| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
The details and association facets have been modified to show the number of records in each association in the corresponding facet tab.
Ticket #1386
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A dogtag replica file is created as usual. When the replica is installed
dogtag is optional and not installed by default. Adding the --setup-ca
option will configure it when the replica is installed.
A new tool ipa-ca-install will configure dogtag if it wasn't configured
when the replica was initially installed.
This moves a fair bit of code out of ipa-replica-install into
installutils and cainstance to avoid duplication.
https://fedorahosted.org/freeipa/ticket/1251
|
|
|
|
|
|
| |
Adds hooks for navigation to the show page due to the unusual way that keys are accessed.
https://fedorahosted.org/freeipa/ticket/1257
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The hostname is passed in during the server installation. We should use
this hostname for the resulting server as well. It was being discarded
and we always used the system hostname value.
Important changes:
- configure ipa_hostname in sssd on masters
- set PKI_HOSTNAME so the hostname is passed to dogtag installer
- set the hostname when doing ldapi binds
This also reorders some things in the dogtag installer to eliminate an
unnecessary restart. We were restarting the service twice in a row with
very little time in between and this could result in a slew of reported
errors, though the server installed ok.
ticket 1052
|
|
|
|
|
|
|
|
| |
Navigation breadcrumb has been added to the facet header. The
breadcrumb will appear on details, association, and automount
facets.
Ticket #1323
|
|
|
|
|
|
|
|
|
|
|
| |
The content and the size of entity header changes depending on the
facet being displayed, so the entity header has been converted into
a facet header to allow better control via CSS.
The DNS record facet has been updated to use the same styling and
support scrolling.
To help styling and testing, all buttons have been assigned a name.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
Make sure that IPA can be installed with root umask set to secure
value 077. ipa-server-install was failing in DS configuration phase
when dirsrv tried to read boot.ldif created during installation.
https://fedorahosted.org/freeipa/ticket/1282
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the most part certificates will be treated as being in DER format.
When we load a certificate we will generally accept it in any format but
will convert it to DER before proceeding in normalize_certificate().
This also re-arranges a bit of code to pull some certificate-specific
functions out of ipalib/plugins/service.py into ipalib/x509.py.
This also tries to use variable names to indicate what format the certificate
is in at any given point:
dercert: DER
cert: PEM
nsscert: a python-nss Certificate object
rawcert: unknown format
ticket 32
|
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/1363
https://fedorahosted.org/freeipa/ticket/1361
|
|
|
|
|
|
|
| |
The navigation have been fixed to show the correct active tabs after
browser reload.
Ticket #1362
|
|
|
|
|
|
|
| |
Compare the configured interfaces with the supplied IP address and
optional netmask to determine if the interface is available.
https://fedorahosted.org/freeipa/ticket/1175
|
| |
|
|
|
|
| |
updated label triggered an API change
|
|
|
|
|
|
|
|
| |
jsl fixes
https://fedorahosted.org/freeipa/ticket/1043
remove redundant call to focus.
|
|
|
|
|
|
|
|
| |
error, do not attempt to redirect.
this variation has a whitelist of errors on which to redirect.
https://fedorahosted.org/freeipa/ticket/1281
|
|
|
|
|
|
|
| |
Tests for dirty after the RPC call has completed and the select has updated
Passes the original value to the RPC completion, so it isn't lost upon RPC completion
https://fedorahosted.org/freeipa/ticket/1340
|
|
|
|
|
| |
The CSS files in install/html and install/migration have been
modified to use the Overpass font.
|
| |
|
|
|
|
|
|
| |
the tabs are required for natigation, but they should not be visible, as the breadcrub provides the navigation for them instead.
Moved the automount tabs up one level so that it uses the two level style
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Implements a way to pass match_local and parse_netmask parameters
to IP option checker.
Now, there is just one common option type "ip" with new optional
attributes "ip_local" and "ip_netmask" which can be used to
pass IP address validation parameters.
https://fedorahosted.org/freeipa/ticket/1333
|
|
|
|
|
|
|
|
| |
The association facet has been modified to store the current page
number in the browser's URL. This way page changes are stored in
browser's history allowing the back button to work properly.
Ticket #1264
|
|
|
|
|
|
|
|
| |
The direct and indirect associations are now displayed in the same
facet. The type of association to be displayed can be selected
using radio buttons.
Ticket #1338
|
|
|
|
|
|
| |
instead of blindly setting dirty, check if the filed has a different value than it originally did.
https://fedorahosted.org/freeipa/ticket/1337
|
|
|
|
| |
the undo link. https://fedorahosted.org/freeipa/ticket/1337
|
|
|
|
| |
runs the testdirty check before setting the undo tag for a textarea
|
|
|
|
|
|
| |
instead of always setting dirty, we do the original test, and then set the flag and show the link.
https://fedorahosted.org/freeipa/ticket/1337
|
|
|
|
|
|
|
|
|
|
|
|
| |
In self-service mode the user's association facets have been modified
such that the entries are not linked since the only available entity
is the user entity.
A 'link' parameter has been added to IPA.association_facet and
IPA.column to control whether to link the entries. The link_handler()
method can be used to define how to handle the link.
Ticket #1072
|
| |
|
|
|
|
|
| |
Since ticket #1273 has been fixed, the indirect members can be shown
using the regular association facet which supports paging.
|
|
|
|
| |
https://fedorahosted.org/freeipa/ticket/1281
|
|
|
|
|
| |
The Makefile.am freeipa.spec.in have been updated according to the
recent file changes.
|
|
|
|
|
|
|
| |
Port 9443 (Agent secure port on PKI-CA) was missing. Additionaly,
checked port descriptions case consistency fixed.
https://fedorahosted.org/freeipa/ticket/1321
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a new DNS zone is being created a local hostname is set as a
nameserver of the new zone. However, when the zone is created
during ipa-replica-prepare, the the current master/replica doesn't
have to be an IPA server with DNS support. This would lead to DNS
zones with incorrect NS records as they wouldn't point to a valid
name server.
Now, a list of all master servers with DNS support is retrieved
during DNS zone creation and added as NS records for a new DNS
zone.
https://fedorahosted.org/freeipa/ticket/1261
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
The buttons were previously skipped during tab navigation because
they do not have an href attribute. The IPA.button has been fixed
to always provide an href attribute.
Ticket #983
|
|
|
|
|
|
|
|
|
| |
The conditional used to determine if thd CA 389-ds instance was already
configured was rather poor so it was possible to pass command-line
arguments in to confuse it. This would cause it to not be installed at
all causing the dogtag installation to fail in a strange way.
https://fedorahosted.org/freeipa/ticket/1244
|
|
|
|
|
| |
A new facet has been added to show entitlement status and download
the registration certificate.
|
|
|
|
|
|
|
| |
A selectable option has been added to the table widget to show/hide
the checkbox column for selecting table rows. By default it's set
to true. The indirect association facet has been modified to hide
the column because it is non-editable.
|
|
|
|
|
|
|
|
|
|
| |
The UI has been modified to fix some resizing issues:
Previously the height of facet content was roughly calculated using
resize(). Now the height can be more accurately defined in CSS.
Previously the UI width was fixed. The HTML layout and background
images have been modified to support horizontal expansion if needed.
|
|
|
|
| |
ticket 1283, 1284
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was no point in limiting autobind root to just search cn=config since
it could always just modify its way out of the box, so remove the
restriction.
The upgrade log wasn't being created. Clearing all other loggers before
we calling logging.basicConfig() fixes this.
Add a global exception when performing updates so we can gracefully catch
and log problems without leaving the server in a bad state.
https://fedorahosted.org/freeipa/ticket/1243
https://fedorahosted.org/freeipa/ticket/1254
|
|
|
|
|
|
|
|
|
|
|
|
| |
--no-host-dns option should allow installing IPA server on a host
without a DNS resolvable name.
Update parse_ip_address and verify_ip_address functions has been
changed not to return None and print error messages in case of
an error, but rather let the Exception be handled by the calling
routine.
https://fedorahosted.org/freeipa/ticket/1246
|
|
|
|
|
|
|
|
| |
When re-creating the CADS instance it needs to be more fully-populated
so we have enough information to create an SSL certificate and move
the principal to a real entry.
https://fedorahosted.org/freeipa/ticket/1245
|
|
|
|
|
|
|
|
|
|
|
|
| |
When IPA replica is installed and the master machine record is not
in ~/.ssh/known_hosts, ipa-replica-install will prompt user to answer
a question about adding a host to this file.
This has, however, a potential to break automatic tests.
ipa-replica-conncheck should not require any further user interaction
when all mandatory options are filled.
https://fedorahosted.org/freeipa/ticket/1305
|