URL: https://github.com/freeipa/freeipa/pull/3331
Author: stanislavlevin
Title: #3331: Make use of single configuration point for SELinux
Action: opened
PR body:
"""
For now, FreeIPA supports SELinux things as they are in RedHat/Fedora.
But different distributions may have their own SELinux customizations.
This moves SELinux configuration out to platform constants:
- SELINUX_MCS_MAX
- SELINUX_MCS_REGEX
- SELINUX_MLS_MAX
- SELINUX_MLS_REGEX
- SELINUX_USER_REGEX
- SELINUX_USERMAP_DEFAULT
- SELINUX_USERMAP_ORDER
and applies corresponding changes to the test code.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3331/head:pr3331
git checkout pr3331
URL: https://github.com/freeipa/freeipa/pull/3346
Author: serg-cymbaluk
Title: #3346: [Backport][ipa-4-7] WebUI: Fix automount maps pagination
Action: opened
PR body:
"""
This PR was opened automatically because PR #3308 was pushed to master and backport to ipa-4-7 is required.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3346/head:pr3346
git checkout pr3346
URL: https://github.com/freeipa/freeipa/pull/3339
Author: abbra
Title: #3339: WIP: SMB user attributes
Action: opened
PR body:
"""
This is a variation of the pull request #2983, now that SMB service support is merged. I fixed a number of issues there and spent some time on rethinking how this set of attributes should be called.
I added an experimental code to hide SMB user attributes if there is no `ipaNTUserAttrs` object class in the list of object classes for the user account. You cannot create them without adding the object class and you cannot add this object class without adding `ipaNTSecurityIdentifier`. Right now `ipaNTSecurityIdentifier` added on user creation if `ipa-adtrust-install` was run at least on one IPA master. Alternatively, it is added with `ipa-adtrust-install --add-sids` run.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3339/head:pr3339
git checkout pr3339
URL: https://github.com/freeipa/freeipa/pull/3344
Author: serg-cymbaluk
Title: #3344: [Backport][ipa-4-7] WebUI: Disable 'Unlock' action for users with no password
Action: opened
PR body:
"""
This PR was opened automatically because PR #3327 was pushed to master and backport to ipa-4-7 is required.
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3344/head:pr3344
git checkout pr3344
URL: https://github.com/freeipa/freeipa/pull/3288
Author: flo-renaud
Title: #3288: dnsrecord-mod: allow to modify ttl without passing the record
Action: opened
PR body:
"""
### dnsrecord-mod: allow to modify ttl without passing the record
The command `ipa dnsrecord-mod <zone> <record> --ttl ` requires to provide at least one record to modify. When none is specified, it prompts by proposing each of the existing records, for instance:
```
$ ipa dnsrecord-mod ZZZZZ.org ns11 --ttl=86400
No option to modify specific record provided.
Current DNS record contents:
A record: xxx.xxx.xxx.xxx
AAAA record: xxxx:xx
Modify A record 'xxxx.xxxx.xxxx.xxxx'? Yes/No (default No):
Modify AAAA record 'xxxx:xx'? Yes/No (default No):
ipa: ERROR: No options to modify a specific record provided.
```
The admin should be able to modify the TTL value without re-entering the record information. The issue happens because of an internal check that forgot to consider 'dnsttl' as a valid standalone modification.
Fixes: https://pagure.io/freeipa/issue/7982
### XMLRPC tests: add new test for ipa dsnrecord-mod $ZONE $RECORD --ttl
The test suite did not have any test for modification of the TTL of an existing DNS record.
Related: https://pagure.io/freeipa/issue/7982
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3288/head:pr3288
git checkout pr3288