Re: [Freeipa-devel] host-del & client uninstall: additional discussion related to DNS needed

On (04/03/16 16:48), Petr Spacek wrote: >On 4.3.2016 15:05, Rob Crittenden wrote: >> Petr Spacek wrote: >>> On 3.3.2016 18:15, Martin Basti wrote: On 03.03.2016 17:36, Petr Vobornik wrote: > On 03/03/2016 03:52 PM, Martin Basti wrote: >> Hello all, >> >> related

Re: [Freeipa-devel] [PATCH] 0007 webui: Add a field for GID in the user add dialog

On 03/01/2016 01:37 PM, Pavel Vomacka wrote: Hi, The patch adds new field in user add dialog. This combo box lists GIDs of posix groups so user can choose one. It is also possible to fill a GID number which is not in the list. Link to the ticket: https://fedorahosted.org/freeipa/ticket/5505

[Freeipa-devel] FreeIPA COPR repos for 4.2.4 and 4.3.1 release candidates

Hello all, COPR repostories for testing of upcoming 4.3.1 and 4.2.4 releases were created in new @freeipa group: * @freeipa/freeipa-4-2-rc for f23 * @freeipa/freeipa-4-3-rc for f23, f24, rawhide @freeipa/freeipa-4-2-rc is undergoing pre-release testing. It also means that there is push

Re: [Freeipa-devel] [PATCH 016, 024, 025] First part of the replica promotion tests + testplan

* old messages have been removed * 1) this method is unused please remove it def test_kra_install_master(self): Well, in fact it is used twice: in both domain levels, so I'd better keep it: -bash-4.3$ ipa-run-tests test_integration/test_replica_promotion.py --collect-only

Re: [Freeipa-devel] Feature template - proposed changes

On 03/04/2016 03:59 PM, Petr Spacek wrote: On 4.3.2016 15:23, Martin Kosek wrote: On 03/04/2016 03:11 PM, Petr Spacek wrote: Hello, I've updated Feature template to make sure that important the design decisions are recorded somewhere. Of course all this is open for discussion. I did this

Re: [Freeipa-devel] host-del & client uninstall: additional discussion related to DNS needed

On 4.3.2016 15:05, Rob Crittenden wrote: > Petr Spacek wrote: >> On 3.3.2016 18:15, Martin Basti wrote: >>> >>> >>> On 03.03.2016 17:36, Petr Vobornik wrote: On 03/03/2016 03:52 PM, Martin Basti wrote: > Hello all, > > related tickets: >

Re: [Freeipa-devel] Feature template - proposed changes

On 03/04/2016 03:41 PM, Martin Kosek wrote: On 03/04/2016 03:11 PM, Petr Spacek wrote: Hello, I've updated Feature template to make sure that important the design decisions are recorded somewhere. Of course all this is open for discussion. I did this soon because I believe that it is better

Re: [Freeipa-devel] [PATCH 016, 024, 025] First part of the replica promotion tests + testplan

Hi, Martin. An updated version of the patch is attached. Please see my comments below On 03/04/2016 08:39 AM, Martin Basti wrote: > > > On 04.03.2016 08:37, Martin Basti wrote: >> >> >> On 03.03.2016 18:38, Martin Basti wrote: >>> >>> >>> On 02.03.2016 13:47, Oleg Fayans wrote: Hi Martin,

Re: [Freeipa-devel] Proposing design template changes (Re: Feature template - proposed changes)

On 4.3.2016 15:33, Martin Kosek wrote: > On 03/04/2016 03:11 PM, Petr Spacek wrote: >> Hello, >> >> I've updated Feature template to make sure that important the design >> decisions >> are recorded somewhere. >> >> Of course all this is open for discussion. I did this soon because I believe >>

Re: [Freeipa-devel] Feature template - proposed changes

On 4.3.2016 15:23, Martin Kosek wrote: > On 03/04/2016 03:11 PM, Petr Spacek wrote: >> Hello, >> >> I've updated Feature template to make sure that important the design >> decisions >> are recorded somewhere. >> >> Of course all this is open for discussion. I did this soon because I believe >>

Re: [Freeipa-devel] [WIP] Time-Based HBAC Policies

On 03/04/2016 03:39 PM, Stanislav Laznicka wrote: > Based on Alexander's suggestion I created a copr repo with latest > python-icalendar version. > > https://copr.fedorainfracloud.org/coprs/stlaz/python-icalendar/packages/ Thanks. When we get to end-to-end functionality (again), it should again

Re: [Freeipa-devel] Feature template - proposed changes

On 03/04/2016 03:11 PM, Petr Spacek wrote: > Hello, > > I've updated Feature template to make sure that important the design decisions > are recorded somewhere. > > Of course all this is open for discussion. I did this soon because I believe > that it is better to actually see how it looks like

Re: [Freeipa-devel] [WIP] Time-Based HBAC Policies

Based on Alexander's suggestion I created a copr repo with latest python-icalendar version. https://copr.fedorainfracloud.org/coprs/stlaz/python-icalendar/packages/ On 03/04/2016 02:53 PM, Stanislav Laznicka wrote: Hello, So in the previous month and a bit I was reworking the time-based

[Freeipa-devel] Proposing design template changes (Re: Feature template - proposed changes)

On 03/04/2016 03:11 PM, Petr Spacek wrote: > Hello, > > I've updated Feature template to make sure that important the design decisions > are recorded somewhere. > > Of course all this is open for discussion. I did this soon because I believe > that it is better to actually see how it looks like

Re: [Freeipa-devel] Feature template - proposed changes

On 03/04/2016 03:11 PM, Petr Spacek wrote: > Hello, > > I've updated Feature template to make sure that important the design decisions > are recorded somewhere. > > Of course all this is open for discussion. I did this soon because I believe > that it is better to actually see how it looks like

[Freeipa-devel] Feature template - proposed changes

Hello, I've updated Feature template to make sure that important the design decisions are recorded somewhere. Of course all this is open for discussion. I did this soon because I believe that it is better to actually see how it looks like instead of discussing vaporware. Wiki has revert button

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On 03/04/2016 02:30 PM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >> On 03/04/2016 01:09 PM, Alexander Bokovoy wrote: >>> On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 12:59 PM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >>

Re: [Freeipa-devel] [PATCH 0390] Fix build with GCC 4.9+

On 3.3.2016 08:59, Lukas Slebodnik wrote: > On (01/03/16 14:35), Petr Spacek wrote: >> On 1.3.2016 12:06, Lukas Slebodnik wrote: >>> On (25/02/16 15:57), Petr Spacek wrote: On 19.2.2016 13:55, Petr Spacek wrote: > Hello, > > Fix build with GCC 4.9+. > > GCC 4.9+ is too

[Freeipa-devel] [WIP] Time-Based HBAC Policies

Hello, So in the previous month and a bit I was reworking the time-based policies according to the changes we agreed on (http://pad.engineering.redhat.com/ipa-time-based-HBAC-design, line 83). Let me briefly walk you through what was done (no TLDR, sorry, but split the text in chapters):

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 01:09 PM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 12:59 PM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016,

Re: [Freeipa-devel] [PATCH 0087] Pylint: enable parallelism

On 03/01/2016 03:46 PM, Petr Spacek wrote: > Hello, > > Pylint: enable parallelism > > The config file specifies 8 cores but Pylint very quickly > ends up with 3 cores so do not worry about overwhelming your system. I like the idea of the patch, however, on my single-CPU VM this causes

Re: [Freeipa-devel] [python-pytest-multihost] Request to add support to specify username/password for each host

Niranjan wrote: > Petr Viktorin wrote: > > On 03/01/2016 05:18 PM, Petr Viktorin wrote: > > > On 02/29/2016 05:57 PM, Niranjan wrote: > > >> Greetings, > > >> > > >> Attached wrong patch in my last mail. Request to review the patch > > >> attached to this email > > >> > > > > > > Hello, > > >

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On 03/04/2016 01:09 PM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >> On 03/04/2016 12:59 PM, Alexander Bokovoy wrote: >>> On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >>

Re: [Freeipa-devel] [PATCH 0430] remove unused argument from function update_ssh_keys

On 04.03.2016 09:48, David Kupka wrote: This patch is going to master branch only. Works for me, ACK. - Original Message - From: "Martin Basti" To: "freeipa-devel" Sent: Wednesday, March 2, 2016 5:33:18 PM Subject: [Freeipa-devel] [PATCH

Re: [Freeipa-devel] [PATCH 0429] fix suspicious except statement

On 03/02/2016 06:23 PM, Martin Basti wrote: > > > On 02.03.2016 17:17, Martin Basti wrote: >> Patch attached, read commit message for more info. >> >> > https://fedorahosted.org/freeipa/ticket/5718 > > Updated patch attached. > > Good catch, ACK. Issue is present both in master and

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 12:59 PM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016, Martin Kosek wrote: Hi Alexander and others, As you know, SSSD 1.13.4 added support of

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On 03/04/2016 12:59 PM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >> On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: >>> On Fri, 04 Mar 2016, Martin Kosek wrote: Hi Alexander and others, As you know, SSSD 1.13.4 added support of reading the native SUDO

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, 04 Mar 2016, Martin Kosek wrote: On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: On Fri, 04 Mar 2016, Martin Kosek wrote: Hi Alexander and others, As you know, SSSD 1.13.4 added support of reading the native SUDO tree [1]. This means that FreeIPA deployments with all clients being

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On 03/04/2016 10:10 AM, Alexander Bokovoy wrote: > On Fri, 04 Mar 2016, Martin Kosek wrote: >> Hi Alexander and others, >> >> As you know, SSSD 1.13.4 added support of reading the native SUDO tree [1]. >> This means that FreeIPA deployments with all clients being SSSD 1.13.4 or >> older >> will

[Freeipa-devel] [PATCH 0404] ipalib: Fix user certificate docstrings

Hi, this fixes incorrect usercertificate attribute docstrings in several IPA objects. Tomas From a056b839c48363721d0c27a196e9b47bdd28f12a Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Fri, 4 Mar 2016 12:45:39 +0100 Subject: [PATCH] ipalib: Fix user certificate docstrings

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, 04 Mar 2016, Jakub Hrozek wrote: On Fri, Mar 04, 2016 at 11:10:47AM +0200, Alexander Bokovoy wrote: On the other hand, if no users are going to use the configuration, it should not hurt anymore to have it enabled. With current slapi-nis state there should be no problems anymore. I

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, Mar 04, 2016 at 11:10:47AM +0200, Alexander Bokovoy wrote: > On the other hand, if no users are going to use the configuration, it > should not hurt anymore to have it enabled. With current slapi-nis state > there should be no problems anymore. I admit I haven't been following the

Re: [Freeipa-devel] Disabling Schema Compatibility rule

On Fri, 04 Mar 2016, Martin Kosek wrote: Hi Alexander and others, As you know, SSSD 1.13.4 added support of reading the native SUDO tree [1]. This means that FreeIPA deployments with all clients being SSSD 1.13.4 or older will be able to disable the sudoers schema compatiblity tree

Re: [Freeipa-devel] [PATCH 0430] remove unused argument from function update_ssh_keys

This patch is going to master branch only. Works for me, ACK. - Original Message - From: "Martin Basti" To: "freeipa-devel" Sent: Wednesday, March 2, 2016 5:33:18 PM Subject: [Freeipa-devel] [PATCH 0430] remove unused argument from function

[Freeipa-devel] Disabling Schema Compatibility rule

Hi Alexander and others, As you know, SSSD 1.13.4 added support of reading the native SUDO tree [1]. This means that FreeIPA deployments with all clients being SSSD 1.13.4 or older will be able to disable the sudoers schema compatiblity tree (cn=sudoers,cn=Schema

Re: [Freeipa-devel] host-del & client uninstall: additional discussion related to DNS needed

On 3.3.2016 18:15, Martin Basti wrote: > > > On 03.03.2016 17:36, Petr Vobornik wrote: >> On 03/03/2016 03:52 PM, Martin Basti wrote: >>> Hello all, >>> >>> related tickets: >>> https://fedorahosted.org/freeipa/ticket/5676 >>> https://fedorahosted.org/freeipa/ticket/5675 >>>