summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Make ipa-server-install clean after itselfMartin Kosek2011-11-291-9/+36
| | | | | | | | | | | | | | | ipa-server-install may create some files in the first phase of installation before the actual installation and configuring of services starts. If the installation is interrupted, these files may prevent installing the server again until IPA server is uninstalled. This may be confusing and annoying for the user. This patch safely recovers all known files that could be created in the first phase of the installation. No clean up is done if the actual installation has not started yet or the installation returned success. https://fedorahosted.org/freeipa/ticket/1980
* Enable automember for upgraded serversMartin Kosek2011-11-292-0/+23
| | | | | | | | | automember functionality is depends on predefined data is in LDAP. Since we add it for fresh installs only, automember cannot be used for upgraded servers. Make sure that automember LDAP data is added during upgrade too. https://fedorahosted.org/freeipa/ticket/1992
* Fix coverity issues in client CLI toolsMartin Kosek2011-11-232-10/+24
| | | | | | | | This patch fixes 2 coverity issues: * ipa-client/config.c: CID 11090: Resource leak * ipa-client/ipa-getkeytab.c: CID 11018: Unchecked return value https://fedorahosted.org/freeipa/ticket/2035
* Add DNS service records for WindowsSumit Bose2011-11-231-0/+25
| | | | https://fedorahosted.org/freeipa/ticket/1939
* Fix some issues introduced when rebasing update patchRob Crittenden2011-11-232-5/+5
|
* Add plugin framework to LDAP updates.Rob Crittenden2011-11-2219-87/+648
| | | | | | | | | | | | | | | | | | | | | | | | | | There are two reasons for the plugin framework: 1. To provide a way of doing manual/complex LDAP changes without having to keep extending ldapupdate.py (like we did with managed entries). 2. Allows for better control of restarts. There are two types of plugins, preop and postop. A preop plugin runs before any file-based updates are loaded. A postop plugin runs after all file-based updates are applied. A preop plugin may update LDAP directly or craft update entries to be applied with the file-based updates. Either a preop or postop plugin may attempt to restart the dirsrv instance. The instance is only restartable if ipa-ldap-updater is being executed as root. A warning is printed if a restart is requested for a non-root user. Plugins are not executed by default. This is so we can use ldapupdate to apply simple updates in commands like ipa-nis-manage. https://fedorahosted.org/freeipa/ticket/1789 https://fedorahosted.org/freeipa/ticket/1790 https://fedorahosted.org/freeipa/ticket/2032
* ticket 2022 - modify codebase to utilize IPALogManager, obsoletes loggingJohn Dennis2011-11-2344-807/+697
| | | | | | | | | | | | change default_logger_level to debug in configure_standard_logging add new ipa_log_manager module, move log_mgr there, also export root_logger from log_mgr. change all log_manager imports to ipa_log_manager and change log_manager.root_logger to root_logger. add missing import for parse_log_level()
* ticket 2022 - Add log manager moduleJohn Dennis2011-11-231-0/+1748
|
* Finalize plugin initialization on demand.Jan Cholasta2011-11-228-40/+135
| | | | | | | | | | | | This patch changes the way plugins are initialized. Instead of finalizing all the plugins at once, plugins are finalized only after they are accessed (currently applies to Command, Object and Attribute subclasses, only in CLI by default). This change provides significant performance boost, as only the plugins that are actually used are finalized. ticket 1336
* Rename included snippets to avoid problems with pylintAlexander Bokovoy2011-11-223-2/+2
|
* Small fix to the guide CSS: enable vertical scroll barAlexander Bokovoy2011-11-221-2/+2
|
* Add "Extending FreeIPA" developer guideAlexander Bokovoy2011-11-226-0/+1360
| | | | | | | | | | | | | | "Extending FreeIPA" is a developer guide of FreeIPA core framework. Please make sure to improve the guide every time parts of the core framework are affected by your changes. This document ideally should correspond to the current state of the framework. The Guide is written using Emacs Org Mode but can be edited with any plain text editing tool. Emacs is only required to convert it to distribution formats like HTML and TXT. See guide/Makefile for building the guide and README for details of the build environment.
* ipa-cldap: send cldap replySimo Sorce2011-11-211-0/+48
|
* ipa-cldap: Create netlogon blobSimo Sorce2011-11-214-0/+344
|
* ipa-cldap: Decode CLDAP request.Simo Sorce2011-11-212-0/+191
|
* ipa-cldap: Implement worker thread.Simo Sorce2011-11-212-1/+81
|
* Create skeleton CLDAP server as a DS pluginSimo Sorce2011-11-218-6/+436
|
* Add NT domain GUID attribute.Simo Sorce2011-11-211-1/+2
| | | | | We need this to be able to re-set it, as ipaUniqueID cannot be arbitraily set to a value. Only needed for the domain object.
* Client install root privileges checkOndrej Hamada2011-11-211-2/+2
| | | | | | | | | ipa-client-install was failing and returning traceback when wasn't run by root. It was caused by logging initialization that was taking part before the root privileges check. To correct it, the check was moved before the logging initialization. https://fedorahosted.org/freeipa/ticket/2123
* Fixed entity definition in test cases.Endi Sukma Dewata2011-11-184-69/+106
| | | | | | | The test cases have been updated to use the new extensible mechanism for defining and registering entities. Ticket #2043
* Add missing copyright headerSimo Sorce2011-11-171-0/+22
|
* Create directories for client installAlexander Bokovoy2011-11-161-1/+10
| | | | | | | | | | | When ``make client-install`` is called, create /etc/ipa and /var/lib/ipa-client/sysrestore directories required for successful use of ipa-client-install. Do it only if DESTDIR is set to help packagers to notice that these directories have to exist https://fedorahosted.org/freeipa/ticket/1849
* Clarify usage of --posix argument in group plugin.Rob Crittenden2011-11-161-2/+2
| | | | Contributed by Jérôme Fenal
* Add configure check for libintl.hAlexander Bokovoy2011-11-162-0/+18
| | | | | | | | | There are some distributions which do not provide gettext support within libc. For these cases checking for libintl is required. https://fedorahosted.org/freeipa/ticket/1840
* Check for Python.h during build of py_default_encoding extensionAlexander Bokovoy2011-11-161-0/+7
| | | | | | | | For rare cases when Python development package is not installed, check that Python.h is available and bail out if not. Fixes: https://fedorahosted.org/freeipa/ticket/1838
* Let PublicError accept Gettext objectsMartin Kosek2011-11-161-1/+4
| | | | | | | | Make sure that PublicError does not crash when it receives Gettext/NGettext object. Instead of throwing a type error, do the translation to receive the required unicode text. https://fedorahosted.org/freeipa/ticket/2096
* Don't check for 389-instances.Rob Crittenden2011-11-163-61/+3
| | | | | | | | | | We no longer need to enforce that no 389-ds instances exist on an IPA server. Checking that the ports exist should be enough. This used to be one mechanism we used to check to see if IPA was already installed. We have a better mechanism now. https://fedorahosted.org/freeipa/ticket/1735
* Fix ipa-managed-entries bind procedureMartin Kosek2011-11-161-7/+13
| | | | | | | | | Make sure that when Directory Manager password is entered, we directly do a simple bind instead of trying binding via GSSAPI. Also capture ldap.INVALID_CREDENTIALS exception and provide nice error message than crash. https://fedorahosted.org/freeipa/ticket/1927
* Remove redundant information from API.txtMartin Kosek2011-11-152-2343/+2383
| | | | | | | | | | Some Param or Output attributes do not cause API incompatibility (e.g. doc, label or callables) and does not need to be included in API.txt. When these attributes are modified, a lot of bogus changes may get in API.txt - making the real API changes less detectable. https://fedorahosted.org/freeipa/ticket/2107
* Fix LDAP object parameter encodingMartin Kosek2011-11-157-86/+149
| | | | | | | | | | | | | | | Parameters in LDAP objects missed an information if they are real LDAP attributes or not. Real LDAP attributes are written to entry_attrs dictionary in plugin callbacks and are being encoded. This causes issues when plugin callbacks does not expect that the parameters values are already encoded for submission to LDAP. This patch introduces a new flag "noattribute" used to mark that a parameter is not an LDAP attribute and thus should not be encoded or added to entry_attrs. Param documentation is improved to describe the meaning of this and other Param flags or attributes. https://fedorahosted.org/freeipa/ticket/2097
* Replication: Adjust replica installation to omit processing memberof ↵JR Aquino2011-11-144-6/+30
| | | | | | | | | | | | | computations https://fedorahosted.org/freeipa/ticket/1794 If the master does not yet support the total update list feature we still run the memberof fixup task and not fail to replicate due to the new attribute not being settable. Jointly-developed-with: Simo Sorce <ssorce@redhat.com> Jointly-developed-with: Nathank Kinder <nkinder@redhat.com>
* Removed develop.js.Endi S. Dewata2011-11-1417-91/+80
| | | | | | | | | | The develop.js is no longer necessary because the code in it has been merged into the main code. An empty extension.js has been added to provide a place for UI customization. Ticket #2099
* Refactored permission target section.Endi S. Dewata2011-11-149-347/+246
| | | | | | | The permission target section has been modified to use widgets to create the target selection and handle multiple fields. Ticket #2098
* Fix API.txtMartin Kosek2011-11-141-1/+1
| | | | | | | Fix a post-makeapi change in one option's label in commit 62c110a3b89e3f37d1f1fa24a2a533a708d5de26 https://fedorahosted.org/freeipa/ticket/1906
* Hosts file not updated when IP is passed as optionMartin Kosek2011-11-101-2/+4
| | | | | | | | | | | When an IPA server with unresolvable hostname is being installed, a hostname record must be inserted to /etc/hosts or the installation will fail. However, it is not inserted when IP address is passed as an option (--ip-address) and not interactively. This patch fixes this so that /etc/hosts record is inserted in both cases. https://fedorahosted.org/freeipa/ticket/2074
* Polish ipa config helpMartin Kosek2011-11-102-50/+43
| | | | | | | | | | | Remove config-mod options help from config module help to keep the option doc on one place and without unnecessary redundancy. The new format is more consistent with the rest of the plugins. Also fix several inconsistencies in the labels/doc, including: - using abbreviation when not needed - using '.' at the end of options help https://fedorahosted.org/freeipa/ticket/1906
* Add Ondrej Hamada to Contributors.txtRob Crittenden2011-11-101-0/+1
|
* Fix copy/paste error in parameter description.Rob Crittenden2011-11-101-1/+1
| | | | Contributed by Jérôme Fenal
* Improve DNS record data validationMartin Kosek2011-11-104-284/+757
| | | | | | | | | | | | | Implement missing validators for DNS RR types so that we can capture at least basic user errors. Additionally, a normalizer creating a fully-qualified domain name has been implemented for several RRs where name server may mis-interpret the domain name otherwise. Unit tests exercising these new validators for the most common RR types have been added. This patch also consolidates hard-coded values in DNS test to one place. https://fedorahosted.org/freeipa/ticket/1106
* Added paging on search facet.Endi S. Dewata2011-11-118-324/+335
| | | | | | | | | | | | | | | The search facet has been modified to support paging on most entities using the --pkey-only option to get the primary keys and a batch command to get the complete records. Paging on DNS records is not supported because a record may appear as multiple rows. The following entities do not have --pkey-only option: Automount Key, Self-Service Permissions, Delegation. The search and association facet have been refactored to reuse the common code from the table facet base class. Ticket #981
* Updated sample data.Endi S. Dewata2011-11-11106-1479/+6839
| | | | | | | | New sample data files have been added for search facet paging. Unused files have been removed. The names used in the files have been updated for consistency. Ticket #981
* Remove calls to has_managed_entries()Rob Crittenden2011-11-111-30/+0
| | | | | | | | At one point in time we couldn't depend on the 389-ds having the managed entries plugin so this code was added to support both versions. It is no longer needed. https://fedorahosted.org/freeipa/ticket/1242
* Misleading Keytab fieldOndrej Hamada2011-11-104-3/+22
| | | | | | | | | | | | The 'Keytab' field in output of all 'user-*' commands was changed to 'Kerberos keys available'. In order to do this change for 'user-*' commands only, the flag 'has_keytab' had to be removed from common output parametrs in ipalib/baseldap.py. This change also affected the host.py and service.py, where the 'has_keytab' flag was added to their local output params. Both host.py and service.py holds the old field caption - 'Keytab' - because of compatibility with older clients. https://fedorahosted.org/freeipa/ticket/1961
* Fix DNS zone --allow-dynupdate option behaviorMartin Kosek2011-11-094-16/+15
| | | | | | | | | | | | --allow-dynupdate was implemented as a Flag parameter type, which is not convenient for LDAP attributes. When a DNS zone with permitted dynamic updates was modified and the --allow-dynupdate flag was not set, dynamic updates were turned off. This patch changes the option type to Bool parameter type which behaves according to user expectations when modifying the zone. https://fedorahosted.org/freeipa/ticket/2039
* Allow custom server backend encodingMartin Kosek2011-11-093-0/+56
| | | | | | | | | | | | | | Server framework does not support encoding of native Python type values stored in Param classes and sub-classes. When backend (LDAP) value encoding differs from Python type value representation user has to has to hard-code the encoders in his processing. This patch introduces a method Param.encode which is used in server context to encode native Python Param values. The new encode method is used for Bool parameter to convert native Python bool type value (True, False) to LDAP value ("TRUE", "FALSE"). https://fedorahosted.org/freeipa/ticket/2039
* Don't allow default objectclass list to be empty.Rob Crittenden2011-11-091-0/+3
| | | | https://fedorahosted.org/freeipa/ticket/1945
* MS-PAC: Add support for verifying PAC in TGS requestsSimo Sorce2011-11-071-7/+62
| | | | Fake code for now, to be rebased later
* Add support for generating PAC for AS requests for user principalsSimo Sorce2011-11-078-1/+906
|
* Fix CID 11027: Wrong sizeof argumentSimo Sorce2011-11-071-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/2037
* Fix CID 11026: Resource leakSimo Sorce2011-11-071-1/+4
| | | | https://fedorahosted.org/freeipa/ticket/2037
generated by cgit (git 2.34.1) at 2025-09-03 22:43:59 +0000