| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This tool takes as input a file which contains basically an LDIF, prefixed
with a command: default, add, remove or only. These define the operations
to perform such as adding new entries, adding new sub-entries to an existing
entry, adding or modifying attributes in a record.
If an index entry is modified a task is created to re-create the index.
Schema may be added using this tool.
454031
|
| |
|
| |
|
|
|
|
| |
command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234
|
|
|
|
|
|
|
| |
We allow one to individually set first and last name but we do not
automatically update the common name so changes don't seem to happen.
451318
|
|
|
|
| |
448624, 448625
|
|
|
|
|
|
|
|
|
|
| |
Fix make maintainer-clean
Also make RPM naming consistent by using a temp RELEASE file.
This one helps when testing builds using rpms.
Just 'echo X > RELEASE' to build a new rpms (X, X+1, X+2 ...)
Version 1.1.0 was released some times ago, bump up to 1.1.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We will use them to encrypt the replica file so that we can
transport it over more safely.
It contains sensitive data, by encrypting it we assure that
even if a distracted admin leaves it around it cannot be accessed
without knowing the access passphrase (usually the Directory Manager
password)
Along the way fix also ipautil.run which was buggy and not passing
in correctly stdin.
Add dependency for gnupg in spec file
|
|
|
|
|
| |
Use SystemRandom() instead of Random() so that the randomicity
is non-deterministic.
|
|
|
|
|
|
|
|
| |
This sets the regex to [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
Also change the validators to return True/False
450613, 457124
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
error out with:
UnboundLocalError: "local variable 'rl' referenced before assignment"
This is caught and ignored but the result is that the records in DNS may
not be used at all. Initializing rl to zero fixes this.
I also convert the server list into a set to make each entry unique (and
back to a list because that is what we are supposed to return)
433506
|
|
|
|
|
|
| |
it can be used by the client tool.
Fix the client tool imports to fail more gracefully.
|
|
|
|
|
| |
add the domain to the ipa.conf file for apps that need to know
This should fix a bug in the replica setup
|
|
|
|
| |
439891
|
|
|
|
| |
check its length to determine if it is empty
|
|
|
|
| |
440282
|
| |
|
|
|
|
| |
replies were returned.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
UI: /ipa/ui
XML-RPC: /ipa/xml
errors: /ipa/errors
config: /ipa/config
I had to hardcode that URI into the CSS pages but TurboGears handles the
rest of the translations with tg.url().
Added a version to ipa.conf and ipa-rewrite.conf so we can update them
in the future if needed with ipa-upgradeconfig
440443
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The file VERSION is now the sole-source of versioning.
The generated .spec files will been removed in the maintainer-clean targets
and have been removed from the repository.
By default a GIT build is done. To do a non-GIT build do:
$ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no
When updating the version you can run this to regenerate the version:
$ make version-update
The version can be determined in Python by using ipaserver.version.VERSION
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I've changed the variable name searchlimit to sizelimit to match the
name in python-ldap (and hopefully therefore be more readable).
The big change was changing the default value from 0 to -1. As 0 we were
never using the value from cn=ipaconfig
python-ldap expects this to be an int type
In the UI sizelimit was hardcoded at 0 for users
439880
|
|
|
|
|
|
|
| |
Also re-do the way modules are imported. I was attemping to have ^C handled
gracefully but the way I did it could mask other problems.
443987
|
| |
|
|
|
|
| |
fallback to the discovered ones only if that's not available
|
|
|
|
| |
439281
|
|
|
|
| |
438387
|
|
|
|
|
|
|
| |
Latest patch used the wrong path and all files where actually going to /tmp
even if a different path was specified.
Makes also StateFile behave the same as FileStore, and be a public class, this
way a common path can be used too.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We do account activation by using a Class of Service based on group
membership. A problem can happen if the entry itself has an nsaccountlock
attribute and you try doing Class of Service work as well because the
local attribute has priority. So try to detect that the entry has a local
nsAccountLock attribute and report an appropriate error.
Don't allow the admins or editors groups to be de-activated.
Return a better error message if account [in]activation fails.
Catch errors when doing group [in]activation.
439230
|
|
|
|
|
|
| |
Change backup format so files are all in a single directory (no dir
hierarchies) and use an index file so we can save also ownership and
permission info for the restore (and eventually other data later on).
|
|
|
|
|
|
| |
If a site really wants it gone then can delete it via LDAP.
439281
|
|
|
|
|
|
|
|
|
|
| |
The memberOf attribute includes members that are directly in the group
via the "member" attribute and those that are included as a result of
being in a group that is in the group.
The UI needs to be able to distinguish between the two.
438706
|
|
|
|
| |
438021
|
|
|
|
|
|
|
| |
This is more kerberos-like and it doesn't hurt anything, we just won't
allow realms other than our own to be used.
437566
|
|
|
|
|
|
|
| |
Add default exception handler to avoid backtraces in cmdline tools
Enhance error message when the IPA server or realm can't be found
437565
|
|
|
|
|
|
| |
match.
433515
|
|
|
|
|
|
| |
Put installation log files into /var/log.
430024
|
|
|
|
|
| |
Fix error in service principals where the service wasn't being removed before
doing the DNS lookup.
|
|
|
|
|
|
|
| |
possible to catch KeyboardInterrupt during the import process.
- Add function for handling python differences with GSSError
434798
|
|
|
|
| |
433880
|
|
|
|
|
|
| |
There is a --force option for those who know what they are doing.
433483
|
|
|
|
| |
433506
|
|
|
|
| |
434542
|
|
|
|
| |
432814
|
| |
|
|
|
|
| |
433496
|
| |
|
|
|
|
| |
Resolves 429895
|
| |
|
| |
|