| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Hard-coded messages through out the code have been replaced by i18n
messages obtained from json_metadata and i18n_messages.
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/991
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This creates a new custom attribute, memberofindirect_[plugin].
Using this you can tell the difference between being an actual memberof
another entry and being a memberof as the result if inheritence. This is
particularly useful when trying to remove members of an entry, you can
only remove direct members.
I had to add a couple of short sleep calls to make things work a little
better. The memberof plugin runs as a postop and we have no way of knowing
when it has done its work. If we don't pause we may show some stale
data that memberof hasn't updated yet. .3 seconds is an arbitrary choice.
ticket 966
|
| |
|
|
|
|
| |
ticket 962
|
|
|
|
|
|
| |
The man tool I use, manedit, also excepted all dashes. Seems benign.
ticket 803
|
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/784
https://fedorahosted.org/freeipa/ticket/786
https://fedorahosted.org/freeipa/ticket/787
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/977
|
| |
|
|
|
|
|
|
| |
The json_metadata() has been updated to return ipa.Objects and
ipa.Methods. The i18n_messages() has been updated to include other
messages that are not available from the metadata.
|
|
|
|
|
|
|
| |
Previously the user's city parameter is defined to use the 'locality'
attribute. This was a problem because the attribute would be returned
as 'l' by the directory server causing a mismatch. Now the parameter
has been changed to use the 'l' attribute.
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/831
|
|
|
|
|
|
|
|
|
|
|
| |
When enabling replication we make an SSL connection. I think the way
this goes is python-ldap -> openldap -> NSS. It may be a problem in
the openldap SSL client, maybe it isn't calling NSS_Shutdown(). In any
case if we use ldapi instead the problem goes away.
Back out the temporary code to ignore nss_shutdown errors.
ticket 965
|
|
|
|
|
|
|
|
|
|
|
| |
Many WebUI identifiers were defined in a global namespace. This is
not a good programming practice and may result in name clashes,
for example with other libraries.
This patch moves these variables to IPA namespace or its
sub-namespaces, when meaningful.
https://fedorahosted.org/freeipa/ticket/212
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the UUID plug-in generates a value that is used in the RDN
of the entry being added, the old DN is free'd and replaced with
the new DN. The problem is that the operation in the pblock holds
a pointer to the old DN address. This can cause other plug-ins to
reference garbage, leading to incorrect results or crashes. This
was causing the attribute uniqueness plug-in to not work correctly,
resulting in duplicate netgroup entries.
The fix is to have the UUID plug-in reset the target DN after
changing the DN of the entry to be added.
ticket 963
|
|
|
|
| |
Fixes: https://fedorahosted.org/freeipa/ticket/935
|
| |
|
|
|
|
|
|
| |
Add the server we registered with as a fallback.
ticket 980
|
|
|
|
|
|
|
|
| |
nsaccountlock doesn't have a visible Param but we want do so
some basic validation to be sure garbage doesn't get in there so
do it in the pre_callback of add and mod.
ticket 968
|
|
|
|
|
|
|
| |
This patch ensures that PTR records added by FreeIPA are compliant with
RFC.
https://fedorahosted.org/freeipa/ticket/839
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/563
https://fedorahosted.org/freeipa/ticket/588
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/735
|
| |
|
|
|
|
|
|
|
|
| |
A link has been added into the details page to expand/collapse all
sections.
Previously each section's <div> container is identified using a long
ID. It is now identified using the section name.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Support of navigator.preferences that is used to access browser
configuration was dropped in Firefox 4. This disables automatic
configuration of user preferences in this browser that is needed
to use Kerberos single sign-on.
This patch detectes a lack of this interface and tries to
configure the browser using new Services module introduced in
Gecko 2 (used in Firefox 4, SeaMonkey 2.1).
https://fedorahosted.org/freeipa/ticket/975
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently we forgot to check OID consistency between the schema and the
extensions, and we got duplicates.
Technically the schema was done later but it is easier to change the extensions
OIDs than to change the schema of current beta2/rc1 installations.
The only side effect is that older ipa-getkeytab and ipa-join binaries will
fail. So all the admin/client tools must be upgraded at the same time as well
as all the masters (otherwise some will show/accept the new OID while others
won't).
Fixes: https://fedorahosted.org/freeipa/ticket/976
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/930
|
|
|
|
|
|
|
| |
We are required by LDAP schema to have a cn value. Don't let
users change it thinking they are actually doing something.
tickets 706 and 707
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a service/host is disabled, the resulting summary message states
that a Kerberos key was disabled. However, Kerberos key may not have
been enabled before this command at all, which makes this information
confusing for some users. Also, the summary message didn't state
that an SSL certificate was disabled too.
This patch rather changes the summary message to a standard phrase
known from other plugins disable command and states all disable
command steps in a respective command help.
https://fedorahosted.org/freeipa/ticket/872
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cert plugin only worked OK with decimal certificate serial numbers.
This patch allows specifying the serial number in hexadecimal, too. The
conversion now works such that:
* with no explicit radix, a best-effort conversion is done using int(str,
0) in python. If the format is ambiguous, decimal takes precedence.
* a hexadecimal radix can be specified explicitly with the traditional
0x prefix
https://fedorahosted.org/freeipa/ticket/958
https://fedorahosted.org/freeipa/ticket/953
|
| |
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/963
|
|
|
|
|
|
|
|
| |
This patch adds a proper summary text to HBAC command which is
then printed out in CLI. Now, HBAC plugin output is consistent
with other plugins.
https://fedorahosted.org/freeipa/ticket/596
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/967
|
|
|
|
| |
I was too quick on the patch push and didn't see a nack on the wording.
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/351
|
| |
|
|
|
|
|
|
|
|
| |
The association config has been removed because it incorrectly assumes there is only one association between two entities. Now each association is defined separately using association facets.
The service.py has been modified to specify the correct relationships. The API.txt has been updated.
https://fedorahosted.org/freeipa/ticket/960
|
|
|
|
|
| |
This patch removes two files which seem to be long obsoleted and not
used any more.
|
|
|
|
| |
ticket 961
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/615
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/782
|
|
|
|
| |
ticket 971
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/915
|