On 08/25/2015 06:29 PM, Petr Vobornik wrote:
https://fedorahosted.org/freeipa/ticket/5251
Attaching new rebased version with help text amended.
--
Petr Vobornik
From 07bdc0a3ba7d265cd0a865f1049992d19a4b0e47 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 25 Aug 2015 18:25:50 +0200
--private-key-file
+ --public-key-file
Rebased, nitpick fixed.
Pushed to:
master: e46d9236d19f714b67fdf2865f19146c3016f46d
ipa-4-2: d4969ede51e6098e962ff660daf13e8c61d4ac28
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/free
https://fedorahosted.org/freeipa/ticket/5251
--
Petr Vobornik
From 5144abbdca66a0e001876e7a05ea2773ab824008 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 25 Aug 2015 18:25:50 +0200
Subject: [PATCH] vault: change default vault type to symmetric
https://fedorahosted.org/freeipa/ticket
https://fedorahosted.org/freeipa/ticket/5259
--
Petr Vobornik
From cc410e178793315c636c166025b60458ace4cc14 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 25 Aug 2015 17:17:04 +0200
Subject: [PATCH] webui: add option to establish bidirectional trust
https://fedorahosted.org/freeipa
Missing 'required' values in takes_params causes Web UI to treat required
fields as optional.
Regression caused by ba0a1c6b33e2519a48754602413c8379fb1f0ff1
https://fedorahosted.org/freeipa/ticket/5258
--
Petr Vobornik
From 850ed7bf910a3254083d6c05e5845e27af4add0a Mon Sep 17 00:00:00
es in vault-archive and vault-add are enhancements which
AFAIK requires new options to be used. I.e. will be ignored by old
clients therefore it doesn't matter when that's added.
vault-mod should be fixed ASAP.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mail
ACK
can't we fix it by removing `rdn_is_primary_key = True`?
That would also remove the --rename option. Yes it's an API change but
if rename is forbidden than the option should not be even there, just
the result error will different.
--
Petr Vobornik
--
Manage your subscrip
On 08/20/2015 03:19 PM, Simo Sorce wrote:
On Thu, 2015-08-20 at 15:11 +0200, Petr Vobornik wrote:
On 08/20/2015 02:46 PM, Martin Basti wrote:
On 08/20/2015 02:40 PM, Oleg Fayans wrote:
Done. https://fedorahosted.org/freeipa/ticket/5240
The initial question however is still unsolved: why
215:c5ff:fef3:e54f to a host name, check /etc/hosts
and DNS name resolution
Hmm, this is interesting, is 2620:52:0:2236:215:c5ff:fef3:e54f IP
address of replica or master.
Does the resolv.conf point to master on replica?
It's an ip address of the replica. And yes, it does point to master&#x
user(s) options cannot be specified
simultaneously
Honza
Also you forgot to update API.txt and VERSION
./makeapi
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/
pa-4-2: cb575e6a16c3f1a001b13b96279ecd758c8783a1
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 08/18/2015 09:23 PM, Jan Cholasta wrote:
Hi,
the attached patch fixes <https://fedorahosted.org/freeipa/ticket/5212>.
Honza
ACK
Pushed to:
master: 29cee7a4bc5a6d2506e7937c982339274fa0edb4
ipa-4-2: 9d32bcafab0f7fa35ae089bff0a5001e2406767d
--
Petr Vobornik
--
Manage your subscr
On 08/18/2015 12:42 PM, Jan Cholasta wrote:
Hi,
On 18.8.2015 12:38, Petr Vobornik wrote:
https://fedorahosted.org/freeipa/ticket/5233
s/normalizer=lambda value:
normalize_principal(value)/normalizer=normalize_principal/.
Honza
Fixed, updated patch attached
--
Petr Vobornik
From
https://fedorahosted.org/freeipa/ticket/5211
--
Petr Vobornik
From 3c62cdcc7e6e564dc34c1ef2a4262cdd3b36f91d Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 18 Aug 2015 12:50:54 +0200
Subject: [PATCH] vault: validate vault type
https://fedorahosted.org/freeipa/ticket/5211
---
API.txt
https://fedorahosted.org/freeipa/ticket/5233
--
Petr Vobornik
From 74a37069b5c8a7aece1030bc34bfde89401922c8 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 18 Aug 2015 12:14:36 +0200
Subject: [PATCH] vault: normalize service principal in service vault
operations
https
ushed to master: 419754b1c11139435ae5b5082a51026da0d5e730
Pushed to ipa-4-2: e110f6da2f42c4cd52ae73c7aad2421559da56a2
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Member
* d9e9e5088fe3e093e3291a5e8877e8651645fc61 vault: Fix param labels in
output of vault owner commands
ipa-4-2:
* 649a1a7c65d5ba99183dd0437d9ab4f20fa05530 baseldap: Allow overriding
member param label in LDAPModMember
* f66d7043dc2f35bdc7f7f3774ecbc12046b7feef vault: Fix param labels in
output of vault owner commands
-
: 5a9a8e2b09ada28d4f9a32eb833ffdc30d099fd0
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
n 08/13/2015 12:13 PM, Ludwig Krispenz wrote:
On 08/13/2015 10:49 AM, Petr Vobornik wrote:
On 08/13/2015 09:55 AM, Ludwig Krispenz wrote:
On 08/10/2015 10:54 AM, Oleg Fayans wrote:
Hi Ludwig,
It seems the Design page for the topology plugin is a bit outdated.
1. It still operates with the te
On 08/13/2015 02:12 PM, Christian Heimes wrote:
On 2015-08-13 14:05, Petr Vobornik wrote:
On 08/13/2015 12:38 PM, Christian Heimes wrote:
On 2015-08-13 12:10, Petr Vobornik wrote:
On 07/23/2015 08:38 PM, Christian Heimes wrote:
The ipa vault commands now load the public keys in order to
On 08/13/2015 12:38 PM, Christian Heimes wrote:
On 2015-08-13 12:10, Petr Vobornik wrote:
On 07/23/2015 08:38 PM, Christian Heimes wrote:
The ipa vault commands now load the public keys in order to verify them.
The validation also prevents a user from accidentally sending her
private keys to
and #373. Should be much
easier to review. See attachment.
Jan approach seems better to me for 4.2.1. Endi, do you agree with the
changes? Could we proceed with the review?
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/list
x for 5142.
I don't think that it fixes 5143. The traceback is fixed therefore 5143
doesn't occur but if there was other traceback raised by
`self.api.Command.vault_archive(*args, **opts)` then the vault added in
`response = self.api.Command.vault_add_internal(*args, **options)` wou
On 08/13/2015 05:28 AM, Fraser Tweedale wrote:
On Wed, Aug 12, 2015 at 02:56:54PM +0200, Petr Vobornik wrote:
usercertificate attr was moved from "System Modify Users" to this
new permission.
https://fedorahosted.org/freeipa/ticket/5177
Note: hosts have permission "Syst
LI still incorrectly asks for the value and
therefore allows to change the default "both".
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
". I
would move it as well if usercertificate was not the only attr in
"System: Modify Services".
--
Petr Vobornik
From 10e505e62c606b7a93715536ee869a86278d66c4 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 12 Aug 2015 14:48:09 +0200
Subject: [PATCH] add
https://fedorahosted.org/freeipa/ticket/5195
--
Petr Vobornik
From d09e625defca7db06ee2ef8de3451ec3f6eb026d Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 12 Aug 2015 11:07:22 +0200
Subject: [PATCH] validate mutually exclusive options in vault-add
https://fedorahosted.org/freeipa
Non-admin user can now search for:
- hosts
- hostgroups
- netgroups
- servers
- services
(Fixes ACI issue where search returns nothing when user does't have
read rights for an attribute in search_attributes.
https://fedorahosted.org/freeipa/ticket/5167
--
Petr Vobornik
the top level, like here:
https://www.patternfly.org/widgets/#accordion (we are using PatternFly
in our UI). Do per-scenario options in each panel as needed.
Better to ask UX developer for an opinion ;) (Kyle CCd)
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
s in
this situation.
"""
One can also use only "Password" with kinit but must provide an armor
ccache.
e.g.:
$ kinit admin
$ klist
Ticket cache: KEYRING:persistent:17127:17127
...
$ kinit -T KEYRING:persistent:17127:17127 fbar
https://fedorahosted.
in domain level set.
#2 is more or less a replica promotion.
#3 another workaround
From long term perspective, I like #2 but I don't know what's the state
of replica promotion. Simo?
Attaching IPA patches which I use now (doesn't contain required topo
plugi
d, it covers most of what I needed.
Is there some document describing the rules used in JSON serialization?
Sometimes the api call result has interesting representation of the values.
Don't know of any. But you can always call `ipa` command with -vvv and
observe the communication.
--
Pet
at sound reasonable. the code behaves this way already so no changes
here.
There are probably other issues to discuss. Feel free to write
email/ping me on IRC.
(I haven't looked at the patch yet.)
Please take a look at it ASAP. I am on PTO tomorrow and on Friday, but I
will find time to w
plicit in
the way of handling so I would still keep them separate.
+1
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
ry limitation.
I think that what we are looking for is the opposite of
stageuser-activate. So maybe user-stage?
Can we use stageuser-from-deleted ?
user-stage sounds better to me than stageuser-from-deleted
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
1. after logout, krb auth no longer shows "session expired" but correct
"Authentication with Kerberos failed".
2. "The password or username you entered is incorrect." is showed on
failed forms-based auth.
https://fedorahosted.org/freeipa/tic
Imho we can remove Backend.krb aka ipalib/plugins/kerberos.py. It's used
only in 2 files, both are not in production. But I'm not sure about
KRB5_CCache, the wrapper has some exception logic which might be wanted
to be kept.
--
Petr Vobornik
--
Manage your subscription for the Freeip
other, it doesn't matter if it is in SSSD or FreeIPA wiki.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
as a member of other group. I
think memberof plugin caused it.
3) Combination of 1and 2: set default higher value and also have
hidden option to allow configure higher number of locks during install
Comments are more than welcome :-)
--
Petr Vobornik
--
Manage your subscription for th
* IE section moved at the end
* Chrome section added
* FF and IE icons removed
https://fedorahosted.org/freeipa/ticket/823
--
Petr Vobornik
From c3f96c2ab6395aa64b29137b34bc0a4a639f3965 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Fri, 17 Jul 2015 15:57:30 +0200
Subject: [PATCH] webui
aster: 1299c60a83ccaf669abd74d35845f8c321e4ed5e
ipa-4-2: 0eec93ebb00b3db58f947cf1214c890c8773151b
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
users are aware of it.
rob
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
48,
in __init__
messages.process_message_arguments(self, format, message, **kw)
File "/usr/lib/python2.7/site-packages/ipalib/messages.py", line 52,
in process_message_arguments
name, format)
ValueError: non-generic 'InvalidDomainLevelError' needs format=None; got
format=Gettext(
est.py:ATTRIBUTENAS-Identifier 32 string
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
d49d5c6
ipa-4-2: ddec4500161cce0fd258cbc011efca27ef1f5392
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
: 82aaa1e6d07a13429381b94ffe4b5fc562427213
ipa-4-2: 58d0d335a4591398102f02c62a15290d64806cc4
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 07/17/2015 01:17 PM, Petr Vobornik wrote:
On 07/17/2015 12:21 PM, Christian Heimes wrote:
This patch from Yuri Chornoivan fixes some typos. All fixes look ok to
me.
+1, one minor issue though. Btw, the Reviewed-By line is added by
ipatool utility on push.
https://fedorahosted.org
:
* cf2587ce726f8ba5f374689b3ad818e04cabaadd Fix indicies ntUserDomainId,
ntUniqueId
* f6901e5a10434849cb64228ce0dcba31b52bc968 Server Upgrade: fix memberUid
index
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA
On 07/17/2015 01:46 PM, Petr Vobornik wrote:
On 07/17/2015 01:44 PM, Alexander Bokovoy wrote:
On Fri, 17 Jul 2015, Martin Basti wrote:
From b05f4a2e17ae00e5c20e5eb7bd046472f100e0ad Mon Sep 17 00:00:00 2001
From: Martin Basti
Date: Wed, 15 Jul 2015 16:20:59 +0200
Subject: [PATCH] sysrestore
1a1886183e9ef1d06566
ipa-4-2: 92a73e8b2a5f26744b036a36de4b9956e8883f61
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 07/17/2015 10:31 AM, Petr Vobornik wrote:
On 07/17/2015 07:18 AM, Alexander Bokovoy wrote:
On Fri, 17 Jul 2015, Jan Cholasta wrote:
Dne 16.7.2015 v 12:16 David Kupka napsal(a):
On 15/07/15 16:04, David Kupka wrote:
On 15/07/15 15:34, Jan Cholasta wrote:
Dne 15.7.2015 v 15:21 David Kupka
command-line options. Here is an overview of this run-time information:
connot
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
h the code and I think it is also a better approach than it
was before, so ACK.
ACK as well.
Pushed to:
master: e5d179b5b96bba5048a05135693acc5507d38163
ipa-4-2: 65877820b821884ac3b539e7f64e12c2cb3dd34f
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.
On 07/16/2015 03:18 PM, Martin Basti wrote:
On 14/07/15 18:50, Petr Vobornik wrote:
hbacrule has it default attributes (which are used in search) attribute
'memberhostgroup'. This attr is not in ACI nor in schema. If the search
contains an attribute which can't be read then t
On 07/16/2015 01:48 PM, Martin Basti wrote:
On 15/07/15 14:47, Martin Babinsky wrote:
Fixes https://fedorahosted.org/freeipa/ticket/4492
ACK
Pushed to:
master: 26dee66d1bf05aac5af5f82862ce54585ccde7e4
ipa-4-2: f5fa38399277ab16fa32832f53580651ad4a4026
--
Petr Vobornik
--
Manage your
On 07/16/2015 02:12 PM, Martin Basti wrote:
On 14/07/15 18:47, Petr Vobornik wrote:
Could not open user password dialog.
regression introduced in ed78dcfa3acde7aeb1f381f49988c6911c5277ee
https://fedorahosted.org/freeipa/ticket/5131
Works for me, ÅCK
Pushed to:
master
On 07/14/2015 03:23 PM, Nathaniel McCallum wrote:
4.3 is going to be a very narrow feature release. Should we branch
4.3 early so that we can still land new features on master during
4.3?
I did not like it at first but we should do it.
--
Petr Vobornik
--
Manage your subscription for the
Fixes regression caused by cd3ca94ff2ef738cb3a9eae502193413058f976d.
Which caused:
* client installation failure (missing memcache)
* invalid warning in CLI on server
https://fedorahosted.org/freeipa/ticket/5133
--
Petr Vobornik
From 2a814456b7c143bc2f2f23d4706ec0543bf66ae3 Mon Sep 17 00:00:00
cords in
LDAPSearch'? (which would fix #5055)
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
Could not open user password dialog.
regression introduced in ed78dcfa3acde7aeb1f381f49988c6911c5277ee
https://fedorahosted.org/freeipa/ticket/5131
--
Petr Vobornik
From 69324d20025039d821ca4c6a2d06abb38f79ab4c Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 14 Jul 2015 17:55:48 +0200
o I don't think this is a proper fix because any custom ACIs will
cause the bug again. Same issue in
https://fedorahosted.org/freeipa/ticket/5055
https://fedorahosted.org/freeipa/ticket/5130
--
Petr Vobornik
From 02df89f1d9dcf20b4f2073efecea2c17e12ef03f Mon Sep 17 00:00:00 2001
From: Petr Vo
s changes should be done in install/ui/less/*less files - as
you did in widgets.less. From these .less files an
install/ui/css/ipa.css file is created. Note that there is also
install/ui/ipa.css which contains most of the ipa specific styles. It's
planned to move these styles to .less files
s in Makefile and friends
* idviews: Fallback to AD DC LDAP only if specifically allowed
* man: Add manpage for ipa-winsync-migrate
* winsync_migrate: Migrate memberships of the winsynced users
* winsync_migrate: Generalize membership migration
* l10n: Add configuration file for Zanata
* l10n: Update
--
Petr Vobornik
From 3696c70bd0aacf7a2f5b0b00f52445d798379034 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 9 Jul 2015 12:29:33 +0200
Subject: [PATCH] Bump 4.3 development version to 4.2.90
---
VERSION | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/VERSION b
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 07/09/2015 11:21 AM, David Kupka wrote:
On 09/07/15 00:28, Petr Vobornik wrote:
The error message was probably copied from mail address check below.
ACK.
Pushed to master: f0e88e9b13c0c950cb02f377ac13c8e5b9188a34
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel
On 07/09/2015 10:54 AM, Martin Basti wrote:
On 09/07/15 00:35, Petr Vobornik wrote:
== [PATCH] 898 webui: cert-request improvements ==
Certificate request action and dialog now supports 'profile_id',
'add' and 'principal' options. 'add' and 'pri
ip it :-)
IIUC, the community portal is a part of WebUI so I would package it
together, iow in freeipa-server. Or create another package depending on
freeipa-server.
IIRC we discussed it and agreed that it will be a separate application.
I think that it would be nice to deploy it on OpenShift
}_cert command support is still
missing.
--
Petr Vobornik
From ddae79eafc144e338bab0504647a9295a928025c Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Thu, 9 Jul 2015 00:18:54 +0200
Subject: [PATCH] webui: remove cert manipulation actions from host and service
Remove
* cert_view
* cert_get
*
The error message was probably copied from mail address check below.
--
Petr Vobornik
From a935e707185d751604c24511ae8b65dd61500469 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 8 Jul 2015 22:11:52 +0200
Subject: [PATCH] fix error message when certificate CN is invalid
The error
On 07/08/2015 02:24 PM, Petr Vobornik wrote:
add Web UI for new certificate objects
[PATCH] 894 webui: certificate profiles
[PATCH] 895 webui: caacl
[PATCH] 896 webui: hide facet tab in certificate details facet
Fixed bug (adding profiles to caacl) in patch 895.
--
Petr Vobornik
From
add Web UI for new certificate objects
[PATCH] 894 webui: certificate profiles
[PATCH] 895 webui: caacl
[PATCH] 896 webui: hide facet tab in certificate details facet
--
Petr Vobornik
From 4d3332098c72545bc4bb179e29ede7fcbd6bbb1e Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 8 Jul
On 07/08/2015 01:20 PM, Martin Basti wrote:
On 08/07/15 12:51, Martin Basti wrote:
On 08/07/15 12:20, Petr Vobornik wrote:
On 07/08/2015 10:37 AM, Petr Vobornik wrote:
API refactoring caused that session_logout command was not registered.
Commands in ipalib/plugins directory are
On 07/08/2015 10:37 AM, Petr Vobornik wrote:
API refactoring caused that session_logout command was not registered.
Commands in ipalib/plugins directory are automatically registered.
Added NO_CLI = True to hide the command in CLI.
--
Petr Vobornik
From
API refactoring caused that session_logout command was not registered.
Commands in ipalib/plugins directory are automatically registered.
--
Petr Vobornik
From 7121a19c19f317093923bde1ecf142fa231d09ef Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 8 Jul 2015 10:32:54 +0200
Subject
s, hosts, user groups, users who were not added as the
ones who are allowed to to retrieve/create keytab.
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
ser were in both cases managed by the same user who created them.
--
Petr Vobornik
From fda590b00652563342db29828dc71bfa6163f433 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Wed, 1 Jul 2015 18:50:47 +0200
Subject: [PATCH] webui: add mangedby tab to otptoken
Added managedby_user tab to m
dcb6916a3b0601e33b08e12aeb25357efed6812b introduced a regression where
get_agreement_type does not raise NotFound error if an agreement for
host does not exist. The exception was swallowed by
get_replication_agreement.
--
Petr Vobornik
From 4dd4f13c2fc746f800ebbfc81f084ef0690bec63 Mon Sep 17
For those of you who don't want to try the patches:
* https://pvoborni.fedorapeople.org/images/api-user-show.png
* https://pvoborni.fedorapeople.org/images/api-user-add.png
On 07/01/2015 09:35 AM, Martin Kosek wrote:
On 06/30/2015 06:35 PM, Petr Vobornik wrote:
First part of API Br
887,888,889 are webui fixes and prerequisites
Patch 890 is the API browser
--
Petr Vobornik
From 075b33c102e6f20164375cd5cb4e23d5df3b51a1 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Fri, 5 Jun 2015 19:03:46 +0200
Subject: [PATCH] webui: API browser
First part of API browser - displaying metadata in
SSIA
--
Petr Vobornik
From b6d9c653907ea2e6a68885780bce88cc61efee15 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 30 Jun 2015 13:11:17 +0200
Subject: [PATCH] topology: make cn of new segment consistent with topology
plugin
---
ipalib/plugins/topology.py | 2 +-
1 file changed, 1
These options should not be touched by users yet.
https://fedorahosted.org/freeipa/ticket/5061
--
Petr Vobornik
From 8754e4f874f0f0f50cd8df1c486b384a8fd704fd Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 30 Jun 2015 10:38:12 +0200
Subject: [PATCH] topologysegment: hide direction and
to be ignored.
part of: https://fedorahosted.org/freeipa/ticket/5072
patch 883 adds 180s timeout to the check and changes check interval from
1s to 2s.
--
Petr Vobornik
From eab018a0b6f13681088589790a134d1110407396 Mon Sep 17 00:00:00 2001
From: Petr Vobornik
Date: Tue, 30 Jun 2015 13:37:31 +02
; upgrade from 4.1.4 to master+patch works.
Pushed to master: 0bf4e7fb4ae1e32bfd8fe9f92fd9ebed7f4cad93
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
_file() ignores the dangling symlink.
Christian
ACK
Pushed to master: 2842a83568301c85d340801daae42078333ce63d
Christian, could please provide [PATCH] in subject for new threads with
patch? It is an established practice on freeipa-devel and it helps with
mail filtering.
--
Petr Vobornik
--
M
On 06/29/2015 04:18 PM, Martin Basti wrote:
On 16/06/15 11:42, Ludwig Krispenz wrote:
This patch addresses coverity issues 13290 and 13291
ACK
Pushed to master: 5e92c981b0e433ee28b953d222a1b531b525ff1c
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list
insky
LGTM.
Simo.
Anyone else to review this patch? It also incidentally fixes a
recently reported resource leak.
ACK
Pushed to master: 4d7b630992da3d0c646b27268a85e6e8c30eebfe
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/ma
On 06/29/2015 04:52 PM, Martin Basti wrote:
On 29/06/15 16:48, Fraser Tweedale wrote:
Attached patch fixes a small error in certprofile plugin
documentation.
Thanks,
Fraser
ACK
Pushed to master: 7f923f922a28aa34eb6ee3b0e94c1cba223d285c
--
Petr Vobornik
--
Manage your subscription for
On 06/29/2015 03:33 PM, David Kupka wrote:
On 15/06/15 19:27, Petr Vobornik wrote:
in other words limit usage of `agreement_dn` method only for manipulation
and search of agreements which are not managed by topology plugin.
For other cases is safer to search for the agreement.
https
On 06/29/2015 03:33 PM, David Kupka wrote:
On 26/06/15 14:15, Petr Vobornik wrote:
On 06/17/2015 02:00 PM, Petr Vobornik wrote:
ipa-replica-manage del now:
- checks the whole current topology(before deletion), reports issues
- simulates deletion of server and checks the topology again, reports
On 06/29/2015 03:33 PM, David Kupka wrote:
On 26/06/15 14:15, Petr Vobornik wrote:
On 06/17/2015 04:11 PM, Petr Vobornik wrote:
On 06/17/2015 02:15 PM, Ludwig Krispenz wrote:
On 06/17/2015 02:04 PM, Petr Vobornik wrote:
With patch "878 topology: check topology in ipa-replica-manage de
On 06/26/2015 10:54 AM, David Kupka wrote:
https://fedorahosted.org/freeipa/ticket/5080
ACK
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute
On 06/26/2015 12:41 PM, Petr Spacek wrote:
Hello,
Add hint how to re-run IPA upgrade.
ACK
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
On 06/26/2015 02:15 PM, Petr Vobornik wrote:
On 06/17/2015 02:00 PM, Petr Vobornik wrote:
ipa-replica-manage del now:
- checks the whole current topology(before deletion), reports issues
- simulates deletion of server and checks the topology again, reports
issues
Asks admin if he wants to
On 06/17/2015 04:11 PM, Petr Vobornik wrote:
On 06/17/2015 02:15 PM, Ludwig Krispenz wrote:
On 06/17/2015 02:04 PM, Petr Vobornik wrote:
With patch "878 topology: check topology in ipa-replica-manage del"
we can use the same logic for POC of
ipa topologysuffix-verify
command.
C
On 06/17/2015 02:00 PM, Petr Vobornik wrote:
ipa-replica-manage del now:
- checks the whole current topology(before deletion), reports issues
- simulates deletion of server and checks the topology again, reports
issues
Asks admin if he wants to continue with the deletion if any errors are
found
forcing removal by an admin.
If you have a start topology and your central node goes down and is not
recoverable
Simo.
Ludwig
On 06/24/2015 11:04 AM, Oleg Fayans wrote:
Hi everybody,
Current implementation of topology plugin (including patch 878 from
Petr) allows the deletion of the central node in
osegmentdirection.
You can see the mappings in, e.g.,:
ipa show-mappings topologysegment-mod
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
: 6f9d16fd0014427db223fe82f021b12f4db2fe37
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
ngs in, e.g.,:
ipa show-mappings topologysegment-mod
--
Petr Vobornik
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
401 - 500 of 1861 matches
Mail list logo
