URL: https://github.com/freeipa/freeipa/pull/5162
Author: tiran
Title: #5162: configure_dns_resolver: call self.restore_context
Action: opened
PR body:
"""
Use the platform implementation of restore_context() instead of the base
implementation.
Fixes: https://pagure.io/freeipa/issue/8518
Signed-off-by: Christian Heimes <cheimes(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5162/head:pr5162
git checkout pr5162
URL: https://github.com/freeipa/freeipa/pull/5165
Author: tiran
Title: #5165: Reduce long sleeps in certmonger wait_for_request()
Action: opened
PR body:
"""
## Add helper for poll/sleep loops with timeout
The Sleeper class is a helper that makes poll/sleep loops with timeout
easier to write. It takes care of edge cases and does not oversleep
timeout deadline.
## Faster certmonger wait_for_request()
wait_for_request() now waits 0.5 instead of 5 seconds. This shoves off
15 to 20 seconds from ipa-server-install while marginally increased
load on the system.
Related: https://pagure.io/freeipa/issue/8521
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5165/head:pr5165
git checkout pr5165
URL: https://github.com/freeipa/freeipa/pull/5163
Author: tiran
Title: #5163: [Backport][ipa-4-8] Add missing fedora_container platform members
Action: opened
PR body:
"""
This PR was opened automatically because PR #5161 was pushed to master and backport to ipa-4-8 is required.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5163/head:pr5163
git checkout pr5163
URL: https://github.com/freeipa/freeipa/pull/5159
Author: tiran
Title: #5159: [Backport][ipa-4-8] Use single update LDIF for indices and add more indices
Action: closed
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5159/head:pr5159
git checkout pr5159
URL: https://github.com/freeipa/freeipa/pull/5161
Author: tiran
Title: #5161: Add missing fedora_container platform members
Action: opened
PR body:
"""
The fedora_container platform was missing User and Group members.
Add test case to verify that all known platforms define correct module
API.
Fixes: https://pagure.io/freeipa/issue/8519
Signed-off-by: Christian Heimes <cheimes(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5161/head:pr5161
git checkout pr5161
URL: https://github.com/freeipa/freeipa/pull/5157
Author: tiran
Title: #5157: Use single update LDIF for indices and add more indices
Action: opened
PR body:
"""
## Use single update LDIF for indices
Index definitions were split across four files. indices.ldif contained
the initial subset of indices. Three update files partly duplicated the
indices and partly added new indices.
All indices are now defined in a single update file that is sorted
alphanumerically.
The changeset avoids two additional index tasks and reduces installation
time by 5 to 10 seconds.
## Add more indices
ipaCASubjectDN is used by lightweight sub CA feature.
ipaExternalMember is used by ipasam code to assemble MS-PAC records.
ipaNTSecurityIdentifier was only index for "pres" and was missing an
index on "eq". Samba performs queries with SID string.
memberPrincipal is used by S4U2Proxy constrained delegation and by
ipa-custodia.
Also note that dnaHostname, ipServiceProtocol, ipaCertSubject, and
ipaKeyUsage are currently not index because an index would rarely used
or have a poor selectivity.
Fixes: https://pagure.io/freeipa/issue/8493
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5157/head:pr5157
git checkout pr5157
URL: https://github.com/freeipa/freeipa/pull/5158
Author: tiran
Title: #5158: [Backport][ipa-4-8] Ensure that resolved.conf.d is accessible
Action: opened
PR body:
"""
This PR was opened automatically because PR #5156 was pushed to master and backport to ipa-4-8 is required.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5158/head:pr5158
git checkout pr5158
URL: https://github.com/freeipa/freeipa/pull/5156
Author: tiran
Title: #5156: Ensure that resolved.conf.d is accessible
Action: opened
PR body:
"""
systemd-resolved runs as user systemd-resolve. Ensure that
resolved.conf.d drop-in directory is accessible when installer runs with
restricted umask. Also ensure the file and directory has correct SELinux
context.
The parent directory /etc/systemd exists on all platforms.
Fixes: Fixes: https://pagure.io/freeipa/issue/8275
Signed-off-by: Christian Heimes <cheimes(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5156/head:pr5156
git checkout pr5156
URL: https://github.com/freeipa/freeipa/pull/5155
Author: tiran
Title: #5155: [Backport][ipa-4-8] Pre-populate IP addresses for the name server upgrades
Action: opened
PR body:
"""
This PR was opened automatically because PR #5153 was pushed to master and backport to ipa-4-8 is required.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5155/head:pr5155
git checkout pr5155
URL: https://github.com/freeipa/freeipa/pull/5153
Author: abbra
Title: #5153: Pre-populate IP addresses for the name server upgrades
Action: opened
PR body:
"""
Setting up resolv.conf in BIND instance expects IP addresses of the
server to be provided. This is done wiht BindInstance.setup() method
call. However, when reusing resolver setup during upgrade BIND instance
has no IP addresses configured and fails with an assert in
tasks.configure_dns_resolver().
Pass through the server's IP addresses during upgrade.
Fixes: https://pagure.io/freeipa/issue/8518
Signed-off-by: Alexander Bokovoy <abokovoy(a)redhat.com>
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5153/head:pr5153
git checkout pr5153