summaryrefslogtreecommitdiffstats
path: root/ipa-client
Commit message (Collapse)AuthorAgeFilesLines
* Add man page for ipa-join commandRob Crittenden2009-10-122-1/+62
|
* Improve debugging, general output, initialize xmlrpc-c properlyRob Crittenden2009-10-121-9/+34
|
* Enrollment for a host in an IPA domainRob Crittenden2009-09-246-10/+889
| | | | | | | | | | | | This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ...
* Clean up additional issues discovered with pylint and pycheckerRob Crittenden2009-08-201-4/+4
|
* Fix configure with newer auto* and libtool on Fedora-11rcrit2009-07-011-0/+2
|
* The new admin tool 'ipa' uses a different configuration file, create it.Rob Crittenden2009-04-131-7/+8
|
* Use OpenSSL for SSL instead of the built-in python version.Rob Crittenden2009-02-201-0/+3
|
* Rename ipa-python directory to ipapython so it is a real python libraryRob Crittenden2009-02-093-48/+48
| | | | | We used to install it as ipa, now installing it as ipapython. The rpm is still ipa-python.
* Minor cleanup of configure.acRob Crittenden2009-02-051-1/+0
|
* Consolidate to a single autogen.sh and remove a redundant make targetRob Crittenden2009-02-041-196/+0
| | | | Also cheat a little and don't force auto* to require files to exist
* Fix segfault in ipa-getkeytabRob Crittenden2008-09-241-1/+1
| | | | 463548
* We were assuming that, if the realm was correct then also theSimo Sorce2008-09-181-9/+6
| | | | | | | | | | | rest of the krb5.conf configuration were. This clearly breaks with the default EXAMPLE.COM realm configuratrion. Furthermore it makes it not possible to try to 'fix' an installation by rerruninng ipa-client-install This patch removes the special case and avoids krb5.conf only if the on_master flag is passed. Fix also one inner 'if' statement to be simpler to understand.
* Add 2 features to ipa-getkeytab:Simo Sorce2008-08-211-195/+443
| | | | | 1. Allow to specify the salt type along with the enctype 2. Allow to specify a password instead of forcing a random secret
* Delete old mercurial files.Martin Nagy2008-08-151-32/+0
|
* Fix versioning for configure.ac and ipa-python/setup.pySimo Sorce2008-08-114-3/+6
| | | | | | | | | | Fix make maintainer-clean Also make RPM naming consistent by using a temp RELEASE file. This one helps when testing builds using rpms. Just 'echo X > RELEASE' to build a new rpms (X, X+1, X+2 ...) Version 1.1.0 was released some times ago, bump up to 1.1.1
* Wrap up the raw_input() to user_input() for convenience and uniformity.Martin Nagy2008-07-231-17/+6
|
* Fix some small issues that caused compiler warnings, like uninitialized or ↵Martin Nagy2008-06-301-7/+4
| | | | unused variables or missing krb5 prototypes.
* Fix uninizialized counter, was causing allocation to fail and command toSimo Sorce2008-06-121-0/+1
| | | | return in case any encryption type was explicitly requested
* Fix some minor man page issues.Rob Crittenden2008-06-041-8/+7
| | | | 438771
* Fix some formatting issues and correct the example.Rob Crittenden2008-06-041-28/+32
| | | | 443009
* Fix typo and reorder -q|--quiet so it displays nicer. popt isn't putting it ↵Rob Crittenden2008-06-041-2/+2
| | | | | | on a separate line so moving it up front makes it easier to find. 443014
* Move version.py to the common ipa directory instead of being server-based so ↵Rob Crittenden2008-06-031-16/+28
| | | | | | it can be used by the client tool. Fix the client tool imports to fail more gracefully.
* Try to clear up messages prompting for domain and IPA server when DNS ↵Rob Crittenden2008-05-301-4/+4
| | | | discovery fails to find them.
* Now that admin is in the common users tree make the nss_ldapSimo Sorce2008-05-291-2/+2
| | | | | configuration look at the specific tree where users are and not search the full server.
* Fix the case where domain != lower(REALM)Simo Sorce2008-05-291-13/+16
| | | | | add the domain to the ipa.conf file for apps that need to know This should fix a bug in the replica setup
* Change file mode of log files to 600.Martin Nagy2008-05-201-0/+3
| | | | 446869
* remove useless if-before-free testsJim Meyering2008-05-151-1/+1
| | | | | | | | | | | | I've been on a crusade (;-) to remove useless if-before-free tests, so ran a script that spotted some here. I think I removed the first batch (without braces) automatically, then manually removed the ones with curly braces around the free statements. You may well have doubts about the portability of removing those tests, but as long as you don't care about SunOS4 or earlier, you'll be fine. I've done similar things for e.g., coreutils, glibc, and git, and have had no problems.
* Fix typo in ipa-client-install manpage.Rob Crittenden2008-05-141-1/+1
| | | | 446201
* Make sure all services are stopped during uninstall.Rob Crittenden2008-05-141-0/+5
| | | | | | | | | We were just shutting down the KDC if it had been started prior to IPA installation. We need to stop it in all cases. And we should restart nscd as it may have made an LDAP connection. 440322
* fix stupid typo,Simo Sorce2008-05-101-1/+1
| | | | thanks Nalin for spotting this.
* On IPA Servers connect to ourselves using localhost,Simo Sorce2008-05-081-2/+5
| | | | | and avoid searching for KDC servers via DNS, we just connect to ourselves.
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-072-0/+9
|
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-051-86/+0
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-013-48/+49
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Make sure we always have the [domain-realm] section or kerberos libs misbheave.Simo Sorce2008-04-221-5/+5
|
* Become version 1.0.0release-1-0-0Rob Crittenden2008-04-162-3/+9
|
* Handle exceptions more gracefully on systems with python-ldap 2.2.0Rob Crittenden2008-04-141-5/+8
| | | | 442136
* Fix client discovery and make sure command line options are not overwrittenSimo Sorce2008-04-091-36/+53
| | | | with discovered options, just verified.
* Add --permitted-enctypes command and add it to the man page tooSimo Sorce2008-04-082-8/+52
|
* Make sure we start the NSCD daemon.Simo Sorce2008-04-081-0/+15
| | | | It makes a huge difference on clients, if we cache lookups
* - Better defaults for nss_ldapSimo Sorce2008-04-011-2/+13
| | | | | | | | - Make sure timeouts are not too high, so that machine does not hang if remote servers are not reachable - Make sure root can always login no matter what the status of the ldap servers - use rfc2307bis schema directive
* Implement client uninstallSimo Sorce2008-03-314-8/+80
| | | | (including RHEL4 contrib setup script)
* Add some missing man pagesRob Crittenden2008-03-172-2/+59
| | | | 436501
* Allow client install to specify ntp server nameSimo Sorce2008-03-141-1/+6
|
* Fix build breakage. We now provide a man file, need to specify location to rpmRob Crittenden2008-03-112-2/+2
|
* Add --quiet option to ipa-getkeytabSimo Sorce2008-03-052-9/+32
| | | | | | Return message on success Avoid SASL output from being printed Make sure the man page is up to date
* Prevent server and domain from being undefined or blank when we need themRob Crittenden2008-03-052-11/+19
| | | | | | | Improve LDAP error reporting Don't return the str() of discovery values because it can return "None" 436130
* Close all fds when running another program. This fixes the SELinux AVCs.Rob Crittenden2008-03-031-1/+1
| | | | | | Put installation log files into /var/log. 430024
* Add action statement to ldap.conf updateRob Crittenden2008-02-271-15/+15
| | | | | Move imports into try/except so that ctrl-C can always be caught Fix typo
* Don't try to use options.realm_name unless it was passed inRob Crittenden2008-02-261-6/+15
| | | | | | | Don't allow empty responses to domain and realm name Handle ctrl-C 434982
generated by cgit (git 2.34.1) at 2024-04-30 13:57:02 +0000