summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Drop dependency on mozldapRob Crittenden2011-01-122-9/+4
|
* Use correct option name in host pluginJakub Hrozek2011-01-121-9/+9
|
* Fixes for the DNS pluginJakub Hrozek2011-01-121-3/+9
| | | | https://fedorahosted.org/freeipa/ticket/730
* Restrict anonymous tgtsSimo Sorce2011-01-121-0/+1
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/432
* Potential NULL dereference in ipapwd_prepostMartin Kosek2011-01-121-2/+2
| | | | | | | This patch increases robustness in PRE MOD password SLAPI module by ensuring that an uninitialized pointer is not dereferenced. https://fedorahosted.org/freeipa/ticket/719
* Unchecked return value of callocMartin Kosek2011-01-121-0/+7
| | | | | | | | Omiting return value of calloc in ipa_pwd_extop.c could lead to memory access issues when memory is full. This patch adds return value check. https://fedorahosted.org/freeipa/ticket/717
* Bugfix for sudo compat cmdcat and deny commands ↵Jr Aquino2011-01-121-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/742
* Uninitialized pointer read in ipa-enrollmentMartin Kosek2011-01-121-1/+1
| | | | | | | This patch fixes a situation where an uninitialized pointer is passed to free(). https://fedorahosted.org/freeipa/ticket/713
* fix sudorule runas user/groups https://fedorahosted.org/freeipa/ticket/570Jr Aquino2011-01-123-1/+167
|
* Unchecked return values in ipa-joinMartin Kosek2011-01-122-10/+62
| | | | | | | | | | | krb5_get_default_realm() and asprintf() return values were ignored. This could lead to unhandled error issues or memory access issues. This patch adds return value checks to all such functions. As a consequence, one new return value has been added to man page. https://fedorahosted.org/freeipa/ticket/720
* Unchecked return value in ipa-getkeytabMartin Kosek2011-01-121-3/+15
| | | | | | | | | | | | krb5_init_context return value was not checked. This could lead to unhandled error issues. This patch moves the Kerberos context initialization to the branch where it is needed and handles the error value in a way that allows program exit in a standard way deallocating all resources. https://fedorahosted.org/freeipa/ticket/721
* Uninitialized pointer read in ipa-rmkeytabMartin Kosek2011-01-121-5/+14
| | | | | | | Fix "--realm" parameter processing in ipa-rmkeytab. Also make sure that memory allocated in this process is also freed. https://fedorahosted.org/freeipa/ticket/711
* Use of pointer after free in ipa-joinMartin Kosek2011-01-121-4/+10
| | | | | | | | In some cases recently freed memory was used/freed again. This patch introduces more consistency between functions join_ldap/join_krb5 when dealing with affected variables. https://fedorahosted.org/freeipa/ticket/709
* enroll buttonAdam Young2011-01-111-1/+1
| | | | This was removed in several places where it should still be visible
* Added group association table for SUDO command.Endi S. Dewata2011-01-116-0/+328
| | | | | | A section has been added to the SUDO command details page for managing the association with SUDO command groups. New test data has been added as well.
* Renamed hbac to hbacrule.Endi S. Dewata2011-01-1127-33/+33
| | | | | | All references to hbac in the UI have been replaced with hbacrule. This is to match the hbacrule plugin. The test data and templates have been renamed as well.
* Support for enabling/disabling table widget.Endi S. Dewata2011-01-115-7/+159
| | | | | | | | The table widget now can be enabled/disabled. When disabled, the checkboxes and links/buttons are grayed out and non functional. The radio buttons in HBAC and SUDO details page have been modified to enable/disable the corresponding tables.
* Fixed SUDO command category.Endi S. Dewata2011-01-111-140/+27
| | | | | | | The radio buttons under the Run Commands section in the SUDO details page have been changed from allow/deny/specified into all/specified, and moved under the Allow commands subsection, matching the correct usage of the cmdcategory attribute.
* Fix output of failed managedby hosts, allow a host to manage itself.Rob Crittenden2011-01-114-6/+18
| | | | | | | | | | | The output problem was a missing label for failed managedby. This also fixes a call to print_entry that was missing the flags argument. Add a flag to specify whether a group can be a member of itself, defaulting to False. ticket 708
* Exit if a DNS A or AAAA record doesn't exist for the replica we are preparing.Rob Crittenden2011-01-113-5/+35
| | | | | | | | | Without this it is possible to prepare a replica for a host that doesn't exist in DNS. The result when this replica file is installed is that replication will fail because the master won't be able to communicate to the replica by name. ticket 680
* Enable low-level LDAP debugging.Rob Crittenden2011-01-111-1/+4
|
* Make ipaDefaultLoginShell use IA5String syntax to match POSIX schema.Rob Crittenden2011-01-111-1/+1
| | | | ticket 739
* Retype (when cloning) Flag parameters to Bool for search commands.Pavel Zuna2011-01-102-4/+16
| | | | | | | | | Flag parameters are always autofill by definition, causing unexpected search results. This patch retypes them to Bool for search commands, so that users have to/can enter the desired value manually. Ticket #689 Ticket #701
* header style fixAdam Young2011-01-101-1/+1
| | | | minor tweak to the header and gradient for the header
* Simple instructions to start developing IPA.Rob Crittenden2011-01-101-0/+78
| | | | ticket 314
* Ship the ipa-dns-install man pageRob Crittenden2011-01-102-0/+2
| | | | ticket 734
* Display the entries that failed when deleting with --continue.Rob Crittenden2011-01-1024-49/+73
| | | | | | | | | | | | We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687
* Setting an empty set of target attributes should raise an exception.Rob Crittenden2011-01-104-31/+40
| | | | | | | | | | | It is possible to create an ACI with attributes and then try to set that to None via a mod command later. We need to catch this and raise an exception. If all attributes are set to None in an aci then the attr target is removed from the ACI. This could result in an illegal ACI if there are no other targets. Having no targets is a legal state, just not a legal final state. ticket 647
* center pageAdam Young2011-01-103-17/+28
| | | | | fixes issues from https://fedorahosted.org/freeipa/ticket/507
* action-panel adjustmentsAdam Young2011-01-101-5/+4
| | | | tweak the tabs padding
* Fixed command category value.Endi S. Dewata2011-01-101-1/+1
|
* remove permissions checkboxAdam Young2011-01-081-2/+0
| | | | | self service defaults to write permission, the only acceptable one. By removing the checkbox, we stop sending invalid permissions
* fix entity unit tests unit tests updated to accoount for the facet_group titleAdam Young2011-01-081-2/+4
|
* Validate add-dialog text fieldsAdam Young2011-01-081-9/+62
|
* Temporarily work around SSL connection issue causing installation to fail.Rob Crittenden2011-01-071-1/+2
| | | | | Not sure if this is an openldap-client, pem-nss or python-ldap problem yet but the installation is failing.
* Fix 'ipa help permissions'; add 'dns' in allowed types.Pavel Zuna2011-01-071-1/+1
|
* Allow the kdc to write krbExtraDataRob Crittenden2011-01-071-1/+1
|
* Initial grouping of ipalib plugins for ipa helpJan Zeleny2011-01-076-0/+7
| | | | | This patch makes one group for all HBAC plugins and one group for all sudo plugins.
* Changed concept of ipa helpJan Zeleny2011-01-071-20/+97
| | | | | | | | | | | | | | | | | | | | | | | | The concept is now following: topic: either a module or a group of modules containing registered commands. All these commands will usually handle common entity type (e.g. hbac rules) subtopic: each topic can have a number of subtopics. In this case topic is a group of modules and each module represents a subtopic. grouping modules to topics is possible by assigning a 2-tuple to module variable: topic = ('topic-name','topic description') The topic description has to be the same in all modules in the topic. These are examples of commands now available in IPA help: ipa help - display a list of all topics ipa help hbac - display help for hbac topic ipa help hbacrule - display help for a subtopic of hbac ipa help hbacrule-add - display help for a particular command https://fedorahosted.org/freeipa/ticket/410
* Rename hbac module to hbacruleJan Zeleny2011-01-073-143/+143
| | | | | | The renaming follows previous discussion on mailing list and it leads to name compatibility with other plugins (e.g. sudorule). It is also necessary for following changes in ipa help.
* Better detection when not working with a real keytab in ipa-rmkeytab.Rob Crittenden2011-01-071-1/+11
| | | | | | | Resolving the keytab isn't enough, this just creates a name. Try to create a cursor into the keytab to see if it is a valid keytab. ticket 654
* Rename --ipaddr option of host-add commandJan Zeleny2011-01-071-1/+1
| | | | | | | The option is renamed to --ip-address to be consistent with ipa-replica-prepare. https://fedorahosted.org/freeipa/ticket/655
* Create the reverse zone by defaultJakub Hrozek2011-01-074-9/+36
| | | | | | A new option to specify reverse zone creation for unattended installs https://fedorahosted.org/freeipa/ticket/678
* Do not use LDAP_DEPRECATED in pluginsJakub Hrozek2011-01-078-29/+106
| | | | | | | | | Remove the LDAP_DEPRECATED constant and do not use functions that are marked as deprecated in recent OpenLDAP releases. Also always define WITH_{MOZLDAP,OPENLDAP} since there are conditional header includes that depend on that constant. https://fedorahosted.org/freeipa/ticket/576
* Allow ipa-dns-install to install with just admin credentialsSimo Sorce2011-01-076-89/+81
| | | | | | | Do this by creating a common way to attach to the ldap server for each instance. Fixes: https://fedorahosted.org/freeipa/ticket/686
* Allow ipa-dns-install to configure DNS on a replica.Simo Sorce2011-01-074-8/+35
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/645
* bad request workaround not a permanent fix, but makes the web server accept ↵Adam Young2011-01-071-0/+3
| | | | valied request. https://fedorahosted.org/freeipa/ticket/691
* metatdata for facet_groupsAdam Young2011-01-071-32/+31
| | | | THis patch updates the metadata with the changes for the facet groups names. It is a large patch only in that the metadata is huge, but the change is trivial
* facet nestingAdam Young2011-01-075-9/+37
| | | | | correctly nest the facet groups change 'parent' to 'member of' for facet group
* dns record styleAdam Young2011-01-071-0/+3
| | | | THe client aread class is added after the create call. THe logic assumes that there are two divs under the tabs. THe records facet broke that assumption. THis fixes it
generated by cgit (git 2.34.1) at 2024-09-25 21:16:06 +0000