summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add group members to default output of sudorule-showJan Zeleny2011-02-151-0/+4
| | | | https://fedorahosted.org/freeipa/ticket/915
* Fix setattr mail bug in user plugin.Pavel Zuna2011-02-151-0/+2
| | | | | The email normalizer expects a list or tuple, but when using setattr it gets a string and interates on it as if it was a list/tuple.
* Require ipactl be run as root to avoid a lot of misleading error msgs.Rob Crittenden2011-02-151-0/+3
| | | | | | | | Trying to run ipactl as non-root results in a slew of bogus error messages, some of which come because dirsrv can't read certain files as the wrong user, some based on our handling of that fact. ticket 936
* A privilege cannot be a member of a permission, remove it from metadataRob Crittenden2011-02-152-7/+3
| | | | ticket 970
* Become IPA v2 RC 1 (2.0.0.rc1)rc_1-2-0-0Rob Crittenden2011-02-141-2/+2
|
* Fix two problems with ipa-replica-prepareRob Crittenden2011-02-142-2/+6
| | | | | | | | | | | 1. Fix a unicode() problem creating the DNS entries 2. Fix a strange NSS error when generating the certificates against a dogtag server. The NSS errors are quite strange. When generating the first certificate nss_shutdown() fails because the database isn't initialized yet but nss_is_initialized() returned True. The second pass fails because something is in use.
* The --out option wasn't working at all with cert-show.Rob Crittenden2011-02-143-5/+14
| | | | | | | | Also fix some related problems in write_certificate(), handle either a DER or base64-formatted incoming certificate and don't explode if the filename is None. ticket 954
* Add missing import for netaddrRob Crittenden2011-02-141-0/+1
| | | | ticket 964
* Bugfix for ipa-client-install echo's password in cleartext to stdout ↵Jr Aquino2011-02-141-2/+4
| | | | https://fedorahosted.org/freeipa/ticket/959
* Detection of v1 server during ipa-client-installMartin Kosek2011-02-141-1/+5
| | | | | | | | | | When v2 IPA client is trying to join an IPA v1 server a strange exception is printed out to the user. This patch detects this by catching an XML-RPC error reported by ipa-join binary called in the process which fails on unexisting IPA server 'join' method. https://fedorahosted.org/freeipa/ticket/553
* Remove obsolete record types from DNSJakub Hrozek2011-02-142-24/+8
| | | | https://fedorahosted.org/freeipa/ticket/923
* A mod command should not be able to remove a required attribute.Rob Crittenden2011-02-142-1/+72
| | | | | | | | | | | | Some attribute enforcement is done by schema, others should be done by the required option in a Parameter. description, for example, is required by many plugins but not the schema. We need to enforce in the framework that required options are provided. After all the setattr/addattr work is done run through the modifications and ensure that no required values will be removed. ticket 852
* Fine tuning DNS optionsJakub Hrozek2011-02-144-6/+27
| | | | | | | | | | | | Add pointer to self to /etc/hosts to avoid chicken/egg problems when restarting DNS. On servers set both dns_lookup_realm and dns_lookup_kdc to false so we don't attempt to do any resolving. Leave it to true on clients. Set rdns to false on both server and client. https://fedorahosted.org/freeipa/ticket/931
* Let 389-ds start up even if Kerboros is not configured yet.Rob Crittenden2011-02-144-13/+38
| | | | | | | | | | | | The situation is if during installation /etc/krb5.conf either doesn't exist or configures no realms then 389-ds won't start up at all, causing the installation to fail. This will let the server start up in a degraded mode. Also need to make the sub_dict in ldapupdate.py handle no realm otherwise the installation will abort enabling the compat plugin. ticket 606
* Correctly report if this is a krb related password operationSimo Sorce2011-02-141-0/+1
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/949
* Add a replace option to ipa-ldap-updater.Rob Crittenden2011-02-141-1/+14
| | | | | | | | We have no way to say "replace value X with Y". This would be useful for us to replace a default value only if the user hasn't already updated it. related to ticket 930
* Update krbExtraData too when changing passwords.Simo Sorce2011-02-144-0/+93
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/937
* DNS record searchAdam Young2011-02-141-9/+18
| | | | | | | | The current version of the DNS Plugin does not support searching by record, so that is commented out. The search field wasn't working either. The search criteria had to be appended to the params array, just after the zone. https://fedorahosted.org/freeipa/ticket/907
* API fix for dns -> dnsrecord change in permission pluginRob Crittenden2011-02-141-7/+7
|
* drop the group.upg NIS mapNalin Dahyabhai2011-02-141-12/+0
| | | | | | The group.upg NIS map was an experiment in providing UPG groups dynamically, and is not one of the maps that I'd ever expect a NIS client to "know" to search. We should probably just drop it.
* Changed dns permission typesJan Zeleny2011-02-142-3/+3
| | | | | | | | Recent change of DNS module to version caused that dns object type was replaced by dnszone and dnsrecord. This patch corrects dns types in permissions class. https://fedorahosted.org/freeipa/ticket/646
* Make sure only root can run ipa-client-installJakub Hrozek2011-02-141-0/+3
| | | | https://fedorahosted.org/freeipa/ticket/957
* Fixed type of argument in class helpJan Zeleny2011-02-141-1/+1
|
* Support of user default email domainMartin Kosek2011-02-141-0/+24
| | | | | | | | | | | | | This patch fixes the default domain functionality for user email(s). This setting may be configured via: ipa config-mod --emaildomain=example.com Then, when user is added/modified and --mail option is passed, the default domain is appended if the passed attribute does not contain another domain already. https://fedorahosted.org/freeipa/ticket/598
* Add default success/failure output logging.Rob Crittenden2011-02-147-16/+24
| | | | | | | | | | Request logging on the server only happened if you added verbose=True or debug=True to the IPA config file. We should log the basics at least: who, what, result. Move a lot of entries from info to debug logging as well. Related to ticket 873
* Add permission/privilege for updating IPA configuration.Rob Crittenden2011-02-142-0/+19
| | | | ticket 950
* Move tools that are really only applicable to be run on the serverRob Crittenden2011-02-141-8/+8
| | | | | | | This moves a bunch of tools that only make sense to run on the actual server from the admintools subpackage to the server subpackage. ticket 947
* Ignore case when removing group members.Rob Crittenden2011-02-142-1/+120
| | | | ticket 944
* Fix checking for arguments in DNS pluginsJakub Hrozek2011-02-141-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/956
* Handle bad DM password in ipa-host-net-manage & ipa-copmat-manage.Rob Crittenden2011-02-142-2/+6
| | | | | | | This was resulting in a traceback because while conn was not None it wasn't connected either. ticket 920
* Fixed add service dialog box.Endi S. Dewata2011-02-113-25/+29
| | | | | | Previously the add service dialog box shows a 'Principal:' label with no text field next to it. It now has been removed. The dialog box has been widened to avoid line wrapping of the buttons.
* remove deprecated record typesAdam Young2011-02-111-3/+3
|
* allow null keys for showAdam Young2011-02-111-4/+8
| | | | https://fedorahosted.org/freeipa/ticket/951
* column formatting Allow optional formatting for columns Provide Data formate ↵Adam Young2011-02-113-6/+49
| | | | | | for host modificaiton date format
* target section without radio buttons ACI target section refactored into an ↵Adam Young2011-02-114-287/+325
| | | | array of widget-like objects. The radio buttons have been replaced by a select box. THe select is not visible on the details page.
* Convert json strings to unicode when they are unmarshalled.Rob Crittenden2011-02-114-32/+15
| | | | | | | | | This patch removes some individual work-arounds of converting strings to unicode, they only masked the problem. String values are not passed to the validator or normalizers so things like adding the realm automatically to services weren't happening. ticket 941
* Fix migration pageJakub Hrozek2011-02-111-1/+1
|
* Don't include error.kw in the error response in the JSON server.Rob Crittenden2011-02-111-1/+0
| | | | | | | This can include a full exception which cannot be marshalled. This value contains duplicate information and isn't used by the client. ticket 905
* ipa-dns-install does not exit on errorMartin Kosek2011-02-111-12/+17
| | | | | | | This patch fixes behavior of ipa-dns-install, which does not exit when an invalid configuration of /etc/hosts is detected. https://fedorahosted.org/freeipa/ticket/736
* Extend API validatorMartin Kosek2011-02-111-21/+56
| | | | | | | | | | | | | makeapi script is used to check if ipalib API is consistent with the known state in API.txt. When the API is changed, major API version should be updated. However, when new options/arguments/outputs were added to an ipalib command, `makeapi --validate' call did not capture this. This patch fixes this issue and ensures that also the last command in API.txt is checked (it was not before this patch). https://fedorahosted.org/freeipa/ticket/868
* Ensure that file ownership doesn't change when config is updated.Rob Crittenden2011-02-111-0/+4
| | | | | | | | | Out of the blue update_file() and set_directive() changed file ownership to root:root when it updated some files. This was causing dogtag to break. So grab the owner before opening the file and reset it after closing. ticket 928
* Add pyOpenSSL as a BuildRequiresRob Crittenden2011-02-111-0/+1
|
* Rename ipa.spec.in to freeipa.spec.in in BUILD.txt.Rob Crittenden2011-02-101-1/+1
| | | | | | This is the shortcut to installing the build-deps. ticket 859
* Provide a way to display CLI-LDAP relationJan Zeleny2011-02-101-1/+26
| | | | | | | | | | | Since some LDAP attributes have their cli_name value defined, so they can be more user friendly, it can be difficult for user to find out which attributes do the parameteres given to CLI really represent. This patch provides new command, which will take another IPA command as and argument and display attributes which given command takes and what LDAP attributes are they mapped to. https://fedorahosted.org/freeipa/ticket/447
* Update API.txt with updated usercertificate in service-findRob Crittenden2011-02-101-4/+3
|
* Fix return codes for ipactlMartin Kosek2011-02-101-14/+10
| | | | | | | This patch fixes ipactl to return non-zero value when something goes wrong. https://fedorahosted.org/freeipa/ticket/894
* Disable replication version plugin by default.Rob Crittenden2011-02-104-2/+29
| | | | | | | | | | | | | | | | The 389-ds replication plugin may not be installed on all platforms and our replication version plugin will cause 389-ds to not start if it is loaded and the replication plugin is not. So disable by default. When a replica is prepared we check for the replication plugin. If it exists we will enable the replication version plugin. Likewise on installation of a replica we check for existence of the repliation plugin and if it is there then we enable the version plugin before replication begins. ticket 918
* Fix test failures caused by the performance patch.Rob Crittenden2011-02-103-8/+21
| | | | | | It isn't safe to assume there is an environment or mode in any given object. Only skip the extra work if the object explicitly has production in it.
* Set minimum version of sssd to 1.5.1Rob Crittenden2011-02-101-1/+4
| | | | ticket 926
* nscd should be disabled before sssd is configured/started.Rob Crittenden2011-02-101-22/+22
| | | | | | | | | | | If not then sssd spits out a warning message: sssd: nscd socket was detected. As nscd caching capabilities may conflict with SSSD, it is recommended to not run nscd in parallel with SSSD Stop nscd before configuring sssd so we don't confuse our users. ticket 743
generated by cgit (git 2.34.1) at 2024-11-15 12:17:22 +0000