summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove support for IPA deployments with no persistent searchTomas Babej2013-08-0916-188/+105
| | | | | | | | | Drops the code from ipa-server-install, ipa-dns-install and the BindInstance itself. Also changed ipa-upgradeconfig script so that it does not set zone_refresh to 0 on upgrades, as the option is deprecated. https://fedorahosted.org/freeipa/ticket/3632
* Bump 3.4 development version to 3.3.90Martin Kosek2013-08-081-1/+1
|
* Handle --subject option in ipa-server-installAna Krivokapic2013-08-083-5/+103
| | | | | | | | | | Properly handle --subject option of ipa-server-install, making sure this value gets passed to certmap.conf. Introduce a new template variable $SUBJECT_BASE for this purpose. Also make sure that this value is preserved on upgrades. https://fedorahosted.org/freeipa/ticket/3783
* Become 3.3.0release-3-3-0Martin Kosek2013-08-081-1/+1
|
* Add requires for slapi-nis and SSSDMartin Kosek2013-08-081-2/+6
| | | | | Require slapi-nis 0.47.7 and sssd 1.11.0-0.1.beta2 required for core features of 3.3.0 release.
* Become 3.3.0 Beta 2beta_2-3-3-0Martin Kosek2013-08-071-1/+1
|
* Increase default SASL buffer sizeMartin Kosek2013-08-071-0/+6
| | | | | | | Default SASL buffer size was too small and could lead for example to migration errors. https://fedorahosted.org/freeipa/ticket/3826
* Add new command compat-is-enabledAna Krivokapic2013-08-073-1/+49
| | | | | | | | | Add a new API command 'compat-is-enabled' which can be used to determine whether Schema Compatibility plugin is configured to serve trusted domain users and groups. The new command is not visible in IPA CLI. https://fedorahosted.org/freeipa/ticket/3671 https://fedorahosted.org/freeipa/ticket/3672
* Enable running API commands in ipa-advise pluginsAna Krivokapic2013-08-072-2/+4
| | | | | https://fedorahosted.org/freeipa/ticket/3671 https://fedorahosted.org/freeipa/ticket/3672
* Add ipa-advise plugins for legacy clientsAna Krivokapic2013-08-078-0/+239
| | | | | | | | | | | | | | | | | Old versions of SSSD do not directly support cross-realm trusts between IPA and AD. This patch introduces plugins for the ipa-advise tool, which should help with configuring an old version of SSSD (1.5-1.8) to gain access to resources in trusted domain. Since the configuration steps differ depending on whether the platform includes the authconfig tool, two plugins are needed: * config-redhat-sssd-before-1-9 - provides configuration for Red Hat based systems, as these system include the autconfig utility * config-generic-sssd-before-1-9 - provides configuration for other platforms https://fedorahosted.org/freeipa/ticket/3671 https://fedorahosted.org/freeipa/ticket/3672
* Rename slapi-nis configuration variableAlexander Bokovoy2013-08-061-5/+5
|
* Wrap lines in the list of available advicesTomas Babej2013-08-061-6/+14
| | | | | | | | | | | | Now the list of available advices is neatly formatted: ------------------------- List of available advices ------------------------- config-fedora-authconfig : Authconfig instructions for configuring Fedora 18/19 client with IPA server without use of SSSD. The advice header printing has been reformatted to conform with the changes.
* Add a word wrapping for comment log messages to AdviceLoggerTomas Babej2013-08-062-3/+13
| | | | | The comments logged through AdviceLogger are now wrapped up to 70 characters. This change has been documented in the docstrings.
* Remove overlapping use-cases of the same result variableTomas Babej2013-08-061-4/+4
|
* Improve help entry for ipa hostTomas Babej2013-08-062-5/+32
| | | | | | | | Updates old information produced by the ipa help host command. Also adds a section to ipa-client-install manpage about client re-enrollment. https://fedorahosted.org/freeipa/ticket/3820
* Use case-insensitive dict for trusted domain infoTomas Babej2013-08-061-12/+24
| | | | | | | | | | | In DomainValidator, we store a dictionary containing information for trusted domains. This is a case-sensitive dictionary keyed by the domain name. We need to use case-insensitive dictionary since domain names are generally case-insensitive. https://fedorahosted.org/freeipa/ticket/3816
* Fix installutils.get_password without a TTYPetr Viktorin2013-08-061-1/+7
| | | | | | | | | | | | | If stdin is a TTY, ipaserver.install.installutils uses getpass and all is well. Without a TTY, though, there were two problems: * The prompt was not printed * On end of file, an empty string was returned, which caused read_password to enter an infinite loop. Fix both problems. https://fedorahosted.org/freeipa/ticket/3824
* Limit pwpolicy maxlife to 20000 daysTomas Babej2013-08-053-4/+5
| | | | | | | | | | | | Since krbMaxPwdLife attribute is represented as number of seconds, setting maxlife to high values such as 999 999 days (~2739 years) would result to overflow when parsing this attribute in kdb plugin, and hence default maxlife of 90 days would be applied. Limit the maximum value of maxlife that can be set through the framework to 20 000 days (~ 54 years). https://fedorahosted.org/freeipa/ticket/3817
* Update translationsPetr Viktorin2013-08-0218-1839/+1223
| | | | | | | | Regenerate the POT file and pull new translations from Transifex. Also, update the Transifex URL in the configuration file: transifex.net has redirected to transifex.com for some time, and now its certificate has expired.
* Expose ipaRangeType in Web UIAna Krivokapic2013-07-293-52/+132
| | | | https://fedorahosted.org/freeipa/ticket/3759
* Add the new no_member option to CLI testsPetr Viktorin2013-07-291-0/+7
| | | | This makes the tests pass.
* Honor 'enabled' option for widgets.Ana Krivokapic2013-07-265-57/+93
| | | | https://fedorahosted.org/freeipa/ticket/3793
* Refactor the interactive prompt logic in idrange_addTomas Babej2013-07-261-27/+34
| | | | | | | | | | | | | | | | Make the interactive prompts interpret the following logic: - AD range (dom-sid/dom-name set): require RID base if not set - local range(dom-sid/dom-name not set): a) server with adtrust support: require both RID base and secondary RID base b) server without adtrust support: if any of RID base, secondary RID base set, require both of them https://fedorahosted.org/freeipa/ticket/3786
* Use valid LDAP search base in migration pluginMartin Kosek2013-07-261-1/+2
| | | | | | One find_entry_by_attr call did not set a search base leading to LDAP search call with zero search base. This leads to false negative results from LDAP.
* Skip referrals when converting LDAP result to LDAPEntryTomas Babej2013-07-261-0/+9
| | | | | | | | When converting the result obtained by python-ldap library, we need to skip unresolved referral entries, since they cannot be converted. https://fedorahosted.org/freeipa/ticket/3814
* Web UI integration tests: Code quality fixesPetr Vobornik2013-07-261-30/+33
| | | | | | | * variables with python build-in names renamed * unused parameters used or removed https://fedorahosted.org/freeipa/ticket/3744
* Web UI integration tests: PEP8 fixesPetr Vobornik2013-07-2629-186/+176
| | | | | | | Tests modified to comply with PEP8 rules with exception of rule E501 (long lines). Done by autopep8 tool and 2 manual modifications. https://fedorahosted.org/freeipa/ticket/3744
* Web UI integration tests: Compute range sizes to avoid overlapsPetr Vobornik2013-07-262-14/+79
| | | | | | | | | Heavily inspired by code from xmlrpc tests. To obtain ranges, this patch also adds method to execute FreeIPA command through Web UI. It uses Web UI instead of ipalib so it doesn't need to care about authentication on a test-runner machine. https://fedorahosted.org/freeipa/ticket/3744
* Web UI integration tests: Verify data after add and modPetr Vobornik2013-07-262-7/+116
| | | | https://fedorahosted.org/freeipa/ticket/3744
* Web UI integration tests: Add ui_driver method descriptionsPetr Vobornik2013-07-261-13/+78
| | | | https://fedorahosted.org/freeipa/ticket/3744
* Web UI integration tests: Add trust testsPetr Vobornik2013-07-263-10/+124
| | | | https://fedorahosted.org/freeipa/ticket/3744
* Free NSS objects in --external-ca scenarioMartin Kosek2013-07-262-1/+9
| | | | | | | | | | In external CA installation, ipa-server-install leaked NSS objects which caused an installation crash later when a subsequent call of NSSConnection tried to free them. Properly freeing the NSS objects avoid this crash. https://fedorahosted.org/freeipa/ticket/3773
* Change shebang to absolute path in ipa-client-automountTomas Babej2013-07-251-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3811
* Remove unused variableLukas Slebodnik2013-07-251-2/+0
| | | | Variable was set, but it was not used.
* Remove unused variableLukas Slebodnik2013-07-251-1/+0
|
* Use right function prototype for thread functionLukas Slebodnik2013-07-252-2/+4
| | | | warning: passing argument from incompatible pointer type
* test_simple_replication: Wait for replication to finish before checkingPetr Viktorin2013-07-253-19/+81
| | | | | | | Add ldap_connect() method to Host to allow executing querying LDAP from tests. Use information in the mapping tree to poll until all replication is finished (or failing) before checking that entries replicated successfully.
* Correct default value of LDAPClient.get_entries scope argumentPetr Viktorin2013-07-251-1/+2
|
* Add tar and xz dependencies to the freeipa-tests packagePetr Viktorin2013-07-251-0/+5
| | | | | The beakerLib plugin collects log files via compressed tarballs, so these dependencies are needed
* Add the ipa-test-task toolPetr Viktorin2013-07-253-1/+296
| | | | | | | This script makes common testing tasks such as IPA installation and uninstallation available outside of Python. https://fedorahosted.org/freeipa/ticket/3721
* Add install_topo to test tasksPetr Viktorin2013-07-254-8/+254
| | | | | | | This allows a cluster of replicas and clients to be installed in a named topology. Several named topologies are available (star, line, complete, tree, tree2) and new ones can be defined as a simple function.
* Add more test tasksPetr Viktorin2013-07-253-17/+42
| | | | | | | | - install_client - connect_replica - disconnect_replica - prepare_host - kinit_admin
* test_integration: Set up CA on replicas by defaultPetr Viktorin2013-07-251-6/+11
| | | | | For complex topologies the CA needs to be available on most replicas, since only servgers with a CA can prepare replica files.
* test_integration: Add log collection to HostPetr Viktorin2013-07-253-23/+36
| | | | This allows collecting logs when a test context is not available.
* Move BeakerLibProcess out of BeakerLibPluginPetr Viktorin2013-07-251-70/+107
| | | | This allows reusing the code elsewhere
* Move requirement for keyutils to freeipa-python packageTomas Babej2013-07-241-1/+4
| | | | | | | | | | There was already a dependency in server package, however, the correct place for such dependency is in freeipa-python, since the relevant code using keyutils resides there. Both freeipa-server and freeipa-client require freeipa-python. https://fedorahosted.org/freeipa/ticket/3808
* Become 3.3.0 Beta 1beta_1-3-3-0Martin Kosek2013-07-241-3/+3
|
* Bump minimum SSSD versionMartin Kosek2013-07-241-1/+5
| | | | Pick up latest SSSD 1.11 Beta development
* Print newline after receiving EOF in installutils.read_password.Jan Cholasta2013-07-2412-14/+15
|
* Ask for PKCS#12 password interactively in ipa-replica-prepare.Jan Cholasta2013-07-241-15/+34
| | | | https://fedorahosted.org/freeipa/ticket/3717
generated by cgit (git 2.34.1) at 2025-09-03 12:05:53 +0000