January 2018 - FreeIPA-devel - Fedora Mailing-Lists

[freeipa PR#1486][opened] Fix pylint error in ipapython/dn.py

by tiran

URL: https://github.com/freeipa/freeipa/pull/1486 Author: tiran Title: #1486: Fix pylint error in ipapython/dn.py Action: opened PR body: """ ipapython/dn.py:1324: [R1710(inconsistent-return-statements), DN.__contains__] Either all return statements in a function should return an expression, or none of them should.) Signed-off-by: Christian Heimes <cheimes(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1486/head:pr1486 git checkout pr1486

5 years, 2 months

1
1
0 / 0

[freeipa PR#1447][opened] Custom ca-subject logging

by amitkumar50

URL: https://github.com/freeipa/freeipa/pull/1447 Author: amitkumar50 Title: #1447: Custom ca-subject logging Action: opened PR body: """ Present Situation: Logging is a bit incomplete when using a custom CA subject passed in via --ca-subject. If there is a problem finding the IPA CA certificate then the installer will log: >ERROR IPA CA certificate not found in /tmp/servercert.pem, /tmp/cacert.pem After the Fix this sort of log is seen: >ipa.ipapython.install.cli.install_tool(Server): DEBUG The ipa-server-install command failed, exception: ScriptError: >IPA CA certificate not found in /root/ipa.cert, /root/rootCA.crt. >Wrong CA Certificate File found >CA certificate subject 'CN=testers,OU=Hong Kong CA Org,O=Hong Kong CA,L=Hong Kong,ST=BRazial,C=US' Resolves: https://pagure.io/freeipa/issue/7245 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1447/head:pr1447 git checkout pr1447

5 years, 2 months

2
1
0 / 0

[freeipa PR#1481][opened] Lower python-ldap requirement for F27

by tiran

URL: https://github.com/freeipa/freeipa/pull/1481 Author: tiran Title: #1481: Lower python-ldap requirement for F27 Action: opened PR body: """ For DNSSEC daemons on Python 3, python-ldap requirement was bumped to python-ldap 3.0. But python-ldap 3.0 hasn't been released yet and is only available as beta4 on rawhide. The DNSSEC fix hasn't landed either. Lower requirements to python2-ldap 2.4.15 and python3-pyldap 2.4.35.1-2 until the DNSSEC fix has landed. See https://pagure.io/freeipa/issue/7257 See https://github.com/freeipa/freeipa/pull/1289 Signed-off-by: Christian Heimes <cheimes(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1481/head:pr1481 git checkout pr1481

5 years, 2 months

1
1
0 / 0

Testing extdom plugin directly

by Sumit Bose

Hi, please find attached a small python class (generated with asn1ate) which might help to generate the needed data to send a request to the extdom plugin directly. This might be useful to write tests. To generate the base64 encoded data needed e.g. for the ldapexop command I used: from pyasn1.codec.der.encoder import encode as der_encoder from base64 import b64encode from pyasn1.codec.native.decoder import decode from s2n_req import ExtdomRequestValue ad_user = 'aduser' ad_domain = 'ad.domain' request_type = 'full' name = { 'domainname' : ad_domain, 'objectname' : ad_user } data = { 'name' : name } r = { 'inputType' : 'name' , 'requestType' : request_type, 'data' : data } req = decode(r, asn1Spec=ExtdomRequestValue()) der_serialisation = der_encoder(req) print b64encode(der_serialisation) (sorry for the bad python) $ python my_req.py MBsKAQIKAQIwEwQJYWQuZG9tYWluBAZhZHVzZXI= Now you can send the request to the extdom plugin by calling: ldapexop -x 2.16.840.1.113730.3.8.10.4.1::MBsKAQIKAQIwEwQJYWQuZG9tYWluBAZhZHVzZXI= If the user was found ldapexop will return a base64 encoded reply. So far using e.g. dumpasn1 was sufficient for me to look at the reply because I mainly used the requests to generate load for the extdom plugin and didn't cared much about the reply. But if I'll find some time I might add a class to decode the reply properly later. HTH bye, Sumit

5 years, 2 months

1
0
0 / 0

[freeipa PR#1476][opened] [Backport][ipa-4-6] Checks if Dir Server is installed and running before IPA installation

by flo-renaud

URL: https://github.com/freeipa/freeipa/pull/1476 Author: flo-renaud Title: #1476: [Backport][ipa-4-6] Checks if Dir Server is installed and running before IPA installation Action: opened PR body: """ In cases when IPA is installed in two steps (external CA), it's necessary to check (in the second step) if Dir. Server is running before continue with the installation. If it's not, start Directory Server. https://pagure.io/freeipa/issue/6611 Reviewed-By: Fraser Tweedale <ftweedal(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1476/head:pr1476 git checkout pr1476

5 years, 2 months

1
1
0 / 0

[freeipa PR#1478][opened] [Backport][ipa-4-6] Fixing test_backup_and_restore assert to do not rely on the order of returned data

by Tiboris

URL: https://github.com/freeipa/freeipa/pull/1478 Author: Tiboris Title: #1478: [Backport][ipa-4-6] Fixing test_backup_and_restore assert to do not rely on the order of returned data Action: opened PR body: """ This PR was opened automatically because PR #1446 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1478/head:pr1478 git checkout pr1478

5 years, 2 months

1
1
0 / 0

[freeipa PR#1446][opened] Fixing test_backup_and_restore assert to do not rely on the order of returned data

by felipevolpone

URL: https://github.com/freeipa/freeipa/pull/1446 Author: felipevolpone Title: #1446: Fixing test_backup_and_restore assert to do not rely on the order of returned data Action: opened PR body: """ Since we cannot assume that LDAP will return data in an ordered way, the test should be changed to do not rely on that. Instead of just comparing the output of the show-user command, this change first order the groups returned in the 'Member of Group' field before compare them. https://pagure.io/freeipa/issue/7339 The result (green tests) can be checked here: https://fedorapeople.org/groups/freeipa/prci/jobs/c43c46d0-f4aa-11e7-925b... This PR depends on the PR #1354 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1446/head:pr1446 git checkout pr1446

5 years, 2 months

2
1
0 / 0

[freeipa PR#1475][opened] [Backport][ipa-4-6] replica_prepare: Remove the correct NSS DB files

by stlaz

URL: https://github.com/freeipa/freeipa/pull/1475 Author: stlaz Title: #1475: [Backport][ipa-4-6] replica_prepare: Remove the correct NSS DB files Action: opened PR body: """ This PR was opened automatically because PR #1473 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1475/head:pr1475 git checkout pr1475

5 years, 2 months

2
1
0 / 0

[freeipa PR#1448][opened] test_caless: add SAN extension to server certs

by Rezney

URL: https://github.com/freeipa/freeipa/pull/1448 Author: Rezney Title: #1448: test_caless: add SAN extension to server certs Action: opened PR body: """ Currently when testing we are using SAN extension only in KDC, wildcard certs and not in the valid http/ds certs. During replica installation we then see a warning about certs having no `subjectAltName`. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1448/head:pr1448 git checkout pr1448

5 years, 2 months

2
1
0 / 0

[freeipa PR#1468][opened] test_gssproxy: test duplicated sections

by Rezney

URL: https://github.com/freeipa/freeipa/pull/1468 Author: Rezney Title: #1468: test_gssproxy: test duplicated sections Action: opened PR body: """ Related to the issue where ipa-server-install failed because gssproxy was not able to start due to a duplicated section https://pagure.io/freeipa/issue/7363 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1468/head:pr1468 git checkout pr1468

5 years, 2 months

1
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

FreeIPA-devel January 2018