Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Sysrestore fixes. | Simo Sorce | 2008-03-31 | 1 | -44/+42 |
| | | | | | | | Latest patch used the wrong path and all files where actually going to /tmp even if a different path was specified. Makes also StateFile behave the same as FileStore, and be a public class, this way a common path can be used too. | ||||
* | Fix account activation. | Rob Crittenden | 2008-03-31 | 1 | -0/+25 |
| | | | | | | | | | | | | | | | | We do account activation by using a Class of Service based on group membership. A problem can happen if the entry itself has an nsaccountlock attribute and you try doing Class of Service work as well because the local attribute has priority. So try to detect that the entry has a local nsAccountLock attribute and report an appropriate error. Don't allow the admins or editors groups to be de-activated. Return a better error message if account [in]activation fails. Catch errors when doing group [in]activation. 439230 | ||||
* | Move sysrestore to ipa-python so it can be used by client scripts too. | Simo Sorce | 2008-03-27 | 1 | -0/+319 |
| | | | | | | Change backup format so files are all in a single directory (no dir hierarchies) and use an index file so we can save also ownership and permission info for the restore (and eventually other data later on). | ||||
* | Don't allow the admin user to be removed using the XML-RPC Interface. | Rob Crittenden | 2008-03-28 | 1 | -0/+5 |
| | | | | | | If a site really wants it gone then can delete it via LDAP. 439281 | ||||
* | When getting members let user indicate what type of member they want. | Rob Crittenden | 2008-03-27 | 2 | -4/+4 |
| | | | | | | | | | | The memberOf attribute includes members that are directly in the group via the "member" attribute and those that are included as a result of being in a group that is in the group. The UI needs to be able to distinguish between the two. 438706 | ||||
* | Re-root the IPA web UI to /ipa and the XML-RPC interface to /ipaxml. | Rob Crittenden | 2008-03-24 | 1 | -1/+1 |
| | | | | 438021 | ||||
* | Allow the realm to be included in the name passed to add_service_principal() | Rob Crittenden | 2008-03-17 | 1 | -0/+5 |
| | | | | | | | This is more kerberos-like and it doesn't hurt anything, we just won't allow realms other than our own to be used. 437566 | ||||
* | Don't define bogus realm/server in configuration file by default | Rob Crittenden | 2008-03-17 | 2 | -4/+4 |
| | | | | | | | Add default exception handler to avoid backtraces in cmdline tools Enhance error message when the IPA server or realm can't be found 437565 | ||||
* | Require that the hostname is a DNS A record and that the forward and reverse | Rob Crittenden | 2008-03-03 | 1 | -0/+1 |
| | | | | | | match. 433515 | ||||
* | Close all fds when running another program. This fixes the SELinux AVCs. | Rob Crittenden | 2008-03-03 | 1 | -1/+1 |
| | | | | | | Put installation log files into /var/log. 430024 | ||||
* | Do argument type checking in the XML-RPC interface | Rob Crittenden | 2008-02-29 | 1 | -0/+5 |
| | | | | | Fix error in service principals where the service wasn't being removed before doing the DNS lookup. | ||||
* | - Centralize try/except so the entire program is covered. This make it | Rob Crittenden | 2008-02-27 | 1 | -0/+12 |
| | | | | | | | possible to catch KeyboardInterrupt during the import process. - Add function for handling python differences with GSSError 434798 | ||||
* | The admins group cannot be renamed. | Rob Crittenden | 2008-02-27 | 1 | -0/+5 |
| | | | | 433880 | ||||
* | Require that service principals resolve to a DNS A record. | Rob Crittenden | 2008-02-26 | 3 | -4/+9 |
| | | | | | | There is a --force option for those who know what they are doing. 433483 | ||||
* | Add failover to the XML-RPC client | Rob Crittenden | 2008-02-22 | 2 | -10/+31 |
| | | | | 433506 | ||||
* | Don't allow a group to be a member of itself. | Rob Crittenden | 2008-02-22 | 1 | -0/+5 |
| | | | | 434542 | ||||
* | Command-line utility to manage password policy | Rob Crittenden | 2008-02-25 | 1 | -1/+1 |
| | | | | 432814 | ||||
* | Become freeipa-0.99.0 | Rob Crittenden | 2008-02-21 | 2 | -3/+9 |
| | |||||
* | Handle input range properly and catch KeyboardInterrupt and exit gracefully | Rob Crittenden | 2008-02-20 | 1 | -7/+16 |
| | | | | 433496 | ||||
* | Use ldap_explode_dn instead of ldap_str2dn so we can use python-ldap 2.2.0 | Rob Crittenden | 2008-02-11 | 1 | -5/+4 |
| | |||||
* | Don't set blank values so we don't end up with empty attributes | Rob Crittenden | 2008-01-30 | 1 | -0/+21 |
| | | | | Resolves 429895 | ||||
* | Set the license uniformly to GPLv2 only. | Rob Crittenden | 2008-02-04 | 17 | -14/+81 |
| | |||||
* | Marked with wrong license. IPA is GPLv2. | Rob Crittenden | 2008-01-31 | 2 | -8/+14 |
| | |||||
* | Fix not so random random passwords | Mark McLoughlin | 2008-01-22 | 1 | -4/+2 |
| | | | | | | | | | | | | | | If you run ipa_generate_password() multiple times, one after the other, then you get the same password each time. This is because it uses the current time to seed the pseudo random number generator. The easiest solution is to just use the default method which seeds itself from /dev/urandom if available, and uses a fractional time value otherwise. Signed-off-by: Mark McLoughlin <markmc@redhat.com> | ||||
* | Use Fedora package names for PyKerberos (python-kerberos) and pyasn1 | Rob Crittenden | 2008-01-24 | 2 | -6/+12 |
| | | | | (python-pyasn1) for the specfile Requires. | ||||
* | Add a copy of the LICENSE and populate some README's | Rob Crittenden | 2008-01-23 | 1 | -0/+30 |
| | |||||
* | Fix issues reported by rpmlint. | Rob Crittenden | 2008-01-18 | 5 | -18/+17 |
| | | | | | | | | | | | | | | - Removing shebangs (#!) from a bunch of python libraries - Don't use a variable name in init scripts for the lock file - Keep the init script name consistent with the binary name, so renamed ipa-kpasswd.init to ipa_kpasswd.init - Add status option to the init scripts - Move most python scripts out of /usr/share/ipa and into the python site-packages directories (ipaserver and ipaclient) - Remove unnecessary sys.path.append("/usr/share/ipa") - Fix the license string in the spec files - Rename ipa-webgui to ipa_webgui everywhere - Fix a couple of issues reported by pychecker in ipa-python | ||||
* | Add service.is_enabled() helper | Mark McLoughlin | 2008-01-11 | 1 | -0/+2 |
| | | | | | | Add a simple helper to check whether a service is enabled. Signed-off-by: Mark McLoughlin <markmc@redhat.com> | ||||
* | Service principal deletion | Rob Crittenden | 2008-01-11 | 2 | -0/+15 |
| | |||||
* | Add function to retrieve a short list of attributes to make ipa-adddelegation | Rob Crittenden | 2008-01-04 | 2 | -0/+22 |
| | | | | easier to use. | ||||
* | Update versions for release. | Karl MacMillan | 2007-12-21 | 3 | -3/+9 |
| | |||||
* | Merge. | Karl MacMillan | 2007-12-18 | 8 | -44/+16 |
|\ | |||||
| * | Fix ipa-python packaging | Mark McLoughlin | 2007-12-13 | 3 | -9/+3 |
| | | | | | | | | | | | | | | | | | | | | | | Latest Fedora 9 python distutils generates .egg-info files; follow the recommendation at: http://fedoraproject.org/wiki/Packaging/Python/Eggs and just package everything under %{python_sitelib}/ Signed-off-by: Mark McLoughlin <markmc@redhat.com> | ||||
| * | Move radius server components into a separate package. | Karl MacMillan | 2007-12-12 | 2 | -1/+2 |
| | | |||||
| * | Make the old entry option in update_*, check for empty parameters and | Rob Crittenden | 2007-12-11 | 3 | -34/+11 |
| | | | | | | | | fix some problems reported by pychecker. | ||||
* | | Cleanup from radius merge. | Karl MacMillan | 2007-12-11 | 1 | -1/+1 |
|/ | |||||
* | Make admintools discover the domain using DNS calls to find the LDAP server. | Simo Sorce | 2007-12-11 | 1 | -5/+51 |
| | |||||
* | Add simple UI for command-line programs to be able to select when | Rob Crittenden | 2007-12-10 | 1 | -0/+75 |
| | | | | multiple entries are returned. | ||||
* | Convert the setup of ssl from a shell script to a | Karl MacMillan | 2007-12-06 | 1 | -0/+10 |
| | | | | | python module. This is in preparation for user supplied certs. | ||||
* | Merge. | Karl MacMillan | 2007-12-11 | 4 | -38/+508 |
|\ | |||||
| * | Move dnsclient into ipa-python so that I will be able to use it in ipaconfig | Simo Sorce | 2007-12-10 | 2 | -1/+446 |
| | | |||||
| * | Rework input validation to more closely match what we require in the UI | Rob Crittenden | 2007-12-07 | 2 | -37/+62 |
| | | |||||
* | | Merge. | Karl MacMillan | 2007-12-11 | 4 | -23/+49 |
|\| | |||||
| * | Move dn removal to the XML-RPC side and remove empty attributes | Rob Crittenden | 2007-12-05 | 1 | -3/+0 |
| | | |||||
| * | Add UI for service principal creation and keytab retrieval | Rob Crittenden | 2007-12-05 | 2 | -0/+32 |
| | | |||||
| * | Merge. | Karl MacMillan | 2007-12-05 | 1 | -9/+7 |
| |\ | |||||
| | * | Fix errors with ipautil.CalledProcessError and cleanup some imports. | Karl MacMillan | 2007-12-04 | 1 | -9/+7 |
| | | | |||||
| * | | Phase 1 of allowing admins to set the default object classes for users & groups | Rob Crittenden | 2007-12-04 | 1 | -0/+5 |
| |/ | | | | | | | | | | | | | This adds the UI and does error checking of the selected object classes but it doesn't actually use the values yet. It also generalizes some functions for doing multi-valued fields. | ||||
* | | merge | John Dennis | 2007-12-04 | 3 | -1/+35 |
|\| | |||||
| * | Compatibility changes to work on RHEL 5 with python 2.4 | rcritten@redhat.com | 2007-11-30 | 1 | -1/+17 |
| | |