freeipa.git - FreeIPA project

	Commit message (Collapse)	Author	Age	Files	Lines
*	Display the entries that failed when deleting with --continue.	Rob Crittenden	2011-01-10	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \|	We collected the failures but didn't report it back. This changes the API of most delete commands so rather than returning a boolean it returns a dict with the only current key as failed. This also adds a new parameter flag, suppress_empty. This will try to not print values that are empty if included. This makes the output of the delete commands a bit prettier. ticket 687
*	Rename hbac module to hbacrule	Jan Zeleny	2011-01-07	1	-93/+93
\| \| \| \| \| \|	The renaming follows previous discussion on mailing list and it leads to name compatibility with other plugins (e.g. sudorule). It is also necessary for following changes in ipa help.
*	Change FreeIPA license to GPLv3+	Jakub Hrozek	2010-12-20	1	-5/+5
\| \| \| \| \| \| \| \| \| \|	The changes include: * Change license blobs in source files to mention GPLv3+ not GPLv2 only * Add GPLv3+ license text * Package COPYING not LICENSE as the license blobs (even the old ones) mention COPYING specifically, it is also more common, I think https://fedorahosted.org/freeipa/ticket/239
*	Remove accessTime from HBAC.	Rob Crittenden	2010-12-06	1	-26/+23
\| \| \| \|	ticket 545
*	Populate indirect members when showing a group object.	Rob Crittenden	2010-10-28	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	This is done by creating a new attribute, memberindirect, to hold this indirect membership. The new function get_members() can return all members or just indirect or direct. We are only using it to retrieve indirect members currently. This also: * Moves all member display attributes into baseldap.py to reduce duplication * Adds netgroup nesting * Use a unique object name in hbacsvc and hbacsvcgroup ticket 296
*	If an HBAC category is 'all' don't allow individual objects to be added.	Rob Crittenden	2010-10-08	1	-2/+73
\| \| \| \| \| \| \| \|	Basically, make 'all' mutually exclusive. This makes debugging lots easier. If say usercat='all' there is no point adding specific users to the rule because it will always apply to everyone. ticket 164
*	Require that hosts be resolvable in DNS. Use --force to ignore warnings.	Rob Crittenden	2010-08-06	1	-3/+3
\| \| \| \| \| \| \| \| \| \| \| \| \|	This also requires a resolvable hostname on services as well. I want people to think long and hard about adding things that aren't resolvable. The cert plugin can automatically create services on the user's behalf when issuing a cert. It will always set the force flag to True. We use a lot of made-up host names in the test system, all of which require the force flag now. ticket #25
*	Use new service schema for HBAC tests	Rob Crittenden	2010-05-17	1	-3/+35
\|
*	Use the Output tuple to determine the order of output	Rob Crittenden	2010-02-15	1	-10/+10
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	The attributes displayed is now dependant upon their definition in a Param. This enhances that, giving some level of control over how the result is displayed to the user. This also fixes displaying group membership, including failures of adding/removing entries. All tests pass now though there is still one problem. We need to return the dn as well. Once that is fixed we just need to comment out all the dn entries in the tests and they should once again pass.
*	Take 2: Extensible return values and validation; steps toward a single ↵	Jason Gerard DeRose	2009-12-10	1	-81/+92
\| \| \| \|	output_for_cli(); enable more webUI stuff
*	Add {user,host,sourcehost}Category to HBAC and make accessTime multivalue.	Pavel Zuna	2009-12-01	1	-15/+14
\|
*	Add HBAC plugin and introduce GeneralizedTime parameter type.	Pavel Zuna	2009-10-05	1	-0/+305