summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Do not show unexpected error in ipa-ldap-updaterAna Krivokapic2013-09-161-0/+2
| | | | | | | Prevent showing of unfriendly "Unexpected error" message, when providing incorrect DM password to ipa-ldap-updater. https://fedorahosted.org/freeipa/ticket/3825
* Add Delegation Info to MS-PACSimo Sorce2013-09-131-2/+160
| | | | https://fedorahosted.org/freeipa/ticket/3442
* Fix nsslapdPlugin object class after initial replication.Jan Cholasta2013-09-104-11/+13
| | | | | | This is a workaround for <https://fedorahosted.org/389/ticket/47490>. https://fedorahosted.org/freeipa/ticket/3915
* Do not crash if DS is down during server uninstallAna Krivokapic2013-09-091-23/+41
| | | | | | | | DS is contacted during server uninstallation, in order to obtain information about replication agreements. If DS is unavailable, warn and continue with uninstallation. https://fedorahosted.org/freeipa/ticket/3867
* Fix invocations of FileError in ipa-client-installAna Krivokapic2013-09-091-10/+12
| | | | | | | | Some of the FileErrors in ipa-client-install were raised incorrectly (without the 'reason' argument), which resulted in bad error messages during ipa-client-install. https://fedorahosted.org/freeipa/ticket/3758
* Replace ntpdate calls with ntpdAna Krivokapic2013-09-091-14/+12
| | | | | | | Due to the upcoming deprecation of the ntpdate program (targeted for Fedora 20), replace ntpdate calls with ntpd. https://fedorahosted.org/freeipa/ticket/3797
* Make make-lint compatible with Pylint 1.0Petr Viktorin2013-09-061-4/+17
| | | | | | | | | | | | | Pylint 1.0 was released[0] and it brings some incompatibilities, as well as a bug[1] that's triggered by FreeIPA code. This patch updates make-lint to be compatible with Pylint 1.0, while keeping support for version 0.26. [0] http://www.logilab.org/blogentry/163292 [1] https://bitbucket.org/logilab/pylint/issue/47 Ticket: https://fedorahosted.org/freeipa/ticket/3865
* Remove __all__ specifications in ipaclient and ipaserver.installPetr Viktorin2013-09-062-5/+0
| | | | | | | | | | | The __all__ list does not cause submodules to be imported, e.g. one would still have to `import ipaclient.ipachangeconf` rather than just `import ipaclient` to use `ipaclient.ipachangeconf`. Even if they did do anything, the lists were incomplete, and (since `import *` is not used on these modules) unnecessary. Pylint 1.0 reports undeclared names in __all__ as a warning.
* Add timestamps to named debug logs in /var/named/data/named.runPetr Spacek2013-09-061-0/+1
|
* Add option to ipa-client-install to configure automountAna Krivokapic2013-09-052-1/+32
| | | | | | | Add the --automount-location option to ipa-client-install. If the option is used, ipa-client-automount is called at the end of ipa-client-install. https://fedorahosted.org/freeipa/ticket/3740
* Fix RUV search scope in ipa-replica-managePetr Vobornik2013-09-042-1/+11
| | | | | | | | The search had an incorrect scope and therefore it didn't find any RUV. This issue prevented removing of replica. https://fedorahosted.org/freeipa/ticket/3876
* Add warning when uninstalling active replicaAna Krivokapic2013-09-041-5/+31
| | | | | | | Add a warning when trying to uninstall a replica that has active replication agreements. https://fedorahosted.org/freeipa/ticket/3867
* Create DS user and group during ipa-restoreAna Krivokapic2013-09-024-52/+59
| | | | | | | ipa-restore would fail if DS user did not exist. Check for presence of DS user and group and create them if needed. https://fedorahosted.org/freeipa/ticket/3856
* Add integration tests for forced client re-enrollmentAna Krivokapic2013-09-021-0/+278
| | | | | | | Add integration tests for the forced client re-enrollment feature: http://www.freeipa.org/page/V3/Forced_client_re-enrollment#Test_Plan https://fedorahosted.org/freeipa/ticket/3832
* EXTDOM: Do not overwrite domain_name for INP_SIDJakub Hrozek2013-08-291-2/+0
|
* CLDAP: make sure an empty reply is returned on any errorSumit Bose2013-08-291-1/+2
| | | | | | If ipa_cldap_decode() reply is not initialized. Fixes https://fedorahosted.org/freeipa/ticket/3885
* Re-order NULL check in ipa_lockout.Rob Crittenden2013-08-291-2/+1
| | | | | | | | There is no risk of crash here as slapi_valueset_first_value() can handle the case where the valueset is NULL, but there is no point in calling that if we know there are no values. https://fedorahosted.org/freeipa/ticket/3880
* Add man pages for testing toolsPetr Viktorin2013-08-298-1/+405
| | | | | | Add man pages for ipa-run-tests, ipa-test-task, and ipa-test-config. https://fedorahosted.org/freeipa/ticket/3855 (part 5)
* Log proper error message when defaultNamingContext not foundTomas Babej2013-08-291-1/+7
|
* Fix service-disable in CA-less install.Jan Cholasta2013-08-291-20/+21
| | | | https://fedorahosted.org/freeipa/ticket/3886
* Add CA-less install testsPetr Viktorin2013-08-283-0/+1481
| | | | | | | | | | | | | | | | | | | | | | | Differences from the test plan at http://www.freeipa.org/index.php?title=V3/CA-less_install&oldid=6669 are: - The following tests are included in all applicable positive install tests, rather than being standalone test cases: - Verify CA certificate stored in LDAP - Verify CA PEM file created by IPA server install - Verify that IPA server install does not configure certmonger - Verify CA PEM file created by IPA replica install - Verify that IPA replica install does not configure certmonger - Verify CA PEM file created by IPA client install - PKI setup is done only once for each test class - Master installation is done once for the IPA command tests, and once for the certinstall tests - Certificates are compared after base64 decoding to avoid failures from formatting mismatches - Minor changes necessary for automation (e.g. adding --unattended and --password options, correcting error messages) - Web UI tests are not included here https://fedorahosted.org/freeipa/ticket/3830
* Fix tests which fail after ipa-adtrust-installAna Krivokapic2013-08-2813-131/+207
| | | | | | | | | | Some unit tests were failing after ipa-adtrust-install has been run on the IPA server, due to missing attributes ('ipantsecurityidentifier') and objectclasses ('ipantuserattrs' and 'ipantgroupattrs'). This patch detects if ipa-adtrust-install has been run, and adds missing attributes and objectclasses where appropriate. https://fedorahosted.org/freeipa/ticket/3852
* Add missing license header to ipa-test-configPetr Viktorin2013-08-281-0/+19
|
* Update idrange search facet after trust creationPetr Vobornik2013-08-283-6/+10
| | | | | | Adding a trust creates a range -> range search facet should be marked as expired. https://fedorahosted.org/freeipa/ticket/3874
* kdb-princ: Fix memory leakSimo Sorce2013-08-281-0/+1
| | | | | | | | | | If we do not store the keys in the entry we need to free the array before continuing or the data is leaked. CoverityID: 11910 Fixes: https://fedorahosted.org/freeipa/ticket/3884
* kdb-mspac: Fix out of bounds memsetSimo Sorce2013-08-281-1/+1
| | | | | | | | | | This memset was harmless as the following data is then set again, but an optimizing compiler might conceivably reorder instructions causing issues. CoverityID: 11909 Fixes: https://fedorahosted.org/freeipa/ticket/3883
* pwd-plugin: Fix ignored return errorSimo Sorce2013-08-281-3/+8
| | | | | | | | | CoverityID: 11904 Also remove 'inline', the compiler can do it on its own if needed. Fixes: https://fedorahosted.org/freeipa/ticket/3882
* Fix ipa-server-certinstall usage string.Jan Cholasta2013-08-281-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3869
* Add --dirman-password option to ipa-server-certinstall.Jan Cholasta2013-08-282-4/+11
| | | | https://fedorahosted.org/freeipa/ticket/3869
* Fix nsSaslMapping object class before configuring SASL mappings.Jan Cholasta2013-08-271-0/+11
| | | | | | This is a workaround for <https://fedorahosted.org/389/ticket/47490>. https://fedorahosted.org/freeipa/ticket/3778
* Fix incorrect error message occurence when re-adding the trustTomas Babej2013-08-271-1/+1
| | | | | | | | | You cannot re-add the trust and modify the range in the process. The check in the code was malfunctioning since it assumed that range_size parameter has default value. However, default value is assigned only later in the add_range function. https://fedorahosted.org/freeipa/ticket/3870
* Add integration tests for Kerberos FlagsAna Krivokapic2013-08-271-0/+191
| | | | | | | | Add integration tests for the Kerberos Flags feature: http://www.freeipa.org/page/V3/Kerberos_Flags#Test_Plan (except the web UI tests). https://fedorahosted.org/freeipa/ticket/3831
* Make CS.cfg edits with CA instance stoppedTomas Babej2013-08-266-40/+101
| | | | | | | | | | | This patch makes sure that all edits to CS.cfg configuration file are performed while pki-tomcatd service is stopped. Introduces a new contextmanager stopped_service for handling a general problem of performing a task that needs certain service being stopped. https://fedorahosted.org/freeipa/ticket/3804
* Perform dirsrv tuning at platform levelTomas Babej2013-08-263-57/+100
| | | | | | | | | | | | | | | | When configuring the 389 Directory Server instance, we tune it so that number of file descriptors available to the DS is increased from the default 1024 to 8192. There are platform specific steps that need to be conducted differently on systemd compatible platforms and sysV compatible platforms. systemd: set LimitNOFILE to 8192 in /etc/sysconfig/dirsrv.systemd sysV: set ulimit -n 8192 in /etc/sysconfig/dirsrv set ulimit - nofile 8192 in /etc/security/limits.conf https://fedorahosted.org/freeipa/ticket/3823
* Show human-readable error name in error dialog titlePetr Vobornik2013-08-262-2/+3
| | | | | | Fixes RPC server's JSON encoding of exception's name. It allows to show the name in Web UI's error dialog title.
* Remove redundant shebangsTomas Babej2013-08-265-7/+2
| | | | | | Remove redundant shebangs from files that are not used as scripts. https://fedorahosted.org/freeipa/ticket/3853
* Web UI integration tests: ID range typesPetr Vobornik2013-08-224-68/+277
| | | | https://fedorahosted.org/freeipa/ticket/3834
* Web UI Integration tests: Kerberos FlagsPetr Vobornik2013-08-222-3/+49
| | | | | | Tests according to: http://www.freeipa.org/page/V3/Kerberos_Flags https://fedorahosted.org/freeipa/ticket/3831
* Web UI integration tests: CA-lessPetr Vobornik2013-08-224-3/+101
| | | | | | Test cases according to: http://www.freeipa.org/page/V3/CA-less_install https://fedorahosted.org/freeipa/ticket/3830
* Hide 'New Certificate' action on CA-less installPetr Vobornik2013-08-221-0/+1
| | | | | | This action calls cert-request command which is not available on CA-less installs. Thus this action won't be enabled and therefore there is no reason to keep it visible. https://fedorahosted.org/freeipa/ticket/3363
* Add base-id, range-size and range-type options to trust-add dialogPetr Vobornik2013-08-223-0/+49
| | | | https://fedorahosted.org/freeipa/ticket/3049
* Fix broken replica installationAna Krivokapic2013-08-202-8/+22
| | | | | | | Make sure the subject base parameter is correctly passed and used during the creation of the DS instance on a replica. https://fedorahosted.org/freeipa/ticket/3868
* Ask for PKCS#12 password interactively in ipa-server-certinstall.Jan Cholasta2013-08-201-3/+7
| | | | https://fedorahosted.org/freeipa/ticket/3641
* Add --pin option to ipa-server-certinstall.Jan Cholasta2013-08-202-15/+12
| | | | | | Hide the unnecessary --dirsrv_pin and --http_pin options. https://fedorahosted.org/freeipa/ticket/3869
* Untrack old and track new cert with certmonger in ipa-server-certinstall.Jan Cholasta2013-08-201-3/+12
| | | | https://fedorahosted.org/freeipa/ticket/3641
* Replace only the cert instead of the whole NSS DB in ipa-server-certinstall.Jan Cholasta2013-08-202-13/+23
| | | | https://fedorahosted.org/freeipa/ticket/3641
* Ignore empty mod error when updating DS SSL config in ipa-server-certinstall.Jan Cholasta2013-08-201-2/+5
| | | | https://fedorahosted.org/freeipa/ticket/3641
* Remove unused NSSDatabase and CertDB method find_root_cert_from_pkcs12.Jan Cholasta2013-08-201-44/+0
| | | | https://fedorahosted.org/freeipa/ticket/3641
* Port ipa-server-certinstall to the admintool framework.Jan Cholasta2013-08-202-141/+158
| | | | | | | Change the log file path from /var/log/ipa/default.log to admintool's default path. https://fedorahosted.org/freeipa/ticket/3641
* Make PKCS#12 handling in ipa-server-certinstall closer to what other tools do.Jan Cholasta2013-08-201-34/+18
| | | | | | | In particular, PKCS#12 validation and server certificate selection is now done the same way as in ipa-server-install and ipa-replica-prepare. https://fedorahosted.org/freeipa/ticket/3641
generated by cgit (git 2.34.1) at 2024-09-25 04:32:07 +0000