summaryrefslogtreecommitdiffstats
path: root/ipa-server
Commit message (Collapse)AuthorAgeFilesLines
* Use openldap libraries by default as mozldap libs seem to breakSimo Sorce2008-05-291-1/+1
| | | | ldap_extended_operation() somehow and ipa_kpasswd stops working
* Fix crash bug in ipa_kpasswdSimo Sorce2008-05-291-2/+3
|
* Fix the case where domain != lower(REALM)Simo Sorce2008-05-293-9/+12
| | | | | add the domain to the ipa.conf file for apps that need to know This should fix a bug in the replica setup
* Set default logging level to INFO (still logs to Apache)Rob Crittenden2008-05-282-24/+63
| | | | Add function entry log for the core IPA XML-RPC functions.
* Use a value that is explicitly 64bit on all architecturesSimo Sorce2008-05-231-13/+13
|
* Move admin into cn=users,cn=accountsSimo Sorce2008-05-233-5/+5
| | | | | | | After some deep thinking I think the advantages of keeping all posix enabled user accounts under cn=users,cn=accounts overweight a perceived better protection of the admin account by keeping it in a separate tree.
* Don't make the rpm %post fail just because the server has never beenSimo Sorce2008-05-221-1/+1
| | | | | configured before (and therefore there is nothing to upgrade, just let it spit out warnings for admins that actually check whats going on.
* Fix up function return values so we can return 1 on an installation error.Rob Crittenden2008-05-221-14/+13
| | | | 447973
* Move non-user-configurable configuration elements to TurboGears app.cfg file.Rob Crittenden2008-05-223-31/+58
| | | | 432908
* Fix testing for asprintf errors, we need to test the return value asSimo Sorce2008-05-221-50/+41
| | | | | | | per standard the buffer status is undefined. While there also introduce a new spearate variable to return the final error and keep using ret for local error checks. This avoid potentially overwriting the correct return value when checking for asprintf ...
* Only ask the user to install bind.Martin Nagy2008-05-221-1/+1
|
* Change file mode of log files to 600.Martin Nagy2008-05-201-0/+2
| | | | 446869
* Ensure hostnames are lower during installation and when adding service princsRob Crittenden2008-05-202-14/+30
| | | | 447381
* Remove broken link for IE configuration and replace sample domain/realm. ↵Rob Crittenden2008-05-201-4/+7
| | | | | | | | | | Also fix some HTML errors: missing DOCTYPE, title, head. The web page actually comes up as a link in a search on Microsoft's site but the content is gone. It is possible it will come back at some point, who knows. 447445
* Add validators.py to the list of files.Rob Crittenden2008-05-201-0/+1
| | | | 445286
* Do uniqueness check on phone numbers and cn entered via the UI.Rob Crittenden2008-05-203-4/+80
| | | | 445286
* Don't pass the Directory Manager password on the command-line to ldapmodify.Rob Crittenden2008-05-192-8/+23
| | | | 446865
* Use split instead of find as split does not fail to provide a completeSimo Sorce2008-05-153-3/+3
| | | | component if no '.' is found.
* detect failure to write ipa_kpasswd.pid fileJim Meyering2008-05-151-7/+12
| | | | | * ipa_kpasswd.c (main): Detect not just open failure, but also any write failure.
* remove useless if-before-free testsJim Meyering2008-05-152-28/+16
| | | | | | | | | | | | I've been on a crusade (;-) to remove useless if-before-free tests, so ran a script that spotted some here. I think I removed the first batch (without braces) automatically, then manually removed the ones with curly braces around the free statements. You may well have doubts about the portability of removing those tests, but as long as you don't care about SunOS4 or earlier, you'll be fine. I've done similar things for e.g., coreutils, glibc, and git, and have had no problems.
* * ipa_pwd_extop.c (encrypt_encode_key): Handle malloc failure.Jim Meyering2008-05-151-0/+5
|
* If there is an error we need to send back a reply ourselves.Simo Sorce2008-05-151-2/+11
| | | | Return also an intelligible error message.
* For some unknown reason the sort control returns values sorted in reverse.Simo Sorce2008-05-151-1/+3
| | | | Ask for inverse order to get them straight ...
* Implement checks to make sure we are not assigning a number that is in use.Simo Sorce2008-05-151-181/+455
| | | | | | Change config to support a maximum value so that ranges can be defined. Add stubs to reach out and ask to swap in new ranges and notify that new chuncks are needed/used.
* Don't ask the user again if he wants to replace bind configuration files if ↵Martin Nagy2008-05-141-10/+1
| | | | | | he specified --setup-bind. 430090
* Fix typo, /etc/resolve.conf -> /etc/resolv.conf.Martin Nagy2008-05-141-10/+10
| | | | 444660
* Make sure all services are stopped during uninstall.Rob Crittenden2008-05-141-1/+3
| | | | | | | | | We were just shutting down the KDC if it had been started prior to IPA installation. We need to stop it in all cases. And we should restart nscd as it may have made an LDAP connection. 440322
* Enforce the maximum username length set by IPA PolicyRob Crittenden2008-05-141-0/+25
| | | | 439891
* Do a more thorough job of removing an existing DS instance.Rob Crittenden2008-05-131-0/+4
| | | | | | Add /usr/lib/dirsrv/slapd-INSTANCE to the list of directories removed. 442753
* The admin user doesn't have the inetorgperson objectclass so don't have a ↵Rob Crittenden2008-05-131-0/+10
| | | | | | | | | givenname attribute. The UI is currently hardcoded to require "first name" which renders the admin user uneditable via the UI. This is a hack that will allow admin to be edited, assuming that one doesn't try to add a firstname field. 440548
* Display information on how to uninstall a partially installed server.Rob Crittenden2008-05-091-4/+10
| | | | | | | This may have failed either because the user pressed ^C or something failed during installation. 442454
* Include information on where to look if a hostname resolves to localhost.Rob Crittenden2008-05-091-1/+1
| | | | 442812
* Return better ewrror message that gives a hint about who actually returned itSimo Sorce2008-05-081-9/+6
| | | | + Some cleanups (trainling spaces and such).
* Detect existing DS instances and prompt for removal during replica install.Rob Crittenden2008-05-081-0/+32
| | | | 442454
* Add missing colon to function definition that broke the buildRob Crittenden2008-05-081-1/+1
|
* Add a version API to the server so it knows what version it is.Rob Crittenden2008-05-088-14/+47
| | | | 435019
* Don't allow the IPA server service principals to be removed.Rob Crittenden2008-05-081-0/+3
| | | | 440282
* Don't prompt for confirmation of DM password when installing a replica.Rob Crittenden2008-05-082-4/+12
| | | | | | | | | It implies that you are setting a new password and you really aren't. Also added a catch for KeyboardInterrupt with instructions on how to recover from a partial install. 441607
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-073-0/+10
|
* Indent the plugin accordingly to our style guidelines.Simo Sorce2008-05-071-802/+758
| | | | Used indent -kr -nut dna.c for most of the changes
* Refine our web space some more so that everything we reference is in /ipaRob Crittenden2008-05-0711-46/+170
| | | | | | | | | | | | | | | UI: /ipa/ui XML-RPC: /ipa/xml errors: /ipa/errors config: /ipa/config I had to hardcode that URI into the CSS pages but TurboGears handles the rest of the translations with tg.url(). Added a version to ipa.conf and ipa-rewrite.conf so we can update them in the future if needed with ipa-upgradeconfig 440443
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-052-350/+0
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-015-54/+60
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Fix ownership of the Apache NSS cert and key databases.Rob Crittenden2008-04-301-0/+10
| | | | | The group "apache" needs to have read access to them so they will work in Fedora 9+.
* Fix the client-side search size limit.Rob Crittenden2008-04-252-25/+25
| | | | | | | | | | | | | | I've changed the variable name searchlimit to sizelimit to match the name in python-ldap (and hopefully therefore be more readable). The big change was changing the default value from 0 to -1. As 0 we were never using the value from cn=ipaconfig python-ldap expects this to be an int type In the UI sizelimit was hardcoded at 0 for users 439880
* Make sure recent ldapmodify tool (as in F9) do not complain by splitting theSimo Sorce2008-04-251-0/+5
| | | | operation into 2 modify operations
* Add nfs as a service principal type.Rob Crittenden2008-04-231-0/+1
| | | | 440242
* Don't let a user change their own uid. Fix some related errors if they try.Rob Crittenden2008-04-232-3/+8
| | | | 440895
* Don't allow a replica to prepare a replica for itself.Rob Crittenden2008-04-231-0/+3
| | | | 442756
* Fixed various memory leaks in memberOf plug-in.Nathan Kinder2008-04-221-2/+9
| | | | 440474
generated by cgit (git 2.34.1) at 2024-09-25 01:13:31 +0000