summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix existence check, default_server is an array so we need toSimo Sorce2008-05-101-2/+2
| | | | check its length to determine if it is empty
* Display information on how to uninstall a partially installed server.Rob Crittenden2008-05-091-4/+10
| | | | | | | This may have failed either because the user pressed ^C or something failed during installation. 442454
* Include information on where to look if a hostname resolves to localhost.Rob Crittenden2008-05-091-1/+1
| | | | 442812
* Convert mercurial command to git equivalent for creating an archive.Rob Crittenden2008-05-091-1/+2
| | | | | | | | | By default it will use the master branch of the repo this is run from. To specify a different branch use the argument TARGET=<branch> e.g. make dist TARGET=ipa-1-0 442419
* On IPA Servers connect to ourselves using localhost,Simo Sorce2008-05-081-2/+5
| | | | | and avoid searching for KDC servers via DNS, we just connect to ourselves.
* Return better ewrror message that gives a hint about who actually returned itSimo Sorce2008-05-081-9/+6
| | | | + Some cleanups (trainling spaces and such).
* Detect existing DS instances and prompt for removal during replica install.Rob Crittenden2008-05-081-0/+32
| | | | 442454
* Add missing colon to function definition that broke the buildRob Crittenden2008-05-081-1/+1
|
* Add a version API to the server so it knows what version it is.Rob Crittenden2008-05-089-15/+50
| | | | 435019
* Don't allow the IPA server service principals to be removed.Rob Crittenden2008-05-082-0/+8
| | | | 440282
* Don't prompt for confirmation of DM password when installing a replica.Rob Crittenden2008-05-082-4/+12
| | | | | | | | | It implies that you are setting a new password and you really aren't. Also added a catch for KeyboardInterrupt with instructions on how to recover from a partial install. 441607
* Second half of the redoing how the version is managed.Rob Crittenden2008-05-0710-62/+78
|
* Indent the plugin accordingly to our style guidelines.Simo Sorce2008-05-071-802/+758
| | | | Used indent -kr -nut dna.c for most of the changes
* Fix a bug in our dns library, do not return the query as a reply if 0 ↵Simo Sorce2008-05-071-7/+5
| | | | replies were returned.
* Refine our web space some more so that everything we reference is in /ipaRob Crittenden2008-05-0712-47/+171
| | | | | | | | | | | | | | | UI: /ipa/ui XML-RPC: /ipa/xml errors: /ipa/errors config: /ipa/config I had to hardcode that URI into the CSS pages but TurboGears handles the rest of the translations with tg.url(). Added a version to ipa.conf and ipa-rewrite.conf so we can update them in the future if needed with ipa-upgradeconfig 440443
* Redo the way versioning works in freeIPA.Rob Crittenden2008-05-059-711/+55
| | | | | | | | | | | | | | | | | The file VERSION is now the sole-source of versioning. The generated .spec files will been removed in the maintainer-clean targets and have been removed from the repository. By default a GIT build is done. To do a non-GIT build do: $ make TARGET IPA_VERSION_IS_GIT_SNAPSHOT=no When updating the version you can run this to regenerate the version: $ make version-update The version can be determined in Python by using ipaserver.version.VERSION
* Remove duplicated "the" and add some formatting to the EXAMPLE for clarity.Rob Crittenden2008-05-051-3/+4
| | | | 443012
* This patch begins the process of replacing OpenLDAP with mozldap.W. Michael Petullo2008-05-018-102/+109
| | | | | | | | | FreeIPA relies on RedHat's Directory Server, which uses mozldap. A FreeIPA build using mozldap would reduce the project's dependencies and redundant code. In addition, mozldap uses NSS instead of OpenSSL. This is beneficial for the reasons listed in [1]. [1] http://fedoraproject.org/wiki/FedoraCryptoConsolidation
* Fix ownership of the Apache NSS cert and key databases.Rob Crittenden2008-04-301-0/+10
| | | | | The group "apache" needs to have read access to them so they will work in Fedora 9+.
* Fix the client-side search size limit.Rob Crittenden2008-04-254-45/+45
| | | | | | | | | | | | | | I've changed the variable name searchlimit to sizelimit to match the name in python-ldap (and hopefully therefore be more readable). The big change was changing the default value from 0 to -1. As 0 we were never using the value from cn=ipaconfig python-ldap expects this to be an int type In the UI sizelimit was hardcoded at 0 for users 439880
* Make sure recent ldapmodify tool (as in F9) do not complain by splitting theSimo Sorce2008-04-251-0/+5
| | | | operation into 2 modify operations
* Add --verbose option so the HTTP headers and XML request/response can be seen.Rob Crittenden2008-04-2520-270/+457
| | | | | | | Also re-do the way modules are imported. I was attemping to have ^C handled gracefully but the way I did it could mask other problems. 443987
* Add nfs as a service principal type.Rob Crittenden2008-04-232-0/+2
| | | | 440242
* Don't let a user change their own uid. Fix some related errors if they try.Rob Crittenden2008-04-232-3/+8
| | | | 440895
* Don't allow a replica to prepare a replica for itself.Rob Crittenden2008-04-231-0/+3
| | | | 442756
* Fixed various memory leaks in memberOf plug-in.Nathan Kinder2008-04-221-2/+9
| | | | 440474
* Make sure we always have the [domain-realm] section or kerberos libs misbheave.Simo Sorce2008-04-221-5/+5
|
* Become version 1.0.0release-1-0-0Rob Crittenden2008-04-1616-26/+71
|
* Catch all errors when obtaining an LDAP connection.Rob Crittenden2008-04-151-0/+2
| | | | 442582
* Move print statement to the correct scope so it displays both lock and unlock.Rob Crittenden2008-04-151-1/+1
| | | | 442625
* Better detection of DS not starting.Rob Crittenden2008-04-141-3/+23
| | | | | | | The dirsrv init script always returns 0 on status checks, even if an instance is not started. So we have to look through the output instead. 442452
* Don't quit trying to lock a user if they aren't in the activated group.Rob Crittenden2008-04-141-1/+5
| | | | | | | | Users are considered activated by default so don't need to be in the activated group explicitly. Ignore the "not in group" error when trying to remove them. 442470
* Handle exceptions more gracefully on systems with python-ldap 2.2.0Rob Crittenden2008-04-141-5/+8
| | | | 442136
* Configure the ipa_pwd_extop plugin on replicas.Rob Crittenden2008-04-141-1/+4
| | | | | | | | If plugin isn't configured then the kerberos attributes don't get populated. User's will get Preauthentication errors from the kerberos libraries because there is no krbPrincipalKey to match against. 442134
* Use the same kpasswd.keytab on all replicas.Rob Crittenden2008-04-093-3/+12
| | | | | | | If we generate a new keytab for each replica then effectively password changes can only occur on the last replica created. 439905
* Fix client discovery and make sure command line options are not overwrittenSimo Sorce2008-04-091-36/+53
| | | | with discovered options, just verified.
* Make sure we use the configured server in ipa.conf first, andSimo Sorce2008-04-091-28/+23
| | | | fallback to the discovered ones only if that's not available
* Add --permitted-enctypes command and add it to the man page tooSimo Sorce2008-04-082-8/+52
|
* Make sure we start the NSCD daemon.Simo Sorce2008-04-081-0/+15
| | | | It makes a huge difference on clients, if we cache lookups
* is_integer returns the integer, don't use an if clause, just check it, if itSimo Sorce2008-04-081-12/+12
| | | | | is wrong it will just throw an exception and exit. Fix error reporting to use the canonical str(e)
* Fix error where password was getting set wrong if passed in on command-line.Rob Crittenden2008-04-081-1/+1
| | | | 439905
* The kpasswd keytab must not be owned by the dirsrv user.Simo Sorce2008-04-081-2/+0
| | | | Fix copy&paste error.
* SELinux fix from Dan WalshRob Crittenden2008-04-071-1/+1
| | | | 440646
* Add (post) to Requires: ipa-server-specRob Crittenden2008-04-072-2/+4
|
* Some SELinux policy changes provided by Dan Walsh.Rob Crittenden2008-04-073-4/+18
| | | | 440651
* Add _ntp SRV recordSimo Sorce2008-04-071-0/+2
|
* Password policy checks fixes.Simo Sorce2008-04-071-37/+94
| | | | | | - don't let a user set a password identical to the current one. - don't check more then the policy defined number of passwords in history - don't set an history longer than policy defined
* Don't allow the admin user to be removed from the admins group.Rob Crittenden2008-04-042-0/+15
| | | | 439281
* Add missing normalizeDN() when removing members from a group.Rob Crittenden2008-04-042-4/+16
| | | | 438387
* Create /etc/ipa/ipa.conf earlier in the installation process.Rob Crittenden2008-04-031-8/+8
| | | | | | | Because the ipa.config() object raises an error if there is no configuration file and auto-detection fails, ipa_webgui may fail to start at install time. 440475
generated by cgit (git 2.34.1) at 2025-09-02 20:10:07 +0000