summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ipa-pwd-extop: Fix segfault in password change.Simo Sorce2011-09-211-0/+7
| | | | | Do not pass an empty buffer to ber_init() as it will assert. Check before hand and return an error.
* Fix /usr/bin/ipa dupled server listMartin Kosek2011-09-221-1/+9
| | | | | | | | | Fix get_url_list() so that the configured master server is there just once. This fix lets /usr/bin/ipa try connecting to all IPA masters just once and not print confusing server list with dupled master. https://fedorahosted.org/freeipa/ticket/1817
* Remove checks for ds-replication pluginMartin Kosek2011-09-223-21/+2
| | | | | | | The replication plugin is no longer shipped as a separate package. Remove the code checking its existence. https://fedorahosted.org/freeipa/ticket/1815
* Fixed missing cancel button in unprovisioning dialog.Endi S. Dewata2011-09-211-0/+4
| | | | | | | The host unprovisioning dialog has been modified to provide a cancel button. Ticket #1811
* Removed HBAC rule type.Endi S. Dewata2011-09-211-17/+0
| | | | | | | HBAC rule type has been removed from the list page and details page because it is no longer supported in IPA 3.0. Ticket #1795
* Fixed columns in HBAC/sudo rules list pages.Endi S. Dewata2011-09-212-31/+48
| | | | | | | | The following list pages were modified to show these columns only: * HBAC rules: name, type, enabled, description * Sudo rules: name, enabled, description Ticket #1796
* conncheck: Additional check to verify the admin password is okSimo Sorce2011-09-211-0/+9
| | | | | | If we can get a ticket for the master then we know we got all right. This should avoid being prompted again by ssh if the kinit failed and for some reason the error was not caught (seen in live tests).
* Fix typo in v3 base schemaSumit Bose2011-09-211-3/+3
|
* 25 Create Tool for Enabling/Disabling Managed Entry PluginsJR Aquino2011-09-217-236/+275
| | | | | | | | Remove legacy ipa-host-net-manage Add ipa-managed-entries tool Add man page for ipa-managed-entries tool https://fedorahosted.org/freeipa/ticket/1181
* Update samba LDAP schemaSumit Bose2011-09-201-1/+39
| | | | | | The samba LDAP schema is updated to the lastest version available from the samba source code to be able to use the new trust related object class and attributes.
* Fix ACIs in ipa-adtrust-installSumit Bose2011-09-201-2/+13
|
* Fixed posix group checkbox.Endi S. Dewata2011-09-203-10/+40
| | | | | | | | | | | | In the adder dialog for groups the checkbox has been modified to use the correct field name "nonposix" and be checked by default. Note: This is a temporary fix to minimize the changes due to release schedule. Eventually the field label will be changed into "Non-POSIX group" and the checkbox will be unchecked by default, which is more consistent with CLI. Ticket #1799
* schema: Add new attributes and objectclasses for AD TrustsSimo Sorce2011-09-201-2/+13
|
* dirsrv is not stopped correctly in the fallbackMartin Kosek2011-09-201-1/+1
| | | | | | | The previous patch fixed ipactl stop command. However, the dirsrv stop in the ipactl start command fallback was not right either. https://fedorahosted.org/freeipa/ticket/1800
* ipactl does not stop dirsrvMartin Kosek2011-09-201-1/+1
| | | | | | | Remove an invalid instance name passed to dirsrv service so that it is correctly stopped. https://fedorahosted.org/freeipa/ticket/1800
* The return value of restorecon is not reliable, ignore it.Rob Crittenden2011-09-201-3/+7
| | | | https://fedorahosted.org/freeipa/ticket/1816
* ipa-kdb: Properly set password expiration time.Simo Sorce2011-09-193-4/+74
| | | | | | | We do the policy check so we are the only one that can calculate the new pwd espiration time. Fixes: https://fedorahosted.org/freeipa/ticket/1793
* Fix client install on IPv6 machines.Jan Cholasta2011-09-191-2/+7
| | | | ticket 1804
* Suppress managed netgroups as indirect members of hosts.Rob Crittenden2011-09-192-1/+35
| | | | | | | By design these managed netgroups are not supposed to show unless you specifically want to see them. https://fedorahosted.org/freeipa/ticket/1738
* Change the Requires for the server and server-selinux for proper orderRob Crittenden2011-09-151-2/+3
| | | | | | | | | | The server package needs to be installed before the server-selinux package otherwise the SELinux contexts won't get set properly. The (postun) is so you can continue to do yum erase freeipa-python and it will pick up everything else. https://fedorahosted.org/freeipa/ticket/1779
* Removed entitlement menu.Endi S. Dewata2011-09-161-1/+0
| | | | Ticket #1806
* Check that install hostname matches the server hostname.Jan Cholasta2011-09-141-0/+5
| | | | ticket 1717
* Fixed problem opening host adder dialog.Endi S. Dewata2011-09-141-0/+1
| | | | | | | | The hidden fqdn field in the host adder dialog has been changed to use a generic widget instead of text widget to avoid null pointer error since the UI elements are never created. Ticket #1788
* Add ipa-adtrust-install utilitySumit Bose2011-09-1412-1/+673
| | | | https://fedorahosted.org/freeipa/ticket/1619
* Skip the cert validator if the csr we are passed in is a valid filenameRob Crittenden2011-09-142-1/+8
| | | | | | | | | The validator will still fire, just after the load_files() call. Basically it will hit the validator twice. The first time it will exit because the value of csr is a filename. The second time it will run the validator against the contents of the file. ticket https://fedorahosted.org/freeipa/ticket/1777
* Update ipa-ldap-updater man page saying it is not an end-user utilityRob Crittenden2011-09-141-4/+8
| | | | https://fedorahosted.org/freeipa/ticket/1792
* Fixed labels for run-as users and groups.Endi S. Dewata2011-09-136-49/+859
| | | | | | | The labels for the run-as users and groups tables in sudo rule details page have been modified to improve the clarity. Ticket #1752
* Code cleanup: widget creationPetr Vobornik2011-09-132-115/+70
| | | | | | | https://fedorahosted.org/freeipa/ticket/1788 Removed code duplication of undo links. Simplified code of widget creation to be more readable.
* The precendence on the modrdn plugin was set in the wrong location.Rob Crittenden2011-09-133-2/+6
| | | | https://fedorahosted.org/freeipa/ticket/1370
* Improved handling for ipa-pki-proxy.confRob Crittenden2011-09-134-9/+25
| | | | | | | | | - Remove ipa-pki-proxy.conf when IPA is uninstalled - Move file removal to httpinstance.py and use remove_file() - Add a version stanza - Create the file if it doesn't exist on upgraded installs https://fedorahosted.org/freeipa/ticket/1771
* Remove normalizer that made role, privilege and permission names lower-caseRob Crittenden2011-09-124-31/+28
| | | | https://fedorahosted.org/freeipa/ticket/1747
* Move Managed Entries into their own container in the replicated space.Jr Aquino2011-09-1213-47/+238
| | | | | | | | | | | | | | Repoint cn=Managed Entries,cn=plugins,cn=config in common_setup Create: cn=Managed Entries,cn=etc,$SUFFIX Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX Create method for dynamically migrating any and all custom Managed Entries from the cn=config space into the new container. Separate the connection creation during update so that a restart can be performed to initialize changes before performing a delete. Add wait_for_open_socket() method in installutils https://fedorahosted.org/freeipa/ticket/1708
* Fix pylint false positive in hbactest moduleMartin Kosek2011-09-131-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/1763
* When external host is specified in HBAC rule, allow its use in simulationAlexander Bokovoy2011-09-131-1/+4
| | | | | | | | https://fedorahosted.org/freeipa/ticket/1763 When external host is specified in HBAC rule, it needs to be added to the set of source hosts this rule applies to. Add (list of external hosts) explicitly when converting FreeIPA rules to PyHBAC objects.
* Call standard_logging_setup() before any logging is doneSumit Bose2011-09-131-2/+2
|
* Introduce platform-specific adaptation for services used by FreeIPA.Alexander Bokovoy2011-09-1311-98/+436
| | | | | | | | | Refactor FreeIPA code to allow abstracting all calls to external processes and dependencies on modification of system-wide configuration. A platform provider would give its own implementation of those methods and FreeIPA would use it based on what's built in packaging process. https://fedorahosted.org/freeipa/ticket/1605
* Cleanup whitespaceAlexander Bokovoy2011-09-131-3/+3
|
* Convert installation tools to platform-independent access to system servicesAlexander Bokovoy2011-09-135-34/+50
| | | | http://fedorahosted.org/freeipa/ticket/1605
* Convert client-side tools to platform-independent access to system servicesAlexander Bokovoy2011-09-132-118/+96
| | | | https://fedorahosted.org/freeipa/ticket/1605
* Convert server install code to platform-independent access to system servicesAlexander Bokovoy2011-09-138-57/+42
| | | | https://fedorahosted.org/freeipa/ticket/1605
* Fixed missing optional field.Endi S. Dewata2011-09-132-11/+19
| | | | | | | | | | | | The optional uid field in user's adder dialog did not appear when the link is clicked to show the field. This is a regression introduced in the patch for ticket #1648. The click handler for the link field has been moved into a new closure so that the variables point to the correct elements. Note: the duplicate code in IPA.details_table_section.create() and IPA.dialog.create() will be addressed separately in ticket #1394.
* Unroll groups when testing HBAC rulesAlexander Bokovoy2011-09-111-5/+34
| | | | Fixes https://fedorahosted.org/freeipa/ticket/1740
* Incorrect name in examples of ipa help hbactestAlexander Bokovoy2011-09-111-7/+7
| | | | | | https://fedorahosted.org/freeipa/ticket/1741 HBAC rules address PAM services, thus service names should correspond to proper PAM names.
* Don't allow a OTP to be set on an enrolled hostRob Crittenden2011-09-101-0/+8
| | | | | | Setting a password invalidates the existing keytab https://fedorahosted.org/freeipa/ticket/1719
* Fixed inconsistency in enabling delete buttonsPetr Vobornik2011-09-091-5/+35
| | | | | | | | | | | | https://fedorahosted.org/freeipa/ticket/1640 On the HBAC Rules page, where the rules are listed, if no rule is selected, the "Delete" button is not enabled, and cannot be clicked on. But edit a Rule, and Delete button is enabled in the available sections - regardless of, if an object is selected to be deleted or not, or even if there is no object to be selected to delete. One can click on this button...but then - there is no message indicating that something should be selected for deletion for this button to do anything. Notes: * fixed association_table_widget and association_facet
* Fixed sudo rule association dialogs.Endi S. Dewata2011-09-092-7/+12
| | | | | | | | | | | | The adder dialog for the user and host tables in sudo rule details page have been fixed to use --not-in-sudorules to avoid showing entries that are already added into the rule either directly or indirectly via groups. This does not apply to the command and run-as tables because they do not support such option. Ticket #1768
* Fixed layout problem in permission adder dialog.Endi S. Dewata2011-09-0912-456/+352
| | | | | | | | | | | | | In order to maintain consistent layout between details page and dialog boxes the IPA.details_list_section has been replaced with IPA.details_table_section which is based on table. The IPA.target_section and other subclasses of IPA.details_list_section have been converted to use IPA.details_table_section as well. The unit tests have been updated accordingly. Ticket #1648
* Set bind and bind-dyndb-ldap min nvrMartin Kosek2011-09-091-0/+9
| | | | | | | | This is a soft dependency, min nvr version will only be required when bind/bind-dyndb-ldap are installed. https://fedorahosted.org/freeipa/ticket/1121 https://fedorahosted.org/freeipa/ticket/1573
* Fixed unit test for entity select widget.Endi S. Dewata2011-09-071-1/+1
| | | | | The unit test for IPA.entity_select_widget has been fixed to check the options after loading the record.
* Fixed: JavaScript type error in entitlement pagePetr Vobornik2011-09-071-6/+14
| | | | | | | | | | https://fedorahosted.org/freeipa/ticket/1767 Opening IPA Server/Entitlements causes: "Uncaught TypeError: Cannot call method 'addClass' of undefined" error - Details.js:489 Introduced by patch for #1697 Cause: Details facet of entitlements doesn't contain Reset and Update buttons
generated by cgit (git 2.34.1) at 2024-09-23 04:36:37 +0000