summaryrefslogtreecommitdiffstats
path: root/ipa-python
Commit message (Collapse)AuthorAgeFilesLines
* Don't try to discover servers if we specified them on command line.Martin Nagy2008-09-171-16/+22
|
* Tool for doing configuration updates over LDAPRob Crittenden2008-09-122-1/+19
| | | | | | | | | | | | | This tool takes as input a file which contains basically an LDIF, prefixed with a command: default, add, remove or only. These define the operations to perform such as adding new entries, adding new sub-entries to an existing entry, adding or modifying attributes in a record. If an index entry is modified a task is created to re-create the index. Schema may be added using this tool. 454031
* Ignore GSS exception when iterating through server list. Fixes: 459864Martin Nagy2008-09-111-0/+2
|
* Try servers from ipa.conf even if we specified them on the command line.Martin Nagy2008-09-111-3/+2
|
* Rework config.py and change cli tools. Maintain order of IPA servers from ↵Martin Nagy2008-09-111-47/+48
| | | | command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234
* Display name as separate attributes instead of showing common name.Rob Crittenden2008-08-221-1/+4
| | | | | | | We allow one to individually set first and last name but we do not automatically update the common name so changes don't seem to happen. 451318
* Add tool to manage IPA Search and User policyRob Crittenden2008-08-201-1/+1
| | | | 448624, 448625
* Fix versioning for configure.ac and ipa-python/setup.pySimo Sorce2008-08-113-4/+5
| | | | | | | | | | Fix make maintainer-clean Also make RPM naming consistent by using a temp RELEASE file. This one helps when testing builds using rpms. Just 'echo X > RELEASE' to build a new rpms (X, X+1, X+2 ...) Version 1.1.0 was released some times ago, bump up to 1.1.1
* Add encrypt_file and decrypt_file utility functions.Simo Sorce2008-08-112-2/+65
| | | | | | | | | | | | | | We will use them to encrypt the replica file so that we can transport it over more safely. It contains sensitive data, by encrypting it we assure that even if a distracted admin leaves it around it cannot be accessed without knowing the access passphrase (usually the Directory Manager password) Along the way fix also ipautil.run which was buggy and not passing in correctly stdin. Add dependency for gnupg in spec file
* Use larger set from which to choose chars for random passwords.Simo Sorce2008-08-111-3/+2
| | | | | Use SystemRandom() instead of Random() so that the randomicity is non-deterministic.
* Change user and group validators to match shadow-utilsRob Crittenden2008-08-075-62/+120
| | | | | | | | This sets the regex to [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]? Also change the validators to return True/False 450613, 457124
* Wrap up the raw_input() to user_input() for convenience and uniformity.Martin Nagy2008-07-231-0/+66
|
* Under some conditions rl may not have been initialized so the config may ↵Rob Crittenden2008-06-041-0/+3
| | | | | | | | | | | | | | error out with: UnboundLocalError: "local variable 'rl' referenced before assignment" This is caught and ignored but the result is that the records in DNS may not be used at all. Initializing rl to zero fixes this. I also convert the server list into a set to make each entry unique (and back to a list because that is what we are supposed to return) 433506
* Move version.py to the common ipa directory instead of being server-based so ↵Rob Crittenden2008-06-032-1/+26
| | | | | | it can be used by the client tool. Fix the client tool imports to fail more gracefully.
* Fix the case where domain != lower(REALM)Simo Sorce2008-05-291-16/+41
| | | | | add the domain to the ipa.conf file for apps that need to know This should fix a bug in the replica setup
* Enforce the maximum username length set by IPA PolicyRob Crittenden2008-05-141-0/+5
| | | | 439891
* Fix existence check, default_server is an array so we need toSimo Sorce2008-05-101-2/+2
| | | | check its length to determine if it is empty
* Don't allow the IPA server service principals to be removed.Rob Crittenden2008-05-081-0/+5
| | | | 440282
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-071-1/+1
|
* Fix a bug in our dns library, do not return the query as a reply if 0 ↵Simo Sorce2008-05-071-7/+5
| | | | replies were returned.
* Refine our web space some more so that everything we reference is in /ipaRob Crittenden2008-05-071-1/+1
| | | | | | | | | | | | | | | UI: /ipa/ui XML-RPC: /ipa/xml errors: /ipa/errors config: /ipa/config I had to hardcode that URI into the CSS pages but TurboGears handles the rest of the translations with tg.url(). Added a version to ipa.conf and ipa-rewrite.conf so we can update them in the future if needed with ipa-upgradeconfig 440443
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-052-82/+0
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* Fix the client-side search size limit.Rob Crittenden2008-04-252-20/+20
| | | | | | | | | | | | | | I've changed the variable name searchlimit to sizelimit to match the name in python-ldap (and hopefully therefore be more readable). The big change was changing the default value from 0 to -1. As 0 we were never using the value from cn=ipaconfig python-ldap expects this to be an int type In the UI sizelimit was hardcoded at 0 for users 439880
* Add --verbose option so the HTTP headers and XML request/response can be seen.Rob Crittenden2008-04-252-5/+9
| | | | | | | Also re-do the way modules are imported. I was attemping to have ^C handled gracefully but the way I did it could mask other problems. 443987
* Become version 1.0.0release-1-0-0Rob Crittenden2008-04-162-1/+7
|
* Make sure we use the configured server in ipa.conf first, andSimo Sorce2008-04-091-28/+23
| | | | fallback to the discovered ones only if that's not available
* Don't allow the admin user to be removed from the admins group.Rob Crittenden2008-04-041-0/+5
| | | | 439281
* Add missing normalizeDN() when removing members from a group.Rob Crittenden2008-04-041-0/+5
| | | | 438387
* Sysrestore fixes.Simo Sorce2008-03-311-44/+42
| | | | | | | Latest patch used the wrong path and all files where actually going to /tmp even if a different path was specified. Makes also StateFile behave the same as FileStore, and be a public class, this way a common path can be used too.
* Fix account activation.Rob Crittenden2008-03-311-0/+25
| | | | | | | | | | | | | | | | We do account activation by using a Class of Service based on group membership. A problem can happen if the entry itself has an nsaccountlock attribute and you try doing Class of Service work as well because the local attribute has priority. So try to detect that the entry has a local nsAccountLock attribute and report an appropriate error. Don't allow the admins or editors groups to be de-activated. Return a better error message if account [in]activation fails. Catch errors when doing group [in]activation. 439230
* Move sysrestore to ipa-python so it can be used by client scripts too.Simo Sorce2008-03-271-0/+319
| | | | | | Change backup format so files are all in a single directory (no dir hierarchies) and use an index file so we can save also ownership and permission info for the restore (and eventually other data later on).
* Don't allow the admin user to be removed using the XML-RPC Interface.Rob Crittenden2008-03-281-0/+5
| | | | | | If a site really wants it gone then can delete it via LDAP. 439281
* When getting members let user indicate what type of member they want.Rob Crittenden2008-03-272-4/+4
| | | | | | | | | | The memberOf attribute includes members that are directly in the group via the "member" attribute and those that are included as a result of being in a group that is in the group. The UI needs to be able to distinguish between the two. 438706
* Re-root the IPA web UI to /ipa and the XML-RPC interface to /ipaxml.Rob Crittenden2008-03-241-1/+1
| | | | 438021
* Allow the realm to be included in the name passed to add_service_principal()Rob Crittenden2008-03-171-0/+5
| | | | | | | This is more kerberos-like and it doesn't hurt anything, we just won't allow realms other than our own to be used. 437566
* Don't define bogus realm/server in configuration file by defaultRob Crittenden2008-03-172-4/+4
| | | | | | | Add default exception handler to avoid backtraces in cmdline tools Enhance error message when the IPA server or realm can't be found 437565
* Require that the hostname is a DNS A record and that the forward and reverseRob Crittenden2008-03-031-0/+1
| | | | | | match. 433515
* Close all fds when running another program. This fixes the SELinux AVCs.Rob Crittenden2008-03-031-1/+1
| | | | | | Put installation log files into /var/log. 430024
* Do argument type checking in the XML-RPC interfaceRob Crittenden2008-02-291-0/+5
| | | | | Fix error in service principals where the service wasn't being removed before doing the DNS lookup.
* - Centralize try/except so the entire program is covered. This make itRob Crittenden2008-02-271-0/+12
| | | | | | | possible to catch KeyboardInterrupt during the import process. - Add function for handling python differences with GSSError 434798
* The admins group cannot be renamed.Rob Crittenden2008-02-271-0/+5
| | | | 433880
* Require that service principals resolve to a DNS A record.Rob Crittenden2008-02-263-4/+9
| | | | | | There is a --force option for those who know what they are doing. 433483
* Add failover to the XML-RPC clientRob Crittenden2008-02-222-10/+31
| | | | 433506
* Don't allow a group to be a member of itself.Rob Crittenden2008-02-221-0/+5
| | | | 434542
* Command-line utility to manage password policyRob Crittenden2008-02-251-1/+1
| | | | 432814
* Become freeipa-0.99.0Rob Crittenden2008-02-212-3/+9
|
* Handle input range properly and catch KeyboardInterrupt and exit gracefullyRob Crittenden2008-02-201-7/+16
| | | | 433496
* Use ldap_explode_dn instead of ldap_str2dn so we can use python-ldap 2.2.0Rob Crittenden2008-02-111-5/+4
|
* Don't set blank values so we don't end up with empty attributesRob Crittenden2008-01-301-0/+21
| | | | Resolves 429895
* Set the license uniformly to GPLv2 only.Rob Crittenden2008-02-0417-14/+81
|
generated by cgit (git 2.34.1) at 2024-05-04 11:25:32 +0000