June 2018 - FreeIPA-devel - Fedora Mailing-Lists

[freeipa PR#2084][opened] Catch ACIError instead of invalid credentials

by tiran

URL: https://github.com/freeipa/freeipa/pull/2084 Author: tiran Title: #2084: Catch ACIError instead of invalid credentials Action: opened PR body: """ ipaldap's LDAPClient client turns INVALID_CREDENTIAL error into ACIError. Catch the ACIError and wait until the user has been replicated. Apparently no manual or automated test ran into the timeout during testing. Fixes: Fixes: https://pagure.io/freeipa/issue/7593 Signed-off-by: Christian Heimes <cheimes(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2084/head:pr2084 git checkout pr2084

5 years, 10 months

1
1
0 / 0

[freeipa PR#2083][opened] [Backport][ipa-4-6] Test for : ipa-client-install should not use hardcoded admin principal

by Tiboris

URL: https://github.com/freeipa/freeipa/pull/2083 Author: Tiboris Title: #2083: [Backport][ipa-4-6] Test for : ipa-client-install should not use hardcoded admin principal Action: opened PR body: """ This PR was opened automatically because PR #2043 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2083/head:pr2083 git checkout pr2083

5 years, 10 months

2
1
0 / 0

[freeipa PR#2081][opened] [Backport][ipa-4-6] Ensure that public cert and CA bundle are readable

by tiran

URL: https://github.com/freeipa/freeipa/pull/2081 Author: tiran Title: #2081: [Backport][ipa-4-6] Ensure that public cert and CA bundle are readable Action: opened PR body: """ In CIS hardened mode, the process umask is 027. This results in some files not being world readable. Ensure that write_certificate_list() calls in client installer, server installer, and upgrader create cert bundles with permission bits 0644. Make CA bundles, certs, and cert directories world-accessible in upgrader. Fixes: pagure.io/freeipa/issue/7594 Manual backport of PR #2057 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2081/head:pr2081 git checkout pr2081

5 years, 10 months

1
1
0 / 0

[freeipa PR#2043][opened] Test for : ipa-client-install should not use hardcoded admin principal

by amore17

URL: https://github.com/freeipa/freeipa/pull/2043 Author: amore17 Title: #2043: Test for : ipa-client-install should not use hardcoded admin principal Action: opened PR body: """ Related to : https://pagure.io/freeipa/issue/5406 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2043/head:pr2043 git checkout pr2043

5 years, 10 months

2
1
0 / 0

[freeipa PR#2078][opened] [Backport][ipa-4-6] Prevent the creation on users and groups with numeric characters only

by netoarmando

URL: https://github.com/freeipa/freeipa/pull/2078 Author: netoarmando Title: #2078: [Backport][ipa-4-6] Prevent the creation on users and groups with numeric characters only Action: opened PR body: """ Update regular expression validator to prevent user and group creation. Fixes: https://pagure.io/freeipa/issue/7572 Signed-off-by: Armando Neto <abiagion(a)redhat.com> Manual backport of #2067 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2078/head:pr2078 git checkout pr2078

5 years, 10 months

2
1
0 / 0

[freeipa PR#2077][opened] ipaserver/dcerpc.py: handle indirect topology conflicts

by abbra

URL: https://github.com/freeipa/freeipa/pull/2077 Author: abbra Title: #2077: ipaserver/dcerpc.py: handle indirect topology conflicts Action: opened PR body: """ Backport for 4.6: When AD forest A has a trust with a forest B that claims ownership of a domain name (TLN) owned by an IPA forest, we need to build exclusion record for that specific TLN, not our domain name. Use realmdomains to find a correct exclusion entry to build. Fixes: https://pagure.io/freeipa/issue/7370 Reviewed-By: Armando Neto <abiagion(a)redhat.com> Reviewed-By: Rob Crittenden <rcritten(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2077/head:pr2077 git checkout pr2077

5 years, 10 months

1
1
0 / 0

[freeipa PR#2079][opened] ipa-client-install: enable and start oddjobd if mkhomedir

by flo-renaud

URL: https://github.com/freeipa/freeipa/pull/2079 Author: flo-renaud Title: #2079: ipa-client-install: enable and start oddjobd if mkhomedir Action: opened PR body: """ Since the switch to authselect, the service oddjobd is not automatically enabled when ipa client is installed with `--mkhomedir`. The fix makes sure that the service is enabled/started, and stores the pre-install state in sysrestore.state, in order to revert to the pre-install state when uninstall is called The commit also add a test. https://pagure.io/freeipa/issue/7604 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2079/head:pr2079 git checkout pr2079

5 years, 10 months

2
1
0 / 0

[freeipa PR#2075][opened] [WIP] Run tests with latest Custodia

by tiran

URL: https://github.com/freeipa/freeipa/pull/2075 Author: tiran Title: #2075: [WIP] Run tests with latest Custodia Action: opened PR body: """ Verify that FreeIPA works with Custodia 0.6.0 and jwcrypto 0.5.0. I have added builds to https://copr.fedorainfracloud.org/coprs/g/freeipa/freeipa-master/ Signed-off-by: Christian Heimes <cheimes(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2075/head:pr2075 git checkout pr2075

5 years, 10 months

1
1
0 / 0

[freeipa PR#2070][opened] [testing_master] Nightly PR

by freeipa-pr-ci

URL: https://github.com/freeipa/freeipa/pull/2070 Author: freeipa-pr-ci Title: #2070: [testing_master] Nightly PR Action: opened PR body: """ None """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2070/head:pr2070 git checkout pr2070

5 years, 10 months

1
1
0 / 0

[freeipa PR#2067][opened] Prevent the creation on users and groups with numeric characters only

by netoarmando

URL: https://github.com/freeipa/freeipa/pull/2067 Author: netoarmando Title: #2067: Prevent the creation on users and groups with numeric characters only Action: opened PR body: """ Update regular expression validator to prevent user and group creation. Issue: https://pagure.io/freeipa/issue/7572 The expression updated by this PR was changed only twice [since the beginging on project](https://github.com/freeipa/freeipa/blob/d1691eee88c5462ef1d01561...: - [first change](https://github.com/freeipa/freeipa/commit/37200806118d39ef8afe84a... removed the lenght limit - [second change](https://github.com/freeipa/freeipa/commit/8f8e3d008f1de91337a83ea... unified the expression used by user and group in the `constants.py` file This PR doesn't prevent the creation of user or groups starting with a number. Related info: https://access.redhat.com/solutions/3103631 Also, I haven't updated the error message, should I do it? If so, possible wording: ``` may only include letters, numbers, _, -, ., $ and must contain a letter ``` It seems that _systemd_ has a [stricter set of rules](https://github.com/systemd/systemd/blob/master/src/basic/user-util..., which I think it could affect FreeIPA in the future: > - We don't allow any dots (this would break chown syntax which permits dots as user/group name separator) > - We require that names fit into the appropriate utmp field > - We don't allow empty user names """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2067/head:pr2067 git checkout pr2067

5 years, 10 months

1
1
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

FreeIPA-devel June 2018