May 2021 - FreeIPA-devel - Fedora Mailing-Lists

[freeipa PR#5780][opened] ipatests: dnssec: Add alternative approach for checking chain of trust

by stanislavlevin

URL: https://github.com/freeipa/freeipa/pull/5780 Author: stanislavlevin Title: #5780: ipatests: dnssec: Add alternative approach for checking chain of trust Action: opened PR body: """ drill is currently broken on F34. Fortunately, there are another tools for checking DNSSEC trust. One of them is `delv`: delv is a tool for sending DNS queries and validating the results, using the same internal resolver and validator logic as named. delv sends to a specified name server all queries needed to fetch and validate the requested data; this includes the original requested query, subsequent queries to follow CNAME or DNAME chains, queries for DNSKEY, and DS records to establish a chain of trust for DNSSEC validation. It does not perform iterative resolution, but simulates the behavior of a name server configured for DNSSEC validating and forwarding. - mark as XFAIL `test_chain_of_trust_drill` on F34 - conditionally skip `test_chain_of_trust_delv` (requires delv > 9.15.4 for `+yaml`) Related: https://pagure.io/freeipa/issue/8793 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5780/head:pr5780 git checkout pr5780

2 years, 4 months

1
1
0 / 0

[freeipa PR#5790][opened] azure: bump F32->F34

by stanislavlevin

URL: https://github.com/freeipa/freeipa/pull/5790 Author: stanislavlevin Title: #5790: azure: bump F32->F34 Action: opened PR body: """ Bundle of changes required for F34 on Azure. Shuffling of tests between envs may still be required (under testing for stability). Fixes: https://pagure.io/freeipa/issue/8848 Opened here for preview. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5790/head:pr5790 git checkout pr5790

2 years, 4 months

2
1
0 / 0

[freeipa PR#5789][opened] [Backport][ipa-4-9] ipatests: kinit on server for test_proxycommand_invalid_shell

by flo-renaud

URL: https://github.com/freeipa/freeipa/pull/5789 Author: flo-renaud Title: #5789: [Backport][ipa-4-9] ipatests: kinit on server for test_proxycommand_invalid_shell Action: opened PR body: """ This PR was opened automatically because PR #5767 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5789/head:pr5789 git checkout pr5789

2 years, 4 months

1
1
0 / 0

[freeipa PR#5785][opened] [Backport][ipa-4-9] Add argument for --entry option in ipa-managed-entries.1

by rcritten

URL: https://github.com/freeipa/freeipa/pull/5785 Author: rcritten Title: #5785: [Backport][ipa-4-9] Add argument for --entry option in ipa-managed-entries.1 Action: opened PR body: """ This PR was opened automatically because PR #5783 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5785/head:pr5785 git checkout pr5785

2 years, 4 months

2
1
0 / 0

[freeipa PR#5786][opened] [Backport][ipa-4-9] Remove -s option from ipa-ldap-updater usage

by rcritten

URL: https://github.com/freeipa/freeipa/pull/5786 Author: rcritten Title: #5786: [Backport][ipa-4-9] Remove -s option from ipa-ldap-updater usage Action: opened PR body: """ This PR was opened automatically because PR #5782 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5786/head:pr5786 git checkout pr5786

2 years, 4 months

2
1
0 / 0

[freeipa PR#5787][opened] [Backport][ipa-4-9] Add ability to search on certificate revocation status

by rcritten

URL: https://github.com/freeipa/freeipa/pull/5787 Author: rcritten Title: #5787: [Backport][ipa-4-9] Add ability to search on certificate revocation status Action: opened PR body: """ This is a manual backport of one commit from PR https://github.com/freeipa/freeipa/pull/5701 This adds the ability to search for certificates based on status. The other commit from that PR is in the process of being reverted. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5787/head:pr5787 git checkout pr5787

2 years, 4 months

2
1
0 / 0

[freeipa PR#5767][opened] ipatests: kinit on server for test_proxycommand_invalid_shell

by rcritten

URL: https://github.com/freeipa/freeipa/pull/5767 Author: rcritten Title: #5767: ipatests: kinit on server for test_proxycommand_invalid_shell Action: opened PR body: """ We've seen some intermittent failures of this test with warnings about passwords about to expire. We suspect there may be a time difference between the client and server so set the passwords on the server instead to be sure that time is correct. https://pagure.io/freeipa/issue/8785 Signed-off-by: Rob Crittenden <rcritten(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5767/head:pr5767 git checkout pr5767

2 years, 4 months

2
1
0 / 0

[freeipa PR#5788][opened] WIP: Bronze Bit KDB fixes

by frozencemetery

URL: https://github.com/freeipa/freeipa/pull/5788 Author: frozencemetery Title: #5788: WIP: Bronze Bit KDB fixes Action: opened PR body: """ A WIP PR for this branch as requested. It is expected to not pass CI, which is for two reasons. First, it needs the [krb5 branch](https://github.com/krb5/krb5/pull/1159). Second, because the krb5 branch isn't all tested good - RBCD doesn't work right, and I'm still trying to get testing against local AD working. (If anyone is up for providing feedback on that, it would be appreciated.) And if I'm being honest, this code is probably buggy too, so that's three reasons. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5788/head:pr5788 git checkout pr5788

2 years, 4 months

1
0
0 / 0

[freeipa PR#5784][opened] Revert "Only request VALID certs when revoking certs for a host/service"

by rcritten

URL: https://github.com/freeipa/freeipa/pull/5784 Author: rcritten Title: #5784: Revert "Only request VALID certs when revoking certs for a host/service" Action: opened PR body: """ This reverts commit aa1350384ad6a7d6b2f6056d99fbb43c5c5a6be7. The search for certificates is a complex, three-step process, which filters results in subsequent searches. This filters out non-relevant certificates when deleting a host or service. This patch breaks that so deleting one service of a host will revoke *all* certificates for that host. Another attempt will be made separately to implement this. https://pagure.io/freeipa/issue/7835 Signed-off-by: Rob Crittenden rcritten(a)redhat.com """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5784/head:pr5784 git checkout pr5784

2 years, 4 months

1
1
0 / 0

[freeipa PR#5723][opened] [Backport][ipa-4-9] Only request VALID certs when revoking certs for a host/service

by flo-renaud

URL: https://github.com/freeipa/freeipa/pull/5723 Author: flo-renaud Title: #5723: [Backport][ipa-4-9] Only request VALID certs when revoking certs for a host/service Action: opened PR body: """ This PR was opened automatically because PR #5701 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5723/head:pr5723 git checkout pr5723

2 years, 4 months

2
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

FreeIPA-devel May 2021