Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Clean up crypto code, take advantage of new nss-python capabilities | Rob Crittenden | 2010-07-15 | 1 | -3/+3 | |
| | | | | | | | | This patch does the following: - drops our in-tree x509v3 parser to use the python-nss one - return more information on certificates - make an API change, renaming cert-get to cert-show - Drop a lot of duplicated code | |||||
* | Add API to delete a service principal key, service-disable. | Rob Crittenden | 2010-07-13 | 1 | -0/+50 | |
| | | | | | | | | | | | | I have to do some pretty low-level LDAP work to achieve this. Since we can't read the key using our modlist generator won't work and lots of tricks would be needed to use the LDAPUpdate object in any case. I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new variable, has_keytab, to service/host_show output. This flag tells us whether there is a krbprincipalkey. | |||||
* | First pass at per-command documentation | Rob Crittenden | 2010-06-22 | 1 | -0/+38 | |
| | ||||||
* | Deleting a non-fully-qualified hostname should still delete its services | Rob Crittenden | 2010-03-30 | 1 | -3/+9 | |
| | | | | | We were being left with orphan services if the host entry was not removed using the FQDN. | |||||
* | Code cleanup: remove unused stuff, take 1. | Pavel Zuna | 2010-03-01 | 1 | -16/+0 | |
| | ||||||
* | Translatable Param.label, Param.doc | Jason Gerard DeRose | 2010-02-24 | 1 | -19/+21 | |
| | ||||||
* | Replace incorrect use of str.index with str.find in host plugin. | Pavel Zuna | 2010-02-23 | 1 | -1/+1 | |
| | ||||||
* | Use the Output tuple to determine the order of output | Rob Crittenden | 2010-02-15 | 1 | -6/+22 | |
| | | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass. | |||||
* | Add Object.label class attribute, enable in webUI | Jason Gerard DeRose | 2010-02-12 | 1 | -0/+2 | |
| | ||||||
* | Use 'l' instead of 'localityname' in host plugin. | Pavel Zuna | 2010-01-14 | 1 | -2/+14 | |
| | | | | | It seems that 'localityname' and 'locality' aliases were dropped in newer versions of DS. | |||||
* | Make host objects aware of their membership and that l==localityName. | Pavel Zuna | 2010-01-14 | 1 | -0/+6 | |
| | ||||||
* | Add --all to LDAPCreate and make LDAP commands always display default ↵ | Pavel Zuna | 2010-01-11 | 1 | -1/+1 | |
| | | | | attributes. | |||||
* | Handle base64-encoded certificates better, import missing function | Rob Crittenden | 2009-12-18 | 1 | -0/+1 | |
| | ||||||
* | Make hosts more like real services so we can issue certs for host principals | Rob Crittenden | 2009-12-16 | 1 | -3/+22 | |
| | | | | | This patch should make joining a client to the domain and using certmonger to get an initial certificate work. | |||||
* | Take 2: Extensible return values and validation; steps toward a single ↵ | Jason Gerard DeRose | 2009-12-10 | 1 | -4/+25 | |
| | | | | output_for_cli(); enable more webUI stuff | |||||
* | Make the host plugin use baseldap classes. | Pavel Zuna | 2009-09-28 | 1 | -252/+90 | |
| | ||||||
* | Enrollment for a host in an IPA domain | Rob Crittenden | 2009-09-24 | 1 | -37/+26 | |
| | | | | | | | | | | | | This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ... | |||||
* | Add a new objectclass, ipaObject, that will add a UUID to many IPA objects | Rob Crittenden | 2009-08-10 | 1 | -1/+4 | |
| | | | | | | | | | ipaObject is defined as an auxiliary objectclass so it is up to the plugin author to ensure that the objectclass is included an a UUID generated. ipaUniqueId is a MUST attribute so if you include the objectclass you must ensure that the uuid is generated. This also fixes up some unrelated unit test failures. | |||||
* | Fix bug: number of found entries was reported incorrectly in some plugins. | Pavel Zuna | 2009-07-02 | 1 | -1/+1 | |
| | ||||||
* | Fix bug: when deleting hosts, their services where deleted incorrectly | Pavel Zuna | 2009-07-02 | 1 | -3/+7 | |
| | ||||||
* | Fix minor bugs, typos, etc. discovered by unit tests in plugins. | Pavel Zuna | 2009-07-02 | 1 | -3/+7 | |
| | ||||||
* | Rename *-create/*-delete commands to *-add/*-del respectively. | Pavel Zuna | 2009-07-02 | 1 | -5/+5 | |
| | ||||||
* | Rename plugins2 to plugins. | Pavel Zuna | 2009-07-02 | 1 | -12/+12 | |
| | ||||||
* | Rename plugins2 files (remove '2' suffix'). | Pavel Zuna | 2009-07-02 | 1 | -0/+375 | |
| | ||||||
* | Delete plugins using old LDAP backend. | Pavel Zuna | 2009-07-02 | 1 | -319/+0 | |
| | ||||||
* | Schema change so the nisnetgroup triples work properly. | Rob Crittenden | 2009-05-19 | 1 | -8/+9 | |
| | | | | | | If we use cn for hostname there is no easy way to distinguish between a host and a hostgroup. So adding a fqdn attribute to be used to store the hostname instead. | |||||
* | Remove all services when a host is removed Revoke certificate (if any) when ↵ | Rob Crittenden | 2009-05-13 | 1 | -1/+12 | |
| | | | | a service is removed | |||||
* | Some minor cosmetic changes | Rob Crittenden | 2009-05-04 | 1 | -2/+4 | |
| | ||||||
* | Rename errors2.py to errors.py. Modify all affected files. | Pavel Zuna | 2009-04-23 | 1 | -3/+3 | |
| | ||||||
* | Fill in default values for os and platform | Rob Crittenden | 2009-04-13 | 1 | -0/+18 | |
| | ||||||
* | Renamed remaining plugins still using f_* b_* convention | Jason Gerard DeRose | 2009-04-01 | 1 | -0/+287 | |