On 1.12.2015 12:26, Petr Viktorin wrote:
On 11/30/2015 08:59 AM, Jan Cholasta wrote:
On 25.11.2015 15:47, Petr Viktorin wrote:
On 11/25/2015 11:04 AM, Jan Cholasta wrote:
On 24.11.2015 17:21, Petr Viktorin wrote:
On 11/23/2015 10:50 AM, Jan Cholasta wrote:
On 23.11.2015 07:43, Jan Cholasta w
On 1.12.2015 12:00, Alexander Bokovoy wrote:
> On Tue, 01 Dec 2015, Alexander Bokovoy wrote:
>> On Tue, 01 Dec 2015, Petr Spacek wrote:
>>> On 1.12.2015 09:47, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
> On 1.12.2015 09:21, Alexander Bokovoy wrote:
>> On Tue, 01
On 1.12.2015 18:42, Christian Heimes wrote:
> From 33be1f56a64e53d261a1058c4606a7e48c0aac52 Mon Sep 17 00:00:00 2001
> From: Christian Heimes
> Date: Tue, 1 Dec 2015 15:49:53 +0100
> Subject: [PATCH 25] Improve error logging for Dogtag subsystem installation
>
> In the case of a failed installati
On 12/02/2015 08:27 AM, Tomas Babej wrote:
> On 12/02/2015 07:31 AM, Abhijeet Kasurde wrote:
>> Hi All,
>>
>> Please find a small fix in 'ipa stage-user' documentation.
>>
>> Thanks,
>> Abhijeet Kasurde
>>
>>
>
> ACK, Thanks.
>
Pushed to master: 9a73c20763da42b331b73d7b716a1ea38f00a680
Pushed
On 12/02/2015 07:31 AM, Abhijeet Kasurde wrote:
> Hi All,
>
> Please find a small fix in 'ipa stage-user' documentation.
>
> Thanks,
> Abhijeet Kasurde
>
>
ACK, Thanks.
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contr
On 1.12.2015 14:27, David Kupka wrote:
On 30/11/15 17:24, Jan Cholasta wrote:
Hi,
On 27.11.2015 07:57, David Kupka wrote:
On 26/11/15 15:22, David Kupka wrote:
On 26/11/15 15:13, David Kupka wrote:
On 26/11/15 15:01, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5441
Replace
Hi All,
Please find a small fix in 'ipa stage-user' documentation.
Thanks,
Abhijeet Kasurde
From ef7b8a94b390fbeefe650a4e48a3972910ac97ff Mon Sep 17 00:00:00 2001
From: Abhijeet Kasurde
Date: Wed, 2 Dec 2015 11:58:14 +0530
Subject: [PATCH] Fixed small typo in stage-user documentation
Signed-of
On Tue, 2015-12-01 at 15:59 +0100, Martin Babinsky wrote:
> On 11/30/2015 07:42 PM, Simo Sorce wrote:
> > On Wed, 2015-11-25 at 10:33 +0100, Martin Babinsky wrote:
> >> On 11/24/2015 10:20 PM, Simo Sorce wrote:
> >>> This addresses #3860, giving admins the option to not require preauth
> >>> for Ho
On Tue, 2015-12-01 at 17:20 +0200, Alexander Bokovoy wrote:
> On Tue, 01 Dec 2015, Martin Kosek wrote:
> >On 12/01/2015 02:59 PM, Simo Sorce wrote:
> >> On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
> >>> On 12/01/2015 02:38 PM, Simo Sorce wrote:
> On Tue, 2015-12-01 at 10:11 +0200, A
On 12/01/2015 09:04 AM, Jan Cholasta wrote:
On 30.11.2015 12:41, Petr Vobornik wrote:
see
https://www.redhat.com/archives/freeipa-devel/2015-November/msg00485.html
LGTM, but I would s/_SUFFIX/_SUFFIX_NAME/.
Updated patch attached.
--
Petr Vobornik
From a43c65f8af3c77c45d0bee7ff1714f1080889
Now the correct patch file instead of a vim swap file...
From 33be1f56a64e53d261a1058c4606a7e48c0aac52 Mon Sep 17 00:00:00 2001
From: Christian Heimes
Date: Tue, 1 Dec 2015 15:49:53 +0100
Subject: [PATCH 25] Improve error logging for Dogtag subsystem installation
In the case of a failed installat
On 11/30/2015 05:32 PM, Lukas Slebodnik wrote:
> On (30/11/15 13:09), Tomas Babej wrote:
>> Hi,
>>
>> IPA sudo tests worked under the assumption that the clients that
>> are executing the sudo commands have their IPs assigned within
>> 255.255.255.0 hostmask.
>>
>> Removes this (invalid) assumpti
In the case of a failed installation or uninstallation of a Dogtag
subsystem, the error output of pkispawn / pkidestroyed are now shown to
the user. It makes it more obvious what went wrong and makes it easier
to debug a problem.
The error handler also attempts to get the full name of the installa
On 12/01/2015 04:20 PM, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Martin Kosek wrote:
On 12/01/2015 02:59 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
On 12/01/2015 02:38 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
On
On 1.12.2015 16:19, Tomas Babej wrote:
On 12/01/2015 08:19 AM, Jan Cholasta wrote:
On 30.11.2015 19:17, Simo Sorce wrote:
On Mon, 2015-11-30 at 12:25 +0100, Tomas Babej wrote:
+# Perform only if we have the necessary options
+if not any([installer.admin_password, installer.keytab]):
On Tue, 01 Dec 2015, Martin Kosek wrote:
On 12/01/2015 02:59 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
On 12/01/2015 02:38 PM, Simo Sorce wrote:
On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
On Mon, 30 Nov 2015, Simo Sorce wrote:
On Wed, 2015-
On 12/01/2015 08:19 AM, Jan Cholasta wrote:
> On 30.11.2015 19:17, Simo Sorce wrote:
>> On Mon, 2015-11-30 at 12:25 +0100, Tomas Babej wrote:
>>> +# Perform only if we have the necessary options
>>> +if not any([installer.admin_password, installer.keytab]):
>>> +sys.exit("IPA clie
On 12/01/2015 02:59 PM, Simo Sorce wrote:
> On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
>> On 12/01/2015 02:38 PM, Simo Sorce wrote:
>>> On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
On Mon, 30 Nov 2015, Simo Sorce wrote:
> On Wed, 2015-11-25 at 09:47 -0500, Simo S
On 27.11.2015 16:26, Oleg Fayans wrote:
And patch N 16 passes lint too:
On 11/27/2015 04:03 PM, Oleg Fayans wrote:
Hi,
On 11/27/2015 03:26 PM, Martin Basti wrote:
On 27.11.2015 15:04, Oleg Fayans wrote:
Hi Martin,
All your suggestions were taken into account. Both patches are
updated. T
Sending the patch with renamed function.
Standa
On 12/01/2015 09:57 AM, Jan Cholasta wrote:
On 1.12.2015 09:37, Petr Spacek wrote:
On 30.11.2015 20:00, Martin Basti wrote:
On 27.11.2015 16:06, Stanislav Laznicka wrote:
Please, see the modified patch attached.
Standa
On 11/27/2015 03:48 P
On 11/30/2015 07:42 PM, Simo Sorce wrote:
On Wed, 2015-11-25 at 10:33 +0100, Martin Babinsky wrote:
On 11/24/2015 10:20 PM, Simo Sorce wrote:
This addresses #3860, giving admins the option to not require preauth
for Hosts and services.
I did not add this option by default, although it does red
Hello,
Fix for https://fedorahosted.org/freeipa/ticket/5458
Thanks,
Gabe
From 490bb5aceb2c1ea3385c15bb85aea5c29c77f70b Mon Sep 17 00:00:00 2001
From: Gabe
Date: Tue, 1 Dec 2015 06:45:59 -0700
Subject: [PATCH] Migrate wget references and usage to curl
https://fedorahosted.org/freeipa/ticket/545
On Tue, 2015-12-01 at 14:42 +0100, Martin Kosek wrote:
> On 12/01/2015 02:38 PM, Simo Sorce wrote:
> > On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
> >> On Mon, 30 Nov 2015, Simo Sorce wrote:
> >>> On Wed, 2015-11-25 at 09:47 -0500, Simo Sorce wrote:
> On Wed, 2015-11-25 at 09:0
Sorry guys, I forgot to add a meaningful subject to this message. Ignore
the previous thread start.
-- Forwarded message --
From: Gabe Alford
Date: Mon, Nov 30, 2015 at 7:31 PM
Subject: [PATCH 0065]
To: freeipa-devel
Hello,
Patch fix for the following tickets:
https://fedorah
On 12/01/2015 02:38 PM, Simo Sorce wrote:
> On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
>> On Mon, 30 Nov 2015, Simo Sorce wrote:
>>> On Wed, 2015-11-25 at 09:47 -0500, Simo Sorce wrote:
On Wed, 2015-11-25 at 09:02 -0500, Rob Crittenden wrote:
> Jan Cholasta wrote:
>> O
On 11/30/2015 08:34 PM, Martin Basti wrote:
On 30.11.2015 18:41, Martin Babinsky wrote:
On 11/30/2015 06:15 PM, Martin Basti wrote:
On 30.11.2015 16:43, Martin Babinsky wrote:
On 11/30/2015 12:31 PM, Jan Cholasta wrote:
Hi,
On 27.11.2015 14:58, Martin Babinsky wrote:
On 11/19/2015 06:19
On Tue, 2015-12-01 at 10:11 +0200, Alexander Bokovoy wrote:
> On Mon, 30 Nov 2015, Simo Sorce wrote:
> >On Wed, 2015-11-25 at 09:47 -0500, Simo Sorce wrote:
> >> On Wed, 2015-11-25 at 09:02 -0500, Rob Crittenden wrote:
> >> > Jan Cholasta wrote:
> >> > > On 24.11.2015 22:17, Simo Sorce wrote:
> >>
On 1.12.2015 12:12, Petr Viktorin wrote:
Hello,
I noticed I didn't attach an updated patch last time, which probably
affected the discussion here. Sorry for that; it's attached this time.
We seem to have a disconenct here: there are two different strategies to
do the packaging.
Your idea of the
On 30/11/15 17:24, Jan Cholasta wrote:
Hi,
On 27.11.2015 07:57, David Kupka wrote:
On 26/11/15 15:22, David Kupka wrote:
On 26/11/15 15:13, David Kupka wrote:
On 26/11/15 15:01, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5441
Replaced accidentally inserted tabs.
Fixed
On 01.12.2015 12:36, Martin Babinsky wrote:
On 12/01/2015 12:28 PM, Martin Babinsky wrote:
On 12/01/2015 12:21 PM, Martin Babinsky wrote:
This patch fixes a regression caused by recently pushed
topologysuffix-related patches.
self-NACK.
This patch should actually work.
ACK
Pushed to
On 12/01/2015 12:58 PM, Oleg Fayans wrote:
> Hi all,
>
> I am unable to enroll a client with the latest upstream ipa code
>
> I've successfully installed ipa-server with --setup-dns and --forwarder
> provided. I configured client's resolv.conf to use master's ip as the
> first dns server.
> But
Hi all,
I am unable to enroll a client with the latest upstream ipa code
I've successfully installed ipa-server with --setup-dns and --forwarder
provided. I configured client's resolv.conf to use master's ip as the
first dns server.
But when I issued the ipa-client-install command, it fails wi
On 12/01/2015 12:28 PM, Martin Babinsky wrote:
On 12/01/2015 12:21 PM, Martin Babinsky wrote:
This patch fixes a regression caused by recently pushed
topologysuffix-related patches.
self-NACK.
This patch should actually work.
--
Martin^3 Babinsky
From 1357e9ab7a01875afd29c5282b38ee65bb92d
On 12/01/2015 12:21 PM, Martin Babinsky wrote:
This patch fixes a regression caused by recently pushed
topologysuffix-related patches.
self-NACK.
--
Martin^3 Babinsky
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contri
On 11/30/2015 08:59 AM, Jan Cholasta wrote:
> On 25.11.2015 15:47, Petr Viktorin wrote:
>> On 11/25/2015 11:04 AM, Jan Cholasta wrote:
>>> On 24.11.2015 17:21, Petr Viktorin wrote:
On 11/23/2015 10:50 AM, Jan Cholasta wrote:
> On 23.11.2015 07:43, Jan Cholasta wrote:
>> On 19.11.2015 0
This patch fixes a regression caused by recently pushed
topologysuffix-related patches.
--
Martin^3 Babinsky
From eace784d7bea6234083eff2658b787bb0706f575 Mon Sep 17 00:00:00 2001
From: Martin Babinsky
Date: Tue, 1 Dec 2015 12:14:07 +0100
Subject: [PATCH] fix 'iparepltopomanagedsuffix' attribut
On 23.11.2015 15:47, Simo Sorce wrote:
On Mon, 2015-11-23 at 15:37 +0100, Jan Cholasta wrote:
Ad alternative is to add the host to ipaservers before the checks are
done and remove it again if any of them fail.
Too error prone, I am ok with the current way in your patches
until/unless I can th
Hello,
I noticed I didn't attach an updated patch last time, which probably
affected the discussion here. Sorry for that; it's attached this time.
We seem to have a disconenct here: there are two different strategies to
do the packaging.
Your idea of the port seems to be to have the py2 and py3 p
On Tue, 01 Dec 2015, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 1.12.2015 09:47, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 1.12.2015 09:21, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 24.11.2015 20:42, Simo Sorce wrot
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 1.12.2015 09:47, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 1.12.2015 09:21, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 24.11.2015 20:42, Simo Sorce wrote:
Since some time we use the getkeytab operat
On 1.12.2015 09:47, Alexander Bokovoy wrote:
> On Tue, 01 Dec 2015, Petr Spacek wrote:
>> On 1.12.2015 09:21, Alexander Bokovoy wrote:
>>> On Tue, 01 Dec 2015, Petr Spacek wrote:
On 24.11.2015 20:42, Simo Sorce wrote:
> Since some time we use the getkeytab operation to fetch keytabs on new
On 1.12.2015 09:33, Petr Spacek wrote:
On 26.11.2015 09:01, Jan Cholasta wrote:
On 11.11.2015 15:27, Petr Spacek wrote:
On 11.11.2015 09:36, Martin Babinsky wrote:
On 11/11/2015 09:32 AM, Jan Cholasta wrote:
On 11.11.2015 09:27, Martin Babinsky wrote:
On 11/11/2015 08:12 AM, Jan Cholasta wro
On 1.12.2015 09:37, Petr Spacek wrote:
On 30.11.2015 20:00, Martin Basti wrote:
On 27.11.2015 16:06, Stanislav Laznicka wrote:
Please, see the modified patch attached.
Standa
On 11/27/2015 03:48 PM, Martin Basti wrote:
On 27.11.2015 15:33, Petr Spacek wrote:
On 27.11.2015 15:32, Martin
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 1.12.2015 09:21, Alexander Bokovoy wrote:
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 24.11.2015 20:42, Simo Sorce wrote:
Since some time we use the getkeytab operation to fetch keytabs on newer
clients. According to bug #232 setkeytab can be used to c
On 30.11.2015 19:42, Martin Basti wrote:
On 24.11.2015 09:58, Petr Spacek wrote:
On 24.11.2015 09:56, Petr Spacek wrote:
Hello,
ipa-client-install: add support for Ed25519 SSH keys (RFC 7479)
https://fedorahosted.org/freeipa/ticket/5471
Once again ...
ACK
Pushed to master: fa6248
On 01.12.2015 07:58, Jan Cholasta wrote:
On 30.11.2015 19:27, Martin Basti wrote:
On 27.11.2015 16:18, Martin Babinsky wrote:
This patch fixes https://fedorahosted.org/freeipa/ticket/5410
Functional ACK
Martin^2
Is this waiting for my LGTM?
LGTM.
Pushed to master: f6240f21fc9ae2ade
On 30.11.2015 20:00, Martin Basti wrote:
>
>
> On 27.11.2015 16:06, Stanislav Laznicka wrote:
>> Please, see the modified patch attached.
>>
>> Standa
>>
>> On 11/27/2015 03:48 PM, Martin Basti wrote:
>>>
>>>
>>> On 27.11.2015 15:33, Petr Spacek wrote:
On 27.11.2015 15:32, Martin Basti wrote
On 01.12.2015 09:24, Martin Babinsky wrote:
On 11/30/2015 12:38 PM, Petr Vobornik wrote:
On 11/30/2015 12:15 PM, Jan Cholasta wrote:
On 27.11.2015 15:57, Petr Vobornik wrote:
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to mas
On 1.12.2015 09:21, Alexander Bokovoy wrote:
> On Tue, 01 Dec 2015, Petr Spacek wrote:
>> On 24.11.2015 20:42, Simo Sorce wrote:
>>> Since some time we use the getkeytab operation to fetch keytabs on newer
>>> clients. According to bug #232 setkeytab can be used to circumvent
>>> password quality c
On 26.11.2015 09:01, Jan Cholasta wrote:
> On 11.11.2015 15:27, Petr Spacek wrote:
>> On 11.11.2015 09:36, Martin Babinsky wrote:
>>> On 11/11/2015 09:32 AM, Jan Cholasta wrote:
On 11.11.2015 09:27, Martin Babinsky wrote:
> On 11/11/2015 08:12 AM, Jan Cholasta wrote:
>> On 10.11.2015 1
On 01.12.2015 09:22, Martin Babinsky wrote:
On 11/30/2015 12:15 PM, Jan Cholasta wrote:
On 27.11.2015 15:57, Petr Vobornik wrote:
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to master: c688954c27c219cb18aff968fc1f510afff93981
On 11/30/2015 12:38 PM, Petr Vobornik wrote:
On 11/30/2015 12:15 PM, Jan Cholasta wrote:
On 27.11.2015 15:57, Petr Vobornik wrote:
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to master: c688954c27c219cb18aff968fc1f510afff93981
On 11/30/2015 12:15 PM, Jan Cholasta wrote:
On 27.11.2015 15:57, Petr Vobornik wrote:
On 11/27/2015 02:50 PM, Martin Babinsky wrote:
On 11/20/2015 03:56 PM, Petr Vobornik wrote:
ACK
Pushed to master: c688954c27c219cb18aff968fc1f510afff93981
As we discussed offline, the server plugin sh
On Tue, 01 Dec 2015, Petr Spacek wrote:
On 24.11.2015 20:42, Simo Sorce wrote:
Since some time we use the getkeytab operation to fetch keytabs on newer
clients. According to bug #232 setkeytab can be used to circumvent
password quality controls so it needs to be slowly retired.
The attached pat
On 18.11.2015 13:25, Martin Babinsky wrote:
Additional fix for https://fedorahosted.org/freeipa/ticket/5424
In current implementation the topology suffices are checked first and
after that the error about non-existent host is raised. This does not
make much sense to me, we should check for h
On 24.11.2015 20:42, Simo Sorce wrote:
> Since some time we use the getkeytab operation to fetch keytabs on newer
> clients. According to bug #232 setkeytab can be used to circumvent
> password quality controls so it needs to be slowly retired.
>
> The attached patches implement #5485 in 2 parts.
On Mon, 30 Nov 2015, Simo Sorce wrote:
On Wed, 2015-11-25 at 09:47 -0500, Simo Sorce wrote:
On Wed, 2015-11-25 at 09:02 -0500, Rob Crittenden wrote:
> Jan Cholasta wrote:
> > On 24.11.2015 22:17, Simo Sorce wrote:
> >> On Tue, 2015-11-24 at 14:57 -0500, Simo Sorce wrote:
> >>> On Tue, 2015-11-24
On Wed, 25 Nov 2015, Simo Sorce wrote:
On Wed, 2015-11-25 at 08:09 +0100, Jan Cholasta wrote:
On 25.11.2015 00:09, Simo Sorce wrote:
> This patch is untested and mostly an RFC.
>
> I think it is all we need to allow to specify authz data types per user
> and by setting the attribute to NONE prev
On 30.11.2015 12:41, Petr Vobornik wrote:
see
https://www.redhat.com/archives/freeipa-devel/2015-November/msg00485.html
LGTM, but I would s/_SUFFIX/_SUFFIX_NAME/.
--
Jan Cholasta
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-de
59 matches
Mail list logo
