summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Rename new selinux file accidentally committed to the wrong directoryipa-1-2Rob Crittenden2009-07-301-0/+0
|
* Fix deprecation error of BaseException.message in Python 2.6Rob Crittenden2009-07-3019-23/+23
|
* Backport certs.py patches from master.Rob Crittenden2009-07-301-10/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix deprecation warning for the sha library on Python 2.6 sha has been replaced by hashlib. We need to support Python 2.4 - 2.6 so this will use hashlib if available but fall back onto sha if not. Fortunately they use the same API for the function we need. 509042 Identify CAs to trust from an imported PKCS#12 file We used to use certutil -O to determine the cert chain to trust. This behavior changed in F-11 such that untrusted CAs are not displayed. This is only used when we import PKCS#12 files so use pk12util -l to display the list of certs and keys in the file to determine the nickname(s) of the CAs to trust. 509111 No need to trust NSS built-in CA's, more specific regex for finding CA nickname - Add some logging so we have a better idea of what happened if things fail - Default to self-signed CA to trust if one is not found. This will fix the self-signed CA case where certutil doesn't return untrusted CA's in -O output. - Remove unused httplib import
* Remove unused imports, popen2 was causing python 2.6 deprecation errorsRob Crittenden2009-07-301-34/+28
| | | | | Also rename some variables, type and filter, that shadowed builtins Fixed the naming of some private functions
* Add conditional for new SELinux capabilities available in Fedora 11rcrit2009-07-232-11/+11
|
* Make the UI work when both python-cherrypy and python-cherrypy2 are installedRob Crittenden2009-06-181-1/+6
| | | | | | | Also shut down logging different in ipa_webui. Rather than calling logging.shutdown() pull all the log handlers and close them. 505686
* Fix group deletion.Rob Crittenden2009-02-101-1/+3
| | | | | | | | The attributes on the group new, edit, etc pages are limited to a few known/needed ones. Add dn to the list of hidden fields so we can pass this onto the subcontroller group.delete(). 484050
* Fix delegation using the special python-kerberos patch.Simo Sorce2009-01-261-1/+4
|
* memberof was not indexed in older versions of fedora-ds, keep it aroundSimo Sorce2008-12-051-0/+7
| | | | as an update so that if it is not there it will be added
* Fix stupid typo in update filerelease-1-2-1Simo Sorce2008-12-031-1/+1
|
* Bump up the version number for a new releaseSimo Sorce2008-12-031-1/+1
|
* Change ipa-compat-manage to work on older python versions too. Break ↵Simo Sorce2008-12-031-36/+50
| | | | try,except,finally into a try,try,finally,except Add also checks for LDAPError, errors.
* One line fix for ipa-server spec fileSimo Sorce2008-12-031-0/+1
|
* Adding an index for memberuid. Alsthough we do not use this attribute, many ↵Simo Sorce2008-12-022-0/+12
| | | | clients still ask for it so let's index it and make stuff faster.
* Forgot to add ipa-compat-manage to the sbin programsSimo Sorce2008-12-021-0/+1
|
* Add man page for ipa-compat-manageSimo Sorce2008-12-022-0/+47
|
* Fix makefiles after schema compat changesSimo Sorce2008-12-023-2/+3
|
* Corrected usage messages and manpage to match the logic for the ↵Nathan Kinder2008-12-012-2/+2
| | | | ipa-replica-manage init command.
* Fix typo, thanks to Michele for pointing it outSimo Sorce2008-12-011-1/+1
|
* Run updates on the replica too, otherwise changes to cn=config will be missing.Simo Sorce2008-12-011-0/+4
|
* Make sure the CA cert is copied to the replica, fail if no ca.crt is ↵Simo Sorce2008-12-012-1/+16
| | | | available. Cope with some versions of ipa that forgot to copy the ca.crt cert in the right place.
* Add tool to enable or disable the schema compatibility pluginSimo Sorce2008-12-012-0/+157
|
* add passsync to ipa-replica-manage man pageRich Megginson2008-11-251-0/+3
|
* do not use ipaerror directly in ipa-replica-manage - use ldap exception insteadRich Megginson2008-11-251-1/+1
|
* Fix memleaks found by valgrindSimo Sorce2008-11-201-5/+17
|
* We must always zero out the target ientry unconditionally where it is usedSimo Sorce2008-11-201-14/+6
| | | | and never free it in the destructor.
* Avoid potential crashbug on invalid DNs (not in the tree).Simo Sorce2008-11-191-25/+81
|
* Fix error in validation when editing new groups via the UIRob Crittenden2008-11-191-0/+2
| | | | 471808
* Fix a free before use bug, it may lead to crashes but usually just corruptsrelease-1-2-0Simo Sorce2008-11-141-3/+2
| | | | | | the changepw dn we store so that it won't match. This causes normal password changes to be interpreted as password resets instead, and the new legit password is immediately expired.
* This is not a git snapshotSimo Sorce2008-11-131-1/+1
|
* set winsync account disable sync default value to both instead of noneRich Megginson2008-11-131-1/+1
|
* Bump up version number to 1.2.0Simo Sorce2008-11-131-2/+2
|
* wait for sync agreement to be ready before startingRich Megginson2008-11-131-0/+45
| | | | Added checking for error status - Added maxtries so that the script won't wait forever if there is something wrong
* Fix appending to a multi-valued field.Rob Crittenden2008-11-121-1/+1
| | | | | There was a bug where only the first value of a multi-valued field would be returned.
* Remove the column width from #details table.details tdRob Crittenden2008-11-121-1/+0
| | | | | | This should make the User Find results page look nicer. 470428
* Present a less-cryptic error if the replication agreement doesn't existRob Crittenden2008-11-121-1/+4
|
* Create a user for Windows PassSync and grant password changing permissionsRob Crittenden2008-11-122-2/+44
| | | | | | | | | This does 3 things: 1. Create a user for the Windows PassSync service 2. Add this use to the list of users that can skip password policies 3. Add an aci that grants permission to write the password attributes 471130
* Fix deleting a winsync replication agreement.Rob Crittenden2008-11-122-11/+32
|
* Make the list of users that can skip passwrod policies configurable.Simo Sorce2008-11-121-48/+105
| | | | | | | | | | | Addresses bz#471130 Also fix bugs in ipapwd_start. Also remove mutex, it is not necessary with the current code, we needed it when we used to change reload the configuration and keep it referenced in a static pointer. ipapwd_start runs only once and the global variables it sets are fixed in stone until DS is restarted.
* Make DNA work with internal operationsRich Megginson2008-11-101-3/+49
|
* Use the local connection when getting a replication ID for winsync.Rob Crittenden2008-11-051-1/+5
| | | | | | | | We can't connect to the windows AD server to get a unique repliation ID. So first see if this master already has one and if not, get an id from the local DS. 469977
* use ipautil.CalledProcessError instead of CalledProcessErrorRich Megginson2008-11-041-3/+3
|
* Fix error in validation when adding new groups via the UIRob Crittenden2008-10-311-0/+2
| | | | 469256
* Install replication update fileRob Crittenden2008-10-311-1/+2
|
* Gracefully handle running on an unconfigured IPA serverRob Crittenden2008-10-301-0/+4
|
* Don't report spurious upgrade message if IPA has not been configured yet.Rob Crittenden2008-10-291-9/+12
| | | | | | | | This was throwing the error "Unable to determine hostname from ipa-rewrite.conf" during RPM %post on unconfigured servers where there is nothing to do. 468947
* Ensure that every replica gets a unique replication ID. Otherwise changes ↵Rob Crittenden2008-10-293-3/+57
| | | | | | won't propogate between all replicas. 468732
* Fix error if more than one values is being set in an only. The first entry ↵Rob Crittenden2008-10-151-1/+1
| | | | | | wasn't being properly converted into a list so subsequent values caused it to crap out. 467102
* add update to fix the index for the winsync attributesRich Megginson2008-10-132-0/+11
|
* do not store the OUs from the AD DN in the IPA user entry when flatteningRich Megginson2008-10-131-35/+0
|
generated by cgit (git 2.34.1) at 2024-05-04 15:26:27 +0000