summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/host.py
Commit message (Collapse)AuthorAgeFilesLines
* Add option to generate random one-time password for hosts for bulk enrollmentRob Crittenden2010-10-281-2/+43
| | | | ticket 228
* Populate indirect members when showing a group object.Rob Crittenden2010-10-281-12/+0
| | | | | | | | | | | | | | | This is done by creating a new attribute, memberindirect, to hold this indirect membership. The new function get_members() can return all members or just indirect or direct. We are only using it to retrieve indirect members currently. This also: * Moves all member display attributes into baseldap.py to reduce duplication * Adds netgroup nesting * Use a unique object name in hbacsvc and hbacsvcgroup ticket 296
* Host certificate managementEndi S. Dewata2010-10-201-0/+35
| | | | | | | | | | | | | | | The service certificate management UI has been generalized and moved into certificate.js. The host details page is now using the same code to manage certificates. The host.py has been modified to return host certificate info. The Get/Revoke/View buttons behavior has been modified such that they are visible only if there is a valid certificate. The Get dialog box has been fixed to show the correct certificate header and footer. The ipa.css has been modified to store the style of the status bullets. New unit tests for certificate has been added. The test data has been modified to include sample host certificate.
* Update command documentation based on feedback from docs team.Rob Crittenden2010-08-271-22/+24
| | | | ticket #158
* Require that hosts be resolvable in DNS. Use --force to ignore warnings.Rob Crittenden2010-08-061-1/+7
| | | | | | | | | | | | | This also requires a resolvable hostname on services as well. I want people to think long and hard about adding things that aren't resolvable. The cert plugin can automatically create services on the user's behalf when issuing a cert. It will always set the force flag to True. We use a lot of made-up host names in the test system, all of which require the force flag now. ticket #25
* Clean up crypto code, take advantage of new nss-python capabilitiesRob Crittenden2010-07-151-3/+3
| | | | | | | | This patch does the following: - drops our in-tree x509v3 parser to use the python-nss one - return more information on certificates - make an API change, renaming cert-get to cert-show - Drop a lot of duplicated code
* Add API to delete a service principal key, service-disable.Rob Crittenden2010-07-131-0/+50
| | | | | | | | | | | | I have to do some pretty low-level LDAP work to achieve this. Since we can't read the key using our modlist generator won't work and lots of tricks would be needed to use the LDAPUpdate object in any case. I pulled usercertificate out of the global params and put into each appropriate function because it makes no sense for service-disable. This also adds a new variable, has_keytab, to service/host_show output. This flag tells us whether there is a krbprincipalkey.
* First pass at per-command documentationRob Crittenden2010-06-221-0/+38
|
* Deleting a non-fully-qualified hostname should still delete its servicesRob Crittenden2010-03-301-3/+9
| | | | | We were being left with orphan services if the host entry was not removed using the FQDN.
* Code cleanup: remove unused stuff, take 1.Pavel Zuna2010-03-011-16/+0
|
* Translatable Param.label, Param.docJason Gerard DeRose2010-02-241-19/+21
|
* Replace incorrect use of str.index with str.find in host plugin.Pavel Zuna2010-02-231-1/+1
|
* Use the Output tuple to determine the order of outputRob Crittenden2010-02-151-6/+22
| | | | | | | | | | | | | | The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
* Add Object.label class attribute, enable in webUIJason Gerard DeRose2010-02-121-0/+2
|
* Use 'l' instead of 'localityname' in host plugin.Pavel Zuna2010-01-141-2/+14
| | | | | It seems that 'localityname' and 'locality' aliases were dropped in newer versions of DS.
* Make host objects aware of their membership and that l==localityName.Pavel Zuna2010-01-141-0/+6
|
* Add --all to LDAPCreate and make LDAP commands always display default ↵Pavel Zuna2010-01-111-1/+1
| | | | attributes.
* Handle base64-encoded certificates better, import missing functionRob Crittenden2009-12-181-0/+1
|
* Make hosts more like real services so we can issue certs for host principalsRob Crittenden2009-12-161-3/+22
| | | | | This patch should make joining a client to the domain and using certmonger to get an initial certificate work.
* Take 2: Extensible return values and validation; steps toward a single ↵Jason Gerard DeRose2009-12-101-4/+25
| | | | output_for_cli(); enable more webUI stuff
* Make the host plugin use baseldap classes.Pavel Zuna2009-09-281-252/+90
|
* Enrollment for a host in an IPA domainRob Crittenden2009-09-241-37/+26
| | | | | | | | | | | | This will create a host service principal and may create a host entry (for admins). A keytab will be generated, by default in /etc/krb5.keytab If no kerberos credentails are available then enrollment over LDAPS is used if a password is provided. This change requires that openldap be used as our C LDAP client. It is much easier to do SSL using openldap than mozldap (no certdb required). Otherwise we'd have to write a slew of extra code to create a temporary cert database, import the CA cert, ...
* Add a new objectclass, ipaObject, that will add a UUID to many IPA objectsRob Crittenden2009-08-101-1/+4
| | | | | | | | | ipaObject is defined as an auxiliary objectclass so it is up to the plugin author to ensure that the objectclass is included an a UUID generated. ipaUniqueId is a MUST attribute so if you include the objectclass you must ensure that the uuid is generated. This also fixes up some unrelated unit test failures.
* Fix bug: number of found entries was reported incorrectly in some plugins.Pavel Zuna2009-07-021-1/+1
|
* Fix bug: when deleting hosts, their services where deleted incorrectlyPavel Zuna2009-07-021-3/+7
|
* Fix minor bugs, typos, etc. discovered by unit tests in plugins.Pavel Zuna2009-07-021-3/+7
|
* Rename *-create/*-delete commands to *-add/*-del respectively.Pavel Zuna2009-07-021-5/+5
|
* Rename plugins2 to plugins.Pavel Zuna2009-07-021-12/+12
|
* Rename plugins2 files (remove '2' suffix').Pavel Zuna2009-07-021-0/+375
|
* Delete plugins using old LDAP backend.Pavel Zuna2009-07-021-319/+0
|
* Schema change so the nisnetgroup triples work properly.Rob Crittenden2009-05-191-8/+9
| | | | | | If we use cn for hostname there is no easy way to distinguish between a host and a hostgroup. So adding a fqdn attribute to be used to store the hostname instead.
* Remove all services when a host is removed Revoke certificate (if any) when ↵Rob Crittenden2009-05-131-1/+12
| | | | a service is removed
* Some minor cosmetic changesRob Crittenden2009-05-041-2/+4
|
* Rename errors2.py to errors.py. Modify all affected files.Pavel Zuna2009-04-231-3/+3
|
* Fill in default values for os and platformRob Crittenden2009-04-131-0/+18
|
* Renamed remaining plugins still using f_* b_* conventionJason Gerard DeRose2009-04-011-0/+287
generated by cgit (git 2.34.1) at 2024-06-17 16:38:54 +0000