On Thu, 03 Dec 2015, Simo Sorce wrote:
The first patch is preparatory and is needed in general now that we want
top allow alias and use krbCanonicalName as the canonical name when
multiple values are avilable in krbPrincipalName.
The second patch changes slightly how the interdomain trust accoun
Hi,
On 13.1.2016 13:03, Martin Babinsky wrote:
On 01/13/2016 11:34 AM, Petr Viktorin wrote:
Hello,
I'm planning to port the ipa-client to Python 3, and I'm likely to end
up shaking out some dusty corners of the codebase, rather than doing the
minimal amount of work :)
So I'd like to get your op
On 13.1.2016 18:13, Martin Basti wrote:
>
>
> On 08.01.2016 10:12, Oleg Fayans wrote:
>> Passes lint, fixes an issue with replica installation failures due to
>> absence of corresponding reverse zone on master.
>>
>>
>>
> NACK
>
> [ipa.ipatests.test_integration.host.Host.master.ParamikoTransport
https://fedorahosted.org/freeipa/ticket/5544
Patch attached.
From a882c48058cca2564265546e557e9d7d542a9553 Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Wed, 13 Jan 2016 17:27:06 +0100
Subject: [PATCH] Warn about potential loss of CA, KRA, DNSSEC during uninstall
If connection do LDAP faile
On 13.01.2016 17:59, Rob Crittenden wrote:
Martin Babinsky wrote:
fixes https://fedorahosted.org/freeipa/ticket/5584
In order to ensure consistent behavior with ipa-client-install, I opted
to reuse the configure_openldap_conf() function and restoring the config
from client sysrestore before m
On 08.01.2016 10:12, Oleg Fayans wrote:
Passes lint, fixes an issue with replica installation failures due to
absence of corresponding reverse zone on master.
NACK
[ipa.ipatests.test_integration.host.Host.master.ParamikoTransport] RUN
['ipa', 'dnsrecord-add', '129.168.192.in-addr.arpa.',
Martin Babinsky wrote:
> fixes https://fedorahosted.org/freeipa/ticket/5584
>
> In order to ensure consistent behavior with ipa-client-install, I opted
> to reuse the configure_openldap_conf() function and restoring the config
> from client sysrestore before modifying it.
>
> If you think this ap
On 01/13/2016 05:42 PM, Martin Babinsky wrote:
fixes https://fedorahosted.org/freeipa/ticket/5584
In order to ensure consistent behavior with ipa-client-install, I opted
to reuse the configure_openldap_conf() function and restoring the config
from client sysrestore before modifying it.
If you t
fixes https://fedorahosted.org/freeipa/ticket/5584
In order to ensure consistent behavior with ipa-client-install, I opted
to reuse the configure_openldap_conf() function and restoring the config
from client sysrestore before modifying it.
If you think this approach is not optimal please prop
On 01/13/2016 10:31 AM, Martin Babinsky wrote:
On 01/07/2016 05:38 PM, Martin Babinsky wrote:
On 01/07/2016 05:37 PM, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5584
And the patch is here.
self-NACK, there may be a better way to handle this. I will do some
investigatio
On 13.01.2016 16:03, Simo Sorce wrote:
On Wed, 2016-01-13 at 15:49 +0100, Martin Basti wrote:
On 13.01.2016 15:31, Martin Babinsky wrote:
On 01/13/2016 03:30 PM, Simo Sorce wrote:
On Wed, 2016-01-13 at 14:02 +0100, Martin Babinsky wrote:
On 01/05/2016 11:19 PM, Simo Sorce wrote:
On Tue, 20
On Wed, 2016-01-13 at 15:49 +0100, Martin Basti wrote:
>
> On 13.01.2016 15:31, Martin Babinsky wrote:
> > On 01/13/2016 03:30 PM, Simo Sorce wrote:
> >> On Wed, 2016-01-13 at 14:02 +0100, Martin Babinsky wrote:
> >>> On 01/05/2016 11:19 PM, Simo Sorce wrote:
> On Tue, 2016-01-05 at 16:15 -05
On 13.01.2016 15:31, Martin Babinsky wrote:
On 01/13/2016 03:30 PM, Simo Sorce wrote:
On Wed, 2016-01-13 at 14:02 +0100, Martin Babinsky wrote:
On 01/05/2016 11:19 PM, Simo Sorce wrote:
On Tue, 2016-01-05 at 16:15 -0500, Simo Sorce wrote:
The LDAP context was not checked on the first api cal
On 01/13/2016 03:30 PM, Simo Sorce wrote:
On Wed, 2016-01-13 at 14:02 +0100, Martin Babinsky wrote:
On 01/05/2016 11:19 PM, Simo Sorce wrote:
On Tue, 2016-01-05 at 16:15 -0500, Simo Sorce wrote:
The LDAP context was not checked on the first api call and a context may
be null on some error cond
On Wed, 2016-01-13 at 14:02 +0100, Martin Babinsky wrote:
> On 01/05/2016 11:19 PM, Simo Sorce wrote:
> > On Tue, 2016-01-05 at 16:15 -0500, Simo Sorce wrote:
> >> The LDAP context was not checked on the first api call and a context may
> >> be null on some error conditions (LDAP server unreachable
On 13.01.2016 15:06, Alexander Bokovoy wrote:
On Mon, 23 Nov 2015, Simo Sorce wrote:
Note, this does not touch the trust code because apparently we use only
arcfour there.
CCing Alexander to give me a comment about that, probably worth opening
a ticket specific to trusts.
Otherwise addresses
On Mon, 23 Nov 2015, Simo Sorce wrote:
Note, this does not touch the trust code because apparently we use only
arcfour there.
CCing Alexander to give me a comment about that, probably worth opening
a ticket specific to trusts.
Otherwise addresses #4740
Simo.
--
Simo Sorce * Red Hat, Inc * New
On 01/05/2016 11:19 PM, Simo Sorce wrote:
On Tue, 2016-01-05 at 16:15 -0500, Simo Sorce wrote:
The LDAP context was not checked on the first api call and a context may
be null on some error conditions (LDAP server unreachable).
Always check that we have a valid context before calling the ldap A
On 18.12.2015 12:46, Stanislav Laznicka wrote:
Hi,
Attached are the patches for auto-find and clean of dangling (cs)ruvs.
Currently, the cleaning of an RUV waits for all replicas to be online,
even on --force. If that were an issue, I can make the command fail
before trying to clean any of
On 01/13/2016 11:34 AM, Petr Viktorin wrote:
Hello,
I'm planning to port the ipa-client to Python 3, and I'm likely to end
up shaking out some dusty corners of the codebase, rather than doing the
minimal amount of work :)
So I'd like to get your opinions before I commit significant time to this.
Hello,
I'm planning to port the ipa-client to Python 3, and I'm likely to end
up shaking out some dusty corners of the codebase, rather than doing the
minimal amount of work :)
So I'd like to get your opinions before I commit significant time to this.
I think it would be beneficial to split ipa-cl
On 01/07/2016 05:38 PM, Martin Babinsky wrote:
On 01/07/2016 05:37 PM, Martin Babinsky wrote:
https://fedorahosted.org/freeipa/ticket/5584
And the patch is here.
self-NACK, there may be a better way to handle this. I will do some
investigation and send updated patch.
--
Martin^3 Babinsky
On 11.01.2016 11:59, Milan Kubík wrote:
On 01/07/2016 09:36 AM, Milan Kubík wrote:
0029: Add 10.in-addr.arpa. zone to ipa
0030: If the IP addresses in the topology are resolvable, do not add
them to master.
Hi. I'm dropping 0029 for now. 0030 gets an update.
--
Milan Kubik
ACK
Pushe
On 11.01.2016 16:47, Martin Basti wrote:
On 11.01.2016 12:34, Martin Kosek wrote:
On 01/08/2016 06:31 PM, Martin Babinsky wrote:
On 01/08/2016 06:17 PM, Martin Basti wrote:
On 08.01.2016 17:18, Martin Babinsky wrote:
fixes ipa-csreplica-manage del blowing up due
https://fedorahosted.org
On 11.01.2016 13:30, Martin Babinsky wrote:
On 01/08/2016 06:26 PM, Tomas Babej wrote:
On 01/07/2016 05:56 PM, Martin Babinsky wrote:
On 01/04/2016 09:02 AM, Martin Babinsky wrote:
I have created ticket to patch and added it to commit message:
https://fedorahosted.org/freeipa/ticket/5
On 01/13/2016 07:18 AM, Jan Cholasta wrote:
On 12.1.2016 19:13, Martin Babinsky wrote:
commit 6ea868e172738bdd6a8fae34e65126cdd134bbbe broke replica install
and management on IPA servers upgraded from pre-4.3 version. The
attached patch fixes this.
https://fedorahosted.org/freeipa/ticket/5575
26 matches
Mail list logo
