November 2020 - FreeIPA-devel - Fedora mailing-lists

[freeipa PR#5204][opened] Test with python-ldap 3.3.1
by tiran 03 Dec '20

03 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5204 Author: tiran Title: #5204: Test with python-ldap 3.3.1 Action: opened PR body: """ Signed-off-by: Christian Heimes <cheimes(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5204/head:pr5204 git checkout pr5204

1 1

[freeipa PR#5303][opened] ipatests: fix TestTrust::test_subordinate_suffix
by flo-renaud 02 Dec '20

02 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5303 Author: flo-renaud Title: #5303: ipatests: fix TestTrust::test_subordinate_suffix Action: opened PR body: """ The test test_subordinate_suffix is failing when configuring the DNS for the trust, because the dnsforwardzone already exists. It was configured during the previous test for nonposix trust. At the end of the tests for nonposix trust, unconfigure the DNS and the trust before calling the subordinate_suffix test, and add a test cleaning up subordinate_suffix test. Fixes: https://pagure.io/freeipa/issue/8601 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5303/head:pr5303 git checkout pr5303

2 1

[freeipa PR#5305][opened] Add IPA RA Agent to ACME group on the CA
by rcritten 02 Dec '20

02 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5305 Author: rcritten Title: #5305: Add IPA RA Agent to ACME group on the CA Action: opened PR body: """ Add IPA RA Agent to ACME group on the CA Move the addition of the RA agent to the ACME Enterprise Users group into setup_acme() so it is also added on upgrades. This allows ipa-acme-manage to authenticate to the CA REST API using the RA Agent credentials. https://pagure.io/freeipa/issue/8603 Signed-off-by: Rob Crittenden <rcritten(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5305/head:pr5305 git checkout pr5305

2 1

[freeipa PR#5294][opened] Allow Apache to answer to ipa-ca requests without a redirect
by rcritten 02 Dec '20

02 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5294 Author: rcritten Title: #5294: Allow Apache to answer to ipa-ca requests without a redirect Action: opened PR body: """ Allow Apache to answer to ipa-ca requests without a redirect Any request other than the FQDN is redirected with a permanent move (301). Allowing ipa-ca as a valid name saves a round-trip. This is only allowed on /ca, /kra, /pki, /acme and /ipa/crl. https://pagure.io/freeipa/issue/8595 Signed-off-by: Rob Crittenden <rcritten(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5294/head:pr5294 git checkout pr5294

2 1

[freeipa PR#5110][opened] ipatests: webui: test_host.py Fix expected item visibility
by miskopo 02 Dec '20

02 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5110 Author: miskopo Title: #5110: ipatests: webui: test_host.py Fix expected item visibility Action: opened PR body: """ Fix test to expect `request_cert` to be visible in host drop-down menu. Signed-off-by: Michal Polovka <mpolovka(a)redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5110/head:pr5110 git checkout pr5110

2 1

[freeipa PR#5199][opened] Change KRA profiles in certmonger tracking so they can renew
by rcritten 01 Dec '20

01 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5199 Author: rcritten Title: #5199: Change KRA profiles in certmonger tracking so they can renew Action: opened PR body: """ Change KRA profiles in certmonger tracking so they can renew Internal profiles were assigned which prevented rewewals. dogtag is providing a new profile for the audit signing cert, caAuditSigningCert. There are existing profiles for the transport (caTransportCert) and storage (caStorageCert) certificates. https://pagure.io/freeipa/issue/8545 Signed-off-by: Rob Crittenden <rcritten(a)redhat.com> **NOTE**: This is WIP because the necessary profile is only in the pki nightly repo. We want this backported to other supported IPA branches but they may be delayed depending on when pki builds are available. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5199/head:pr5199 git checkout pr5199

2 1

[freeipa PR#3275][opened] Issue 7975 - Accept 389-ds JSON replication status messages
by marcus2376 01 Dec '20

01 Dec '20

URL: https://github.com/freeipa/freeipa/pull/3275 Author: marcus2376 Title: #3275: Issue 7975 - Accept 389-ds JSON replication status messages Action: opened PR body: """ Description: 389-ds now stores a replication agreement status message in a JSON string in a new attribute: replicaLastInitStatusJSON replicaLastUpdateStatusJSON The original status attributes' values are not changing at this time, but there are plans to do so eventually as the old status format is confusing. http://www.port389.org/docs/389ds/design/repl-agmt-status-design.html https://pagure.io/freeipa/issue/7975 Reviewed by: ? """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/3275/head:pr3275 git checkout pr3275

3 2

[freeipa PR#5304][opened] [Backport][ipa-4-9] Always define the path DNSSEC_OPENSSL_CONF
by flo-renaud 01 Dec '20

01 Dec '20

URL: https://github.com/freeipa/freeipa/pull/5304 Author: flo-renaud Title: #5304: [Backport][ipa-4-9] Always define the path DNSSEC_OPENSSL_CONF Action: opened PR body: """ This PR was opened automatically because PR #5292 was pushed to master and backport to ipa-4-9 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5304/head:pr5304 git checkout pr5304

1 1

[freeipa PR#5292][opened] Always define the path DNSSEC_OPENSSL_CONF
by flo-renaud 30 Nov '20

30 Nov '20

URL: https://github.com/freeipa/freeipa/pull/5292 Author: flo-renaud Title: #5292: Always define the path DNSSEC_OPENSSL_CONF Action: opened PR body: """ The variable was None by default and set to /etc/ipa/dnssec/openssl.cnf for fedora only because the code is specific to the support of pkcs11 engine for bind. As a consequence ipa-backup had a "None" value in the list of files to backup and failed on Exception. ipa-backup code is able to handle missing files, and the code using the pkcs11 engine is called only when NAMED_OPENSSL_ENGINE is set (only in fedora so far). It is safe to always define a value for DNSSEC_OPENSSL_CONF even on os where it does not exist. Fixes: https://pagure.io/freeipa/issue/8597 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5292/head:pr5292 git checkout pr5292

1 1

[freeipa PR#4867][reopened] ipatests: test_epn - generate large batch of users
by abbra 29 Nov '20

29 Nov '20

URL: https://github.com/freeipa/freeipa/pull/4867 Author: miskopo Title: #4867: ipatests: test_epn - generate large batch of users Action: reopened To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/4867/head:pr4867 git checkout pr4867

1 0

2024

2023

2022

2021

2020

2019

2018

2017

FreeIPA-devel November 2020