summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Add missing imageRob Crittenden2008-04-031-0/+1
|
* Need python-ldap in RequiresSimo Sorce2008-04-021-0/+1
|
* Don't try to update ipauserobjectclasses or ipagroupobjectclassesRob Crittenden2008-04-022-9/+13
| | | | | | | | since they aren't being displayed anymore. They will just get blanked. Also add some error handling in ipahelper.fix_incoming_fields() 438256
* Add missing start_creation() so the install process will get kicked off.Rob Crittenden2008-04-021-0/+1
|
* Make sure we have ipa-client installed as now ipa-server-install callsSimo Sorce2008-04-022-0/+2
| | | | ipa-client-install
* Cut&patse errorSimo Sorce2008-04-021-3/+3
|
* Stricter directory control for ipa daemons, each one it's own directorySimo Sorce2008-04-013-1/+16
|
* - Better defaults for nss_ldapSimo Sorce2008-04-012-6/+26
| | | | | | | | - Make sure timeouts are not too high, so that machine does not hang if remote servers are not reachable - Make sure root can always login no matter what the status of the ldap servers - use rfc2307bis schema directive
* Move ipa_kpasswd credential cache in its own directorySimo Sorce2008-04-014-3/+15
|
* Fix typo in python directive. Fixes marking a group active.Rob Crittenden2008-04-011-1/+1
| | | | 440142
* Fix crash when creating new groups. You can't iterate over a None variable.Rob Crittenden2008-04-011-0/+2
| | | | 440081
* Fix AVC when for reading /proc during password change on RHEL 5Rob Crittenden2008-04-011-0/+2
| | | | 438007
* No need to use a regular expression to find the replication hostRob Crittenden2008-03-311-3/+1
| | | | 430015
* Call client uninstall from server uninstall so that uninstall reverses alsoSimo Sorce2008-03-311-0/+15
| | | | client bits.
* RHEL4 contrib client uninstallSimo Sorce2008-03-311-4/+20
|
* Implement client uninstallSimo Sorce2008-03-314-8/+80
| | | | (including RHEL4 contrib setup script)
* Sysrestore fixes.Simo Sorce2008-03-312-47/+50
| | | | | | | Latest patch used the wrong path and all files where actually going to /tmp even if a different path was specified. Makes also StateFile behave the same as FileStore, and be a public class, this way a common path can be used too.
* Some more function name errors due to merge from DS own memberof plugin thatSimo Sorce2008-03-311-6/+6
| | | | has different function names. This was a runtime linker crash bug :/
* On the delegation edit screen allow the direct entry of a group nameRob Crittenden2008-03-241-4/+28
| | | | | | Fix the redirection errors, it was going to back to the Add delegation page 438257
* Don't try to add the default group to a user when creating the group.Rob Crittenden2008-03-311-4/+19
| | | | | | This is done automatically and trying to do so will return an error. 432106
* Fix account activation.Rob Crittenden2008-03-313-12/+89
| | | | | | | | | | | | | | | | We do account activation by using a Class of Service based on group membership. A problem can happen if the entry itself has an nsaccountlock attribute and you try doing Class of Service work as well because the local attribute has priority. So try to detect that the entry has a local nsAccountLock attribute and report an appropriate error. Don't allow the admins or editors groups to be de-activated. Return a better error message if account [in]activation fails. Catch errors when doing group [in]activation. 439230
* Fix typoSimo Sorce2008-03-311-2/+2
|
* Better check for IPA nServer own address, avoid manually parsing /etc/hosts bySimo Sorce2008-03-301-36/+54
| | | | | | | using nsswitch calls that read it and also take in account any other name resolution mechanism that might be installed (like NIS lol :-). This also should make the check support IPv6 transparently too (not tested)
* Avoid listing a group as a memberOf itself when a circular groupingNathan Kinder2008-03-281-10/+23
| | | | | | | | | | is created. We basically just need to add a check to see if we're to use a group DN as the memberOf value when performing an operation on itself for all operation types. 439450
* Fixed handling of modify operations that delete all present memberNathan Kinder2008-03-281-2/+13
| | | | | | | | | | | | | values without specifying the values to delete in the memberOf plug-in. Member entries were not being updated because the code used the values in the mod to find the member entries to update. The fix is to detect when a delete modify has no values specified and just use the replace code since it compares the pre-op and post-op copies of the group to figure out what member entries to update. 439097
* Put replica info file into /var/lib/ipa instead of the current directoryRob Crittenden2008-03-281-2/+2
| | | | 439120
* Move sysrestore to ipa-python so it can be used by client scripts too.Simo Sorce2008-03-2713-350/+471
| | | | | | Change backup format so files are all in a single directory (no dir hierarchies) and use an index file so we can save also ownership and permission info for the restore (and eventually other data later on).
* Don't allow the admin user to be removed using the XML-RPC Interface.Rob Crittenden2008-03-282-0/+7
| | | | | | If a site really wants it gone then can delete it via LDAP. 439281
* Do case-less comparisons when considering objectclass but store theRob Crittenden2008-03-283-3/+7
| | | | | | | | | | current value to prevent unnecessary LPAP updates (and failed writes) Don't check against these lists on updates, only add them on new entries. Disable the ability to configure in the UI these values for now. 438256
* Properly detect when ports are available.Rob Crittenden2008-03-271-4/+3
| | | | | | | | The DS setup program uses Perl and does a similar port available test. It seems that perl always sets FD_CLOEXEC and python does not. This is why the port test would pass in python but fail in perl. 439024
* Put the replica hostname back together properlyRob Crittenden2008-03-271-2/+3
| | | | 439057
* Normalize member DN's when determining whether they are in a groupRob Crittenden2008-03-261-1/+5
| | | | | | as a direct or indirect member. 438387
* One line typo fixSimo Sorce2008-03-271-1/+1
|
* Fix setup script to use the right module nameSimo Sorce2008-03-271-3/+3
|
* When getting members let user indicate what type of member they want.Rob Crittenden2008-03-278-16/+126
| | | | | | | | | | The memberOf attribute includes members that are directly in the group via the "member" attribute and those that are included as a result of being in a group that is in the group. The UI needs to be able to distinguish between the two. 438706
* Handle MODRDN operations properly for indirect group members.Nathan Kinder2008-03-261-1/+11
| | | | | | | Without this, an entry's memberOf attribute is not updated with the new group DN when an indirect group is renamed. This is in bugzilla for FDS as bz 438891.
* Make the memberof task a public function.Rob Crittenden2008-03-274-14/+29
| | | | | | | | | | | | | | This is used when a new replica is created as well as whenever a replica is re-initialized from another master. In order for this to work when not creating an instance the __init__ function needs to be able to determine the suffix and the dm_password is needed. I've also added the time to the RDN of the member task to ensure uniqueness. 438222
* Add additional detail to error messages.Rob Crittenden2008-03-255-24/+24
| | | | | | | | | This runs the risk of showing too much and confusing users but on the other hand it often includes required information detailing why the error occurred such as what attribute the user lacks write access too and why changing a password failed. 438057
* Make Install and Uninstall have different log filesSimo Sorce2008-03-241-2/+5
|
* Add autoconf and automake stuff and provide a spec file.Simo Sorce2008-03-255-0/+196
| | | | | | | | | | | | | | | | | | | | | | | | | | | | To build a package one need to run autoconf and then create a tarball of the RHEL4 directory so that the content is like this: $ ls -1 ipa-client-0.99.0 aclocal.m4 AUTHORS autom4te.cache ChangeLog configure configure.ac COPYING INSTALL install-sh ipachangeconf.py ipa-client-setup ipa.conf Makefile.am Makefile.in missing NEWS README setup.py the spec file will then be able to build a package for RHEL4
* Don't error out if the user isn't in any groups.Rob Crittenden2008-03-261-0/+3
| | | | 438222
* Fix file permissions on ca.crt when it is installed.Rob Crittenden2008-03-261-0/+1
| | | | 438220
* Add some missing man pagesRob Crittenden2008-03-1715-4/+455
| | | | 436501
* Re-root the IPA web UI to /ipa and the XML-RPC interface to /ipaxml.Rob Crittenden2008-03-246-31/+34
| | | | 438021
* We are really changing the kerberos principal key and not the password whenRob Crittenden2008-03-246-49/+49
| | | | | | | | | | we do updates, so use the right terminology internally. Also fix the actual field we update (and grant permission appropriately in delegations). The DS password handles updating userPassword and any Samba passwords as necessary. 438256
* Start ntpd after FDS so that the ntp user can be found.Rob Crittenden2008-03-241-2/+2
| | | | | | | Start httpd after ipa_webgui becuse otherwise mod_proxy may not like it if it can't connect to the UI listening port 438090
* Allow client install to specify ntp server nameSimo Sorce2008-03-141-1/+6
|
* Allow the realm to be included in the name passed to add_service_principal()Rob Crittenden2008-03-172-3/+11
| | | | | | | This is more kerberos-like and it doesn't hurt anything, we just won't allow realms other than our own to be used. 437566
* Don't define bogus realm/server in configuration file by defaultRob Crittenden2008-03-1720-4/+58
| | | | | | | Add default exception handler to avoid backtraces in cmdline tools Enhance error message when the IPA server or realm can't be found 437565
* Adding items to the set needs to be lower case to prevent duplicates.Rob Crittenden2008-03-101-1/+1
| | | | | | | This function was assuming that the target list was all lower-case so the set could end up with duplicate values which would get kicked out by LDAP. 433680
generated by cgit (git 2.34.1) at 2025-09-03 13:03:29 +0000