-NAME
We cannot really automate it as export of the database will require
enough space to handle it. You can adjust optiosn to bdb2mdb subcommand
to specify a temporary location for that but the command needs to be run
by the administrators manually.
--
/ Alexander Bokovoy
Sr. Principal Sof
ng back at this thread, I see this:
On 6/24/25 6:03 AM, Alexander Bokovoy wrote:
On Аўт, 24 чэр 2025, Tomasz Torcz wrote:
Some FreeIPA installations (like mine) were created long before F40
and upgraded over the years.
Yes, you need to follow major RHEL IdM upgrade procedure that all RHEL
u
for non-disruptive operation.
It is meant to read-only processing of existing BDB content to produce
an LDIF text file to load after the backend replacement. The backend
replacement also means that the database is not accessible until the
change has been completed.
--
/ Alexander Bokovoy
Sr. Principal
On Аўт, 24 чэр 2025, Tomasz Torcz wrote:
On Tue, Jun 24, 2025 at 02:03:09PM +0300, Alexander Bokovoy wrote:
On Аўт, 24 чэр 2025, Tomasz Torcz wrote:
> On Tue, Jun 24, 2025 at 10:40:55AM +0100, Aoife Moloney via devel-announce
wrote:
> > == Upgrade/compatibility impact ==
> > * D
-implement
nsslapd-backend-implement: bdb
For new deployment you'd get 'mdb'.
https://www.port389.org/docs/389ds/howto/howto-use-lmdb.html describes
somewhat tersely what you can do in-place.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engi
On Срд, 28 мая 2025, Lennart Poettering wrote:
On Mi, 28.05.25 16:51, Alexander Bokovoy (aboko...@redhat.com) wrote:
> > socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
> > connect(4, {sa_family=AF_UNIX,
sun_path="/run/systemd/userdb/io.systemd.DynamicUser"
On Срд, 28 мая 2025, Lennart Poettering wrote:
On Mi, 28.05.25 12:34, Alexander Bokovoy (aboko...@redhat.com) wrote:
> a group record it will combine a specific userdb group record from one
> backend with the results of a matching GetMemberships() of *all*
> backends and return th
On Срд, 28 мая 2025, Lennart Poettering wrote:
On Mi, 28.05.25 09:43, Alexander Bokovoy (aboko...@redhat.com) wrote:
On Аўт, 27 мая 2025, Lennart Poettering wrote:
> On Di, 27.05.25 14:32, Neal Gompa (ngomp...@gmail.com) wrote:
>
> > The usage of the systemd user management su
0077(admin),
1792600060(ca-kerberos-services-acl-users)
abokovoy@emca:~$ userdbctl groups-of-user abokovoy
No memberships.
I promised you to open a bug for systemd upstream and I've been meaning
to provide you an easy reproducer. Haven't done that yet, sorry.
--
/ Alexander Bokovoy
Sr. Princip
On Аўт, 25 лют 2025, Dmitry Belyavskiy wrote:
On Tue, Feb 25, 2025 at 12:04 PM Peter Boy Uni wrote:
> Am 25.02.2025 um 09:09 schrieb Alexander Bokovoy :
>> ...
>> == Detailed Description ==
>> We are going to build OpenSSL without engine support. Engines are not
&
s/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
Agreed. However, before you do that, we have to rebuild them one last
time to avoid blocking Samba update to 4.22.0-0.1rc1.
Could you please rebuild them in f43-build-side-105065 and
f42-build-side-105181?
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management En
On Суб, 25 сту 2025, Richard W.M. Jones wrote:
On Sat, Jan 25, 2025 at 11:06:43AM +0200, Alexander Bokovoy wrote:
On Суб, 25 сту 2025, Zbigniew Jędrzejewski-Szmek wrote:
>On Fri, Jan 24, 2025 at 01:25:18PM -0300, Rafael Jeffman wrote:
>>Some of these packages might have the same
On Суб, 25 сту 2025, Zbigniew Jędrzejewski-Szmek wrote:
On Sat, Jan 25, 2025 at 11:06:43AM +0200, Alexander Bokovoy wrote:
On Суб, 25 сту 2025, Zbigniew Jędrzejewski-Szmek wrote:
> - if the user shall be shared, let on of the packages define the user
> and have the other packa
idelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engine
On Пан, 13 сту 2025, Pierre-Yves Chibon wrote:
On Mon, Jan 13, 2025 at 11:41:07AM +0200, Alexander Bokovoy wrote:
On Пан, 13 сту 2025, Pierre-Yves Chibon wrote:
> Good Morning Everyone,
>
> We have been emailing daily the following user to notify that the email they
> have set in
;main admins', so
we aren't going to lose those packages.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
devel mailing list -- devel@lists.fedoraproject.org
To u
nduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infr
On Пан, 07 кас 2024, Zdenek Pytela wrote:
On Mon, Oct 7, 2024 at 12:36 PM Alexander Bokovoy
wrote:
On Няд, 06 кас 2024, Zbigniew Jędrzejewski-Szmek wrote:
>On Sat, Oct 05, 2024 at 10:53:16AM +0300, Alexander Bokovoy wrote:
>> Can we move systemd-homed configuration and activa
On Няд, 06 кас 2024, Zbigniew Jędrzejewski-Szmek wrote:
On Sat, Oct 05, 2024 at 10:53:16AM +0300, Alexander Bokovoy wrote:
Can we move systemd-homed configuration and activation into something
that could be explicitly enabled by the administrators? Whether this is
done during installation or
arallel
discussion by Neal). I also see it as a sole contributor to SELinux AVCs
in OpenQA tests we run for FreeIPA use cases.
It would be best to have it explicitly enabled by admins, similarly how
authselect handles various authentication methods.
--
/ Alexander Bokovoy
Sr. Principal Softwar
Hi,
liboauth2 2.0.0 has changed license from AGPL-3.0-only to Apache-2.0.
This is now reflected in Rawhide and will be reflected in F41.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
ng in search engines so we see a lot of SEO spam
trying to boost their own sites' standing against search engines.
[cut off quotes to avoid referring to the SEO links]
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limite
On Пан, 24 чэр 2024, Alexander Bokovoy wrote:
On Няд, 23 чэр 2024, Neal Gompa wrote:
On Sun, Jun 23, 2024 at 11:59 AM Miroslav Suchý wrote:
Dne 23. 06. 24 v 11:50 dop. Leigh Scott napsal(a):
it has made kerberos login much harder
Can you elaborate?
I use Kerberos login without a problem
events you from using 'classic OTP codes' either. It is what
enabled now as 'OTP' and there is no way to find out whether you are
using a hardware token or a software one for TOTP/HOTP. So this is not
changing at all.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Securit
interesting? Should I continue working on it?
Yes, it is definitely an interesting test. Thank you for investing your
time and resources into this.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
_
be able to handle FIDO2 passkey
authentication as well.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscri
ros as well. In practice I have to re-login manually to Fedora
services once a week, pretty much.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
devel mailin
s/kerberos-parameters/kerberos-parameters.xhtml#pre-authentication
[3] https://sssd.io/design-pages/passkey_kerberos.html
[4]
https://freeipa.readthedocs.io/en/latest/designs/external-idp/external-idp.html
[5] https://freeipa.readthedocs.io/en/latest/designs/passkeys.html
--
/ Alexander
On Пан, 24 чэр 2024, Vitaly Zaitsev via devel wrote:
On 24/06/2024 10:45, Alexander Bokovoy wrote:
Can you point me to a discussion where it says it is impossible to
implement that in GOA?
FAS (kinit) should request the OTP code in a separate prompt.
This is not how it works in Kerberos
ould change now?
I have a work in progress branch
https://gitlab.gnome.org/abbra/gnome-online-accounts/-/tree/add-fast-channel-wrap?ref_type=heads
that attempts to implement use of Anonymous PKINIT for the FAST channel
in GOA. I am talking to Ray Strode to get this further upstream.
--
/ Alexander Boko
d=True)
and that should be enough.
Overall, this looks like a two-line change across two projects.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
devel m
ytest plugins (multihost, sourceorder),
also add our own extensions.
I filed an upstream issue to track Pytest 8:
https://pagure.io/freeipa/issue/9571
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Fi
ady implement support for all these methods in a proper way, we
might reuse those to improve Fedora user experience.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
--
___
bmit
support for provider vs engine to Linux kernel upstream).
- signing of shim, grub2, fwupd, and the kernel in the build system
- mokutil
mokutil does not use ENGINE_* APIs at all.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineerin
st_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel-annou...@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management E
min4-7.0/builds/
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On to, 27 huhti 2023, Alexander Bokovoy wrote:
On ke, 26 huhti 2023, Gary Buhrmaster wrote:
On Wed, Apr 26, 2023 at 9:04 AM Alexander Bokovoy wrote:
Hi,
This morning I woke up to find that packages I maintain were orphaned
out of blue. Nobody contacted the maintainers, nobody raised any
On to, 27 huhti 2023, Miro Hrončok wrote:
On 27. 04. 23 12:19, Alexander Bokovoy wrote:
The graph in the packager dashboard is showing that resteasy directly
depends on java-1.8.0-openjdk which is not true.
resteasy (maintained by: cfu, cipherboy, ckelley, edewata, jmagne,
mfargett, mharmsen
On to, 27 huhti 2023, Stephen Smoogen wrote:
On Wed, 26 Apr 2023 at 22:32, Alexander Bokovoy wrote:
On ke, 26 huhti 2023, Kevin Fenzi wrote:
>On Wed, Apr 26, 2023 at 07:23:10PM +0100, Chris Kelley wrote:
>> One thing I still don't understand is why all of our java packages
=
Install 19 Packages
Total download size: 1.6 M
Installed size: 2.4 M
Is this ok [y/N]:
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
de
On ke, 26 huhti 2023, Gary Buhrmaster wrote:
On Wed, Apr 26, 2023 at 9:04 AM Alexander Bokovoy wrote:
Hi,
This morning I woke up to find that packages I maintain were orphaned
out of blue. Nobody contacted the maintainers, nobody raised any tickets
to releng, as far as I can see. Yet, releng
raised the issue https://pagure.io/releng/issue/11406 -- if you also
experienced a similar orphaning, please add your data.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
tails for what the thread claims to happen or never got any follow-up
on the thread to my comments.
This is an experience I want to avoid. If this is what Matthew is
proposing a Fedora development discussions to be, then sorry, this is
not an improvement.
--
/ Alexander Bokovoy
Sr. Principal
y how the
tests will behave against 2.2.0.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send
ocs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_
are/pki/acme/webapps/acme/css/assets/fonts/webfonts/fa-solid-900.woff
dogtag-pki-acme-11.1.0-1.fc36.noarch
# rpm -qf /usr/share/pki/common-ui/fonts/fontawesome-webfont.woff
dogtag-pki-theme-11.1.0-1.fc36.noarch
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management
rt, there are now two articles:
Part 1, where I am talking about Fedora infrastructure aspects:
https://vda.li/en/posts/2022/10/28/FreeIPA-Authentication-Improvements-and-Fedora-Infra/
Part 2, where FreeIPA-specific improvements and details discussed:
https://vda.li/en/posts/2022/10/28/FreeIPA-Authen
On to, 15 syys 2022, Kevin Fenzi wrote:
On Thu, Sep 15, 2022 at 09:26:36AM +0300, Alexander Bokovoy wrote:
Proven packagers seem to be a fair category to address. Also packagers
responsible for security-related bits of the distribution. Compilers?
Well, as others noted in this thread, any
On ke, 14 syys 2022, Kevin Fenzi wrote:
On Wed, Sep 14, 2022 at 05:47:46PM +0300, Alexander Bokovoy wrote:
On ke, 14 syys 2022, Stephen Smoogen wrote:
> On Wed, 14 Sept 2022 at 05:28, Alexander Bokovoy
> wrote:
>
> >
> > Sadly, it cannot be just 'any' certif
On ke, 14 syys 2022, Stephen Smoogen wrote:
On Wed, 14 Sept 2022 at 05:28, Alexander Bokovoy
wrote:
Sadly, it cannot be just 'any' certificate, it has to be issued by a
certificate authority that is trusted by the KDC as well. For example,
by FreeIPA CA which is already ran by
.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.
2 virtual authenticator -- see [2] for example of integrating with
QEMU. This is far from being complete and user-friendly.
[1] https://www.token2.eu/shop/product/token2-t2f2-fido2-and-u2f-security-key
[2] https://github.com/google/OpenSK/issues/485
--
/ Alexander Bokovoy
Sr.
On ma, 05 syys 2022, Vitaly Zaitsev via devel wrote:
On 05/09/2022 17:05, Alexander Bokovoy wrote:
The site blocks access from outside of Russia.
Yes, you need RU proxy to read the original documents. But you can use
your favorite search engine to find "FSB notification" articles i
oogle Translate):
- http://clsz.fsb.ru/clsz/in-out.htm
- http://clsz.fsb.ru/clsz/notif.htm
The site blocks access from outside of Russia.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
__
deployed
or going to be eventually deployed in a containerized way, then probably
focusing on another feature rich open source IdP could be a better
option.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
__
On ti, 30 elo 2022, Adam Williamson wrote:
On Tue, 2022-08-30 at 09:39 +0300, Alexander Bokovoy wrote:
On ma, 29 elo 2022, Adam Williamson wrote:
> On Tue, 2022-08-30 at 00:32 -0400, DJ Delorie wrote:
> > It sounds to me like the problem is "how do we best use the available
>
er earlier but don't
discourage maintainers from participating in a joint development.
Perhaps, The Fedora Packager Dashboard could be extended to pick up
results of tests relevant to your packages and display them together?
This way FreeIPA maintainers can see an overview of all tests related
*not* require the account to be listed in
maintainers or to have commit rights.
Same for ipa-maint account.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing
7:1
end of changes of 'liburing.so.2.0.0'===
I guess we can ignore the added functions as those should always be safe.
The changed function __io_uring_get_cqe is documented in the header
as:
/*
* Helper for the peek/wait single cqe functions. Export
server which moved to
GPLv3-or-later already for some years. The relicensing was agreed with
Red Hat legal for quite some time already, since Red Hat is the only
copyright owner.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited
oject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
>
--
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
On ke, 09 maalis 2022, Daniel P. Berrangé wrote:
On Wed, Mar 09, 2022 at 02:32:48PM +0200, Alexander Bokovoy wrote:
On ke, 09 maalis 2022, Daniel P. Berrangé wrote:
> On Wed, Mar 09, 2022 at 10:46:21AM +0100, Alexander Sosedkin wrote:
> > On Wed, Mar 9, 2022 at 10:20 AM Daniel P.
lly, Kerberos is one of those protocols and MIT Kerberos is one
of those implementations which currently forced to use SHA-1 due to
interoperability issues and also due to compliance with RFCs.
In the context of Fedora development, for example, use of Anonymous
PKINIT requires usage of SHA-1 in PKINIT p
onduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
/ Alexander Bokovo
https://bugzilla.redhat.com/show_bug.cgi?id=2048909
I guess we need to fix krb5 this way too.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.o
On ke, 22 joulu 2021, Alexander Bokovoy wrote:
On ke, 22 joulu 2021, Mat Booth wrote:
On Tue, 21 Dec 2021 at 14:35, Alexander Bokovoy wrote:
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break.
Have you tried building
On ke, 22 joulu 2021, Mat Booth wrote:
On Tue, 21 Dec 2021 at 14:35, Alexander Bokovoy wrote:
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break.
Have you tried building tomcat without wsdl? I can't see where i
On ti, 21 joulu 2021, Miro Hrončok wrote:
On 21. 12. 21 15:33, Alexander Bokovoy wrote:
wsdl4j akurtakov, mizdebsk, orphan 2 weeks ago
I picked up wsdl4j to prevent actions which would lead to tomcat, Dogtag, and
FreeIPA being orphaned over Christmas break
ripts/find_unblocked_orphans.py
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to dev
we have group merging in effect in glibc, please do not treat a
user present in wheel group but missing in /etc/shadow as something
extra-ordinary. It is a normal situation when you have users in the
centralized identity store like FreeIPA or Samba AD.
--
/ Alexander Bokovoy
Sr. Principal Software
uct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
--
/ Alexander Bokovoy
Sr. Principal Softwa
as. Ipsilon would be the
server-side aspect of it, we don't have any client-side integration
(sssd, gdm/sddm, etc.)
We are working on that part for SSSD and FreeIPA. Not production ready
yet but aim to have something testable later this year. In a prototype
we have it is possible to authenticate
nfigurations is even less secure than
relying on NTLM in SMB protocol.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To uns
provides NIS
support. It is going to be supported in RHEL 9 and I'd like to keep NIS
part supported in Fedora as well for some time. This only requires
existence of libnsl2.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finl
understanding is that this is an
intermediate step which should have better be done in a sidetag. So we
can expect broken FreeIPA in Rawhide until this issue is solved by
Dogtag team.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited
idering to remove it completely in future as
well.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send
tracker:
https://pagure.io/fedora-ci/general/issues
"""
How on earth are we supposed to figure out what annocheck doesn't like?
There's 185328 bytes of "Standard Output" that follows…
Zbyszek
___________
devel mailing list -- devel@lists.fedor
to use pip, make sure you are doing so within a virtual
environment, e.g. with venv or similar constructs. This ensures whatever
was installed is self-consistent with regards to the source where it
came from.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Managemen
On ti, 15 kesä 2021, Petr Viktorin wrote:
On 14. 06. 21 20:09, Alexander Bokovoy wrote:
On ma, 14 kesä 2021, Ben Cotton wrote:
[...]
PyPI Parity
Machine-readable metadata (''distribution'' names in
dist-info directories on disk and the corresponding
python3.Xdi
On ma, 14 kesä 2021, Adam Williamson wrote:
On Mon, 2021-06-14 at 15:40 +0300, Alexander Bokovoy wrote:
>
> The fact that this blocks FreeIPA was indeed only discovered by chance
> while the side tag rebuild was already in progress (and about to be
> merged). I wonder haw can we
g practices
and better integrate with the wider Python ecosystem
(specifically, the Python Package Index).
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
___
devel mailing list -- devel@lists.fedoraproject.org
esting at the Bodhi update
time for a reason.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-
On ma, 14 kesä 2021, Miro Hrončok wrote:
On 14. 06. 21 13:40, Alexander Bokovoy wrote:
On ma, 14 kesä 2021, Victor Stinner wrote:
Congrats, that's amazing! :-) Let's fix remaining broken packages!
Right now the biggest broken package to us (FreeIPA) is mod_wsgi which
relied on Py
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/
whide
would be in Rawhide compose, that test should succeed.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
devel mailing list -- devel@lists.fedoraproject.org
To unsu
edora, that makes a need for unified delivery
approach prioritized and any deviations are much harder to handle.
[1] https://github.com/dogtagpki/pki/issues/3553
[2] https://fedoraproject.org/wiki/KojiMavenSupport
[3] https://fedoraproject.org/wiki/Talk:KojiMavenSupport
--
/ Alexander Bokovoy
Sr. Pr
On la, 24 huhti 2021, Kevin Fenzi wrote:
On Sat, Apr 24, 2021 at 12:12:19PM +0300, Alexander Bokovoy wrote:
On Пт, 23 апр 2021, Kevin Fenzi wrote:
> On Fri, Apr 23, 2021 at 07:40:14AM +0200, Miroslav Suchý wrote:
> > I have been using 2FA with the new Fedora Account system and
am typically issuing Fedora tickets for a week-long
period, so I only need to run the kinit sequence once a week and then
SSSD/GNOME Accounts tools are refreshing it every 8 hours automatically.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red
On to, 01 huhti 2021, Kevin Fenzi wrote:
On Thu, Apr 01, 2021 at 01:50:40PM +0300, Alexander Bokovoy wrote:
This split of fields in FreeIPA Web UI exists since FreeIPA 4.0 which
was part of early RHEL 7 deliveries (the code for separate OTP field was
added in 2014).
There is nothing specific
On ti, 30 maalis 2021, Kevin Fenzi wrote:
On Tue, Mar 30, 2021 at 09:30:33AM +0300, Alexander Bokovoy wrote:
Could you please explain where you want to do it? Noggin (Fedora
Accounts app) does handle the login itself, not FreeIPA. In the context
of what Fedora contributors interact with
you'd need to create a bodhi
update yourself for this side-tag.
This gives you back all the control but with an overhead of a side-tag.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limite
method that
would still be secure against others. In FreeIPA nobody, including
administrators, is able to discover the user's password from a hashed
form.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
___
Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it:
https://pagure
ose it's still a bug so thanks
for filing one.
If I understand it correctly, you caught a state in the middle of
upgrades. Ipsilon IdP was actually reconfigured to use FreeIPA-provided
data and some of attribute mappings did change which required
modifications.
--
/ Alexander Bokovoy
Sr.
account is mandatory per:
https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Create_a_Bugzilla_Account
kir is maintainer of rpms/runc
Does anyone know how to contact kir?
Yes, I asked Kir to respond.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity
On ti, 02 maalis 2021, Zbigniew Jędrzejewski-Szmek wrote:
On Tue, Mar 02, 2021 at 11:29:21AM +0200, Alexander Bokovoy wrote:
On ma, 01 maalis 2021, Lennart Poettering wrote:
>On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
>
>>> 1. Dots (".") fo
On ti, 02 maalis 2021, Ed Greshko wrote:
On 02/03/2021 06:03, Lennart Poettering wrote:
On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
Digital Ocean updates pushed with cloud-init use. Cloud-init does not
have any native support for systemd-resolved. It means it writes
On ma, 01 maalis 2021, Lennart Poettering wrote:
On Fr, 26.02.21 21:01, Alexander Bokovoy (aboko...@redhat.com) wrote:
> 1. Dots (".") for separating IPV4 address bytes
> 2. Colons (":") for separating IPv6 address parts, as well as separating
> port numbers fro
On pe, 26 helmi 2021, Lennart Poettering wrote:
On Mi, 24.02.21 22:08, Alexander Bokovoy (aboko...@redhat.com) wrote:
I think one of the issues reported in the discussion you mention was
that systemd-resolved considered invalid a DNS= line where addresses
were separated by a comma rather than
1 - 100 of 295 matches
Mail list logo
