subject:"\[Freeipa\-devel\] \[PATCH 0065\]"

Re: [Freeipa-devel] [PATCH 0065] Fix ugly quit during external CA installation

2016-10-05 Thread David Kupka

On 23/08/16 13:58, Standa Laznicka wrote: https://fedorahosted.org/freeipa/ticket/6230 Thanks for the patch. This fixes the ugly error message and also the return code, ACK. Pushed to: master: 889f0863b80a0c13a14aa69cd8563b5adde984b2 ipa-4-4: 03a0f5a105f5625e6a4d373abb1f4d8b8044a026 -- Dav

[Freeipa-devel] [PATCH 0065] Fix ugly quit during external CA installation

2016-08-23 Thread Standa Laznicka

https://fedorahosted.org/freeipa/ticket/6230 From 33d25d76d71ede4b4d4ac3f57663132ac4c6decb Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Tue, 23 Aug 2016 13:43:24 +0200 Subject: [PATCH] Make installer quit more nicely on external CA installation cainstance.__spawn_instance() exits in

Re: [Freeipa-devel] [PATCH] 0065, 66: webui: authentication indicators on host page

2016-06-30 Thread Petr Vobornik

On 06/29/2016 06:38 PM, Petr Vobornik wrote: > On 06/28/2016 04:32 PM, Pavel Vomacka wrote: >> Hello, >> >> please review attached patches. I moved strings used by authentication >> indicators widget to another dict so the second patch changes strings in >> custom_checkbox widget on service page. >

Re: [Freeipa-devel] [PATCH] 0065, 66: webui: authentication indicators on host page

2016-06-29 Thread Petr Vobornik

On 06/28/2016 04:32 PM, Pavel Vomacka wrote: > Hello, > > please review attached patches. I moved strings used by authentication > indicators widget to another dict so the second patch changes strings in > custom_checkbox widget on service page. > > https://fedorahosted.org/freeipa/ticket/5872 >

[Freeipa-devel] [PATCH] 0065, 66: webui: authentication indicators on host page

2016-06-28 Thread Pavel Vomacka

Hello, please review attached patches. I moved strings used by authentication indicators widget to another dict so the second patch changes strings in custom_checkbox widget on service page. https://fedorahosted.org/freeipa/ticket/5872 -- Pavel^3 Vomacka From ead65516bc45ebb2432bc425e7a2485

Re: [Freeipa-devel] [PATCH] 0065 Remove service and host cert issuer validation

2016-06-05 Thread Jan Cholasta

On 3.6.2016 07:15, Fraser Tweedale wrote: The attached patch enables cert issuance to hosts and services using sub-CAs. Thanks, ACK. Rebased and pushed to master: fa149cff86a67ebfe2739df6467a6e10e47742cd -- Jan Cholasta -- Manage your subscription for the Freeipa-devel mailing list: https://

[Freeipa-devel] [PATCH] 0065 Remove service and host cert issuer validation

2016-06-02 Thread Fraser Tweedale

The attached patch enables cert issuance to hosts and services using sub-CAs. Thanks, Fraser From 3432c6322d823dd53a477a6c37021bfe4fbb11b3 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Fri, 3 Jun 2016 14:01:49 +1000 Subject: [PATCH] Remove service and host cert issuer validation When addi

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-11 Thread Martin Basti

ACK Pushed to master: 12e7f71600e62eab9d48a13fba37d2f182c8bdee On 09.12.2015 14:44, Gabe Alford wrote: Fixed. Updated patch attached. On Wed, Dec 9, 2015 at 2:37 AM, Martin Basti > wrote: NACK Patch contains syntax error, missing brace ipaserver/instal

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-09 Thread Gabe Alford

Fixed. Updated patch attached. On Wed, Dec 9, 2015 at 2:37 AM, Martin Basti wrote: > NACK > > Patch contains syntax error, missing brace > > ipaserver/install/server/replicainstall.py:850: [E0001(syntax-error), ] > invalid syntax) > > Martin > > > On 09.12.2015 07:08, Jan Cholasta wrote: > >> LG

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-09 Thread Martin Basti

NACK Patch contains syntax error, missing brace ipaserver/install/server/replicainstall.py:850: [E0001(syntax-error), ] invalid syntax) Martin On 09.12.2015 07:08, Jan Cholasta wrote: LGTM On 8.12.2015 17:04, Gabe Alford wrote: Updated patch attached. On Tue, Dec 8, 2015 at 8:27 AM, Mart

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Jan Cholasta

LGTM On 8.12.2015 17:04, Gabe Alford wrote: Updated patch attached. On Tue, Dec 8, 2015 at 8:27 AM, Martin Basti mailto:mba...@redhat.com>> wrote: On 08.12.2015 16:26, Gabe Alford wrote: Just to confirm: if server is installed: Let's stop here and not do anything else

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Gabe Alford

Updated patch attached. On Tue, Dec 8, 2015 at 8:27 AM, Martin Basti wrote: > > > On 08.12.2015 16:26, Gabe Alford wrote: > > Just to confirm: > > if server is installed: > Let's stop here and not do anything else > > if domain level 0: > check if client installed and stop here > > Rig

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Gabe Alford

Just to confirm: if server is installed: Let's stop here and not do anything else if domain level 0: check if client installed and stop here Right? On Tue, Dec 8, 2015 at 8:20 AM, Jan Cholasta wrote: > On 8.12.2015 16:17, Martin Basti wrote: > >> >> >> On 08.12.2015 16:14, Jan Chol

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Martin Basti

On 08.12.2015 16:26, Gabe Alford wrote: Just to confirm: if server is installed: Let's stop here and not do anything else if domain level 0: check if client installed and stop here Right? yes On Tue, Dec 8, 2015 at 8:20 AM, Jan Cholasta > wrote:

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Martin Basti

On 08.12.2015 16:14, Jan Cholasta wrote: On 8.12.2015 16:09, Martin Basti wrote: On 01.12.2015 14:57, Gabe Alford wrote: Sorry guys, I forgot to add a meaningful subject to this message. Ignore the previous thread start. -- Forwarded message -- From: *Gabe Alford*

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Jan Cholasta

On 8.12.2015 16:17, Martin Basti wrote: On 08.12.2015 16:14, Jan Cholasta wrote: On 8.12.2015 16:09, Martin Basti wrote: On 01.12.2015 14:57, Gabe Alford wrote: Sorry guys, I forgot to add a meaningful subject to this message. Ignore the previous thread start. -- Forwarded message

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Jan Cholasta

On 8.12.2015 16:09, Martin Basti wrote: On 01.12.2015 14:57, Gabe Alford wrote: Sorry guys, I forgot to add a meaningful subject to this message. Ignore the previous thread start. -- Forwarded message -- From: *Gabe Alford* mailto:redhatri...@gmail.com>> Date: Mon, Nov 30, 201

Re: [Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-08 Thread Martin Basti

On 01.12.2015 14:57, Gabe Alford wrote: Sorry guys, I forgot to add a meaningful subject to this message. Ignore the previous thread start. -- Forwarded message -- From: *Gabe Alford* mailto:redhatri...@gmail.com>> Date: Mon, Nov 30, 2015 at 7:31 PM Subject: [PATCH 0065] To: f

Re: [Freeipa-devel] [PATCH 0065]

2015-12-07 Thread Gabe Alford

Yup you are right. I meant to bump the other one. > It is on my TODO list. Awesome. On Mon, Dec 7, 2015 at 7:20 AM, Martin Basti wrote: > > > On 07.12.2015 14:55, Gabe Alford wrote: > > Bump for review. > > On Mon, Nov 30, 2015 at 7:31 PM, Gabe Alford > wrote: > >> Hello, >> >> Patch fix for t

Re: [Freeipa-devel] [PATCH 0065]

2015-12-07 Thread Martin Basti

On 07.12.2015 14:55, Gabe Alford wrote: Bump for review. On Mon, Nov 30, 2015 at 7:31 PM, Gabe Alford > wrote: Hello, Patch fix for the following tickets: https://fedorahosted.org/freeipa/ticket/5022 https://fedorahosted.org/freeipa/ticket/5320

Re: [Freeipa-devel] [PATCH 0065]

2015-12-07 Thread Gabe Alford

Bump for review. On Mon, Nov 30, 2015 at 7:31 PM, Gabe Alford wrote: > Hello, > > Patch fix for the following tickets: > > https://fedorahosted.org/freeipa/ticket/5022 > https://fedorahosted.org/freeipa/ticket/5320 > > Thanks, > > Gabe > -- Manage your subscription for the Freeipa-devel mailing

[Freeipa-devel] [PATCH 0065] ipa-replica-install prints incorrect error message when replica is already installed

2015-12-01 Thread Gabe Alford

Sorry guys, I forgot to add a meaningful subject to this message. Ignore the previous thread start. -- Forwarded message -- From: Gabe Alford Date: Mon, Nov 30, 2015 at 7:31 PM Subject: [PATCH 0065] To: freeipa-devel Hello, Patch fix for the following tickets: https://fedorah

[Freeipa-devel] [PATCH 0065]

2015-11-30 Thread Gabe Alford

Hello, Patch fix for the following tickets: https://fedorahosted.org/freeipa/ticket/5022 https://fedorahosted.org/freeipa/ticket/5320 Thanks, Gabe From 3e0a6c556a3402bbd0e15a6f113498aae27e2cf4 Mon Sep 17 00:00:00 2001 From: Gabe Date: Mon, 30 Nov 2015 18:42:14 -0700 Subject: [PATCH] ipa-replic

Re: [Freeipa-devel] [PATCH 0065] CI test for IPA install/backup/uninstall/install/restore scenario

2015-09-23 Thread Martin Babinsky

On 09/23/2015 12:53 PM, Martin Babinsky wrote: CI test for full IPA restore into a running IPA server self-NACK -- Martin^3 Babinsky -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.o

[Freeipa-devel] [PATCH 0065] CI test for IPA install/backup/uninstall/install/restore scenario

2015-09-23 Thread Martin Babinsky

Should help to catch bugs like https://fedorahosted.org/freeipa/ticket/5296 -- Martin^3 Babinsky From e515bc3aff47ac83807f2ae0b625e0ef8291b7c9 Mon Sep 17 00:00:00 2001 From: Martin Babinsky Date: Mon, 21 Sep 2015 09:58:38 +0200 Subject: [PATCH] CI test for full IPA restore into a running IPA se

Re: [Freeipa-devel] [PATCH 0065] vault: Limit size of data stored in vault

2015-08-26 Thread Petr Vobornik

On 08/26/2015 03:56 PM, David Kupka wrote: On 26/08/15 15:45, Petr Vobornik wrote: On 08/26/2015 02:13 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5231 Attaching updated patch. With changes discussed offline. Changes works for me, ACK. (with the changes it is also ACK

Re: [Freeipa-devel] [PATCH 0065] vault: Limit size of data stored in vault

2015-08-26 Thread David Kupka

On 26/08/15 15:45, Petr Vobornik wrote: On 08/26/2015 02:13 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5231 Attaching updated patch. With changes discussed offline. Changes works for me, ACK. Not related to the patch: This patch limits the size to 1MB instead of prop

Re: [Freeipa-devel] [PATCH 0065] vault: Limit size of data stored in vault

2015-08-26 Thread Petr Vobornik

On 08/26/2015 02:13 PM, David Kupka wrote: https://fedorahosted.org/freeipa/ticket/5231 Attaching updated patch. With changes discussed offline. Not related to the patch: This patch limits the size to 1MB instead of proposed 10MB. Testing showed that even 10MB raises a MemoryError in archiv

[Freeipa-devel] [PATCH 0065] vault: Limit size of data stored in vault

2015-08-26 Thread David Kupka

https://fedorahosted.org/freeipa/ticket/5231 -- David Kupka From f86f4f89d1083c1474d8c470ae3b0f85ed1eb6bb Mon Sep 17 00:00:00 2001 From: David Kupka Date: Wed, 26 Aug 2015 14:11:21 +0200 Subject: [PATCH] vault: Limit size of data stored in vault https://fedorahosted.org/freeipa/ticket/5231 ---

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Rich Megginson

On 09/22/2014 01:28 PM, Martin Kosek wrote: On 09/22/2014 06:58 PM, Simo Sorce wrote: On Mon, 22 Sep 2014 17:42:39 +0200 thierry bordaz wrote: RFC 4527 Thanks a lot Thierry, this is exactly the control I had in mind last week. If we could implement it then we could solve any issue where the

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Martin Kosek

On 09/22/2014 06:58 PM, Simo Sorce wrote: On Mon, 22 Sep 2014 17:42:39 +0200 thierry bordaz wrote: RFC 4527 Thanks a lot Thierry, this is exactly the control I had in mind last week. If we could implement it then we could solve any issue where the RDN needs to be modified by the ADD operatio

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Simo Sorce

On Mon, 22 Sep 2014 12:58:58 -0400 Simo Sorce wrote: > On Mon, 22 Sep 2014 17:42:39 +0200 > thierry bordaz wrote: > > > RFC 4527 > > Thanks a lot Thierry, this is exactly the control I had in mind last > week. If we could implement it then we could solve any issue where the > RDN needs to be m

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Simo Sorce

On Mon, 22 Sep 2014 17:42:39 +0200 thierry bordaz wrote: > RFC 4527 Thanks a lot Thierry, this is exactly the control I had in mind last week. If we could implement it then we could solve any issue where the RDN needs to be modified by the ADD operation. Simo. -- Simo Sorce * Red Hat, Inc * N

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread thierry bordaz

On 09/22/2014 05:37 PM, Martin Kosek wrote: On 09/20/2014 10:22 PM, Nathaniel McCallum wrote: On Wed, 2014-09-17 at 12:31 +0200, Martin Kosek wrote: On 09/17/2014 08:51 AM, Jan Cholasta wrote: Hi, Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): We perform this enforcement at the API leve

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Martin Kosek

On 09/20/2014 10:22 PM, Nathaniel McCallum wrote: > On Wed, 2014-09-17 at 12:31 +0200, Martin Kosek wrote: >> On 09/17/2014 08:51 AM, Jan Cholasta wrote: >>> Hi, >>> >>> Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): We perform this enforcement at the API level since: * DS level enfo

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-22 Thread Martin Kosek

On 09/20/2014 10:22 PM, Nathaniel McCallum wrote: > On Wed, 2014-09-17 at 12:31 +0200, Martin Kosek wrote: >> On 09/17/2014 08:51 AM, Jan Cholasta wrote: >>> Hi, >>> >>> Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): We perform this enforcement at the API level since: * DS level enfo

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-21 Thread Nathaniel McCallum

On Sat, 2014-09-20 at 16:21 -0400, Nathaniel McCallum wrote: > On Wed, 2014-09-17 at 08:51 +0200, Jan Cholasta wrote: > > Hi, > > > > Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): > > > We perform this enforcement at the API level since: > > > * DS level enforcement would be difficult > > >

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-20 Thread Nathaniel McCallum

On Wed, 2014-09-17 at 12:31 +0200, Martin Kosek wrote: > On 09/17/2014 08:51 AM, Jan Cholasta wrote: > > Hi, > > > > Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): > >> We perform this enforcement at the API level since: > >> * DS level enforcement would be difficult > >> * ipatokenUniqueID g

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-20 Thread Nathaniel McCallum

On Wed, 2014-09-17 at 08:51 +0200, Jan Cholasta wrote: > Hi, > > Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): > > We perform this enforcement at the API level since: > > * DS level enforcement would be difficult > > * ipatokenUniqueID generation already happens at the API level > > > > It m

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-17 Thread Martin Kosek

On 09/17/2014 08:51 AM, Jan Cholasta wrote: > Hi, > > Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): >> We perform this enforcement at the API level since: >> * DS level enforcement would be difficult >> * ipatokenUniqueID generation already happens at the API level >> >> It may be nice in th

Re: [Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-16 Thread Jan Cholasta

Hi, Dne 16.9.2014 v 19:32 Nathaniel McCallum napsal(a): We perform this enforcement at the API level since: * DS level enforcement would be difficult * ipatokenUniqueID generation already happens at the API level It may be nice in the future to perform enforcement in the DS itself. However, the

[Freeipa-devel] [PATCH 0065] Don't allow users to create tokens with a specified ID

2014-09-16 Thread Nathaniel McCallum

We perform this enforcement at the API level since: * DS level enforcement would be difficult * ipatokenUniqueID generation already happens at the API level It may be nice in the future to perform enforcement in the DS itself. However, the question of the location of enforcement is largely an aest

Re: [Freeipa-devel] [PATCH 0065] Regression fix in host.py

2014-06-11 Thread Martin Kosek

On 06/10/2014 05:38 PM, Nathaniel McCallum wrote: > On Tue, 2014-06-10 at 16:33 +0200, Martin Basti wrote: >> DNS requires absolute zone name, host must provide it. >> IDNA patch caused this. >> >> Patch attached. > > ACK Pushed to master. Martin ___

Re: [Freeipa-devel] [PATCH 0065] Regression fix in host.py

2014-06-10 Thread Nathaniel McCallum

On Tue, 2014-06-10 at 16:33 +0200, Martin Basti wrote: > DNS requires absolute zone name, host must provide it. > IDNA patch caused this. > > Patch attached. ACK ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/lis

[Freeipa-devel] [PATCH 0065] Regression fix in host.py

2014-06-10 Thread Martin Basti

DNS requires absolute zone name, host must provide it. IDNA patch caused this. Patch attached. -- Martin^2 Basti >From bac9f62a7062d6fb25e9135d8fd62767411e46e0 Mon Sep 17 00:00:00 2001 From: Martin Basti Date: Tue, 10 Jun 2014 15:57:30 +0200 Subject: [PATCH] Make zonenames absolute in host plugi

Re: [Freeipa-devel] [PATCH] 0065 Follow tmpfiles.d packaging guidelines

2013-09-16 Thread Petr Viktorin

On 09/04/2013 06:27 PM, Ana Krivokapic wrote: Hello, This patch addresses ticket https://fedorahosted.org/freeipa/ticket/3881. Thank you! ACK, pushed to: master: 7c22b852c73b94148043dd35636e2dd21a80d531 ipa-3-3: 771511fd2597c907fc5293ce1289070551240a91 -- Petr³ ___

[Freeipa-devel] [PATCH] 0065 Follow tmpfiles.d packaging guidelines

2013-09-04 Thread Ana Krivokapic

Hello, This patch addresses ticket https://fedorahosted.org/freeipa/ticket/3881. -- Regards, Ana Krivokapic Associate Software Engineer FreeIPA team Red Hat Inc. From 21264f8da8f0fa9d01b319b33c2b18daea52198a Mon Sep 17 00:00:00 2001 From: Ana Krivokapic Date: Wed, 4 Sep 2013 18:18:13 +0200 Su

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Martin Kosek

On 06/05/2013 01:23 PM, Tomas Babej wrote: > On 06/04/2013 01:29 PM, Tomas Babej wrote: >> On 06/03/2013 02:58 PM, Martin Kosek wrote: >>> On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5 packages > = 1.11.

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Tomas Babej

On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5 packages = 1.11.2-6 https://fedorahosted.org/freeipa/ticket/3666 Tomas 1) Leaving cac

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Petr Viktorin

On 06/05/2013 10:47 AM, Tomas Babej wrote: On 06/05/2013 10:07 AM, Petr Viktorin wrote: On 06/05/2013 09:20 AM, Tomas Babej wrote: On 06/04/2013 06:09 PM, Petr Viktorin wrote: On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Tomas Babej

On 06/05/2013 10:07 AM, Petr Viktorin wrote: On 06/05/2013 09:20 AM, Tomas Babej wrote: On 06/04/2013 06:09 PM, Petr Viktorin wrote: On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the ins

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Petr Viktorin

On 06/05/2013 09:20 AM, Tomas Babej wrote: On 06/04/2013 06:09 PM, Petr Viktorin wrote: On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-05 Thread Tomas Babej

On 06/04/2013 06:09 PM, Petr Viktorin wrote: On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5 packages = 1.11.2-6 https://fedorahosted.o

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-04 Thread Petr Viktorin

On 06/04/2013 01:29 PM, Tomas Babej wrote: On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5 packages = 1.11.2-6 https://fedorahosted.org/freeipa/ticket/3666 Tomas 1) Leaving cach

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-04 Thread Tomas Babej

On 06/03/2013 02:58 PM, Martin Kosek wrote: On 06/03/2013 02:43 PM, Tomas Babej wrote: Hi, this patch fixes the installation problems on master on F19 with krb5 packages = 1.11.2-6 https://fedorahosted.org/freeipa/ticket/3666 Tomas 1) Leaving cache_desc open: +(cache_desc, cache_pa

Re: [Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-03 Thread Martin Kosek

On 06/03/2013 02:43 PM, Tomas Babej wrote: > Hi, > > this patch fixes the installation problems on master on F19 with krb5 packages >>= 1.11.2-6 > > https://fedorahosted.org/freeipa/ticket/3666 > > Tomas 1) Leaving cache_desc open: +(cache_desc, cache_path) = tempfile.mkstemp(prefix='k

[Freeipa-devel] [PATCH 0065] Use private ccache in ipa-server-install

2013-06-03 Thread Tomas Babej

Hi, this patch fixes the installation problems on master on F19 with krb5 packages >= 1.11.2-6 https://fedorahosted.org/freeipa/ticket/3666 Tomas From f3e6b38bee50bf5856ae04bfb6ccd109b636f037 Mon Sep 17 00:00:00 2001 From: Tomas Babej Date: Mon, 3 Jun 2013 12:06:06 +0200 Subject: [PATCH] Use

Re: [Freeipa-devel] [PATCH 0065] Bump version in .spec file to 2.0

2012-09-20 Thread Petr Spacek

On 09/20/2012 04:18 PM, Adam Tkac wrote: On Thu, Sep 20, 2012 at 04:16:41PM +0200, Petr Spacek wrote: Hello, this patch bumps version in .spec file to 2.0. Ack Pushed to master: https://fedorahosted.org/bind-dyndb-ldap/changeset/bd1e312c74921f2572cad0a6ba7db7d25196d758 -- Petr^2 Spacek __

Re: [Freeipa-devel] [PATCH 0065] Bump version in .spec file to 2.0

2012-09-20 Thread Adam Tkac

On Thu, Sep 20, 2012 at 04:16:41PM +0200, Petr Spacek wrote: > Hello, > > this patch bumps version in .spec file to 2.0. Ack > From b4fc1e119e5d602c196af47bde07d3cfe3091a3d Mon Sep 17 00:00:00 2001 > From: Petr Spacek > Date: Thu, 20 Sep 2012 16:14:05 +0200 > Subject: [PATCH] Bump version in .s

[Freeipa-devel] [PATCH 0065] Bump version in .spec file to 2.0

2012-09-20 Thread Petr Spacek

Hello, this patch bumps version in .spec file to 2.0. -- Petr^2 Spacek From b4fc1e119e5d602c196af47bde07d3cfe3091a3d Mon Sep 17 00:00:00 2001 From: Petr Spacek Date: Thu, 20 Sep 2012 16:14:05 +0200 Subject: [PATCH] Bump version in .spec file to 2.0. Signed-off-by: Petr Spacek --- contrib/bin

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-31 Thread Martin Kosek

On 07/31/2012 04:20 PM, Alexander Bokovoy wrote: > On Tue, 31 Jul 2012, Martin Kosek wrote: >> On 07/31/2012 02:00 PM, Alexander Bokovoy wrote: >>> On Mon, 30 Jul 2012, Martin Kosek wrote: On 07/30/2012 01:34 PM, Alexander Bokovoy wrote: > On Fri, 27 Jul 2012, Rob Crittenden wrote: >>

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-31 Thread Alexander Bokovoy

On Tue, 31 Jul 2012, Martin Kosek wrote: On 07/31/2012 02:00 PM, Alexander Bokovoy wrote: On Mon, 30 Jul 2012, Martin Kosek wrote: On 07/30/2012 01:34 PM, Alexander Bokovoy wrote: On Fri, 27 Jul 2012, Rob Crittenden wrote: Alexander Bokovoy wrote: On Thu, 26 Jul 2012, Alexander Bokovoy wrote

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-31 Thread Martin Kosek

On 07/31/2012 02:00 PM, Alexander Bokovoy wrote: > On Mon, 30 Jul 2012, Martin Kosek wrote: >> On 07/30/2012 01:34 PM, Alexander Bokovoy wrote: >>> On Fri, 27 Jul 2012, Rob Crittenden wrote: Alexander Bokovoy wrote: > On Thu, 26 Jul 2012, Alexander Bokovoy wrote: >> Hi, >> >> W

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-31 Thread Alexander Bokovoy

On Mon, 30 Jul 2012, Martin Kosek wrote: On 07/30/2012 01:34 PM, Alexander Bokovoy wrote: On Fri, 27 Jul 2012, Rob Crittenden wrote: Alexander Bokovoy wrote: On Thu, 26 Jul 2012, Alexander Bokovoy wrote: Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as:

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-30 Thread Alexander Bokovoy

On Mon, 30 Jul 2012, Simo Sorce wrote: On Mon, 2012-07-30 at 14:34 +0300, Alexander Bokovoy wrote: On Fri, 27 Jul 2012, Rob Crittenden wrote: >Alexander Bokovoy wrote: >>On Thu, 26 Jul 2012, Alexander Bokovoy wrote: >>>Hi, >>> >>>When setting up AD trusts support, ipa-adtrust-install utility >>>

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-30 Thread Martin Kosek

On 07/30/2012 01:34 PM, Alexander Bokovoy wrote: > On Fri, 27 Jul 2012, Rob Crittenden wrote: >> Alexander Bokovoy wrote: >>> On Thu, 26 Jul 2012, Alexander Bokovoy wrote: Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as: - root, for pe

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-30 Thread Simo Sorce

On Mon, 2012-07-30 at 14:34 +0300, Alexander Bokovoy wrote: > On Fri, 27 Jul 2012, Rob Crittenden wrote: > >Alexander Bokovoy wrote: > >>On Thu, 26 Jul 2012, Alexander Bokovoy wrote: > >>>Hi, > >>> > >>>When setting up AD trusts support, ipa-adtrust-install utility > >>>needs to be run as: > >>> -

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-30 Thread Alexander Bokovoy

On Fri, 27 Jul 2012, Rob Crittenden wrote: Alexander Bokovoy wrote: On Thu, 26 Jul 2012, Alexander Bokovoy wrote: Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as: - root, for performing Samba configuration and using LDAPI/autobind - kinit-ed IPA admin us

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-27 Thread Rob Crittenden

Alexander Bokovoy wrote: On Thu, 26 Jul 2012, Alexander Bokovoy wrote: Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as: - root, for performing Samba configuration and using LDAPI/autobind - kinit-ed IPA admin user, to ensure proper ACIs are granted to

Re: [Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-26 Thread Alexander Bokovoy

On Thu, 26 Jul 2012, Alexander Bokovoy wrote: Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as: - root, for performing Samba configuration and using LDAPI/autobind - kinit-ed IPA admin user, to ensure proper ACIs are granted to fetch keytab As result

[Freeipa-devel] [PATCH] 0065 Ensure ipa-adtrust-install is run with administrator privileges and Kerberos ticket

2012-07-26 Thread Alexander Bokovoy

Hi, When setting up AD trusts support, ipa-adtrust-install utility needs to be run as: - root, for performing Samba configuration and using LDAPI/autobind - kinit-ed IPA admin user, to ensure proper ACIs are granted to fetch keytab As result, we can get rid of Directory Manager credentia

Re: [Freeipa-devel] [PATCH] 0065 Improve output validation

2012-06-26 Thread Rob Crittenden

Petr Viktorin wrote: In my patch 62 I fixed output validation. Since that patch was rejected, I'm submitting the fix separately. https://fedorahosted.org/freeipa/ticket/2860 ACK, pushed to master ___ Freeipa-devel mailing list Freeipa-devel@redhat.c

[Freeipa-devel] [PATCH] 0065 Improve output validation

2012-06-21 Thread Petr Viktorin

In my patch 62 I fixed output validation. Since that patch was rejected, I'm submitting the fix separately. https://fedorahosted.org/freeipa/ticket/2860 -- Petr³ From 0b4a8a1e4d827b6617bea747ea19be3ba0e636f4 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Fri, 15 Jun 2012 09:08:55 -0400 Sub

Re: [Freeipa-devel] [PATCH] 0065 Use ldapi with krb5kdc

2011-01-20 Thread Simo Sorce

On Thu, 20 Jan 2011 19:24:59 + JR Aquino wrote: > Patch works correctly. > > ACK thanks, pushed to master. Simo. -- Simo Sorce * Red Hat, Inc * New York ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/lis

Re: [Freeipa-devel] [PATCH] 0065 Use ldapi with krb5kdc

2011-01-20 Thread JR Aquino

On 1/20/11 10:11 AM, "Rob Crittenden" wrote: >JR Aquino wrote: >> NACK. >> >> Please retest this... I'm not sure how it is related, but I receive an >> error during the make rpm process: >> >> Traceback (most recent call last): >>File "./makeapi", line 27, in >> from ipalib import * >>

Re: [Freeipa-devel] [PATCH] 0065 Use ldapi with krb5kdc

2011-01-20 Thread Rob Crittenden

JR Aquino wrote: NACK. Please retest this... I'm not sure how it is related, but I receive an error during the make rpm process: Traceback (most recent call last): File "./makeapi", line 27, in from ipalib import * File "/usr/src/freeipa/rpmbuild/BUILD/freeipa-2.0.0GITb9ad279/ipalib/

Re: [Freeipa-devel] [PATCH] 0065 Use ldapi with krb5kdc

2011-01-20 Thread JR Aquino

NACK. Please retest this... I'm not sure how it is related, but I receive an error during the make rpm process: Traceback (most recent call last): File "./makeapi", line 27, in from ipalib import * File "/usr/src/freeipa/rpmbuild/BUILD/freeipa-2.0.0GITb9ad279/ipalib/__init__.py ", line

[Freeipa-devel] [PATCH] 0065 Use ldapi with krb5kdc

2011-01-19 Thread Simo Sorce

Long ago we decided to use the ldapi socket to let the KDC access the ldap data in order to avoid comunication over the network (even if it is 127.0.0.1). This patch finally implements that. Although beware that this patch will need you to either create custom policy or to set selinux in permissi

78 matches

Mail list logo