summaryrefslogtreecommitdiffstats
path: root/ipapython
Commit message (Collapse)AuthorAgeFilesLines
* Raise an exception when legacy LDAP API is used.Jan Cholasta2014-01-241-19/+12
|
* Add runas option to run functionMartin Kosek2014-01-221-21/+38
| | | | | | | | Run function can now run the specified command as different user by setting the both real and effective UID and GID for executed process. Add both the missing run function attribute doc strings as well as a doc string for the runas attribute.
* Do not crash on bad LDAP data when formatting decode error message.Jan Cholasta2014-01-101-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Store old entry state in dict rather than LDAPEntry.Jan Cholasta2014-01-101-29/+17
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Remove legacy LDAPEntry properties data and orig_data.Jan Cholasta2014-01-101-11/+0
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Remove unused LDAPClient methods get_syntax and get_single_value.Jan Cholasta2014-01-101-12/+0
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Add LDAPEntry method generate_modlist.Jan Cholasta2014-01-101-46/+39
| | | | | | | Use LDAPEntry.generate_modlist instead of LDAPClient._generate_modlist and remove LDAPClient._generate_modlist. https://fedorahosted.org/freeipa/ticket/3488
* Use LDAPClient.update_entry for LDAP mods in ldapupdate.Jan Cholasta2014-01-101-60/+0
| | | | | | Remove legacy IPAdmin methods generateModList and updateEntry. https://fedorahosted.org/freeipa/ticket/3488
* Make IPASimpleLDAPObject.get_single_value result overridable.Jan Cholasta2014-01-101-3/+13
| | | | | | Add some default overrides. https://fedorahosted.org/freeipa/ticket/3488
* Move LDAPClient method get_single_value to IPASimpleLDAPObject.Jan Cholasta2014-01-101-18/+30
| | | | | | Refactor IPASimpleLDAPObject methods get_syntax and get_single_value. https://fedorahosted.org/freeipa/ticket/3488
* Use old entry state in LDAPClient.update_entry.Jan Cholasta2014-01-101-32/+26
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Rename LDAPEntry method commit to reset_modlist.Jan Cholasta2014-01-101-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3488
* PKI service restart after CA renewal failedJan Cholasta2014-01-082-1/+5
| | | | | | | | | | Fix both the service restart procedure and registration of old pki-cad well known service name. This patch was adapted from original patch of Jan Cholasta 178 to fix ticket 4092. https://fedorahosted.org/freeipa/ticket/4092
* Use /usr/bin/python2Xiao-Long Chen2014-01-033-9/+9
| | | | | | | | | | | | Part of the effort to port FreeIPA to Arch Linux, where Python 3 is the default. FreeIPA hasn't been ported to Python 3, so the code must be modified to run /usr/bin/python2 https://fedorahosted.org/freeipa/ticket/3438 Updated by pviktori@redhat.com
* Convert remaining backend code to LDAPEntry API.Jan Cholasta2013-12-161-3/+3
|
* Allow kernel keyring CCACHE when supportedMartin Kosek2013-12-091-0/+17
| | | | | | | Server and client installer should allow kernel keyring ccache when supported. https://fedorahosted.org/freeipa/ticket/4013
* Support searches with paged results control in LDAPClient.Jan Cholasta2013-11-271-16/+59
| | | | https://fedorahosted.org/freeipa/ticket/3971
* Add wrapper for result3 to IPASimpleLDAPObject.Jan Cholasta2013-11-271-0/+5
| | | | https://fedorahosted.org/freeipa/ticket/3971
* Move IPA specific code from LDAPClient to the ldap2 plugin.Jan Cholasta2013-11-271-212/+7
| | | | https://fedorahosted.org/freeipa/ticket/3971
* Improve LDAPEntry.__repr__ for freshly created entriesPetr Viktorin2013-11-261-1/+3
| | | | | | | Creating a LDAPEntry from dict does not set the raw entries, to display everything we need to combine the underlying data. https://fedorahosted.org/freeipa/ticket/4015
* ipa-client-install: Publish CA certificate to systemwide storeTomas Babej2013-11-202-2/+76
| | | | | | | | | | | During the installation, copy the CA certificate to the systemwide store (/etc/pki/ca-trust/source/anchors/ipa-ca.crt) and update the systemwide CA database. This allows browsers to access IPA WebUI without warning out of the box. https://fedorahosted.org/freeipa/ticket/3504
* platform: Add Fedora 19 platform fileTomas Babej2013-11-202-0/+56
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3504
* Remove schema special-casing from the LDAP updaterPetr Viktorin2013-11-181-19/+8
| | | | | | | Now that there's a dedicated schema updater, we do not need the code in ldapupdate. https://fedorahosted.org/freeipa/ticket/3454
* Add schema updater based on IPA schema filesPetr Viktorin2013-11-181-0/+6
| | | | | | | | | | | | The new updater is run as part of `ipa-ldap-updater --upgrade` and `ipa-ldap-updater --schema` (--schema is a new option). The --schema-file option to ipa-ldap-updater may be used (multiple times) to select a non-default set of schema files to update against. The updater adds an X-ORIGIN tag with the current IPA version to all elements it adds or modifies. https://fedorahosted.org/freeipa/ticket/3454
* ipa-client-install: Added options to configure firefoxMartin Basti2013-11-154-3/+27
| | | | | | | | | Option --configure-firefox configures firefox to use Kerberos credentials within IPA domain Optional option --firefox-dir=DIR allows to user to specify non-standard path where firefox install directory is placed. Part of ticket: https://fedorahosted.org/freeipa/ticket/3821
* Remove unused utf8_encode_value functionsPetr Viktorin2013-11-081-12/+0
| | | | | The utf8_encode_value/_values functions from ipautil are no longer used. Remove them.
* Turn LDAPEntry.single_value into a dictionary-like property.Jan Cholasta2013-11-052-24/+32
| | | | | | This change makes single_value consistent with the raw property. https://fedorahosted.org/freeipa/ticket/3521
* Use encoded values from entry objects directly when adding new entries.Jan Cholasta2013-10-311-7/+1
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Use encoded values from entry objects directly when generating modlists.Jan Cholasta2013-10-311-33/+6
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Store encoded attribute values from search results directly in entry objects.Jan Cholasta2013-10-311-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Remove legacy toDict and origDataDict methods of LDAPEntry.Jan Cholasta2013-10-311-27/+4
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Make sure attributeTypes updates are done before objectClasses updates.Jan Cholasta2013-10-311-1/+4
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Decode and encode attribute values in LDAPEntry on demand.Jan Cholasta2013-10-311-28/+186
| | | | | | | | | | | This is achieved by storing both decoded and encoded attribute values in LDAPEntry and synchronizing changes between them whenever an attribute is accessed. Added a new property "raw" to LDAPEntry. It provides a dictionary-like object which can be used to directly access encoded attribute values. https://fedorahosted.org/freeipa/ticket/3521
* Always use lists for values in LDAPEntry internally.Jan Cholasta2013-10-311-2/+28
| | | | | | | Outside of LDAPEntry, it is still possible to use non-lists. Once we enforce lists for attribute values, this will be removed. https://fedorahosted.org/freeipa/ticket/3521
* Introduce IPASimpleLDAPObject.decode method for decoding LDAP values.Jan Cholasta2013-10-311-27/+31
| | | | | | | This method is intended as a counterpart of IPASimpleLDAPObject.encode and replaces IPASimpleLDAPObject.convert_value_list. https://fedorahosted.org/freeipa/ticket/3521
* Make LDAPEntry a wrapper around dict rather than a dict subclass.Jan Cholasta2013-10-311-68/+83
| | | | https://fedorahosted.org/freeipa/ticket/3521
* Installer should always wait until CA starts upMartin Kosek2013-10-172-6/+11
| | | | | | | | | | | | | | Patch for ticket 3964 changed the installer so that it does not always wait for CA if the proxy is not configured. However, it was found out that it may freeze an installation when a step subsequent after CA restart call the CA and receives no reply. Change the wait so that it always waits for CA to start up. If HTTP proxy is already configured, it should wait on port 443. If not, it should wait on local PKI port 8443. https://fedorahosted.org/freeipa/ticket/3973
* PKI installation on replica failing due to missing proxy confMartin Kosek2013-10-111-1/+2
| | | | | | | | Proxy configuration was not detected correctly. Both ipa-pki-proxy.conf and ipa.conf need to be in place and httpd restarted to be able to check it's status. https://fedorahosted.org/freeipa/ticket/3964
* ipapython.nsslib: Name arguments to NSPRErrorPetr Viktorin2013-10-041-5/+7
| | | | | Previously NSPRError was given arguments in the wrong order. Fix this by naming the arguments.
* Raise an error when updating CIDict with duplicate keysPetr Viktorin2013-09-251-3/+22
| | | | | | | | | Updating a CIDict with data like {'A': 1, 'a': 2} would lead to data loss since only one of the items would get to the CIDict. This can result in non-obvious bugs similar to this one in python-ldap: https://bugzilla.redhat.com/show_bug.cgi?id=1007820 Raise an error in this case; any resolution must be done by the caller.
* Add missing dict methods to CIDictPetr Viktorin2013-09-251-18/+49
| | | | | | | | | | | | | Make the CIDict interface match standard dict (except view* methods). Add __contains__, __iter__, clear. Add keyword and iterable support for __init__, update. Also add values() and itervalues(). Previously the dict versions were used; the new ones guarantee that the order matches keys(). Mark view* methods as not implemented. CIDict.copy() now returns a CIDict. Test the above additions, and fromkeys() which worked but wasn't tested.
* Move tests to test directoriesPetr Viktorin2013-09-252-406/+0
| | | | | | | | Nose doesn't pick up directories that don't begin with 'test'. Rename ipatests/test_ipaserver/install to test_install so that it's run. Also, merge test_ipautil.py from ipapython/test into tests/test_ipapython, so the whole test suite is in one place.
* Don't search platform pathTimo Aaltonen2013-09-161-1/+1
| | | | Don't use Python.h from the platform specific path
* Perform dirsrv tuning at platform levelTomas Babej2013-08-262-6/+88
| | | | | | | | | | | | | | | | When configuring the 389 Directory Server instance, we tune it so that number of file descriptors available to the DS is increased from the default 1024 to 8192. There are platform specific steps that need to be conducted differently on systemd compatible platforms and sysV compatible platforms. systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv set ulimit - nofile 8192 in /etc/security/limits.conf https://fedorahosted.org/freeipa/ticket/3823
* Prevent *.pyo and *.pyc multilib problemsMartin Kosek2013-08-131-2/+2
| | | | | | | | | | | | | Differences in the python byte code fails in a build validation (rpmdiff) done on difference architecture of the same package. This patch: 1) Ensures that timestamps of generated *.pyo and *.pyc files match 2) Python integer literals greater or equal 2^32 and lower than 2^64 are converted to long right away to prevent different type of the integer on architectures with different size of int https://fedorahosted.org/freeipa/ticket/3858
* Skip referrals when converting LDAP result to LDAPEntryTomas Babej2013-07-261-0/+9
| | | | | | | | When converting the result obtained by python-ldap library, we need to skip unresolved referral entries, since they cannot be converted. https://fedorahosted.org/freeipa/ticket/3814
* Correct default value of LDAPClient.get_entries scope argumentPetr Viktorin2013-07-251-1/+2
|
* Run gpg-agent explicitly when encrypting/decrypting files.Jan Cholasta2013-07-171-7/+12
| | | | | | Also add an option to ipautil.run to redirect command output to /dev/null. https://fedorahosted.org/freeipa/ticket/3767
* Use --ignore-dependencies only when necessaryAna Krivokapic2013-07-111-4/+5
| | | | | | | | | | Using the --ignore-dependencies switch was causing the ipactl stop command not to stop all instances of dirsrv and dogtag. Make sure the switch is used only when necessary, i.e. to prevent ipa-otpd.socket from getting stuck during the shutdown transaction. https://fedorahosted.org/freeipa/ticket/3730 https://fedorahosted.org/freeipa/ticket/3729
* Avoid systemd service deadlock during shutdownAna Krivokapic2013-07-111-1/+11
| | | | https://fedorahosted.org/freeipa/ticket/3729
generated by cgit (git 2.34.1) at 2024-05-06 02:41:28 +0000