Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | Many SELinux fixes: ldapi, ctypes and dogtag | Rob Crittenden | 2009-09-10 | 2 | -4/+11 | |
| | | | | | | | | | | | ldapi: grants httpd and krb5kdc to access the DS ldapi socket ctypes: the Python uuid module includes ctypes which makes httpd segfault due to SELinux problems. dogtag: remove the CRL publishing permissions. This only worked if you had dogtag installed. In the near future will publish elsewhere so for the time being CRL file publishing will be broken with SELinux enabled. | |||||
* | Automatically generate an auto.master map for new automount location. | Pavel Zuna | 2009-09-10 | 1 | -0/+12 | |
| | | | | Also, add the automountlocation-show command for completeness sake. | |||||
* | Remove parent_key parameter kwarg. | Pavel Zuna | 2009-09-10 | 1 | -7/+4 | |
| | | | | Also replace a TYPE_ERROR with ValidationError. | |||||
* | Add support for different automount maps per location. | Pavel Zuna | 2009-09-10 | 1 | -91/+139 | |
| | ||||||
* | Fix: Object.params_minus_pk was invalid when there was no primary_key. | Pavel Zuna | 2009-09-09 | 1 | -0/+2 | |
| | ||||||
* | Improve ipalib.plugins.baseldap classes. | Pavel Zuna | 2009-09-09 | 1 | -97/+72 | |
| | | | | | | | | | | - remove obsolete code related to PluginProxy - remove parent_key attribute, for the purpose of nested objects the parent's primary key is retrieved automatically - added support for auto-generating of UUIDs - make use of the improved attribute printing in CLI - make LDAPDelete delete all sub-entries, not just one-level - minor bug fixes | |||||
* | Remove obsolete CRUD base classes as they aren't used anymore. | Pavel Zuna | 2009-09-08 | 1 | -48/+0 | |
| | ||||||
* | Improve attribute printing in the CLI. | Pavel Zuna | 2009-09-08 | 1 | -5/+28 | |
| | | | | | - allow choice between single/multiple value per line - word wrapping | |||||
* | Fix bug in dns_find - execute() returned different value than expected. | Pavel Zuna | 2009-09-08 | 1 | -1/+1 | |
| | ||||||
* | Fleshed out krb plugin and added example of scripting against Python API | Jason Gerard DeRose | 2009-08-31 | 1 | -0/+90 | |
| | ||||||
* | Enable ldapi connections in the management framework. | Rob Crittenden | 2009-08-27 | 1 | -2/+0 | |
| | | | | | | If you don't want to use ldapi then you can remove the ldap_uri setting in /etc/ipa/default.conf. The default for the framework is to use ldap://localhost:389/ | |||||
* | Fix service_mod and add a test case | Rob Crittenden | 2009-08-26 | 1 | -8/+7 | |
| | ||||||
* | Remove Python 2.6 BaseException.message deprecation warning | Rob Crittenden | 2009-08-20 | 1 | -5/+5 | |
| | ||||||
* | Clean up additional issues discovered with pylint and pychecker | Rob Crittenden | 2009-08-20 | 3 | -2/+18 | |
| | ||||||
* | Clean up some problems discovered with pylint and pychecker | Rob Crittenden | 2009-08-12 | 1 | -0/+16 | |
| | | | | | Much of this is formatting to make pylint happy but it also fixes some real bugs. | |||||
* | Add a new objectclass, ipaObject, that will add a UUID to many IPA objects | Rob Crittenden | 2009-08-10 | 5 | -5/+16 | |
| | | | | | | | | | ipaObject is defined as an auxiliary objectclass so it is up to the plugin author to ensure that the objectclass is included an a UUID generated. ipaUniqueId is a MUST attribute so if you include the objectclass you must ensure that the uuid is generated. This also fixes up some unrelated unit test failures. | |||||
* | Removed PluginProxy and all its uses | Jason Gerard DeRose | 2009-08-05 | 5 | -135/+21 | |
| | ||||||
* | Add options in baseldap classes to display unaltered LDAP entries. | Pavel Zuna | 2009-08-05 | 1 | -10/+44 | |
| | | | | The options in question is '--raw'. | |||||
* | Fix three broken unit tests | Jason Gerard DeRose | 2009-08-04 | 3 | -10/+9 | |
| | ||||||
* | All-around improvements to baseldap.py classes. | Pavel Zuna | 2009-08-03 | 1 | -47/+245 | |
| | | | | | | | | | | | | | | - attribute re-mapping, ordering and hiding (Enables plugins to completely hide LDAP internals from users and full localisation of command output.) - translation of member DNs into object names (No more DNs when listing group members etc.) - support for "singleton" LDAP objects (Objects like "pwpolicy"; not accessed by primary key.) - new base classes for commands: LDAPModMember, LDAPAddMember and LDAPRemoveMember (Providing support for objects with 'member'-like attributes.) - LDAPSearch implicit exit code changed to 1 when nothing is found | |||||
* | Prevent double encoding/decoding when processing compound types. | Pavel Zuna | 2009-08-03 | 1 | -5/+10 | |
| | ||||||
* | Enable attribute re-mapping and ordering when printing entries. | Pavel Zuna | 2009-08-03 | 1 | -10/+22 | |
| | | | | Also print multiple values on one line separated by commas. | |||||
* | Allow replicas of an IPA server using an internal dogtag server as the CA | Rob Crittenden | 2009-07-15 | 1 | -1/+1 | |
| | | | | | | | | This involves creating a new CA instance on the replica and using pkisilent to create a clone of the master CA. Also generally fixes IPA to work with the latest dogtag SVN tip. A lot of changes to ports and configuration have been done recently. | |||||
* | Catch and handle HTTP exceptions (like 401, 404, etc) | Rob Crittenden | 2009-07-15 | 1 | -1/+3 | |
| | ||||||
* | Require a password only once when it is passed in via a pipe | Rob Crittenden | 2009-07-10 | 1 | -21/+13 | |
| | ||||||
* | Add a one-character option for parameters | Rob Crittenden | 2009-07-10 | 2 | -1/+12 | |
| | ||||||
* | Add a return value to exceptions. | Rob Crittenden | 2009-07-10 | 2 | -4/+13 | |
| | | | | | | | | Returning the exception value doesn't work because a shell return value is in the range of 0-255. The default return value is 1 which means "something went wrong." The only specific return value implemented so far is 2 which is "not found". | |||||
* | Add textui function to display and prompt user for selection for *-find. | Rob Crittenden | 2009-07-10 | 2 | -8/+66 | |
| | | | | | Since we may end up executing a *-show when an entry is selected we need to defer destroying the connection context. | |||||
* | Implement support for non-LDAP-based actions that use the LDAP ACI subsystem. | Rob Crittenden | 2009-07-10 | 4 | -6/+91 | |
| | | | | | | | | | | | | There are some operations, like those for the certificate system, that don't need to write to the directory server. So instead we have an entry that we test against to determine whether the operation is allowed or not. This is done by attempting a write on the entry. If it would succeed then permission is granted. If not then denied. The write we attempt is actually invalid so the write itself will fail but the attempt will fail first if access is not permitted, so we can distinguish between the two without polluting the entry. | |||||
* | Change command names from *group-del-member to *group-remove-member. | Pavel Zuna | 2009-07-09 | 6 | -17/+17 | |
| | | | | Signed-off-by: Jason Gerard DeRose <jderose@redhat.com> | |||||
* | Fix bug: number of found entries was reported incorrectly in some plugins. | Pavel Zuna | 2009-07-02 | 4 | -5/+5 | |
| | ||||||
* | Make basegroup-{add, del}-member print failed members with error descriptions. | Pavel Zuna | 2009-07-02 | 4 | -85/+116 | |
| | ||||||
* | Fix bug: when deleting hosts, their services where deleted incorrectly | Pavel Zuna | 2009-07-02 | 1 | -3/+7 | |
| | ||||||
* | Remove outstanding 2's from plugins. | Pavel Zuna | 2009-07-02 | 2 | -8/+8 | |
| | ||||||
* | Add automount plugin. | Pavel Zuna | 2009-07-02 | 1 | -0/+324 | |
| | ||||||
* | Fix minor bugs, typos, etc. discovered by unit tests in plugins. | Pavel Zuna | 2009-07-02 | 8 | -31/+51 | |
| | ||||||
* | Fix bug in basegroup and passwd plugins (incorrect use of find_entry_by_attr). | Pavel Zuna | 2009-07-02 | 2 | -14/+12 | |
| | ||||||
* | Rename *-create/*-delete commands to *-add/*-del respectively. | Pavel Zuna | 2009-07-02 | 15 | -65/+65 | |
| | ||||||
* | Replace references to basegroup2 in taskgroup plugin. | Pavel Zuna | 2009-07-02 | 1 | -11/+11 | |
| | ||||||
* | Rename plugins2 to plugins. | Pavel Zuna | 2009-07-02 | 13 | -214/+214 | |
| | ||||||
* | Rename plugins2 files (remove '2' suffix'). | Pavel Zuna | 2009-07-02 | 14 | -0/+0 | |
| | ||||||
* | Remove use_ldap2 constant. | Pavel Zuna | 2009-07-02 | 2 | -16/+7 | |
| | ||||||
* | Remove all references to use_ldap2. | Pavel Zuna | 2009-07-02 | 14 | -74/+0 | |
| | ||||||
* | Always use new LDAP backend when creating context. | Pavel Zuna | 2009-07-02 | 1 | -4/+1 | |
| | ||||||
* | Delete plugins using old LDAP backend. | Pavel Zuna | 2009-07-02 | 15 | -4081/+0 | |
| | ||||||
* | Add a local implementation of httplib.SSLFile and httplib.FakeSocket | rcrit | 2009-07-01 | 1 | -2/+9 | |
| | | | | | | | Python 2.6 changed its internal implementation which makes it difficult to override in a way that is backwards compatible. 508953 | |||||
* | Two new arguments for the help built-in command: topics and commands | Rob Crittenden | 2009-06-15 | 1 | -2/+7 | |
| | | | | | ipa help topics will show all topics (equivalent to ipa help) ipa help commands will show list of all available commands | |||||
* | Fix typo in variable name, object_classs->object_class | Rob Crittenden | 2009-06-15 | 1 | -1/+1 | |
| | ||||||
* | Change plugins2 using find_entries to support incomplete (truncated) search ↵ | Pavel Zuna | 2009-06-15 | 5 | -41/+98 | |
| | | | | results. | |||||
* | Add new set of base classes for plugins using LDAP. | Pavel Zuna | 2009-06-15 | 1 | -0/+398 | |
| |