
> On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
>> On 05/28/2014 08:22 AM, Martin Kosek wrote:
>>> On 05/27/2014 08:18 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
> On Tue, 27 May 2014, Simo Sorce wr
On 05/28/2014 02:44 PM, Martin Kosek wrote:
On 05/27/2014 01:27 PM, Petr Viktorin wrote:
See the ticket & commit message.
https://fedorahosted.org/freeipa/ticket/4309
Yup, this fixed the crash. ACK!
Martin
Thanks, pushed to master: 8bbd52e347f3e6395d469528e1220fd9158e5609
--
PetrĀ³
On 05/28/2014 08:48 AM, Fraser Tweedale wrote:
On Tue, May 27, 2014 at 05:57:40PM -0400, Ade Lee wrote:
There have been a couple of changes in the Dogtag interface, that
require some changes in the IPA patches. Also, I had to add back a
function in order to rebase to the latest IPA code.
Most
On 05/28/2014 02:45 PM, Martin Kosek wrote:
On 05/26/2014 12:48 PM, Petr Viktorin wrote:
On 05/14/2014 12:50 PM, Petr Viktorin wrote:
On 04/30/2014 10:00 AM, thierry bordaz wrote:
On 04/29/2014 10:07 PM, Martin Kosek wrote:
On 04/29/2014 08:17 PM, Simo Sorce wrote:
On Tue, 2014-04-29 at 20:0
On 05/27/2014 05:13 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 18:01 +0300, Alexander Bokovoy wrote:
On Tue, 27 May 2014, Petr Viktorin wrote:
On 05/26/2014 12:13 PM, Petr Viktorin wrote:
[...]
Thanks for the thorough review!
Pushed to master: 63becae88c6c270b98f0432dc474b661b82f3119
Okay
On 05/28/2014 03:06 PM, thierry bordaz wrote:
> On 05/28/2014 02:55 PM, Rob Crittenden wrote:
>> Simo Sorce wrote:
>>> On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin Kosek wrote:
> On 05/27/2014 08:18 PM, Simo Sorce wrote:
>> On Tue, 2014-05-27
On 28.5.2014 15:56, Martin Kosek wrote:
On 05/28/2014 02:48 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin Kosek wrote:
On 05/27/2014 08:18 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 21:14 +0300, Alexander Bokovoy wrote:
On Tue,
On 05/27/2014 04:20 PM, Martin Kosek wrote:
On 05/26/2014 04:44 PM, Petr Viktorin wrote:
On 05/22/2014 03:07 PM, Petr Viktorin wrote:
Hello,
Here I start upgrading the existing default permissions to the new
Managed style.
https://fedorahosted.org/freeipa/ticket/4346
The patches rely on my p
On Wed, 2014-05-28 at 15:56 +0200, Martin Kosek wrote:
> On 05/28/2014 02:48 PM, Simo Sorce wrote:
> > On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
> >> On 05/28/2014 08:22 AM, Martin Kosek wrote:
> >>> On 05/27/2014 08:18 PM, Simo Sorce wrote:
> On Tue, 2014-05-27 at 21:14 +0300,
On 05/28/2014 04:27 PM, Petr Viktorin wrote:
On 05/27/2014 04:20 PM, Martin Kosek wrote:
On 05/26/2014 04:44 PM, Petr Viktorin wrote:
On 05/22/2014 03:07 PM, Petr Viktorin wrote:
Hello,
Here I start upgrading the existing default permissions to the new
Managed style.
https://fedorahosted.org
On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wrote:
> Simo, I hazily remember discussing that we should only allow specific
> attributes on add, otherwise users can add entries with any extra
> objectclasses and attributes. Did we come to a conclusion?
> I might have confused targetattr with
On 05/28/2014 04:50 PM, Simo Sorce wrote:
> On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wrote:
>> Simo, I hazily remember discussing that we should only allow specific
>> attributes on add, otherwise users can add entries with any extra
>> objectclasses and attributes. Did we come to a concl
On 05/28/2014 04:56 PM, Martin Kosek wrote:
On 05/28/2014 04:50 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wrote:
Simo, I hazily remember discussing that we should only allow specific
attributes on add, otherwise users can add entries with any extra
objectclasses an
On 05/28/2014 05:03 PM, Ludwig Krispenz wrote:
>
> On 05/28/2014 04:56 PM, Martin Kosek wrote:
>> On 05/28/2014 04:50 PM, Simo Sorce wrote:
>>> On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wrote:
Simo, I hazily remember discussing that we should only allow specific
attributes on add,
On 05/28/2014 05:08 PM, Martin Kosek wrote:
On 05/28/2014 05:03 PM, Ludwig Krispenz wrote:
On 05/28/2014 04:56 PM, Martin Kosek wrote:
On 05/28/2014 04:50 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wrote:
Simo, I hazily remember discussing that we should only allo
On 05/28/2014 05:13 PM, Ludwig Krispenz wrote:
>
> On 05/28/2014 05:08 PM, Martin Kosek wrote:
>> On 05/28/2014 05:03 PM, Ludwig Krispenz wrote:
>>> On 05/28/2014 04:56 PM, Martin Kosek wrote:
On 05/28/2014 04:50 PM, Simo Sorce wrote:
> On Wed, 2014-05-28 at 16:27 +0200, Petr Viktorin wro
Test for ticket https://fedorahosted.org/freeipa/ticket/3148
Patch attached.
Required patches: mbasti 0029-0032, 0034-0040, 0047,
0041-0042, 0045-0046
--
Martin^2 Basti
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mail
On Wed, 2014-05-28 at 19:04 +0200, Martin Basti wrote:
> Test for ticket https://fedorahosted.org/freeipa/ticket/3148
> Patch attached.
>
> Required patches: mbasti 0029-0032, 0034-0040, 0047,
> 0041-0042, 0045-0046
Sorry, patch is attached here
--
Martin^2 Basti
>From 9963a0778ae5a671f7e3404226
On Wed, 2014-05-28 at 18:48 +0200, Martin Basti wrote:
> Ticket: https://fedorahosted.org/freeipa/ticket/3210
> Patches attached.
>
> TODO: upgrade procedure
> http://www.freeipa.org/page/V4/Forward_zones#Updates_and_Upgrades
>
> WebUI ticket: https://fedorahosted.org/freeipa/ticket/4357
>
> ___
Simo Sorce wrote:
> On Wed, 2014-05-28 at 15:56 +0200, Martin Kosek wrote:
>> On 05/28/2014 02:48 PM, Simo Sorce wrote:
>>> On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin Kosek wrote:
> On 05/27/2014 08:18 PM, Simo Sorce wrote:
>> On Tue, 2014-0
On Mon, 2014-05-26 at 16:57 +0200, Jan Cholasta wrote:
> On 13.5.2014 19:12, Nathaniel McCallum wrote:
> > On Tue, 2014-05-13 at 16:33 +0200, Jan Cholasta wrote:
> >> On 12.5.2014 21:02, Nathaniel McCallum wrote:
> >>> On Thu, 2014-05-08 at 13:51 -0400, Simo Sorce wrote:
> On Thu, 2014-05-08 a
On 28.5.2014 13:26, Tomas Hozza wrote:
On 05/27/2014 03:59 PM, Petr Spacek wrote:
On 27.5.2014 15:54, Petr Spacek wrote:
Fix race condition during zone loading.
DNS zone has to be added to DNS view before dns_zone_load() is called.
It is necessary to prevent dns_zone_load() from racing with
dn
On Wed, May 28, 2014 at 01:38:05PM +0200, Martin Kosek wrote:
> On 05/28/2014 12:08 PM, Petr Viktorin wrote:
> > On 05/28/2014 09:06 AM, Fraser Tweedale wrote:
> >> Hi all,
> >>
> >> Today I hit the "WARNING: Your system is running out of entropy, you
> >> may experience long delays" message while
On Wed, May 28, 2014 at 03:53:01PM +0200, Petr Viktorin wrote:
> On 05/28/2014 08:48 AM, Fraser Tweedale wrote:
> >On Tue, May 27, 2014 at 05:57:40PM -0400, Ade Lee wrote:
> >>There have been a couple of changes in the Dogtag interface, that
> >>require some changes in the IPA patches. Also, I had
On 05/22/2014 10:33 AM, thierry bordaz wrote:
Hello,
In order to provision staged users (account inactivated) with
there initial values:
/usr/bin/ipa user-add tb20 --to-stage --first=tb20 --last=tb20
-
Added user "tb20"
-
On 05/27/2014 12:39 PM, thierry bordaz wrote:
On 05/27/2014 06:06 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 17:55 +0200, thierry bordaz wrote:
On 05/27/2014 04:35 PM, Martin Kosek wrote:
On 05/27/2014 04:27 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 15:21 +0200, Martin Kosek wrote:
This t
On 05/28/2014 01:18 PM, Rob Crittenden wrote:
Simo Sorce wrote:
On Wed, 2014-05-28 at 15:56 +0200, Martin Kosek wrote:
On 05/28/2014 02:48 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin Kosek wrote:
On 05/27/2014 08:18 PM, Simo S
On 05/28/2014 10:50 PM, Dmitri Pal wrote:
On 05/28/2014 01:18 PM, Rob Crittenden wrote:
Simo Sorce wrote:
On Wed, 2014-05-28 at 15:56 +0200, Martin Kosek wrote:
On 05/28/2014 02:48 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 09:38 +0200, thierry bordaz wrote:
On 05/28/2014 08:22 AM, Martin K
On 05/27/2014 03:52 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 16:01 +0200, Sumit Bose wrote:
On Tue, Apr 15, 2014 at 11:13:38AM +0200, Sumit Bose wrote:
Hi,
I have started to write a design page for 'Migrating existing
environments to Trust'
http://www.freeipa.org/page/V3/Migrating_existing_
On 05/23/2014 01:01 PM, Simo Sorce wrote:
On Fri, 2014-05-23 at 17:47 +0200, thierry bordaz wrote:
About membership. I think it could be risky to keep membership in
'delete' or 'stage'. Those entries are not valid user and should not
belong to any active group. Should we keep membership attribut
On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
> On 05/27/2014 03:52 PM, Simo Sorce wrote:
> > On Tue, 2014-05-27 at 16:01 +0200, Sumit Bose wrote:
> >> On Tue, Apr 15, 2014 at 11:13:38AM +0200, Sumit Bose wrote:
> >>> Hi,
> >>>
> >>> I have started to write a design page for 'Migrating exist
On 05/26/2014 01:49 AM, Martin Kosek wrote:
On 05/23/2014 04:55 PM, Simo Sorce wrote:
On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
This, I believe, has already been covered, but I'm concerned with the
(over)use of active/inactive in this discussion.
I think use of "inactive" and "a
Hi,
Can anyone decipher this log and help me understand what is broken and
how to fix it?
What is more peculiar is that I don't get the problem on an older
version of CentOS 6.5, but on the latest up to date version it breaks.
Note that I am using the latest versions of all the ipa-server
package
On 05/29/2014 04:09 AM, Dmitri Pal wrote:
> On 05/22/2014 10:33 AM, thierry bordaz wrote:
>> Hello,
>>
>> In order to provision staged users (account inactivated) with
>> there initial values:
>>
>> /usr/bin/ipa user-add tb20 --to-stage --first=tb20 --last=tb20
>> --
50 matches
Mail list logo
