Re: [Freeipa-devel] [DESIGN][UPDATE] Time-Based HBAC Policies

On 19.08.2016 12:37, Pavel Vomacka wrote: On 08/16/2016 08:21 AM, Stanislav Laznicka wrote: On 08/12/2016 06:48 PM, Petr Spacek wrote: On 11.8.2016 12:34, Stanislav Laznicka wrote: Hello, I updated the design of the Time-Based HBAC Policies according to the discussion we led here

Re: [Freeipa-devel] [PATCH 0214] Support schema files for external plugins

On 19.08.2016 15:26, Alexander Bokovoy wrote: On Fri, 19 Aug 2016, Martin Basti wrote: On 19.08.2016 11:43, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Petr Vobornik wrote: On 08/08/2016 12:26 PM, Alexander Bokovoy wrote: On Mon, 08 Aug

Re: [Freeipa-devel] [PATCH 0214] Support schema files for external plugins

On Fri, 19 Aug 2016, Martin Basti wrote: On 19.08.2016 11:43, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Petr Vobornik wrote: On 08/08/2016 12:26 PM, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: Hi! Attached patch

Re: [Freeipa-devel] [PATCH 0214] Support schema files for external plugins

On 19.08.2016 11:43, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Petr Vobornik wrote: On 08/08/2016 12:26 PM, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: Hi! Attached patch is what is needed to allow external

[Freeipa-devel] [PATCH] 0004 Fix ipa-server-install in pure IPv6 environment

Hi, please review the attached patch. Make sure the hostname isn't resolved to link local IPv6(feXX:...) during testing, which doesn't work (and isn't supposed to). -- Tomas Krizek From d4a7a4e637951fca5331e9dc0622df912e828a26 Mon Sep 17 00:00:00 2001 From: Tomas Krizek

Re: [Freeipa-devel] [PATCH] 0097 Add options to write lightweight CA cert or chain to file

Bump for review. On Wed, Aug 17, 2016 at 12:09:39AM +1000, Fraser Tweedale wrote: > On Tue, Aug 16, 2016 at 08:10:08AM +0200, Jan Cholasta wrote: > > On 16.8.2016 07:24, Fraser Tweedale wrote: > > > On Mon, Aug 15, 2016 at 08:19:33AM +0200, Jan Cholasta wrote: > > > > On 9.8.2016 16:47, Fraser

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

mbasti-rh commented on a pull request Sorry testing phase of tools :) Fixed upstream master: https://fedorahosted.org/freeipa/changeset/86e156c3c5f331e3f169b941be2d9f72e7c8f000 See the full comment at https://github.com/freeipa/freeipa/pull/2#issuecomment-240991058 -- Manage your

Re: [Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

On 19.08.2016 13:05, freeipa-github-notificat...@redhat.com wrote: mbasti-rh commented on a pull request m a s t e r : * 8 6 e 1 5 6 c 3 c 5 f 3 3 1 e 3 f 1 6 9 b 9 4 1 b e 2 d 9 f 7 2 e 7 c 8 f 0 0 0 R e m o v e f o r g o t t e n p r i n t f r o m D N . _ _ s t r _

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (closed)

mbasti-rh's pull request #2: "Remove forgotten print from DN.__str__ implementation" was closed See the full pull-request at https://github.com/freeipa/freeipa/pull/2 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

mbasti-rh commented on a pull request m a s t e r : * 8 6 e 1 5 6 c 3 c 5 f 3 3 1 e 3 f 1 6 9 b 9 4 1 b e 2 d 9 f 7 2 e 7 c 8 f 0 0 0 R e m o v e f o r g o t t e n p r i n t f r o m D N . _ _ s t r _ _ i m p l e m e n t a t i o n See the full comment at

[Freeipa-devel] [PATCH] 0084 cert-revoke: fix permission check bypass

This patch fixes CVE-2016-5404. Versions for master, ipa-4-3 and ipa-4-2 branches are attached. Thanks, Fraser From 61590c223aa51668b3f661fc91bc35f2dfae8ae6 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 30 Jun 2016 10:21:01 +1000 Subject: [PATCH] cert-revoke:

Re: [Freeipa-devel] [DESIGN][UPDATE] Time-Based HBAC Policies

On 08/16/2016 08:21 AM, Stanislav Laznicka wrote: On 08/12/2016 06:48 PM, Petr Spacek wrote: On 11.8.2016 12:34, Stanislav Laznicka wrote: Hello, I updated the design of the Time-Based HBAC Policies according to the discussion we led here earlier. Please check the design page

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (label change)

mbasti-rh's pull request #2: "Remove forgotten print from DN.__str__ implementation" label *ack* has been added See the full pull-request at https://github.com/freeipa/freeipa/pull/2 -- Manage your subscription for the Freeipa-devel mailing list:

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

dkupka commented on a pull request Makes sense. See the full comment at https://github.com/freeipa/freeipa/pull/2#issuecomment-240984276 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

dkupka commented on a pull request Makes sence. See the full comment at https://github.com/freeipa/freeipa/pull/2#issuecomment-240981516 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

Re: [Freeipa-devel] [PATCH] [WIP] Allow full customisability of CA subject name

On Mon, Aug 15, 2016 at 10:54:25PM +1000, Fraser Tweedale wrote: > On Mon, Aug 15, 2016 at 02:08:54PM +0200, Jan Cholasta wrote: > > On 19.7.2016 12:05, Jan Cholasta wrote: > > > On 19.7.2016 11:54, Fraser Tweedale wrote: > > > > On Tue, Jul 19, 2016 at 09:36:17AM +0200, Jan Cholasta wrote: > > >

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (comment)

davidkupka commented on a pull request Makes sence. See the full comment at https://github.com/freeipa/freeipa/pull/2#issuecomment-240977749 -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA:

Re: [Freeipa-devel] [PATCH 0214] Support schema files for external plugins

On Mon, 08 Aug 2016, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Petr Vobornik wrote: On 08/08/2016 12:26 PM, Alexander Bokovoy wrote: On Mon, 08 Aug 2016, Alexander Bokovoy wrote: Hi! Attached patch is what is needed to allow external plugins for FreeIPA framework to be functional if they

[Freeipa-devel] [freeipa/freeipa #3] User add fix #6199 (opened)

mbasti-rh's pull request #3: "User add fix #6199" was opened PR body: We do not have right to write to users delete_container. In case that user already exists in that container and we tried to add entry, we receive ACIError. This must be checked and DuplicationEntry error must be raised before.

Re: [Freeipa-devel] [PATCH 0215-0216] Child domain fixes for AD trust

On Wed, 17 Aug 2016, Martin Babinsky wrote: On 08/08/2016 01:27 PM, Alexander Bokovoy wrote: Hi! Attached two patches attempt to fix some of the issues we see with child domains. SSSD only 'sees' users from child domains if there is an ID range for each of them. However, after refactoring of

[Freeipa-devel] [freeipa/freeipa #2] Remove forgotten print from DN.__str__ implementation (opened)

mbasti-rh's pull request #2: "Remove forgotten print from DN.__str__ implementation" was opened PR body: These debug prints were forgotten there and should be removed, because str(DN) is often operation and we may save time with handling exceptions and printing unwanted debug See the full

Re: [Freeipa-devel] FreeIPA wiki - fighting the spammers

On 08/19/2016 08:43 AM, Petr Spacek wrote: > On 18.8.2016 16:25, Martin Kosek wrote: >> Hello everyone, >> >> As some of you noticed, we had lately an increasing number of spam attacks >> against FreeIPA.org wiki. Even though we did not accept user registration >> through the standard Mediawiki

Re: [Freeipa-devel] FreeIPA wiki - fighting the spammers

On 18.8.2016 16:25, Martin Kosek wrote: > Hello everyone, > > As some of you noticed, we had lately an increasing number of spam attacks > against FreeIPA.org wiki. Even though we did not accept user registration > through the standard Mediawiki User Creation form (which is often misused by >