[Freeipa-devel] Freeipa-devel Digest, Vol 66, Issue 41
mohammad moeini
arta.moeini at gmail.com
Tue Nov 13 09:12:15 UTC 2012
Dear guys
my Problem solved about sudoers config and i'm sorry about writer
documention of ipa
this section
binddn uid=sudo,cn=sysaccounts,cn=etc,dc=nise,dc=ir
bindpw password
ssl start_tls
tls_cacertfile /etc/ipa/ca.crt
tls_checkpeer yes
bind_timelimit 5
timelimit 15
uri ldap://fs1.wedgeofli.me
sudoers_base ou=SUDOers,dc=wedgeofli,dc=me
*in document write this section must configure in nsld.conf*
*but at this config file it's not work
but when i put this in *
/etc/sudo.ldap sudo work
please change your document ,,, many peopel same me mybe working 3 week at
this problem and not found any solution for this
document it's biggest bug in ipa
regards moeini
On Mon, Nov 12, 2012 at 5:49 PM, <freeipa-devel-request at redhat.com> wrote:
> Send Freeipa-devel mailing list submissions to
> freeipa-devel at redhat.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://www.redhat.com/mailman/listinfo/freeipa-devel
> or, via email, send a message with subject or body 'help' to
> freeipa-devel-request at redhat.com
>
> You can reach the person managing the list at
> freeipa-devel-owner at redhat.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeipa-devel digest..."
>
>
> Today's Topics:
>
> 1. Re: Freeipa-devel Digest, Vol 66, Issue 34 (Dmitri Pal)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 12 Nov 2012 09:19:32 -0500
> From: Dmitri Pal <dpal at redhat.com>
> To: freeipa-devel at redhat.com
> Subject: Re: [Freeipa-devel] Freeipa-devel Digest, Vol 66, Issue 34
> Message-ID: <50A10574.8050303 at redhat.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> On 11/10/2012 09:14 AM, mohammad moeini wrote:
> > Dear Guyes
> >
> > i'm AAA Server administrator , I use freeipa for AAA server
> > i Have a Centos server and 50 client debian
> > i use the ipa v 3 and now have problem with join ipa clients becuse
> > not exisixt upper 2.1.4 package in debian distru
> > when i want compile ipa client on the folder ipa-client in cource get
> > the error krb5.h not exist , please help me anout dependency on the
> > freeipa v 3 o r say to me how can i config ipa v 3 for supporting ipa
> > client v 2.1.4
> >
> > Another my question is about sudoers i config sudoers seem of the all
> > domcumention free ipa and testing many soulution from Ldap or freeipa
> > or another way seem nscd.conf or sssd.conf or .... but not working and
> > just say to me your user is not is sudoers ,,, i don't know i must
> > doing any config in ldap schema or must create suoers group
> > please help me ,,, i run freeipa for first time in middle ease and i
> > want grow this at this point of world
> >
>
> Have you seen couple threads on freeipa-users about SUDO this and last
> month? Just search the archives.
> They have a lot of hints on how to configure sudo and make sure it works.
> SUDO changed the name of its config file recently and that have be a
> source of confusion is some cases.
> Anyways please read those threads and try to follow the instructions
> there (posts from JR are very helpful).
> If you still have problems please let us know more details.
>
>
> > Regards Moeini
> >
> >
> > On Fri, Nov 9, 2012 at 6:40 PM, <freeipa-devel-request at redhat.com
> > <mailto:freeipa-devel-request at redhat.com>> wrote:
> >
> > Send Freeipa-devel mailing list submissions to
> > freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> >
> > To subscribe or unsubscribe via the World Wide Web, visit
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
> > or, via email, send a message with subject or body 'help' to
> > freeipa-devel-request at redhat.com
> > <mailto:freeipa-devel-request at redhat.com>
> >
> > You can reach the person managing the list at
> > freeipa-devel-owner at redhat.com
> > <mailto:freeipa-devel-owner at redhat.com>
> >
> > When replying, please edit your Subject line so it is more specific
> > than "Re: Contents of Freeipa-devel digest..."
> >
> >
> > Today's Topics:
> >
> > 1. [PATCH] Add Beta versioning (Lynn Root)
> > 2. Re: [PATCH] Add Beta versioning (Petr Vobornik)
> > 3. Re: [PATCH] Add Beta versioning (Lynn Root)
> > 4. Re: [PATCH] Add Beta versioning (Martin Kosek)
> > 5. Re: [PATCH] 332 Do not require resolvable nameserver in DNS
> > install (Alexander Bokovoy)
> > 6. Re: [PATCH] 332 Do not require resolvable nameserver in DNS
> > install (Martin Kosek)
> > 7. Re: [PATCH] Switch %r specifiers to %s in Public errors
> > (Jan Cholasta)
> > 8. Re: [PATCH] 330 Disable global forwarding per-zone
> > (Rob Crittenden)
> > 9. Re: [PATCH] 330 Disable global forwarding per-zone (Martin
> > Kosek)
> >
> >
> >
> ----------------------------------------------------------------------
> >
> > Message: 1
> > Date: Fri, 9 Nov 2012 07:43:31 -0500 (EST)
> > From: Lynn Root <lroot at redhat.com <mailto:lroot at redhat.com>>
> > To: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: [Freeipa-devel] [PATCH] Add Beta versioning
> > Message-ID:
> > <943042161.7794393.1352465011767.JavaMail.root at redhat.com
> > <mailto:943042161.7794393.1352465011767.JavaMail.root at redhat.com>>
> > Content-Type: text/plain; charset="utf-8"
> >
> > The VERSION file and Makefile now handles 'beta' release
> > parameters when making s/rpms.
> >
> > Ticket: https://fedorahosted.org/freeipa/ticket/2893
> >
> > Lynn Root
> > Associate Software Engineer
> > Red Hat
> >
> > -------------- next part --------------
> > A non-text attachment was scrubbed...
> > Name: Add-Beta-versioning.patch
> > Type: text/x-patch
> > Size: 2522 bytes
> > Desc: not available
> > URL:
> > <
> https://www.redhat.com/archives/freeipa-devel/attachments/20121109/17627fbd/attachment.bin
> >
> >
> > ------------------------------
> >
> > Message: 2
> > Date: Fri, 09 Nov 2012 13:58:17 +0100
> > From: Petr Vobornik <pvoborni at redhat.com <mailto:pvoborni at redhat.com
> >>
> > To: Lynn Root <lroot at redhat.com <mailto:lroot at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] Add Beta versioning
> > Message-ID: <509CFDE9.70002 at redhat.com
> > <mailto:509CFDE9.70002 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> >
> > On 11/09/2012 01:43 PM, Lynn Root wrote:
> > > The VERSION file and Makefile now handles 'beta' release
> > parameters when making s/rpms.
> > >
> > > Ticket: https://fedorahosted.org/freeipa/ticket/2893
> > >
> > > Lynn Root
> > > Associate Software Engineer
> > > Red Hat
> >
> > Thanks for the patch.
> >
> > In a next patch, I'd suggest to follow patch-naming conventions
> > https://fedorahosted.org/freeipa/wiki/PatchFormat . Also include the
> > patch number into a mail subject, it helps to keeping track of
> > patches.
> >
> > --
> > Petr Vobornik
> >
> >
> >
> > ------------------------------
> >
> > Message: 3
> > Date: Fri, 9 Nov 2012 08:04:43 -0500 (EST)
> > From: Lynn Root <lroot at redhat.com <mailto:lroot at redhat.com>>
> > To: Petr Vobornik <pvoborni at redhat.com <mailto:pvoborni at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] Add Beta versioning
> > Message-ID:
> > <1940773203.7804090.1352466283311.JavaMail.root at redhat.com
> > <mailto:1940773203.7804090.1352466283311.JavaMail.root at redhat.com>>
> > Content-Type: text/plain; charset=utf-8
> >
> > Ah thank you - was going by the "Submit Changes" portion in
> > http://freeipa.org/page/Contribute#Development_Process, which has
> > less information (but clearly did not notice the Patch Format link
> > right above).
> >
> > Lynn Root
> > Associate Software Engineer
> > Red Hat
> >
> > ----- Original Message -----
> > From: "Petr Vobornik" <pvoborni at redhat.com
> > <mailto:pvoborni at redhat.com>>
> > To: "Lynn Root" <lroot at redhat.com <mailto:lroot at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Sent: Friday, November 9, 2012 1:58:17 PM
> > Subject: Re: [Freeipa-devel] [PATCH] Add Beta versioning
> >
> > On 11/09/2012 01:43 PM, Lynn Root wrote:
> > > The VERSION file and Makefile now handles 'beta' release
> > parameters when making s/rpms.
> > >
> > > Ticket: https://fedorahosted.org/freeipa/ticket/2893
> > >
> > > Lynn Root
> > > Associate Software Engineer
> > > Red Hat
> >
> > Thanks for the patch.
> >
> > In a next patch, I'd suggest to follow patch-naming conventions
> > https://fedorahosted.org/freeipa/wiki/PatchFormat . Also include the
> > patch number into a mail subject, it helps to keeping track of
> > patches.
> >
> > --
> > Petr Vobornik
> >
> >
> >
> > ------------------------------
> >
> > Message: 4
> > Date: Fri, 09 Nov 2012 14:07:05 +0100
> > From: Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
> > To: Lynn Root <lroot at redhat.com <mailto:lroot at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] Add Beta versioning
> > Message-ID: <509CFFF9.2070906 at redhat.com
> > <mailto:509CFFF9.2070906 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > Actually, there is a link in the Contribute wiki page for the
> > Patch format page:
> >
> > ...
> > Patch Format - Guidance about the patch format
> > ...
> >
> > We may want to make it more visible...
> >
> > Martin
> >
> > On 11/09/2012 02:04 PM, Lynn Root wrote:
> > > Ah thank you - was going by the "Submit Changes" portion in
> > http://freeipa.org/page/Contribute#Development_Process, which has
> > less information (but clearly did not notice the Patch Format link
> > right above).
> > >
> > > Lynn Root
> > > Associate Software Engineer
> > > Red Hat
> > >
> > > ----- Original Message -----
> > > From: "Petr Vobornik" <pvoborni at redhat.com
> > <mailto:pvoborni at redhat.com>>
> > > To: "Lynn Root" <lroot at redhat.com <mailto:lroot at redhat.com>>
> > > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > > Sent: Friday, November 9, 2012 1:58:17 PM
> > > Subject: Re: [Freeipa-devel] [PATCH] Add Beta versioning
> > >
> > > On 11/09/2012 01:43 PM, Lynn Root wrote:
> > >> The VERSION file and Makefile now handles 'beta' release
> > parameters when making s/rpms.
> > >>
> > >> Ticket: https://fedorahosted.org/freeipa/ticket/2893
> > >>
> > >> Lynn Root
> > >> Associate Software Engineer
> > >> Red Hat
> > >
> > > Thanks for the patch.
> > >
> > > In a next patch, I'd suggest to follow patch-naming conventions
> > > https://fedorahosted.org/freeipa/wiki/PatchFormat . Also include
> the
> > > patch number into a mail subject, it helps to keeping track of
> > patches.
> > >
> >
> >
> >
> > ------------------------------
> >
> > Message: 5
> > Date: Fri, 9 Nov 2012 15:15:09 +0200
> > From: Alexander Bokovoy <abokovoy at redhat.com
> > <mailto:abokovoy at redhat.com>>
> > To: Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] 332 Do not require resolvable
> > nameserver in DNS install
> > Message-ID: <20121109131509.GB14850 at redhat.com
> > <mailto:20121109131509.GB14850 at redhat.com>>
> > Content-Type: text/plain; charset=us-ascii; format=flowed
> >
> > On Fri, 09 Nov 2012, Martin Kosek wrote:
> > >As named.conf and bind-dyndb-plugin is not set up yet during DNS
> > >configuration phase, IPA hostname (i.e. the nameserver) should not
> > >be required be to resolvable in this phase.
> > >
> > >https://fedorahosted.org/freeipa/ticket/3248
> > ACK.
> >
> > --
> > / Alexander Bokovoy
> >
> >
> >
> > ------------------------------
> >
> > Message: 6
> > Date: Fri, 09 Nov 2012 14:26:18 +0100
> > From: Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
> > To: Alexander Bokovoy <abokovoy at redhat.com
> > <mailto:abokovoy at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] 332 Do not require resolvable
> > nameserver in DNS install
> > Message-ID: <509D047A.5030309 at redhat.com
> > <mailto:509D047A.5030309 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > On 11/09/2012 02:15 PM, Alexander Bokovoy wrote:
> > > On Fri, 09 Nov 2012, Martin Kosek wrote:
> > >> As named.conf and bind-dyndb-plugin is not set up yet during DNS
> > >> configuration phase, IPA hostname (i.e. the nameserver) should not
> > >> be required be to resolvable in this phase.
> > >>
> > >> https://fedorahosted.org/freeipa/ticket/3248
> > > ACK.
> > >
> >
> > Pushed to master, ipa-3-0.
> >
> > Martin
> >
> >
> >
> > ------------------------------
> >
> > Message: 7
> > Date: Fri, 09 Nov 2012 15:25:20 +0100
> > From: Jan Cholasta <jcholast at redhat.com <mailto:jcholast at redhat.com
> >>
> > To: Lynn Root <lroot at redhat.com <mailto:lroot at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] Switch %r specifiers to %s in
> > Public errors
> > Message-ID: <509D1250.5060404 at redhat.com
> > <mailto:509D1250.5060404 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> >
> > On 8.11.2012 17:22, Lynn Root wrote:
> > > Hmm I hope I understand well enough this time around.
> > >
> > > However, when I run the tests, there's this one error message I
> > come across from `test_user[97]: user_add: Create u'tuser2'` - it
> > throws `DatabaseError: Type or value exists`. I'm a bit lost on
> > how to track this down.
> > >
> > > Once again - thanks for your help!
> > >
> > > Lynn Root
> > > Associate Software Engineer
> > > Red Hat
> > >
> > > ----- Original Message -----
> > > From: "Martin Kosek" <mkosek at redhat.com <mailto:mkosek at redhat.com
> >>
> > > To: "Jan Cholasta" <jcholast at redhat.com
> > <mailto:jcholast at redhat.com>>
> > > Cc: "Lynn Root" <lroot at redhat.com <mailto:lroot at redhat.com>>,
> > freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > > Sent: Thursday, November 8, 2012 8:46:42 AM
> > > Subject: Re: [Freeipa-devel] [PATCH] Switch %r specifiers to %s
> > in Public errors
> > >
> > > On 11/07/2012 06:46 PM, Jan Cholasta wrote:
> > >> On 7.11.2012 16:08, Lynn Root wrote:
> > >>> Third time is a charm?
> > >>>
> > >>> Lynn Root
> > >>> Associate Software Engineer
> > >>> Red Hat
> > >>>
> > >>> ----- Original Message -----
> > >>> From: "Jan Cholasta" <jcholast at redhat.com
> > <mailto:jcholast at redhat.com>>
> > >>> To: "Lynn Root" <lroot at redhat.com <mailto:lroot at redhat.com>>
> > >>> Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > >>> Sent: Monday, November 5, 2012 10:25:32 AM
> > >>> Subject: Re: [Freeipa-devel] [PATCH] Switch %r specifiers to
> > %s in Public errors
> > >>>
> > >>> On 5.11.2012 09:43, Lynn Root wrote:
> > >>>> Here's try #2! Adjusted patch attached. Let me know if
> > there's anything
> > >>>> else I've missed.
> > >>>>
> > >>>> Switched %r specifiers to '%s' in Public errors, and adjusted
> > tests to
> > >>>> expect no preceding 'u'.
> > >>>>
> > >>>> Tickets: https://fedorahosted.org/freeipa/ticket/3121 &
> > >>>> https://fedorahosted.org/freeipa/ticket/2588
> > >>>>
> > >>>> Lynn Root
> > >>>> Associate Software Engineer
> > >>>> Red Hat
> > >>>>
> > >>>> ----- Original Message -----
> > >>>> From: "Martin Kosek" <mkosek at redhat.com
> > <mailto:mkosek at redhat.com>>
> > >>>> To: "Jan Cholasta" <jcholast at redhat.com
> > <mailto:jcholast at redhat.com>>
> > >>>> Cc: "Lynn Root" <lroot at redhat.com <mailto:lroot at redhat.com>>,
> > freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > >>>> Sent: Tuesday, October 30, 2012 9:08:33 AM
> > >>>> Subject: Re: [Freeipa-devel] [PATCH] Switch %r specifiers to
> > %s in Public
> > >>>> errors
> > >>>>
> > >>>> On 10/30/2012 09:04 AM, Jan Cholasta wrote:
> > >>>>> Hi,
> > >>>>>
> > >>>>> On 29.10.2012 19:54, Lynn Root wrote:
> > >>>>>> Hi all!
> > >>>>>>
> > >>>>>> This switch drops the preceding 'u' from strings in public
> > error messages.
> > >>>>>>
> > >>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/3121
> > >>>>>>
> > >>>>>> This patch also addresses the unfriendly 'u' from
> > re-raising errors from the
> > >>>>>> external call to netaddr.IPAddress by passing a bytestring
> > to the function.
> > >>>>>>
> > >>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/2588
> > >>>>>>
> > >>>>>>
> > >>>>>> My first patch (and freeipa dev list email) ever! Let me
> > know where there's
> > >>>>>> room to improve.
> > >>>>>>
> > >>>>>> Lynn Root
> > >>>>>> Associate Software Engineer
> > >>>>>> Red Hat
> > >>>>>>
> > >>>>>
> > >>>>> I think it would be nice if you kept the quotes around the
> > values, as that is
> > >>>>> probably the reason "%r" was used in the first place - i.e.
> > use "'%s'" instead
> > >>>>> of plain "%s".
> > >>>>
> > >>>> +1
> > >>>>
> > >>>> With current patch, I assume that a lot of unit tests will
> > fail as they check
> > >>>> exact error message wording. I'd recommend running the whole
> > test suite with
> > >>>> your second patch revision. There is a short walkthrough how
> > to set it up:
> > >>>>
> > >>>> http://freeipa.org/page/Testing
> > >>>>
> > >>>> Martin
> > >>>>
> > >>>
> > >>> You missed a few:
> > >>>
> > >>> $ git grep -En '%(\(.*?\))?r'
> > >>>
> > >>> Honza
> > >>>
> > >>
> > >> I think you have gone too far this time :-) It is not necessary
> > (or wise) to
> > >> get rid of %r *everywhere* in the code.
> > >
> > > Thanks Honza for pointing that out. It seems I missed that in
> > yesterday's
> > > review. Now, when I look at it, it indeed is not right.
> > >
> > >>
> > >> A few rules to keep in mind:
> > >>
> > >> * If it is not an error message, do not touch it (log
> > messages are not error
> > >> messages BTW).
> > >>
> > >> * If it is an error message for an exception that does not
> > inherit from
> > >> errors.PublicError, do not touch it (there might be a few
> > exceptions, though).
> > >
> > > Right. But for example, your netaddr str conversions should be
> > fine since the
> > > netaddr error is propagated up to the ValidationError.
> > >
> > > Martin
> > >
> > >>
> > >> * Use '%s' (%s with ticks) only for arguments whose value
> > can be only str or
> > >> unicode.
> > >>
> > >> Honza
> > >>
> > >
> >
> > This is better, thanks.
> >
> > In OverlapError.format, remove the ticks around %s, as we expect a
> > list
> > here (I think we could make it look prettier, similar to what
> > Martin did
> > in
> > <
> https://fedorahosted.org/freeipa/changeset/988ea368272822f2153563ad34554240e3377d60/
> >,
> > but I'm not sure if we want to do it in this ticket/patch).
> >
> > I'm not sure what to do about the ValidationError at
> > ipalib/parameters.py:882 and ipalib/parameters.py:1171. I think it
> > should be "TypeError(TYPE_ERROR % (self.name <http://self.name>,
> > self.type, value,
> > type(value)))" instead, as by the time parameters are validated
> > they are
> > the right type.
> >
> > Also there is one %r you missed in ipalib/parameters.py:1554.
> >
> > Honza
> >
> > --
> > Jan Cholasta
> >
> >
> >
> > ------------------------------
> >
> > Message: 8
> > Date: Fri, 09 Nov 2012 09:36:20 -0500
> > From: Rob Crittenden <rcritten at redhat.com
> > <mailto:rcritten at redhat.com>>
> > To: Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] 330 Disable global forwarding
> > per-zone
> > Message-ID: <509D14E4.70209 at redhat.com
> > <mailto:509D14E4.70209 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> >
> > Martin Kosek wrote:
> > > On 11/02/2012 11:08 AM, Martin Kosek wrote:
> > >> On 11/02/2012 10:51 AM, Jan Cholasta wrote:
> > >>> Hi,
> > >>>
> > >>> On 2.11.2012 09:12, Martin Kosek wrote:
> > >>>> On 11/01/2012 09:01 PM, Rob Crittenden wrote:
> > >>>>> Martin Kosek wrote:
> > >>>>>> bind-dyndb-ldap allows disabling global forwarder per-zone.
> > This may
> > >>>>>> be useful in a scenario when we do not want requests to
> > delegated
> > >>>>>> sub-zones (like sub.example.com <http://sub.example.com>.
> > in zone example.com <http://example.com>.) to be routed
> > >>>>>> through global forwarder.
> > >>>>>>
> > >>>>>> Few lines to help added to explain the feature to users too.
> > >>>>>>
> > >>>>>> https://fedorahosted.org/freeipa/ticket/3209
> > >>>>>>
> > >>>>>
> > >>>>> Fix two minor problems and you have an ACK.
> > >>>>>
> > >>>>> 1. It needs a minor rebase
> > >>>>> 2. The API needs to be updated
> > >>>>>
> > >>>>> rob
> > >>>>>
> > >>>>
> > >>>> Fixed both. After a short discussion with Petr Spacek I also
> > added a
> > >>>> possibility to set global dnsconfig to NONE.
> > >>>>
> > >>>> On a different note, I discovered that global forwarders in
> > >>>> bind-dyndb-ldap/bind are actually broken with referred
> > bind-dyndb-ldap/bind
> > >>>> version. Thus, we may want to bump bind-dyndb-ldap version in
> > spec when this is
> > >>>> resolved. (This should not affect diff in dns.py in any way).
> > >>>>
> > >>>> Martin
> > >>>>
> > >>>
> > >>> This might be a stupid question, but why is "NONE" in upper
> > case and the rest
> > >>> of the values in lower case?
> > >>>
> > >>> Honza
> > >>>
> > >>
> > >> This really doesn't matter function-wise, as bind-dydnb-ldap
> > does the
> > >> comparison in case insensitive way. My original intention was
> > to be consistent
> > >> with other NONE values we use across IPA and to distinguish the
> > value from
> > >> valid BIND values.
> > >>
> > >> But you are right that within dns plugin it makes more sense to
> > have it all
> > >> lowercase.
> > >>
> > >> Updated patch attached.
> > >>
> > >> Martin
> > >>
> > >
> > > bind-dyndb-ldap with fixed forwarding has been released. Sending
> > an updated
> > > patch for both master and ipa-3-0 branches with its version in
> > our spec file.
> > >
> > > Martin
> > >
> >
> > ACK x2
> >
> >
> >
> > ------------------------------
> >
> > Message: 9
> > Date: Fri, 09 Nov 2012 15:40:06 +0100
> > From: Martin Kosek <mkosek at redhat.com <mailto:mkosek at redhat.com>>
> > To: Rob Crittenden <rcritten at redhat.com <mailto:rcritten at redhat.com
> >>
> > Cc: freeipa-devel at redhat.com <mailto:freeipa-devel at redhat.com>
> > Subject: Re: [Freeipa-devel] [PATCH] 330 Disable global forwarding
> > per-zone
> > Message-ID: <509D15C6.7090806 at redhat.com
> > <mailto:509D15C6.7090806 at redhat.com>>
> > Content-Type: text/plain; charset=ISO-8859-1
> >
> > On 11/09/2012 03:36 PM, Rob Crittenden wrote:
> > > Martin Kosek wrote:
> > >> On 11/02/2012 11:08 AM, Martin Kosek wrote:
> > >>> On 11/02/2012 10:51 AM, Jan Cholasta wrote:
> > >>>> Hi,
> > >>>>
> > >>>> On 2.11.2012 09:12, Martin Kosek wrote:
> > >>>>> On 11/01/2012 09:01 PM, Rob Crittenden wrote:
> > >>>>>> Martin Kosek wrote:
> > >>>>>>> bind-dyndb-ldap allows disabling global forwarder
> > per-zone. This may
> > >>>>>>> be useful in a scenario when we do not want requests to
> > delegated
> > >>>>>>> sub-zones (like sub.example.com <http://sub.example.com>.
> > in zone example.com <http://example.com>.) to be routed
> > >>>>>>> through global forwarder.
> > >>>>>>>
> > >>>>>>> Few lines to help added to explain the feature to users too.
> > >>>>>>>
> > >>>>>>> https://fedorahosted.org/freeipa/ticket/3209
> > >>>>>>>
> > >>>>>>
> > >>>>>> Fix two minor problems and you have an ACK.
> > >>>>>>
> > >>>>>> 1. It needs a minor rebase
> > >>>>>> 2. The API needs to be updated
> > >>>>>>
> > >>>>>> rob
> > >>>>>>
> > >>>>>
> > >>>>> Fixed both. After a short discussion with Petr Spacek I also
> > added a
> > >>>>> possibility to set global dnsconfig to NONE.
> > >>>>>
> > >>>>> On a different note, I discovered that global forwarders in
> > >>>>> bind-dyndb-ldap/bind are actually broken with referred
> > bind-dyndb-ldap/bind
> > >>>>> version. Thus, we may want to bump bind-dyndb-ldap version
> > in spec when
> > >>>>> this is
> > >>>>> resolved. (This should not affect diff in dns.py in any way).
> > >>>>>
> > >>>>> Martin
> > >>>>>
> > >>>>
> > >>>> This might be a stupid question, but why is "NONE" in upper
> > case and the rest
> > >>>> of the values in lower case?
> > >>>>
> > >>>> Honza
> > >>>>
> > >>>
> > >>> This really doesn't matter function-wise, as bind-dydnb-ldap
> > does the
> > >>> comparison in case insensitive way. My original intention was
> > to be consistent
> > >>> with other NONE values we use across IPA and to distinguish
> > the value from
> > >>> valid BIND values.
> > >>>
> > >>> But you are right that within dns plugin it makes more sense
> > to have it all
> > >>> lowercase.
> > >>>
> > >>> Updated patch attached.
> > >>>
> > >>> Martin
> > >>>
> > >>
> > >> bind-dyndb-ldap with fixed forwarding has been released.
> > Sending an updated
> > >> patch for both master and ipa-3-0 branches with its version in
> > our spec file.
> > >>
> > >> Martin
> > >>
> > >
> > > ACK x2
> >
> > Pushed to master, ipa-3-0.
> >
> > Martin
> >
> >
> >
> > ------------------------------
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com <mailto:Freeipa-devel at redhat.com>
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
> >
> > End of Freeipa-devel Digest, Vol 66, Issue 34
> > *********************************************
> >
> >
> >
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
>
>
> --
> Thank you,
> Dmitri Pal
>
> Sr. Engineering Manager for IdM portfolio
> Red Hat Inc.
>
>
> -------------------------------
> Looking to carve out IT costs?
> www.redhat.com/carveoutcosts/
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://www.redhat.com/archives/freeipa-devel/attachments/20121112/78f25fec/attachment.html
> >
>
> ------------------------------
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
> End of Freeipa-devel Digest, Vol 66, Issue 41
> *********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20121113/7cdf198d/attachment.htm>
More information about the Freeipa-devel
mailing list