On 05/29/2014 08:14 PM, Dmitri Pal wrote:
> On 05/29/2014 08:39 AM, Simo Sorce wrote:
>> On Thu, 2014-05-29 at 09:43 +0200, Martin Kosek wrote:
>>> On 05/29/2014 05:31 AM, Dmitri Pal wrote:
On 05/26/2014 01:49 AM, Martin Kosek wrote:
> On 05/23/2014 04:55 PM, Simo Sorce wrote:
>> On Fr
On 05/30/2014 01:11 AM, Gabe Alford wrote:
> Hello,
>
> This is a patch for https://fedorahosted.org/freeipa/ticket/4331
> It's a one liner that just adds an exclude to the tar command to ignore the
> /var/lib/ipa/backup folder.
>
> Thanks,
>
> Gabe
Thanks! Patches for backup and restore featur
On 05/30/2014 06:14 AM, Dmitri Pal wrote:
> On 05/29/2014 01:44 AM, James wrote:
>> /usr/bin/runcon: invalid context: unconfined_u:system_r:pki_ca_script_t:s0:
>> Invalid argument"
> Looks like and AVC that lead to restart failure of the PKI instance that in
> turn led to failure to configure CA.
On Fri, 2014-05-30 at 00:09 -0400, Dmitri Pal wrote:
> On 05/29/2014 02:13 PM, Simo Sorce wrote:
> > On Thu, 2014-05-29 at 12:35 -0400, Dmitri Pal wrote:
> >> On 05/29/2014 11:41 AM, Simo Sorce wrote:
> >>> On Thu, 2014-05-29 at 11:39 -0400, Dmitri Pal wrote:
> On 05/28/2014 11:20 PM, Simo Sor
On 05/29/2014 01:31 PM, Simo Sorce wrote:
On Thu, 2014-05-29 at 18:50 +0200, Petr Spacek wrote:
On 29.5.2014 13:48, Sumit Bose wrote:
== slapi-nis plugin/compat tree ==
The compat tree offers a simplified LDAP tree with user and group data
for legacy clients. No data for this tree is stored on
On 05/29/2014 01:44 AM, James wrote:
/usr/bin/runcon: invalid context: unconfined_u:system_r:pki_ca_script_t:s0: Invalid
argument"
Looks like and AVC that lead to restart failure of the PKI instance that
in turn led to failure to configure CA.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager
On 05/29/2014 02:13 PM, Simo Sorce wrote:
On Thu, 2014-05-29 at 12:35 -0400, Dmitri Pal wrote:
On 05/29/2014 11:41 AM, Simo Sorce wrote:
On Thu, 2014-05-29 at 11:39 -0400, Dmitri Pal wrote:
On 05/28/2014 11:20 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
On 05/2
On 05/29/2014 02:24 PM, Simo Sorce wrote:
On Thu, 2014-05-29 at 14:08 -0400, Dmitri Pal wrote:
On 05/29/2014 02:17 AM, Martin Kosek wrote:
On 05/29/2014 04:09 AM, Dmitri Pal wrote:
On 05/22/2014 10:33 AM, thierry bordaz wrote:
Hello,
In order to provision staged users (account inactiva
Hello,
This is a patch for https://fedorahosted.org/freeipa/ticket/4331
It's a one liner that just adds an exclude to the tar command to ignore the
/var/lib/ipa/backup folder.
Thanks,
Gabe
From f1e54b57cfd07f370bc7143cfe14753f2ee145a9 Mon Sep 17 00:00:00 2001
From: Gabe
Date: Wed, 28 May 2014 1
On Thu, 2014-05-29 at 14:08 -0400, Dmitri Pal wrote:
> On 05/29/2014 02:17 AM, Martin Kosek wrote:
> > On 05/29/2014 04:09 AM, Dmitri Pal wrote:
> >> On 05/22/2014 10:33 AM, thierry bordaz wrote:
> >>> Hello,
> >>>
> >>> In order to provision staged users (account inactivated) with
> >>>
On Thu, 2014-05-29 at 18:57 +0200, Petr Spacek wrote:
> On 29.5.2014 18:40, Nathaniel McCallum wrote:
> > On Mon, 2013-09-23 at 08:12 -0400, Simo Sorce wrote:
> >> On Mon, 2013-09-23 at 09:00 +0200, Petr Spacek wrote:
> >>> On 20.9.2013 21:35, Simo Sorce wrote:
> This patch set is an initial i
On 05/29/2014 08:39 AM, Simo Sorce wrote:
On Thu, 2014-05-29 at 09:43 +0200, Martin Kosek wrote:
On 05/29/2014 05:31 AM, Dmitri Pal wrote:
On 05/26/2014 01:49 AM, Martin Kosek wrote:
On 05/23/2014 04:55 PM, Simo Sorce wrote:
On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
This, I be
On Thu, 2014-05-29 at 12:35 -0400, Dmitri Pal wrote:
> On 05/29/2014 11:41 AM, Simo Sorce wrote:
> > On Thu, 2014-05-29 at 11:39 -0400, Dmitri Pal wrote:
> >> On 05/28/2014 11:20 PM, Simo Sorce wrote:
> >>> On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
> On 05/27/2014 03:52 PM, Simo Sor
On 05/29/2014 02:17 AM, Martin Kosek wrote:
On 05/29/2014 04:09 AM, Dmitri Pal wrote:
On 05/22/2014 10:33 AM, thierry bordaz wrote:
Hello,
In order to provision staged users (account inactivated) with
there initial values:
/usr/bin/ipa user-add tb20 --to-stage --first=tb20
I'm working on adding to certmonger the ability to read the IPA root
certificate from the server and store it locally, and I'm looking at the
V4 shared certificate store feature [1] with an eye toward also pulling
down and processing those certificates. Before I head down that path,
I've got a few
On Thu, 2014-05-29 at 18:50 +0200, Petr Spacek wrote:
> On 29.5.2014 13:48, Sumit Bose wrote:
> > == slapi-nis plugin/compat tree ==
> > The compat tree offers a simplified LDAP tree with user and group data
> > for legacy clients. No data for this tree is stored on disk but it is
> > always create
Petr Viktorin wrote:
> When investigating this issue I became very annoyed by the star import
> hiding where names come from, so I did some cleanup first.
>
>
> In krbtpolicy, an ACIError is now raised if:
> - the user doesn't have permission to read any one of the ticket policy
> attributes on
On 29.5.2014 18:40, Nathaniel McCallum wrote:
On Mon, 2013-09-23 at 08:12 -0400, Simo Sorce wrote:
On Mon, 2013-09-23 at 09:00 +0200, Petr Spacek wrote:
On 20.9.2013 21:35, Simo Sorce wrote:
This patch set is an initial implementation of ticket #3859
It seem to be working fine in my initial t
On 29.5.2014 13:48, Sumit Bose wrote:
== slapi-nis plugin/compat tree ==
The compat tree offers a simplified LDAP tree with user and group data
for legacy clients. No data for this tree is stored on disk but it is
always created on the fly. It has to be noted that legacy clients might
be one of t
On Mon, 2013-09-23 at 08:12 -0400, Simo Sorce wrote:
> On Mon, 2013-09-23 at 09:00 +0200, Petr Spacek wrote:
> > On 20.9.2013 21:35, Simo Sorce wrote:
> > > This patch set is an initial implementation of ticket #3859
> > >
> > > It seem to be working fine in my initial testing but I have not yet
>
On 05/29/2014 11:41 AM, Simo Sorce wrote:
On Thu, 2014-05-29 at 11:39 -0400, Dmitri Pal wrote:
On 05/28/2014 11:20 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
On 05/27/2014 03:52 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 16:01 +0200, Sumit Bose wrote:
On Tue,
On Mon, 2013-10-07 at 15:53 -0400, Nalin Dahyabhai wrote:
> Comparing master's ipa-kdb's handling of krbPrincipalName and
> krbCanonicalName attributes with that of the upstream kldap driver,
> there are a few differences which I'm thinking are bugs.
>
> * If an entry has multiple krbPrincipalName
When investigating this issue I became very annoyed by the star import
hiding where names come from, so I did some cleanup first.
In krbtpolicy, an ACIError is now raised if:
- the user doesn't have permission to read any one of the ticket policy
attributes on the requested entry
(checked u
On Thu, 2014-05-29 at 11:39 -0400, Dmitri Pal wrote:
> On 05/28/2014 11:20 PM, Simo Sorce wrote:
> > On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
> >> On 05/27/2014 03:52 PM, Simo Sorce wrote:
> >>> On Tue, 2014-05-27 at 16:01 +0200, Sumit Bose wrote:
> On Tue, Apr 15, 2014 at 11:13:38
On 05/28/2014 11:20 PM, Simo Sorce wrote:
On Wed, 2014-05-28 at 23:15 -0400, Dmitri Pal wrote:
On 05/27/2014 03:52 PM, Simo Sorce wrote:
On Tue, 2014-05-27 at 16:01 +0200, Sumit Bose wrote:
On Tue, Apr 15, 2014 at 11:13:38AM +0200, Sumit Bose wrote:
Hi,
I have started to write a design page
Petr Viktorin wrote:
> On 05/28/2014 08:48 AM, Fraser Tweedale wrote:
>> On Tue, May 27, 2014 at 05:57:40PM -0400, Ade Lee wrote:
>>> There have been a couple of changes in the Dogtag interface, that
>>> require some changes in the IPA patches. Also, I had to add back a
>>> function in order to re
On 27.5.2014 12:49, Petr Vobornik wrote:
Dialog instances no longer directly call IPA.opened_dialog methods. It's
handled through events (decoupled from dialog's POV). IPA.open_dialogs
with assistance of ApplicationController makes sure that there is only
one dialog opened at the same time.
It a
On 26.5.2014 17:08, Petr Vobornik wrote:
On 19.5.2014 14:58, Petr Vobornik wrote:
On 12.5.2014 17:46, Misnyovszki Adam wrote:
Hi,
see my review notes below:
On Mon, 05 May 2014 18:41:13 +0200
Petr Vobornik wrote:
This patchset updates Bootstrap 2 based RCUE to Bootstrap 3 based
PatternFly (
On 05/29/2014 03:35 PM, Martin Kosek wrote:
On 05/29/2014 11:04 AM, Petr Viktorin wrote:
On 05/29/2014 10:03 AM, Martin Kosek wrote:
On 05/28/2014 03:40 PM, Petr Viktorin wrote:
Hello,
Some of IPA plugins assume that everyone has access to everything. Here are
some fixes for that.
Patch 0560
On 05/29/2014 11:04 AM, Petr Viktorin wrote:
> On 05/29/2014 10:03 AM, Martin Kosek wrote:
>> On 05/28/2014 03:40 PM, Petr Viktorin wrote:
>>> Hello,
>>> Some of IPA plugins assume that everyone has access to everything. Here are
>>> some fixes for that.
>>>
>>> Patch 0560 adds a new permission for
On Thu, 2014-05-29 at 10:06 +0200, Petr Viktorin wrote:
> > Let me try to consolidate again the proposals and changes for the
> > workflow&API
> > we have so far:
> >
> > 1) Manipulating staged users
> > - staged users must have UID RDN
> > - UID uniqueness plugin should not be enforcing in stagin
On Thu, 2014-05-29 at 09:43 +0200, Martin Kosek wrote:
> On 05/29/2014 05:31 AM, Dmitri Pal wrote:
> > On 05/26/2014 01:49 AM, Martin Kosek wrote:
> >> On 05/23/2014 04:55 PM, Simo Sorce wrote:
> >>> On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
> This, I believe, has already been c
Hi,
I have updated
http://www.freeipa.org/page/V4/Migrating_existing_environments_to_Trust
with the results of various discussions with Simo and Alexander (thank
you). For your convenience you can find the text below as well. I'm
working on some figures which hopefully can help to understand the
u
On 05/29/2014 10:03 AM, Martin Kosek wrote:
On 05/28/2014 03:40 PM, Petr Viktorin wrote:
Hello,
Some of IPA plugins assume that everyone has access to everything. Here are
some fixes for that.
Patch 0560 adds a new permission for the UPG Definition, which is required to
add users correctly.
5
On 05/29/2014 10:06 AM, Petr Viktorin wrote:
> On 05/29/2014 09:43 AM, Martin Kosek wrote:
...
>> 1) Manipulating staged users
>> - staged users must have UID RDN
>> - UID uniqueness plugin should not be enforcing in staging area
>> - we do not want it in user plugin as it requires different parame
On 29.5.2014 09:43, Martin Kosek wrote:
On 05/29/2014 05:31 AM, Dmitri Pal wrote:
On 05/26/2014 01:49 AM, Martin Kosek wrote:
On 05/23/2014 04:55 PM, Simo Sorce wrote:
On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
This, I believe, has already been covered, but I'm concerned with th
On 05/29/2014 09:43 AM, Martin Kosek wrote:
On 05/29/2014 05:31 AM, Dmitri Pal wrote:
On 05/26/2014 01:49 AM, Martin Kosek wrote:
On 05/23/2014 04:55 PM, Simo Sorce wrote:
On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
This, I believe, has already been covered, but I'm concerned wit
On 05/28/2014 03:40 PM, Petr Viktorin wrote:
> Hello,
> Some of IPA plugins assume that everyone has access to everything. Here are
> some fixes for that.
>
> Patch 0560 adds a new permission for the UPG Definition, which is required to
> add users correctly.
558:
Crash is now removed, though I
On 05/29/2014 05:31 AM, Dmitri Pal wrote:
> On 05/26/2014 01:49 AM, Martin Kosek wrote:
>> On 05/23/2014 04:55 PM, Simo Sorce wrote:
>>> On Fri, 2014-05-23 at 10:13 -0400, Rob Crittenden wrote:
This, I believe, has already been covered, but I'm concerned with the
(over)use of active/inact
39 matches
Mail list logo