Attached are two patches:
- reject direct modification of segment endpoints and connectivity
- better manage the rdn of a replication agreements represented by a segment
>From b7d72c390cd4ea021d9c818156c07de4fc2b0921 Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz
Date: Wed, 10 Jun 2015 15:53
On 06/10/2015 04:39 PM, Petr Vobornik wrote:
On 06/10/2015 04:06 PM, Petr Vobornik wrote:
On 06/02/2015 02:24 PM, Ludwig Krispenz wrote:
hi,
is there a real replacement for "del", it is not in the scope of the
topology commands, the removal of teh agreement is rejected and later
d
Hi Petr,
On 06/08/2015 04:50 PM, Ludwig Krispenz wrote:
On 06/08/2015 04:47 PM, Petr Vobornik wrote:
On 06/03/2015 06:20 PM, Simo Sorce wrote:
On Wed, 2015-06-03 at 14:53 +0200, Ludwig Krispenz wrote:
Hi,
this should prevent adding duplicate segments or segments with same
start and end node
On 06/10/2015 02:13 PM, thierry bordaz wrote:
On 06/10/2015 10:51 AM, Ludwig Krispenz wrote:
On 06/10/2015 10:41 AM, Martin Basti wrote:
On 10/06/15 09:13, Ludwig Krispenz wrote:
Hi,
there seems to be somethin going wrong in the code to delete the
services.
The code is
On 06/10/2015 10:41 AM, Martin Basti wrote:
On 10/06/15 09:13, Ludwig Krispenz wrote:
Hi,
there seems to be somethin going wrong in the code to delete the
services.
The code is:
# delete master entry with all active services
try:
dn = DN(('cn', repl
3 -0400] conn=150 op=55 RESULT err=0 tag=107
nentries=0 etime=1 csn=5576dcec00010004
here it stops after deleting three entries, and it should do it in
reverse order of the dn length, but KDC is deleted before MEMCACHE
[09/Jun/2015:08:32:43 -0400] conn=150 op=56 UNBIND
Are there any ide
, and the agreement is not removed.
I don't know why ipa-replica-manage del does stop deleting services and
the master entry
On 06/09/2015 04:25 PM, Oleg Fayans wrote:
On 06/09/2015 04:19 PM, Ludwig Krispenz wrote:
On 06/09/2015 04:14 PM, Oleg Fayans wrote:
On 06/09/2015 04:04 PM
On 06/09/2015 04:25 PM, Oleg Fayans wrote:
On 06/09/2015 04:19 PM, Ludwig Krispenz wrote:
On 06/09/2015 04:14 PM, Oleg Fayans wrote:
On 06/09/2015 04:04 PM, Ludwig Krispenz wrote:
On 06/09/2015 03:55 PM, Oleg Fayans wrote:
Hi everybody,
The current status of Topology plugin testing
On 06/09/2015 04:14 PM, Oleg Fayans wrote:
On 06/09/2015 04:04 PM, Ludwig Krispenz wrote:
On 06/09/2015 03:55 PM, Oleg Fayans wrote:
Hi everybody,
The current status of Topology plugin testing is as follows:
1. There is still no proper way of removing the replica.
Standard procedure
On 06/09/2015 03:55 PM, Oleg Fayans wrote:
Hi everybody,
The current status of Topology plugin testing is as follows:
1. There is still no proper way of removing the replica.
Standard procedure using `ipa-replica-manage del` throws "Server is
unwilling to perform: Entry is managed by topology
On 06/08/2015 04:47 PM, Petr Vobornik wrote:
On 06/03/2015 06:20 PM, Simo Sorce wrote:
On Wed, 2015-06-03 at 14:53 +0200, Ludwig Krispenz wrote:
Hi,
this should prevent adding duplicate segments or segments with same
start and end node
LGTM!
Simo.
The self referential check is done
On 06/03/2015 04:10 PM, Petr Vobornik wrote:
On 06/02/2015 02:20 PM, Ludwig Krispenz wrote:
replicas installed from older versions do not have a binddn group
just accept the errror
ACK
Pushed to master: 8457edc14dade724b486540800bcdafb7d9a6f76
Note that this group will be populated later
Hi,
this should prevent adding duplicate segments or segments with same
start and end node
>From 759790e3c6c87ebe75610fdcfda06c6d4bc00475 Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz
Date: Wed, 3 Jun 2015 14:22:52 +0200
Subject: [PATCH] check for existing and self referential segme
Hi Petr,
good catch. I didn't check for self referential segments. There is a
check for existing segments, but unfortuantely the entry lookup in the
pblock was incorrect and the test always passed.
For the removal, there is teh assumption that no duplicate segments
exist and so removal of A-
On 06/03/2015 02:05 PM, Oleg Fayans wrote:
Update:
The original error occurs ONLY when installing a replica from a gpg
file prepared on a master running FreeIPA 4.1.2.
but this should be covere with patch 0010
If The master runs the upstream code, it works.
On 06/02/2015 02:11 PM, Martin Ba
On 06/03/2015 01:32 PM, Oleg Fayans wrote:
Hi Ludwig
On 06/03/2015 12:23 PM, Ludwig Krispenz wrote:
On 06/03/2015 11:51 AM, Oleg Fayans wrote:
I confirm every point of this.
did you test with all the latest patches applied ? In your issues you
refer to crashes, the crashes reported should
On 06/03/2015 11:37 AM, Martin Babinsky wrote:
Hi everyone,
I have been playing with the topology related patches and I have
encountered a few issues that I would like to address in this thread:
1.) When replica install for whatever reason crashes _after_ the setup
of replication agreements
On 06/03/2015 11:51 AM, Oleg Fayans wrote:
I confirm every point of this.
did you test with all the latest patches applied ? In your issues you
refer to crashes, the crashes reported should be resolved, if you still
have crashes, pleas provide a core dump or scenario to reproduce the crash.
W
Oleg,
is the master and the replicas up and running ? The error messages look
like the dna plugin wants to establish an ldap connection to extend it's
range - and fails. I don't see how the topology plugin would interfere,
but of course there could be a side efect.
Ludwig
On 06/03/2015 10:4
On 06/03/2015 10:44 AM, Martin Kosek wrote:
On 06/03/2015 10:33 AM, Oleg Fayans wrote:
Hi,
With the latest freeipa code containing Topology plugin patches, I am unable to
make any changes in replicas.
I have the following topology:
replica1 <=> master <=> replica3
Here is the output of the ip
On 06/02/2015 05:16 PM, Martin Kosek wrote:
On 06/02/2015 05:08 PM, Ludwig Krispenz wrote:
On 06/02/2015 03:53 PM, Petr Vobornik wrote:
On 06/02/2015 02:20 PM, Ludwig Krispenz wrote:
On 06/02/2015 12:09 PM, Oleg Fayans wrote:
Hi all,
The following error was caught during replica
On 06/02/2015 03:53 PM, Petr Vobornik wrote:
On 06/02/2015 02:20 PM, Ludwig Krispenz wrote:
On 06/02/2015 12:09 PM, Oleg Fayans wrote:
Hi all,
The following error was caught during replica installation (I used all
the latest patches from Ludwig and Martin Basti):
-except
hi,
is there a real replacement for "del", it is not in the scope of the
topology commands, the removal of teh agreement is rejected and later
done by the plugin, but what about removal of the host, services, cleanruv ?
Ludwig
On 06/02/2015 02:10 PM, Tomas Babej wrote:
Hi,
With Domain Level
799, in handle_error
type(error).__name__, error.args[0]['info']), 1
KeyError: 'info'
It needs to be noted, that the replica file was prepared on the master
running standard 4.1.2 freeipa-server.
The log is attached
>From 81f850e62b573b56ca4f0d0641d6f179210
2T08:06:57Z DEBUG The ipa-server-install command failed,
exception: TypeError: coercing to Unicode: need string or buffer,
NoneType found
On 06/02/2015 10:04 AM, Ludwig Krispenz wrote:
Hi,
with the first patch the topo plugin no longer uses plugin version to
compare to set domainlevel, always g
Hi,
with the first patch the topo plugin no longer uses plugin version to
compare to set domainlevel, always gets activated if dom level >= 1
the second patch fixes a crash at replica removal
Ludwig
>From 7e08b6181973cc51e50eae69974682878b8ca66b Mon Sep 17 00:00:00 2001
From: Ludwig Kr
Hi Oleg,
On 06/01/2015 04:14 PM, Petr Vobornik wrote:
On 06/01/2015 01:48 PM, Ludwig Krispenz wrote:
On 06/01/2015 01:34 PM, Oleg Fayans wrote:
So far I've bumped into problem, using the newly built packages:
I've installed a master, a replica (replica1) Then replica3 (prepared
o
c21.x86_64
On 06/01/2015 11:19 AM, Oleg Fayans wrote:
Woks for me too. Will perform extensive testing today, and report
everything that I find.
Thanks, Ludwig!
On 05/29/2015 04:44 PM, Ludwig Krispenz wrote:
This is a patch for the two issues reported in ticket #5035
https://fedorahosted.org/f
This is a patch for the two issues reported in ticket #5035
https://fedorahosted.org/freeipa/ticket/5035
>From 7039d965919a631ac12ac366848c5dfaab475fe1 Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz
Date: Fri, 29 May 2015 16:12:44 +0200
Subject: [PATCH] replica install fails with domain leve
Hi,
the topology plugin relies on a change in DS to be able to mark
replication agreements, this fix is in master and will be in 1.3.3.11
(but I think it is not yet out)
Ludwig
On 05/29/2015 10:33 AM, Martin Basti wrote:
On 29/05/15 09:23, Lukas Slebodnik wrote:
On (12/05/15 21:03), Martin
On 05/28/2015 05:35 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 17:18 +0200, Ludwig Krispenz wrote:
On 05/28/2015 05:03 PM, Martin Kosek wrote:
On 05/28/2015 04:59 PM, Ludwig Krispenz wrote:
On 05/28/2015 04:46 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 15:54 +0200, Ludwig Krispenz wrote
On 05/28/2015 05:03 PM, Martin Kosek wrote:
On 05/28/2015 04:59 PM, Ludwig Krispenz wrote:
On 05/28/2015 04:46 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 15:54 +0200, Ludwig Krispenz wrote:
On 05/28/2015 03:26 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 14:11 +0200, Petr Spacek wrote:
On
On 05/28/2015 04:46 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 15:54 +0200, Ludwig Krispenz wrote:
On 05/28/2015 03:26 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 14:11 +0200, Petr Spacek wrote:
On 28.5.2015 10:49, Martin Kosek wrote:
On 05/28/2015 09:05 AM, Petr Spacek wrote:
On
On 05/28/2015 04:17 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 16:04 +0200, Martin Kosek wrote:
On 05/28/2015 04:04 PM, Ludwig Krispenz wrote:
On 05/28/2015 04:00 PM, Martin Kosek wrote:
On 05/28/2015 03:57 PM, Ludwig Krispenz wrote:
On 05/28/2015 03:47 PM, Martin Kosek wrote:
On 05/27
On 05/28/2015 04:04 PM, Martin Kosek wrote:
On 05/28/2015 04:04 PM, Ludwig Krispenz wrote:
On 05/28/2015 04:00 PM, Martin Kosek wrote:
On 05/28/2015 03:57 PM, Ludwig Krispenz wrote:
On 05/28/2015 03:47 PM, Martin Kosek wrote:
On 05/27/2015 04:59 PM, Martin Kosek wrote:
...
Domain Levels
On 05/28/2015 04:00 PM, Martin Kosek wrote:
On 05/28/2015 03:57 PM, Ludwig Krispenz wrote:
On 05/28/2015 03:47 PM, Martin Kosek wrote:
On 05/27/2015 04:59 PM, Martin Kosek wrote:
...
Domain Levels
- Done, committed
- Defaults to Level 1, i.e. Topology plugin powered infra enabled
With
On 05/28/2015 03:52 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 15:39 +0200, Oleg Fayans wrote:
On 05/28/2015 03:26 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 14:11 +0200, Petr Spacek wrote:
On 28.5.2015 10:49, Martin Kosek wrote:
On 05/28/2015 09:05 AM, Petr Spacek wrote:
On 28.5.2015 08:
On 05/28/2015 03:47 PM, Martin Kosek wrote:
On 05/27/2015 04:59 PM, Martin Kosek wrote:
...
Domain Levels
- Done, committed
- Defaults to Level 1, i.e. Topology plugin powered infra enabled
With respect to related Simo's response in
http://www.redhat.com/archives/freeipa-devel/2015-May/msg0055
On 05/28/2015 03:26 PM, Simo Sorce wrote:
On Thu, 2015-05-28 at 14:11 +0200, Petr Spacek wrote:
On 28.5.2015 10:49, Martin Kosek wrote:
On 05/28/2015 09:05 AM, Petr Spacek wrote:
On 28.5.2015 08:55, Jan Cholasta wrote:
Dne 26.5.2015 v 16:32 Petr Spacek napsal(a):
On 26.5.2015 16:16, Martin
On 05/27/2015 01:04 PM, Martin Kosek wrote:
On 05/26/2015 04:32 PM, Petr Spacek wrote:
On 26.5.2015 16:16, Martin Kosek wrote:
...
If you really want to avoid unforeseen issues rather go and get rid of
"major.minor" logic we have in the topology plugin right now :-)
Ludwig, I thought we agre
On 05/20/2015 03:07 PM, Petr Vobornik wrote:
On 05/20/2015 02:58 PM, Ludwig Krispenz wrote:
On 05/20/2015 02:52 PM, Oleg Fayans wrote:
Is this patch to be applied on top of the vanilla upstream tree, or
does it require your previous patches applied before?
it requires the install (0005) and
Krispenz wrote:
Hi,
here is the latest patch for the plugin part, trying to address all
problems found in the review
Regards,
Ludwig
PS if you want you can get a separate diff top the last version
On 05/12/2015 08:33 AM, Ludwig Krispenz wrote:
Hi,
I did split the patches, for easier review and to
On 05/19/2015 03:36 PM, Martin Kosek wrote:
On 05/19/2015 03:22 PM, Tomas Babej wrote:
...
3) Domain level is just a single integer and it should be treated as such,
there's no need for an LDAPObject plugin and other unnecessary complexities.
The implemetation could be as simple as (from top of
On 05/18/2015 06:37 PM, Petr Vobornik wrote:
On 05/18/2015 06:21 PM, Ludwig Krispenz wrote:
On 05/18/2015 06:05 PM, Ludwig Krispenz wrote:
Hi,
I started this discussion with Petr, but he thinks it should be better
discussed here.
Ludwig
Original Message
Subject: Re: ipa
On 05/18/2015 06:05 PM, Ludwig Krispenz wrote:
Hi,
I started this discussion with Petr, but he thinks it should be better
discussed here.
Ludwig
Original Message
Subject:Re: ipa topology command
Date: Mon, 18 May 2015 17:48:10 +0200
From: Petr Vobornik
To
Hi,
I started this discussion with Petr, but he thinks it should be better
discussed here.
Ludwig
Original Message
Subject:Re: ipa topology command
Date: Mon, 18 May 2015 17:48:10 +0200
From: Petr Vobornik
To: Ludwig Krispenz
On 05/18/2015 04:25 PM, Ludwig
Hi,
for our docs on the wiki there is a table of contents, which is created
from the section headers an the sections in the table of contents are
automatically numbered, eg
1. first chapter
1.1 subchapter
1.2 next sub
2. second
but in the body of the document these numbers are not there by d
On 05/15/2015 09:22 AM, Ludwig Krispenz wrote:
On 05/14/2015 11:48 AM, Jan Cholasta wrote:
Hi,
Dne 14.5.2015 v 11:00 Tomas Babej napsal(a):
Hi,
this patch implements the domain level feature.
https://fedorahosted.org/freeipa/ticket/5018
Tomas
1)
+# Create entry proclaiming Domain
On 05/14/2015 11:48 AM, Jan Cholasta wrote:
Hi,
Dne 14.5.2015 v 11:00 Tomas Babej napsal(a):
Hi,
this patch implements the domain level feature.
https://fedorahosted.org/freeipa/ticket/5018
Tomas
1)
+# Create entry proclaiming Domain Level support of this master
+# This will update the s
On 05/11/2015 06:44 PM, Jan Cholasta wrote:
Dne 11.5.2015 v 18:03 Ludwig Krispenz napsal(a):
On 05/11/2015 05:42 PM, Petr Spacek wrote:
On 11.5.2015 16:36, Martin Kosek wrote:
On 05/11/2015 04:34 PM, Jan Cholasta wrote:
Dne 11.5.2015 v 16:29 Petr Vobornik napsal(a):
On 05/11/2015 04:13 PM
On 05/11/2015 05:42 PM, Petr Spacek wrote:
On 11.5.2015 16:36, Martin Kosek wrote:
On 05/11/2015 04:34 PM, Jan Cholasta wrote:
Dne 11.5.2015 v 16:29 Petr Vobornik napsal(a):
On 05/11/2015 04:13 PM, Jan Cholasta wrote:
Dne 11.5.2015 v 15:56 Martin Kosek napsal(a):
On 05/11/2015 03:50 PM, Jan
On 05/06/2015 09:29 AM, Martin Kosek wrote:
Hello,
as already discussed in December [1], we will need to implement domain levels
in FreeIPA 4.2 to make sure we can manage the replication agreement by Topology
plugin.
I created a ticket for this feature [3] and linked it with Simo's design. The
Thanks,
I will look into it and try to add what's missing and also try to make
the design a bit more clear.
Ludwig
On 05/07/2015 04:32 PM, thierry bordaz wrote:
On 04/29/2015 11:18 AM, Ludwig Krispenz wrote:
Hi, thanks again, so there is some work to do, but see some answers
inline
irectly as it may be helpful to other developers and we would
have it archived for other uses.
On 05/04/2015 04:20 PM, Ludwig Krispenz wrote:
On 04/30/2015 03:22 PM, Oleg Fayans wrote:
Hi Ludwig,
While getting myself familiar with Replication Topology Plugin design
page I've found a number
Hi,
in recent posts about corrupted ruvs, there also was the error about
failing cleanup, like:
ipa-replica-manage del vm-162.idm.lab.eng.brq.redhat.com
..
Failed to cleanup vm-162.idm.lab.eng.brq.redhat.com entries: Not allowed
on non-leaf entry
in the access log we see
[06/May/2015:14:19
Hi, thanks again, so there is some work to do, but see some answers inline
On 04/27/2015 10:18 AM, thierry bordaz wrote:
On 04/21/2015 10:49 AM, Ludwig Krispenz wrote:
On 04/20/2015 06:00 PM, thierry bordaz wrote:
On 04/13/2015 10:56 AM, Ludwig Krispenz wrote:
Hi,
in the attachment you find
On 04/20/2015 06:00 PM, thierry bordaz wrote:
On 04/13/2015 10:56 AM, Ludwig Krispenz wrote:
Hi,
in the attachment you find the latest state of the "topology plugin",
it implements what is defined in the design page:
http://www.freeipa.org/page/V4/Manage_replication_topology (whic
Hi Martin,
thanks for your time and comments. The design page should match the
current implemtation, but as you said there were some iterations and I
will check again and address the points you raised.
Ludwig
On 04/14/2015 01:39 PM, Martin Kosek wrote:
On 04/13/2015 10:56 AM, Ludwig
On 03/18/2015 02:28 PM, Simo Sorce wrote:
On Wed, 2015-03-18 at 12:18 +0100, Ludwig Krispenz wrote:
Hi,
I need your feedback on a problem with implementing the topology plugin:
marking an replication agreement, this seems to be a never ending story
We want o mark an agreement when it is
Hi,
I need your feedback on a problem with implementing the topology plugin:
marking an replication agreement, this seems to be a never ending story
We want o mark an agreement when it is creqated by the plugin or put
under control of the plugin by raising the domain level.
The first idea was
On 12/15/2014 11:01 PM, Simo Sorce wrote:
Hello fellow developers, I added this new design:
http://www.freeipa.org/page/V4/Domain_Levels
It is a prerequisite for both the Replica Promotion design:
http://www.freeipa.org/page/V4/Replica_Promotion
and the Topology plugins design:
http://www.freei
On 01/09/2015 04:18 PM, Simo Sorce wrote:
On Fri, 09 Jan 2015 16:07:21 +0100
Ludwig Krispenz wrote:
On 01/09/2015 03:50 PM, Simo Sorce wrote:
On Fri, 09 Jan 2015 15:29:02 +0100
Ludwig Krispenz wrote:
On 01/07/2015 05:35 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:23:08 +0100
Ludwig
On 01/09/2015 03:50 PM, Simo Sorce wrote:
On Fri, 09 Jan 2015 15:29:02 +0100
Ludwig Krispenz wrote:
On 01/07/2015 05:35 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:23:08 +0100
Ludwig Krispenz wrote:
On 01/07/2015 05:13 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:11:53 +0100
Ludwig
On 01/07/2015 05:35 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:23:08 +0100
Ludwig Krispenz wrote:
On 01/07/2015 05:13 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:11:53 +0100
Ludwig Krispenz wrote:
Now, with some effort this can be resolved, eg
if the server is removed, keep it
On 01/07/2015 05:13 PM, Simo Sorce wrote:
On Wed, 07 Jan 2015 17:11:53 +0100
Ludwig Krispenz wrote:
Now, with some effort this can be resolved, eg
if the server is removed, keep it internally as removed server
and for segments connecting this server trigger removal of
replication agreements
Now, with some effort this can be resolved, eg
if the server is removed, keep it internally as removed server and
for segments connecting this server trigger removal of replication
agreements or mark a the last segment, when tried to remove, as
pending and once the server is removed also remove
On 12/18/2014 02:52 PM, Simo Sorce wrote:
On Thu, 18 Dec 2014 10:56:47 +0100
thierry bordaz wrote:
On 12/16/2014 05:44 PM, Simo Sorce wrote:
On Tue, 16 Dec 2014 10:40:20 -0500
Simo Sorce wrote:
On Tue, 16 Dec 2014 15:57:34 +0100
Ludwig Krispenz wrote:
On 12/16/2014 03:22 PM, Simo
Hello,
Domain level can only be increased. Can it interfere with the ability
of the admin to downgrade a software version ?
Yes it will interfere, but the domain level will never be automatically
raised, so the admin has time to do tests for normal functionality, and
can wait to raise the doma
On 12/17/2014 12:59 PM, Martin Kosek wrote:
On 12/15/2014 11:01 PM, Simo Sorce wrote:
Hello fellow developers, I added this new design:
http://www.freeipa.org/page/V4/Domain_Levels
It is a prerequisite for both the Replica Promotion design:
http://www.freeipa.org/page/V4/Replica_Promotion
and
On 12/16/2014 03:22 PM, Simo Sorce wrote:
On Tue, 16 Dec 2014 11:33:41 +0100
Ludwig Krispenz wrote:
Hi Simo,
one thing is not quite clear to me: do you want a domain level per
feature or a global domain level or both ?
The Domain Level is global.
I described a "Feature Version&quo
Hi Simo,
one thing is not quite clear to me: do you want a domain level per
feature or a global domain level or both ?
For a single feature (eg topology management) it could be required that
it is available on all servers, so it will be active only if it's domain
level is set. But there coul
On 12/05/2014 04:50 PM, Simo Sorce wrote:
On Thu, 04 Dec 2014 14:33:09 +0100
Ludwig Krispenz wrote:
hi,
I just have another (hopefully this will end soon) issue I want to
get your input. (please read to teh end first)
To recapture the conditions:
- the topology plugin manages the
hi,
I just have another (hopefully this will end soon) issue I want to get
your input. (please read to teh end first)
To recapture the conditions:
- the topology plugin manages the connections between servers as
segments in the shared tree
- it is authoritative for managed servers, eg it con
On 11/19/2014 12:51 PM, Martin Kosek wrote:
On 11/19/2014 12:41 PM, Tomas Babej wrote:
On 11/19/2014 12:24 PM, Martin Kosek wrote:
On 11/19/2014 12:03 PM, Tomas Babej wrote:
Hi,
When constructing a parent DN in LDAPSearch, we should always
check that the parent object exists (hence use get_d
On 10/31/2014 05:31 PM, Petr Vobornik wrote:
On 31.10.2014 16:54, Martin Basti wrote:
Hello list,
I ran upgrade (related steps listed in order):
ipa-ldap-updater --upgrade
- applying update files (including 55-pbacmemberof.update)
- updating ACI (new permissions created, added to existing pri
On 10/14/2014 04:38 PM, Simo Sorce wrote:
On Tue, 14 Oct 2014 11:46:47 +0200
Ludwig Krispenz wrote:
On 10/10/2014 06:21 PM, Simo Sorce wrote:
On Fri, 10 Oct 2014 17:52:15 +0200
Ludwig Krispenz wrote:
Hello,
this is the current status of my work on #4302, and there are a few
pieces still
On 10/14/2014 02:39 PM, Simo Sorce wrote:
On Tue, 14 Oct 2014 10:12:24 +0200
Ludwig Krispenz wrote:
ok for me, I was just straightforward reading cn=config to get
cn=config info, but I like the idea to do it via rootdse.
we have to expose the suffix(es) controlled by the topology plugin
and
On 10/10/2014 06:21 PM, Simo Sorce wrote:
On Fri, 10 Oct 2014 17:52:15 +0200
Ludwig Krispenz wrote:
Hello,
this is the current status of my work on #4302, and there are a few
pieces still missing, eg the management command needs more input
checking and error handling, but
- I wanted to give
On 10/10/2014 06:21 PM, Simo Sorce wrote:
On Fri, 10 Oct 2014 17:52:15 +0200
Ludwig Krispenz wrote:
Hello,
this is the current status of my work on #4302, and there are a few
pieces still missing, eg the management command needs more input
checking and error handling, but
- I wanted to give
On 10/13/2014 08:19 AM, Martin Kosek wrote:
On 10/10/2014 06:44 PM, Simo Sorce wrote:
On Fri, 10 Oct 2014 18:38:36 +0200
Ludwig Krispenz wrote:
On 10/10/2014 06:30 PM, James wrote:
On 10 October 2014 12:21, Simo Sorce wrote:
First thing, I do not think we want a new command here.
If we
On 10/10/2014 06:30 PM, James wrote:
On 10 October 2014 12:21, Simo Sorce wrote:
First thing, I do not think we want a new command here.
If we need commands outside of the ipa framework they should be
integrated in the ipa-replica-manage tool.
But really one of the reasons to move data in th
aci: (targetfilter = "(objectClass=ipaToken)")(targetattrs =
"objectclass || d
escription || managedBy || ipatokenUniqueID ||
ipatokenDisabled || ipatokenNo
tBefore || ipatokenNotAfter || ipatokenVendor ||
ipatokenModel || ipatokenSer
i
, probably will also need permissions
for the part in the shared tree, so what is the expected operation mode,
which user needs access to the shared config data and configuration ?
>From 31ffd14feab45753599df968722f88151eb45497 Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz
Date: Fri, 10
https://fedorahosted.org/389/ticket/47924
is it possible to reproduce without IPA ?
Perhaps. You'd need the OTP schema and ACIs from FreeIPA, unless you can
find another way to reproduce it.
well, did think about it again, we probaly also would need all the
plugins, so could be difficult
On 10/10/2014 05:16 PM, thierry bordaz wrote:
On 10/10/2014 04:38 PM, Ludwig Krispenz wrote:
On 10/10/2014 03:58 PM, thierry bordaz wrote:
On 10/09/2014 10:51 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 22:22 +0200, thierry bordaz wrote:
On 10/09/2014 06:40 PM, Nathaniel McCallum
On 10/10/2014 03:58 PM, thierry bordaz wrote:
On 10/09/2014 10:51 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 22:22 +0200, thierry bordaz wrote:
On 10/09/2014 06:40 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 18:32 +0200, thierry bordaz wrote:
On 10/09/2014 06:27 PM, Nathani
On 10/09/2014 06:53 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 18:38 +0200, Ludwig Krispenz wrote:
On 10/09/2014 06:32 PM, thierry bordaz wrote:
On 10/09/2014 06:27 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 14:11 +0200, thierry bordaz wrote:
On 10/08/2014 11:46 PM
On 10/09/2014 06:32 PM, thierry bordaz wrote:
On 10/09/2014 06:27 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 14:11 +0200, thierry bordaz wrote:
On 10/08/2014 11:46 PM, Nathaniel McCallum wrote:
The background of this email is this bug:
https://fedorahosted.org/freeipa/ticket/4456
A
On 10/09/2014 05:51 PM, Nathaniel McCallum wrote:
On Thu, 2014-10-09 at 16:33 +0200, Ludwig Krispenz wrote:
On 10/09/2014 04:27 PM, Simo Sorce wrote:
On Thu, 09 Oct 2014 16:06:06 +0200
Ludwig Krispenz wrote:
On 10/09/2014 03:13 PM, Simo Sorce wrote:
On Wed, 08 Oct 2014 17:46:01 -0400
On 10/09/2014 04:47 PM, Simo Sorce wrote:
On Thu, 09 Oct 2014 16:33:20 +0200
Ludwig Krispenz wrote:
On 10/09/2014 04:27 PM, Simo Sorce wrote:
On Thu, 09 Oct 2014 16:06:06 +0200
Ludwig Krispenz wrote:
On 10/09/2014 03:13 PM, Simo Sorce wrote:
On Wed, 08 Oct 2014 17:46:01 -0400
Nathaniel
On 10/09/2014 04:27 PM, Simo Sorce wrote:
On Thu, 09 Oct 2014 16:06:06 +0200
Ludwig Krispenz wrote:
On 10/09/2014 03:13 PM, Simo Sorce wrote:
On Wed, 08 Oct 2014 17:46:01 -0400
Nathaniel McCallum wrote:
The background of this email is this bug:
https://fedorahosted.org/freeipa/ticket
On 10/09/2014 03:13 PM, Simo Sorce wrote:
On Wed, 08 Oct 2014 17:46:01 -0400
Nathaniel McCallum wrote:
The background of this email is this bug:
https://fedorahosted.org/freeipa/ticket/4456
Attached are two patches which solve this issue for admin users (not
very helpful, I know). They depen
all the issues I found are fixed, for me it's ACK
On 10/08/2014 07:50 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
Hi Alex,
I have a question regarding cbdata.target. It is/was a reference to
the pblock used to generate a new dn, but n
1e871d2d39c7dc3e49d55ccf1d5a163d40d68dcf Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz
Date: Wed, 8 Oct 2014 15:11:54 +0200
Subject: [PATCH] Ignore irrelevant subtrees in schema compat plugin
For changes in cn=changelog or o=ipaca the scheam comapat plugin doesn't need to be
executed. It saves
Hi Alex,
I have a question regarding cbdata.target. It is/was a reference to the
pblock used to generate a new dn, but now in
idview_replace_target_dn(&cbdata.target,...) it can be newly allocated
and should be freed, so I think there should be a return code indicating
if it was allocated or
On 10/07/2014 01:32 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
On 10/07/2014 12:39 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
On 10/07/2014 12:12 PM, Alexander Bokovoy wrote:
On Tue
On 10/07/2014 12:39 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
On 10/07/2014 12:12 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
Hi Alex,
slapi_attr_set_valueset() calls slapi_valueset_set_valueset(), but
this does not free the
On 10/07/2014 12:12 PM, Alexander Bokovoy wrote:
On Tue, 07 Oct 2014, Ludwig Krispenz wrote:
Hi Alex,
slapi_attr_set_valueset() calls slapi_valueset_set_valueset(), but
this does not free the existing values,
Here is the problem, I cannot free original values as
slapi_attr_get_valueset
Hi Alex,
slapi_attr_set_valueset() calls slapi_valueset_set_valueset(), but this
does not free the existing values,
cf
https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/9.0/html/Plug-in_Guide/Plugin_Programming_Guide-Function_Reference-slapi_valueset_set_valueset.html
___
On 10/06/2014 04:57 PM, Ludwig Krispenz wrote:
On 10/06/2014 04:44 PM, Alexander Bokovoy wrote:
On Mon, 06 Oct 2014, Ludwig Krispenz wrote:
Hi Alex,
one quick comment:
I'm afraid the only case where slapi_search_internal_pb() returns -1
is if you don't provide a pblock. In all o
101 - 200 of 273 matches
Mail list logo
