summaryrefslogtreecommitdiffstats
path: root/ipa.spec.in
Commit message (Collapse)AuthorAgeFilesLines
* Configure sssd and certmonger in ipa-client-installRob Crittenden2010-02-031-0/+5
| | | | | | | | | | | This does a number of things under the hood: - Use authconfig to enable sssd in nss and pam - Configure /etc/sssd/sssd.conf to use our IPA provider - Enable the certmonger process and request a server cert - join the IPA domain and retrieve a principal. The clinet machine *must* exist in IPA to be able to do a join. - And then undo all this on uninstall
* Update spec to require python-wehjit >= 0.2.0Jason Gerard DeRose2010-01-271-1/+4
|
* Add DS migration plugin and password migration page.Pavel Zuna2010-01-201-0/+6
|
* Replace uses of %define with %global in the .spec fileRob Crittenden2010-01-071-7/+7
| | | | | | | Fixes rawhide builds per https://www.redhat.com/archives/fedora-devel-list/2010-January/msg00093.html Contributed by Nalin Dahyabhai
* A utility for removing principals from a keytab.Rob Crittenden2009-12-041-0/+5
| | | | | | | | | | | | When we un-enroll a client we'll do a bit of cleanup including removing any principals for the IPA realm from /etc/krb5.keytab. This removes principals in 2 ways: - By principal, only entries matching the full principal are removed - By realm. Any principal for that realm is removed This does not change the KDC at all, just removes entries from a file on the client machine.
* Set minimum of python-pyasn1 to 0.0.9a so we have support for the ASN.1 Any typeRob Crittenden2009-12-021-1/+5
|
* Replace /etc/ipa/ipa.conf with /etc/ipa/default.confRob Crittenden2009-12-011-3/+6
| | | | | | | The new framework uses default.conf instead of ipa.conf. This is useful also because Apache uses a configuration file named ipa.conf. This wipes out the last vestiges of the old ipa.conf from v1.
* Add SELinux policy for CRL file publishing.Rob Crittenden2009-11-261-0/+1
| | | | | | | | | | This policy should really be provided by dogtag. We don't want to grant read/write access to everything dogtag can handle so we change the context to cert_t instead. But we have to let dogtag read/write that too hence this policy. To top it off we can't load this policy unless dogtag is also loaded so we insert it in the IPA installer
* Bash tab completion scriptRob Crittenden2009-11-251-0/+11
|
* Require current versions of python-nss & python-lxmlJohn Dennis2009-11-231-1/+2
| | | | | | ipa.spec.in | 3 ++- ipapython/nsslib.py | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-)
* Add SELinux policy for UI assetsRob Crittenden2009-11-041-3/+5
| | | | | | | | This also removes the Index option of /ipa-assets as well as the deprecated IPADebug option. No need to build or install ipa_webgui anymore. Leaving in the code for reference purposes for now.
* ipa-server-install now renders UI assetsJason Gerard DeRose2009-11-041-0/+1
|
* Add a separate client-only targetRob Crittenden2009-10-171-4/+37
|
* Giant webui patch take 2Jason Gerard DeRose2009-10-131-2/+6
|
* Add man page for ipa-join commandRob Crittenden2009-10-121-0/+1
|
* No longer use the IPA-specific memberof plugin. Use the DS-supplied one.Rob Crittenden2009-10-121-2/+0
|
* Properly own (via ghost) the Apache configuration files.Rob Crittenden2009-09-281-2/+6
|
* Added BuildRequires: xmlrpc-c-develJason Gerard DeRose2009-09-241-0/+1
|
* Enrollment for a host in an IPA domainRob Crittenden2009-09-241-1/+4
| | | | | | | | | | | | This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ...
* Generate CRLs and make them available from the IPA web serverRob Crittenden2009-08-261-2/+6
|
* Move ipalib to the ipa-python subpackage and bump up min version of slapi-nis.Rob Crittenden2009-05-211-2/+6
|
* Own the Apache configuration files that ipa-server-install createsRob Crittenden2009-05-191-0/+6
|
* New tool to enable/disable DS plugin to act as NIS serverRob Crittenden2009-05-131-1/+6
|
* Add python-nss as a dependencyRob Crittenden2009-05-041-0/+4
|
* Remove our copy of the DNA plugin and use the one that comes with DS.Rob Crittenden2009-03-061-3/+4
| | | | | The DS plugin does config checking when adding new entries online so we are dropping the Posix subtree.
* Don't build radius by defaultRob Crittenden2009-03-041-7/+14
|
* Add missing buildrequiresJakub Hrozek2009-02-231-0/+2
|
* Use OpenSSL for SSL instead of the built-in python version.Rob Crittenden2009-02-201-0/+2
|
* Rename ipa-python directory to ipapython so it is a real python libraryRob Crittenden2009-02-091-3/+3
| | | | | We used to install it as ipa, now installing it as ipapython. The rpm is still ipa-python.
* Replace TurboGears requirement with python-cherrypy Remove some ↵Rob Crittenden2009-02-061-45/+6
| | | | commented-out files Move /usr/bin/ipa to admintools package
* Complete consolidation into a single autogen.shRob Crittenden2009-02-041-3/+3
|
* Get merged tree into an installalble state.Rob Crittenden2009-02-031-0/+637
I have only tested the all, rpms and *clean targets directly. install may work but the rpm moves a lot of things around for us. The Apache configuration file isn't in its final state but it works with the new mod_python configuration.
generated by cgit (git 2.34.1) at 2024-11-18 23:42:43 +0000