summaryrefslogtreecommitdiffstats
path: root/ipalib
Commit message (Collapse)AuthorAgeFilesLines
...
* Add example of DNS SRV record and a simple validatorJakub Hrozek2011-01-281-0/+23
| | | | https://fedorahosted.org/freeipa/ticket/846
* Delete the whole DNS record with no parametersJakub Hrozek2011-01-281-4/+48
| | | | | | | | | Error out when deleting a nonexistent DNS record Also fixes the DNS unit tests. https://fedorahosted.org/freeipa/ticket/816 https://fedorahosted.org/freeipa/ticket/829
* host-add should not add a PTR record with --no-reverseJakub Hrozek2011-01-281-7/+10
| | | | https://fedorahosted.org/freeipa/ticket/866
* Add support for account unlockingJan Zeleny2011-01-281-0/+24
| | | | | | | | This patch adds command ipa user-unlock and some LDAP modifications which are required by Kerberos for unlocking to work. Ticket: https://fedorahosted.org/freeipa/ticket/344
* dirtyAdam Young2011-01-271-1/+2
| | | | | If a page is dirty, do not allow additional navigation until changes are saved or committed https://fedorahosted.org/freeipa/ticket/726
* adding label for RBACAdam Young2011-01-271-1/+2
|
* ACI plugin supports prefixesMartin Kosek2011-01-264-44/+131
| | | | | | | | | | | | | | | | | | | | | | | | When more than one plugin produce ACIs, they share common namespace of ACI name. This may lead to name collisions between the ACIs from different plugins. This patch introduces a mandatory "prefix" attribute for non-find ACI operations which allow plugins to use their own prefixes (i.e. namespaces) which is then used when a name of the ACI is generated. Permission, Delegation and Selfservice plugins has been updated to use their own prefixes thus avoiding name collisions by using their own namespaces. Default ACIs in LDIFs has been updated to follow this new policy. Permission plugin now uses its CN (=primary key) instead of description in ACI names as Description may not be unique. This change requires an IPA server reinstall since the default ACI set has been changed. https://fedorahosted.org/freeipa/ticket/764
* Raise ValidationError when adding unallowed attribute to search fields.Pavel Zuna2011-01-261-0/+16
| | | | Ticket #845
* Tab I18NAdam Young2011-01-261-0/+7
| | | | | | | Makes the values for the Top level tabs internationizable, and no longer just passes through their names Also uses the I18N values for SUDO and HBAC as the static text in the Action p[anel title
* Add flags to enforce asking for object attributeJan Zeleny2011-01-262-9/+26
| | | | | | | So far the only flag to enforce asking in interactive mode was the alwaysask attribute, which is not sufficient any more. This patch adds the ability to control for which actions the atrribute shall be asked for.
* Add brackets around optional parameters when prompting.Rob Crittenden2011-01-251-4/+8
| | | | ticket 832
* Fix assorted bugs found by pylintJakub Hrozek2011-01-257-17/+10
|
* Enforce uniqueness on (key,info) pairs in automount keysJakub Hrozek2011-01-251-9/+166
| | | | https://fedorahosted.org/freeipa/ticket/293
* Fix crash when displaying values composed of white-space chars only in CLI.Pavel Zuna2011-01-241-0/+2
| | | | Ticket #825
* Disable renaming to empty stringJan Zeleny2011-01-241-0/+2
| | | | | | | | So far it was possible to rename any object using LDAPUpdate to a name with empty primary key. Since this can cause nasty problems, this patch disables empty string in --rename argument. https://fedorahosted.org/freeipa/ticket/827
* Make a copy of objectclasses so a call can't update them globally.Rob Crittenden2011-01-242-5/+6
| | | | | | In the host plugin we may change the default objectclasses based on the options selected. This was affecting it globally and causing subsequent calls to fail.
* Removed 'name' from 'Sudo Command Group name'.Endi S. Dewata2011-01-241-1/+1
|
* Added scrollable panel for delete dialog box.Endi S. Dewata2011-01-241-1/+1
|
* Fix exception doctest failureRob Crittenden2011-01-241-2/+2
|
* Make ipa permission-add ask for optional attributesJan Zeleny2011-01-211-0/+6
| | | | | | | Either one of type, filter, subtree, targetgroup, attrs or memberof is required. https://fedorahosted.org/freeipa/ticket/819
* Rename INTERNAL to NO_CLI for commands we hide from the cli.Rob Crittenden2011-01-219-27/+29
| | | | | | Also make i18n_messages and json_metadata NO_CLI. ticket 821
* Make command syntax less confusing in helpJan Zeleny2011-01-211-0/+1
| | | | | | The patch adds [options] to the syntax line of ipa help <command> https://fedorahosted.org/freeipa/ticket/733
* Add some basic filter validation to permissions and disallow empty filtersRob Crittenden2011-01-212-4/+30
| | | | | | | Try a query with a filter to see if it is at least legal. This doesn't guarantee that the filter is at all otherwise sane. ticket 808
* Fix dns_is_enabled commandSimo Sorce2011-01-201-3/+3
|
* Provide API to check if IPA DNS is enabled on some serverSimo Sorce2011-01-191-0/+25
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/600
* Fix password/random logic in host plugin.Pavel Zuna2011-01-181-6/+9
| | | | Fix #798
* Fix updating of DNS records by the host plugin.Pavel Zuna2011-01-181-5/+5
| | | | Fix #799
* Remove SOA maximum parameters from DNS zone.Pavel Zuna2011-01-181-5/+0
| | | | | | | | There's no such thing as "maximum" in SOA record RDATA format according to RFC 1035 and there's also no such attribute in the schema. Fix #788
* Fix crash when building DN of host with name ending with period.Pavel Zuna2011-01-181-4/+5
| | | | Fix #797
* Move HBAC services and service groups to cn=hbacJan Zeleny2011-01-181-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/762
* Modified description of nsaccountlock attributeJan Zeleny2011-01-181-1/+1
| | | | | | | The original one was misleading, giving the value exactly opposite meaning than it actually was. https://fedorahosted.org/freeipa/ticket/741
* Set the default Int maxvalue to the maximum XML-RPC can handle.Rob Crittenden2011-01-183-2/+19
| | | | | | Also handle marshalling errors thrown by xmlrpclib more gracefully. ticket 770
* Move sudo related data all under cn=sudoSimo Sorce2011-01-171-3/+3
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/773
* Details to SettingsAdam Young2011-01-151-4/+8
| | | | Using I18N messages for most of the details
* Don't require or create the log dirs if we're just validating the API.Rob Crittenden2011-01-141-1/+1
| | | | | Fixes an error displayed in the automated builds, plus we don't want a Makefile messing around with our homedir.
* Rename DNS2 to DNSJakub Hrozek2011-01-142-1/+1
|
* Port installer and host plugin to the new DNS pluginJakub Hrozek2011-01-143-964/+66
| | | | | | * move ipa dns-resolve to the new plugin * port the installer and the host plugin to the new interface * remove the old plugin
* Add API version and have server reject incompatible clients.Rob Crittenden2011-01-146-6/+69
| | | | | | | | | | | | | | | | | | | | | | | | This patch contains 2 parts. The first part is a small utility to create and validate the current API. To do this it needs to load ipalib which on a fresh system introduces a few problems, namely that it relies on a python plugin to set the default encoding to utf8. For our purposes we can skip that. It is also important that any optional plugins be loadable so the API can be examined. The second part is a version exchange between the client and server. The version has a major and a minor version. The major verion is updated whenever existing API changes. The minor version is updated when new API is added. A request will be rejected if either the major versions don't match or if the client major version is higher than then server major version (though by implication new API would return a command not found if allowed to proceed). To determine the API version of the server from a client use the ping command. ticket 584
* Move Virtual Operations container under cn=etcSimo Sorce2011-01-142-2/+2
| | | | Fixes: https://fedorahosted.org/freeipa/ticket/759
* Fixed typo in ipa help serviceGowrishankar Rajaiyan2011-01-141-1/+1
|
* python-ldap fails gloriously if the search time limit is 0. Don't allow it.Rob Crittenden2011-01-141-1/+7
| | | | | | | | | Don't allow the time limit to be set in the API. Also add a failsafe in the ldap driver because such bad things happen if this value is 0. I think it literally spends 0 time on the request and just returns immediately. ticket 752
* Support for str in StrEnum.Endi S. Dewata2011-01-131-0/+18
| | | | | The StrEnum class has been modified to accept str value and convert it into unicode. This is to fix encoding issue on F14.
* Use correct option name in host pluginJakub Hrozek2011-01-121-9/+9
|
* Fixes for the DNS pluginJakub Hrozek2011-01-121-3/+9
| | | | https://fedorahosted.org/freeipa/ticket/730
* fix sudorule runas user/groups https://fedorahosted.org/freeipa/ticket/570Jr Aquino2011-01-121-1/+111
|
* Fix output of failed managedby hosts, allow a host to manage itself.Rob Crittenden2011-01-113-3/+9
| | | | | | | | | | | The output problem was a missing label for failed managedby. This also fixes a call to print_entry that was missing the flags argument. Add a flag to specify whether a group can be a member of itself, defaulting to False. ticket 708
* Exit if a DNS A or AAAA record doesn't exist for the replica we are preparing.Rob Crittenden2011-01-111-3/+11
| | | | | | | | | Without this it is possible to prepare a replica for a host that doesn't exist in DNS. The result when this replica file is installed is that replication will fail because the master won't be able to communicate to the replica by name. ticket 680
* Retype (when cloning) Flag parameters to Bool for search commands.Pavel Zuna2011-01-102-4/+16
| | | | | | | | | Flag parameters are always autofill by definition, causing unexpected search results. This patch retypes them to Bool for search commands, so that users have to/can enter the desired value manually. Ticket #689 Ticket #701
* Display the entries that failed when deleting with --continue.Rob Crittenden2011-01-107-13/+27
| | | | | | | | | | | | We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687
* Setting an empty set of target attributes should raise an exception.Rob Crittenden2011-01-104-31/+40
| | | | | | | | | | | It is possible to create an ACI with attributes and then try to set that to None via a mod command later. We need to catch this and raise an exception. If all attributes are set to None in an aci then the attr target is removed from the ACI. This could result in an illegal ACI if there are no other targets. Having no targets is a legal state, just not a legal final state. ticket 647
generated by cgit (git 2.34.1) at 2024-06-04 17:57:04 +0000