-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 22.10.2014 13:43, Honza Horak wrote:
> Fedora lacks integration testing (unit testing done during build
> is not enough). Taskotron will be able to fill some gaps in the
> future, so maintainers will be able to set-up various tasks after
> their c
On 24.06.2015 02:01, Jan Kurik wrote:
> = Proposed System Wide Change: jQuery =
> https://fedoraproject.org/wiki/Changes/jQuery
>
> Change owner(s): T.C. Hollingsworth com>
>
> jQuery is a fast, small, and feature-rich JavaScript library. It
> makes things like HTML document traversal and manip
On 26.06.2015 22:53, Kevin Fenzi wrote:
> On Fri, 26 Jun 2015 16:21:02 -0400
> Matthias Clasen wrote:
>
>> But passwords and passphrases are not all the same shape or color -
>> the requirements for a password you want to use for ssh login over the
>> internet are quite different from ones for a
On 30.06.2015 11:24, Tomas Hozza wrote:
> On 26.06.2015 17:13, Matthias Clasen wrote:
>> On Tue, 2015-06-23 at 18:43 +0200, Tomas Hozza wrote:
>>
>> Hey, I was out for a week, so this may be a bit of a late reply.
>>
>> As Michael and Bastien already stated, all the GNOME networking UI
>> relies on
On 30.06.2015 13:53, Bastien Nocera wrote:
>
>
> - Original Message -
>> On 30.06.2015 11:24, Tomas Hozza wrote:
>
>>> It means that the site of your bank you are on may not be provided the
>>> actual host you should be connected to, but instead by some attacker's.
>>> The insecure mode
On 30.06.2015 16:50, Tomas Hozza wrote:
>
>
> On 30.06.2015 16:07, Michael Catanzaro wrote:
>> On Tue, 2015-06-30 at 14:23 +0200, Tomas Hozza wrote:
>>> Except that this is exactly what we DON'T want to do. DNSSEC is an
>>> extension of DNS and it can be used even without the need for the
>>> wh
Many of the polkit policy files services ship in Fedora have lines that
look like this:
no
no
auth_admin_keep
The no prevents use of the service from remote
sessions such as ssh or Cockpit.
The poorly named tag controls the default policy for users
logged in from any
On 05.05.2014 13:58, Hans de Goede wrote:
> Hi,
>
> On 05/05/2014 11:47 AM, Stef Walter wrote:
>> Many of the polkit policy files services ship in Fedora have lines that
>> look like this:
>>
>>
>> no
>> no
>> auth_admin_ke
On 05.05.2014 14:44, Nikos Mavrogiannopoulos wrote:
> On Mon, 2014-05-05 at 14:21 +0200, Stef Walter wrote:
>
>>>> The no prevents use of the service from remote
>>>> sessions such as ssh or Cockpit.
>>>>
>>>> The poorly named tag controls th
at_console="true" (or similar) in a DBus policy file uses pam_console to
try to limit sending of messages to a DBus service.
This is an old relic from before polkit. Many distros that don't
implement it, or implement it completely differently. Last time I heard,
kdbus won't support it.
NetworkMan
On 06.05.2014 15:36, Richard W.M. Jones wrote:
> On Fedora 20, I'm seeing this list:
>
> /etc/dbus-1/system.d/bluetooth.conf: bluez-0:5.12-1.fc20.x86_64
> /etc/dbus-1/system.d/com.redhat.NewPrinterNotification.conf:
> system-config-printer-libs-0:1.4.3-2.fc20.noarch
> /etc/dbus-1/system.d/com.red
On 03.07.2014 15:39, Rex Dieter wrote:
> I'm looking into providing a predefined firewalld service definition for
> kde-connect, per
> https://bugzilla.redhat.com/show_bug.cgi?id=1115547
>
> Looks like it's as easy as dropping an xml snippet into
> /usr/lib/firewalld/services/
>
> I'm also noti
On 17.11.2015 02:39, Stephen Gallagher wrote:
> (Please keep responses on the devel@ list; I've set it in the Reply-To.)
>
> To jump right to the premise: The default Fedora Server install is Way
> Too Big(TM) and the minimal install (also available on the Fedora
> Server install media) is also To
In case you're interested, there's an Active Directory integration test
day for Fedora 18. Testing stuff like sssd and realmd with Active Directory.
http://fedoraproject.org/wiki/Test_Day:2012-10-18_Active_Directory
I'll be trying to get an Active Directory domain setup. But if you want
to set
In Fedora 17 and 18 we have a problem where remote users are unable to
log in until the machine has been rebooted. This used to work
previously. To fix this we probably need to:
Include 'sss' in /etc/nsswitch.conf by default and have the small
sssd-client package (with just thepam, nss plugins
On 10/17/2012 06:21 PM, Miloslav Trmač wrote:
That's rather far from actually fixing the problem. Can we get it
fixed_first_? It seems that we could drop the glibc caching,
Obviously dropping the caching would be pretty nasty. Having to dlopen
the modules each time you do a getpwnam() (or fr
On 10/17/2012 07:02 PM, Simo Sorce wrote:
> This will take time however, in the meanwhile it would be really nice if
> we could do it the simple way by just adding sss by default until a
> better solution is found.
I've posted a patch to do this at the bug:
https://bugzilla.redhat.com/show_bug.cg
On 12.07.2013 20:28, Toshio Kuratomi wrote:
> On Wed, Jul 10, 2013 at 01:22:37PM +0200, Jaroslav Reznik wrote:
>>
>> Because not all crypto implementations read their trusted information
>> directly
>> from the dynamic database, the tool will take care of extracting things as
>> appropriate after
day test cases.
Cheers,
Stef
On 03/21/2013 01:40 PM, Stef Walter wrote:
> Hi all,
>
> You can now try out the Shared System Certificates feature in Fedora 19.
>
> The goal of this feature is to have nearly all crypto libraries use the
> same default source for their trusted
On 30.04.2013 17:49, Eugene A. Pivnev wrote:
> 30.04.2013 19:26, David Howells:
>> Eugene Pivnev wrote:
>>
>>> 3. rpm -qa | grep gnome | xargs sudo yum remove
>>> * git (???)
>> gitk, I imagine.
>>
>> David
> BTW - try to remove libgnome-keyring.
> I'm surprised:
> * PyQt4
> * git
> * gvfs
> * kde
On 04.05.2013 07:26, Michael Cronenworth wrote:
> On 05/03/2013 03:08 PM, Reartes Guillermo wrote:
>> I think that the previous behaviour was better. (covering the password
>> with bullets).
>>
>> At least the phones only show one character at a time, not the whole
>> password.
>
> GTK shows every
On 06.05.2013 18:38, Adam Williamson wrote:
> On Mon, 2013-05-06 at 11:43 -0400, Rahul Sundaram wrote:
>> On 05/06/2013 10:48 AM, Miloslav Trmač wrote:
>>
>>>
>>> On Sat, May 4, 2013 at 6:31 AM, Rahul Sundaram wrote:
>>> On 05/04/2013 12:24 AM, Eric Sandeen wrote:
>>> On the
On 06.05.2013 21:51, Adam Williamson wrote:
> On Mon, 2013-05-06 at 21:37 +0200, Stef Walter wrote:
>> On 06.05.2013 18:38, Adam Williamson wrote:
>>> On Mon, 2013-05-06 at 11:43 -0400, Rahul Sundaram wrote:
>>>> On 05/06/2013 10:48 AM, Miloslav Trmač wrote:
>>&
On 22.05.2013 03:32, Simo Sorce wrote:
> Also I think realmd has no way to set pure LDAP accounts (RHDS,
> OpenLDAP, ...).
Right, it doesn't yet have that ability. But realmd can gain the ability
to configure other sources than the Active Directory and FreeIPA
providers it currently supports.
Tha
On 04.06.2013 15:34, Simo Sorce wrote:
> On Tue, 2013-06-04 at 09:02 -0400, Stephen Gallagher wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> On 06/03/2013 09:07 PM, Adam Williamson wrote:
>>> We all know what devel@ does best, so let's fire up the power of
>>> the bikeshedding mac
On 05.06.2013 17:38, Simo Sorce wrote:
> On Wed, 2013-06-05 at 16:55 +0200, Stef Walter wrote:
>> On 04.06.2013 15:34, Simo Sorce wrote:
>>> On Tue, 2013-06-04 at 09:02 -0400, Stephen Gallagher wrote:
>>>> -BEGIN PGP SIGNED MESSAGE-
>>>> Hash: S
On 04.06.2013 17:44, Adam Williamson wrote:
> On Tue, 2013-06-04 at 10:26 -0400, Przemek Klosowski wrote:
>
>> For what it's worth, remote authentication is increasingly important
>> where I sit, so everything that makes it easier to set up is welcome. As
>> of now, my cheat sheet for older Fedo
On 10.06.2013 23:35, David Woodhouse wrote:
> On Sun, 2013-06-09 at 09:24 +0930, Glen Turner wrote:
>>
>> I'd also strongly encourage a design which makes it easy for a
>> corporate-issued RPM to configure the authentication. For an example of
>> something wonderful, NetworkManager has a one-file-p
On 17.06.2013 13:22, David Woodhouse wrote:
> On Tue, 2013-06-11 at 07:47 +0200, Stef Walter wrote:
>>> even special locations for *particularly* braindamaged applications
>>> (pidgin).
>>
>> Hmmm, we should probably fix that one to use the central stuff. David,
On 17.06.2013 20:44, Przemek Klosowski wrote:
> On 06/05/2013 03:37 PM, Stef Walter wrote:
>
>> What does work, and has been tested is logging in as root and simply
>> typing this:
>>
>> realm join mydomain.com
>
> I filed https://bugzilla.redhat.com/show_bug.
On 09.07.2013 15:30, Kai Engert wrote:
> A manual page is now available that describes the new
> Shared-System-Certificates feature.
>
> It's contained in this new build for F19:
> https://admin.fedoraproject.org/updates/ca-certificates-2012.87-10.4.fc19
> (and in rahide, too).
>
> man update-ca-
On 01/24/2013 09:12 AM, Florian Weimer wrote:
> On 01/23/2013 04:05 PM, Jaroslav Reznik wrote:
>
>> OpenSSL: p11-kit tool will extract trusted certificate PEM blocks
>> from the
>> PKCS#11 trust module.
>> These extracted certificates will be placed in a location so
>> that
On 01/25/2013 04:19 PM, Florian Weimer wrote:
> On 01/24/2013 12:30 PM, Stef Walter wrote:
>
>> So yes, as noted in the 'Detailed Description' of the feature, long term
>> we hope to follow this up with further work to make all the crypto
>> libraries be able
On 01/30/2013 12:14 PM, "Jóhann B. Guðmundsson" wrote:
> On 01/30/2013 10:08 AM, Martin Sivak wrote:
>> Hi,
>>
When I install a freeipa server I do not want firstboot because I
am not
going to create local users anyway. I am going to install freeipa
and
then create users in
On 01/31/2013 07:57 PM, Ken Dreyer wrote:
> On Thu, Jan 31, 2013 at 4:47 AM, Jaroslav Reznik wrote:
>> Kerberos clients can optionally verify reverse DNS records for services that
>> they connect to as a way of trying to identify which realm they belong to.
>> However in many cases these do not ex
s/LessBrittleKerberos =
> https://fedoraproject.org/wiki/Features/LessBrittleKerberos
>
> Feature owner(s): Stef Walter <mailto:st...@redhat.com>>
>
> Make kerberos in Fedora simpler to use by removing some of the
> brittleness
> that are common fa
On 02/04/2013 06:28 AM, Kevin Kofler wrote:
> M. Edward (Ed) Borasky wrote:
>> I love GNOME 3 and detest KDE 4. I've tried MATE and Cinnamon on both
>> Linux Mint and Fedora and don't really see the point of either of them
>> as long as GNOME 3 offers fallback mode.
>
> Fallback mode is going away
On 02/14/2013 06:35 PM, Hans de Goede wrote:
> Hi,
>
> On 02/14/2013 01:28 PM, Bastien Nocera wrote:
>> On Thu, 2013-02-14 at 10:53 +0100, Michael Schwendt wrote:
>>> On Thu, 14 Feb 2013 03:49:23 +0100, Kevin Kofler wrote:
>>>
DJ Delorie wrote:
> Disadvantage, if you ask me. First thing
On 03/12/2013 08:17 PM, Till Maas wrote:
> On Tue, Mar 12, 2013 at 12:47:07AM -0400, Digimer wrote:
>> On 03/12/2013 12:41 AM, Charles Zeitler wrote:
>>> i don't like giving up control over my machine (partitioning),
>>> so i won't be upgrading to Fedora 18.
>>> i'll watch the web site for a return
Hi all,
You can now try out the Shared System Certificates feature in Fedora 19.
The goal of this feature is to have nearly all crypto libraries use the
same default source for their trusted certificate authority anchors and
blacklist. Adding a new trusted certificate authority can now be done in
On 03.12.2016 13:50, Nathaniel McCallum wrote:
> So apparently yubico-piv-tool ships $libdir/libykpkcs11.so*, but this
> doesn't get picked up by p11-kit by default. I suspect it has gone
> unnoticed largely because for most crucial operations the opensc
> module also works with Yubikeys. However,
gt; https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/c...@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> h
42 matches
Mail list logo
