summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Change default gecos from uid to first and last name.Rob Crittenden2011-04-058-16/+16
| | | | ticket 1146
* Initial Selenium test cases.Endi S. Dewata2011-03-31106-0/+6324
| | | | http://www.freeipa.org/page/Selenium
* code review fixesAdam Young2011-03-3119-142/+124
| | | | this version includes using spec for detail_facets
* default all falseAdam Young2011-03-313-7/+15
| | | | no longer default to all: true for searches, only specify it for user searches
* define entities using builder and more declarative syntaxAdam Young2011-03-3129-2692/+1769
| | | | | | merged hbac and sudo in to single files associaton facet and table supports linking
* update metadata with label changesAdam Young2011-03-311-195/+234
|
* Fixed labels for sudo and hbac rulesAdam Young2011-03-312-2/+2
|
* Add note about ipa-dns-install to ipa-server-install man page.Jan Cholasta2011-03-311-0/+7
| | | | ticket 1082
* Cache the value of get_ipa_config() in the request context.Rob Crittenden2011-03-311-0/+7
| | | | | | | | There are some operations that fetch the configuration multiple times. This will return a cached value instead of getting it from LDAP over and over. ticket 1023
* Escape LDAP characters in member and memberof searchesJr Aquino2011-03-311-2/+4
| | | | https://fedorahosted.org/freeipa/ticket/1140
* Make retrieval of the CA during DNS discovery non-fatal.Rob Crittenden2011-03-301-1/+2
| | | | ticket 1135
* Allow a client to enroll using principal when the host has a OTPRob Crittenden2011-03-301-0/+18
| | | | | | | | | If the host has a one-time password but krbPrincipalName wasn't set yet then the enrollment would fail because writing the principal is not allowed. This creates an ACI that only lets it be written if it is not already set. ticket 1075
* Replica installation fails for self-signed serverMartin Kosek2011-03-301-1/+2
| | | | | | | When IPA server was configured as self-signed (--selfsign option) the replica always failed to install. https://fedorahosted.org/freeipa/ticket/1122
* Fixed undefined label in permission adder dialog box.Endi S. Dewata2011-03-291-0/+3
| | | | | | | The IPA.rights_widget was fixed to invoke the base init() method to load the i18n labels properly. Ticket 1113
* Inconsistent error message for duplicate userMartin Kosek2011-03-291-1/+1
| | | | | | | | When duplicate user is added an inconsistent error message to the rest of the framework is printed. This patch changes this to standard duplicate error message. https://fedorahosted.org/freeipa/ticket/1116
* Fix wording of error message.Jan Cholasta2011-03-291-1/+1
| | | | ticket 1009
* Fix gidnumber option of user-add command.Pavel Zuna2011-03-291-14/+16
| | | | Ticket #1127
* Fix resource leaks.Simo Sorce2011-03-281-0/+2
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/1119
* Become IPA 2.0.0release-2-0-0Rob Crittenden2011-03-241-1/+1
|
* Fix uninitialized variable.Simo Sorce2011-03-241-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/1118
* Prevent stacktrace when DNS AAAA record is addedMartin Kosek2011-03-221-1/+1
| | | | | | | | | This patch fixes a stacktrace that is printed out when a IPv6 AAAA record with subnet prefix length (e.g. /64) is added. The same error message as when IPv4 record with subnet prefix length is used. https://fedorahosted.org/freeipa/ticket/1115
* Wait for Directory Server ports to openMartin Kosek2011-03-213-12/+34
| | | | | | | | | | | When Directory Server operation is run right after the server restart the listening ports may not be opened yet. This makes the installation fail. This patch fixes this issue by waiting for both secure and insecure Directory Server ports to open after every restart. https://fedorahosted.org/freeipa/ticket/1076
* Automatically update IPA LDAP on rpm upgradesRob Crittenden2011-03-215-41/+103
| | | | | | | | | | | | | | | Re-enable ldapi code in ipa-ldap-updater and remove the searchbase restriction when run in --upgrade mode. This allows us to autobind giving root Directory Manager powers. This also: * corrects the ipa-ldap-updater man page * remove automatic --realm, --server, --domain options * handle upgrade errors properly * saves a copy of dse.ldif before we change it so it can be recovered * fixes an error discovered by pylint ticket 1087
* Removed nested role from UI.Endi S. Dewata2011-03-181-2/+1
| | | | | | | | | Nested role is not supported in 2.0.x, so the association facet for it should be removed from the UI. The attribute_members in role.py needs to be fixed because it is used to generate the association facet automatically. Ticket 1092.
* pwpolicy priorityAdam Young2011-03-181-2/+3
| | | | | | Priority is now a required field in order to add a new password policy. Thus, not having the field present means we cannot create one. https://fedorahosted.org/freeipa/ticket/1102
* Update translation file (ipa.pot).Pavel Zuna2011-03-181-955/+6091
|
* Removed wrong timeout parameterSylvain Baubeau2011-03-182-1/+2
| | | | | | https://fedorahosted.org/freeipa/ticket/1086 Add Sylvain Baubeau to Contributors.txt
* Ensure that the system hostname is lower-case.Rob Crittenden2011-03-182-5/+11
| | | | ticket 1080
* Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.Rob Crittenden2011-03-157-43/+99
| | | | | | | | | | | | | | | | This fixes 2 AVCS: * One because we are enabling port 7390 because an SSL port must be defined to use TLS On 7389. * We were symlinking to the main IPA 389-ds NSS certificate databsae. Instead generate a separate NSS database and certificate and have certmonger track it separately I also noticed some variable inconsistency in cainstance.py. Everywhere else we use self.fqdn and that was using self.host_name. I found it confusing so I fixed it. ticket 1085
* Always consider domain and server when doing DNS discovery in client.Rob Crittenden2011-03-151-8/+4
| | | | | | | | | When not on master we weren't passing in the user-supplied domain and server. Because of changes made that require TLS on the LDAP calls we always need the server name early in the process to retrieve the IPA CA certificate. ticket 1090
* Domain to RealmSimo Sorce2011-03-141-10/+15
| | | | | | | | Explicitly use the realm specified on the command line. Many places were assuming that the domain and realm were the same. https://bugzilla.redhat.com/show_bug.cgi?id=684690 https://fedorahosted.org/freeipa/ticket/1091
* Become IPA v2 RC 3 (2.0.0.rc3)rc_3-2-0-0Rob Crittenden2011-03-101-1/+1
|
* Use TLS for dogtag replication agreements.Rob Crittenden2011-03-103-7/+91
| | | | | | | | Configure the dogtag 389-ds instance with SSL so we can enable TLS for the dogtag replication agreements. The NSS database we use is a symbolic link to the IPA 389-ds instance. ticket 1060
* Fixed self service page.Endi S. Dewata2011-03-083-8/+31
| | | | | Collaborated with ayoung to fix this problem: https://fedorahosted.org/freeipa/ticket/1070
* ipa-dns-install script failsMartin Kosek2011-03-081-1/+1
| | | | | | | This patch fixes a typo in class Service, function __get_conn which causes ipa-dns-install script to fail every time. https://fedorahosted.org/freeipa/ticket/1065
* chkconfig the ipa service off when it is uninstalled.Rob Crittenden2011-03-081-0/+2
| | | | ticket 1056
* If --hostname is provided for ipa-client-install use it everywhere.Rob Crittenden2011-03-082-13/+134
| | | | | | | | | | | | | | | | | | | If a hostname was provided it wasn't used to configure either certmonger or sssd. This resulted in a non-working configuration. Additionally on un-enrollment the wrong hostname was unenrolled, it used the value of gethostname() rather than the one that was passed into the installer. We have to modify the CA configuration of certmonger to make it use the right principal when requesting certificates. The filename is unpredicable but it will be in /var/lib/certmonger/cas. We need to hunt for ipa_submit and add -k <principal> to it, then undo that on uninstall. These files are created the first time the certmonger service starts, so start and stop it before messing with them. ticket 1029
* Always try to stop tracking the server cert when uninstalling client.Rob Crittenden2011-03-081-10/+13
| | | | | | | | | | | stop_tracking() is robust enough to do the right thing if no certificate exists so go ahead and always call it. If the certificate failed to be issued for some reason the request will still in certmonger after uninstalling. This would cause problems when trying to reinstall the client. This will go ahead and always tell certmonger to stop tracking it. ticket 1028
* Improve error handling and return status codes in ipactlMartin Kosek2011-03-071-30/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | There are cases when ipactl returns success even when it fails. Plus, when the error really is detected the status codes are not LSB compliant. This may result in consequent issues. This patch improves error handling in ipactl and adds LSB compliant status codes. Namely: 0 program is running or service is OK 3 program is not running 4 program or service status is unknown for "status" action. Status code 4 is issued when IPA is not configured to distinguish this state from not running IPA. For other actions, the following non-zero status codes are implemented: 1 generic or unspecified error 2 invalid or excess argument(s) 4 user had insufficient privilege 6 program is not configured https://fedorahosted.org/freeipa/ticket/1055
* Add Transifex tx client configuration fileJohn Dennis2011-03-071-0/+8
|
* Fixed memory leak caused by certificate dialogs.Endi S. Dewata2011-03-072-252/+204
| | | | Ticket 1054
* Fixed memory leak caused by IPA.error_dialog.Endi S. Dewata2011-03-062-27/+29
| | | | Ticket 1054
* Fixed memory leak caused by DNS record deleter dialog.Endi S. Dewata2011-03-041-56/+74
| | | | Ticket 1054
* Fixed memory leak caused by DNS record adder dialog.Endi S. Dewata2011-03-041-48/+62
| | | | Ticket 1054
* Fixed memory leak caused by reset password dialog.Endi S. Dewata2011-03-041-42/+75
| | | | Ticket 1054
* Fixed memory leak caused by is_dirty dialogs.Endi S. Dewata2011-03-042-27/+26
| | | | Ticket 1054
* Fixed memory leak caused by IPA.dialog.Endi S. Dewata2011-03-041-6/+8
| | | | Ticket 1054
* Update API to reflect doc change in force parameter in dnszone_addRob Crittenden2011-03-041-1/+1
|
* Fixed host enrollment timeEndi S. Dewata2011-03-041-6/+6
| | | | | | | | The month in krblastpwdchange (LDAP Generalized Time) is 1-based but the month in JavaScript Date.setUTCFullYear() is 0-based so it needs a conversion. Ticket 1053
* Fix style and grammatical issues in built-in command help.Rob Crittenden2011-03-0422-195/+222
| | | | | | | There is a rather large API.txt change but it is only due to changes in the doc string in parameters. ticket 729
generated by cgit (git 2.34.1) at 2024-06-25 23:20:45 +0000