| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Without this it is possible to prepare a replica for a host that doesn't
exist in DNS. The result when this replica file is installed is that
replication will fail because the master won't be able to communicate
to the replica by name.
ticket 680
|
| |
|
|
|
|
| |
ticket 739
|
|
|
|
|
|
|
|
|
| |
Flag parameters are always autofill by definition, causing unexpected
search results. This patch retypes them to Bool for search commands,
so that users have to/can enter the desired value manually.
Ticket #689
Ticket #701
|
|
|
|
| |
minor tweak to the header and gradient for the header
|
|
|
|
| |
ticket 314
|
|
|
|
| |
ticket 734
|
|
|
|
|
|
|
|
|
|
|
|
| |
We collected the failures but didn't report it back. This changes the
API of most delete commands so rather than returning a boolean it returns
a dict with the only current key as failed.
This also adds a new parameter flag, suppress_empty. This will try to
not print values that are empty if included. This makes the output of
the delete commands a bit prettier.
ticket 687
|
|
|
|
|
|
|
|
|
|
|
| |
It is possible to create an ACI with attributes and then try to set that
to None via a mod command later. We need to catch this and raise an exception.
If all attributes are set to None in an aci then the attr target is removed
from the ACI. This could result in an illegal ACI if there are no other
targets. Having no targets is a legal state, just not a legal final state.
ticket 647
|
|
|
|
|
| |
fixes issues from
https://fedorahosted.org/freeipa/ticket/507
|
|
|
|
| |
tweak the tabs padding
|
| |
|
|
|
|
|
| |
self service defaults to write permission, the only acceptable one.
By removing the checkbox, we stop sending invalid permissions
|
| |
|
| |
|
|
|
|
|
| |
Not sure if this is an openldap-client, pem-nss or python-ldap problem yet
but the installation is failing.
|
| |
|
| |
|
|
|
|
|
| |
This patch makes one group for all HBAC plugins and one group for all
sudo plugins.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The concept is now following:
topic: either a module or a group of modules containing registered
commands. All these commands will usually handle common entity
type (e.g. hbac rules)
subtopic: each topic can have a number of subtopics. In this case topic
is a group of modules and each module represents a subtopic.
grouping modules to topics is possible by assigning a 2-tuple to module
variable:
topic = ('topic-name','topic description')
The topic description has to be the same in all modules in the topic.
These are examples of commands now available in IPA help:
ipa help - display a list of all topics
ipa help hbac - display help for hbac topic
ipa help hbacrule - display help for a subtopic of hbac
ipa help hbacrule-add - display help for a particular command
https://fedorahosted.org/freeipa/ticket/410
|
|
|
|
|
|
| |
The renaming follows previous discussion on mailing list and it leads to
name compatibility with other plugins (e.g. sudorule). It is also
necessary for following changes in ipa help.
|
|
|
|
|
|
|
| |
Resolving the keytab isn't enough, this just creates a name. Try to
create a cursor into the keytab to see if it is a valid keytab.
ticket 654
|
|
|
|
|
|
|
| |
The option is renamed to --ip-address to be consistent with
ipa-replica-prepare.
https://fedorahosted.org/freeipa/ticket/655
|
|
|
|
|
|
| |
A new option to specify reverse zone creation for unattended installs
https://fedorahosted.org/freeipa/ticket/678
|
|
|
|
|
|
|
|
|
| |
Remove the LDAP_DEPRECATED constant and do not use functions that are
marked as deprecated in recent OpenLDAP releases. Also always define
WITH_{MOZLDAP,OPENLDAP} since there are conditional header includes that
depend on that constant.
https://fedorahosted.org/freeipa/ticket/576
|
|
|
|
|
|
|
| |
Do this by creating a common way to attach to the ldap server for each
instance.
Fixes: https://fedorahosted.org/freeipa/ticket/686
|
|
|
|
| |
Fixes: https://fedorahosted.org/freeipa/ticket/645
|
|
|
|
| |
valied request. https://fedorahosted.org/freeipa/ticket/691
|
|
|
|
| |
THis patch updates the metadata with the changes for the facet groups names. It is a large patch only in that the metadata is huge, but the change is trivial
|
|
|
|
|
| |
correctly nest the facet groups
change 'parent' to 'member of' for facet group
|
|
|
|
| |
THe client aread class is added after the create call. THe logic assumes that there are two divs under the tabs. THe records facet broke that assumption. THis fixes it
|
| |
|
|
|
|
|
|
| |
The title attribute in various HTML elements in SUDO details page
has been set to show the proper tooltips. Most of the values are
taken from the 'doc' attribute of sudorule parameters.
|
| |
|
|
|
|
|
|
|
|
| |
make clickable links blue
change spacing to keep headers from wrapping
convert most px values to em, to support scaling
indent action controls and place them under the active facet
set default font size to 11px
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/704
|
|
|
|
|
|
|
|
|
|
| |
Only a generic error message were displayed when a non-existing
host was passed to host-del or host-disable operations.
This patch adds catching these generic exceptions and raising
new exceptions with the correct error message.
https://fedorahosted.org/freeipa/ticket/303
|
|
|
|
|
|
|
|
| |
Two directories were left out from package file list:
..../site-packages/ipalib
..../site-packages/ipaserver
http://fedorahosted.org/freeipa/ticket/688
|
|
|
|
|
| |
The ipa_cmd() error handler has been updated to use AJAX status
text as the default error message.
|
|
|
|
| |
Fix #684
|
|
|
|
| |
Fonts, header images, and json.js
|
|
|
|
| |
we are only doing global policy on the krbtpolicy page
|
|
|
|
| |
Ticket #700
|
|
|
|
| |
krbtpolicy requires null pkey, and without it, update breaks.
|
|
|
|
|
|
| |
Do not call status after pkisilent, it will return non-zero.
Instead restart server after pkisilent so configuration
changes take effect, the check the status.
|
|
|
|
|
|
|
|
|
|
|
| |
The SUDO details page has been modified to support external users
and hosts. In the backend, the internal and external users are kept
in separate attributes, but in the UI they will be displayed as a
single list. The same thing is done for hosts.
The ipa_sudorule_association_adder_dialog() has been modified such
that it only displays the external field if there is an external
attribute for that field.
|
|
|
|
|
| |
The SUDO details page has been modified to match the attribute
names for run-as attributes.
|
|
|
|
|
| |
The dialog boxes for SUDO details page have been modified
to generate the HTML code by default.
|
| |
|
| |
|