summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Use RCUE fontsPetr Vobornik2014-01-214-38/+8
| | | | https://fedorahosted.org/freeipa/ticket/3902
* Delete Overpass fonts in UI rootPetr Vobornik2014-01-218-940/+0
| | | | https://fedorahosted.org/freeipa/ticket/3902
* Move RCUE styles to its own directoryPetr Vobornik2014-01-215-4/+4
| | | | https://fedorahosted.org/freeipa/ticket/3902
* RCUE initial commitPetr Vobornik2014-01-2116-0/+1846
| | | | https://fedorahosted.org/freeipa/ticket/3902
* Fix disabled logic of menu itemPetr Vobornik2014-01-211-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3902
* Hide trust-resolve commandMartin Kosek2014-01-201-0/+1
| | | | | | | | | | | | We do not need to expose a public FreeIPA specific interface to resolve SIDs to names. The interface is only used internally to resolve SIDs when external group members are listed. Additionally, the command interface is not prepared for regular user and can give rather confusing results. Hide it from CLI. The API itself is still accessible and compatible with older clients. https://fedorahosted.org/freeipa/ticket/4113
* ipatests: Check for legacy_client attribute presence if unapplying fixesTomas Babej2014-01-201-1/+5
| | | | | | | | | | When legacy client tests fail during IPA installation, the legacy client test produces an additional misleading error (the real cause is reported as well). This happens due the fact that we try to cleanup host that was not yet defined. We need to check for this attribute being defined before unapplying fixes there. https://fedorahosted.org/freeipa/ticket/4124
* ipatests: Remove sudo calls from tasksTomas Babej2014-01-201-2/+2
| | | | | | | | Sudo calls are not necessary since we log in as a root. Additionally, sudo requires tty in default configuration, which is not acquired when using OpenSSH transport. https://fedorahosted.org/freeipa/ticket/4125
* ipa-adtrust-install: configure host netbios name by defaultAlexander Bokovoy2014-01-202-0/+4
| | | | | | Ensure we set host netbios name by default in smb.conf https://fedorahosted.org/freeipa/ticket/4116
* Remove SID resolve call from Web UIPetr Vobornik2014-01-202-53/+0
| | | | | | | - it's called in group-show https://bugzilla.redhat.com/show_bug.cgi?id=1054391 https://fedorahosted.org/freeipa/ticket/4123
* group-show: resolve external members of the groupsAlexander Bokovoy2014-01-201-0/+15
| | | | | | | | Perform SID to name conversion for existing external members of the groups if trust is configured. https://bugzilla.redhat.com/show_bug.cgi?id=1054391 https://fedorahosted.org/freeipa/ticket/4123
* Increase service startup timeout default.Jan Cholasta2014-01-171-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/4078
* Remove missing VERSION warning in dnsrecord-modMartin Kosek2014-01-171-1/+1
| | | | | | | | dnsrecord-mod may call dnsrecord-delentry command when all records are deleted. However, the version was not passwd to delentry and it resulted in a warning. https://fedorahosted.org/freeipa/ticket/4120
* Treat error during write to /etc/resolv.conf as non-fatal.Petr Spacek2014-01-161-5/+8
| | | | https://fedorahosted.org/freeipa/ticket/4110
* Stop adding a default password policy referenceSimo Sorce2014-01-162-7/+0
| | | | | | | | | | | | | | | Both the password plugin and the kdb driver code automatically fall back to the default password policy. so stop adding an explicit reference to user objects and instead rely on the fallback. This way users created via the framework and users created via winsync plugin behave the same way wrt password policies and no surprises will happen. Also in case we need to change the default password policy DN this will allow just code changes instead of having to change each user entry created, and distinguish between the default policy and explicit admin changes. Related: https://fedorahosted.org/freeipa/ticket/4085
* Harmonize policy discovery to kdb driverSimo Sorce2014-01-161-89/+17
| | | | | | | | | | | The KDB driver does not walk the tree back like the original password plugin. Also we do not store the default policy in the base DN as we used to do in the past anymore. So doing a full subtree search and walking back the tree is just a waste of time. Instead hardcode the default policy like we do in the kdb driver. Fixes: https://fedorahosted.org/freeipa/ticket/4085
* Do not start the service in stopped_service if it was not running before.Jan Cholasta2014-01-151-3/+0
| | | | This fixes a possible NSS database corruption in renew_ca_cert.
* ipaserver/install/installutils: clean up properly after yieldAlexander Bokovoy2014-01-151-11/+14
| | | | | When a context to which we yield generates exception, the code in private_ccache() and stopped_service() didn't get called for cleanup.
* CLDAP: do not prepend \\Sumit Bose2014-01-151-1/+1
| | | | | | | | | For NETLOGON_NT_VERSION_5EX requests the prepended \\ is not expected in the PDC NetBIOS name. In general AD seems to be smart enough to handle the two \ signs. But if the NetBIOS name reaches the maximum of 15 character AD does not accept the responses anymore. Fixes https://fedorahosted.org/freeipa/ticket/4028
* trustdomain-find: report status of the (sub)domainAlexander Bokovoy2014-01-151-1/+17
| | | | | | | | | | Show status of each enumerated domain trustdomain-find shows list of domains associated with the trust. Each domain except the trust forest root can be enabled or disabled with the help of trustdomain-enable and trustdomain-disable commands. https://fedorahosted.org/freeipa/ticket/4096
* trust-fetch-domains: create ranges for new child domainsAlexander Bokovoy2014-01-151-121/+135
| | | | | | | | | | | | When trust is added, we do create ranges for discovered child domains. However, this functionality was not available through 'trust-fetch-domains' command. Additionally, make sure non-existing trust will report proper error in trust-fetch-domains. https://fedorahosted.org/freeipa/ticket/4111 https://fedorahosted.org/freeipa/ticket/4104
* Fix ipa-client-automount uninstall when fstore is empty.Jan Cholasta2014-01-151-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/4091
* Add missing example to sudoruleMartin Kosek2014-01-151-1/+20
| | | | https://fedorahosted.org/freeipa/ticket/4090
* sudoOrder missing in sudoersMartin Kosek2014-01-151-0/+2
| | | | | | | | sudoers compat plugin configuration missed the sudoOrder attribute and it thus did not show up in ou=sudoers. Add the definion to update file. https://fedorahosted.org/freeipa/ticket/4107
* Change the way we determine if the host has a password set.Rob Crittenden2014-01-152-1/+28
| | | | | | | | | | When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102
* Enable Retro Changelog and Content Synchronization DS pluginsAna Krivokapic2014-01-145-1/+28
| | | | | | | | | Enable Retro Changelog and Content Synchronization DS plugins which are required for SyncRepl support. Create a working directory /var/named/ipa required by bind-dyndb-ldap v4+. https://fedorahosted.org/freeipa/ticket/3967
* acl: Remove krbPrincipalExpiration from list of admin's excluded attrsTomas Babej2014-01-142-2/+4
| | | | | | | | Since we're exposing the krbPrincipalExpiration attribute for direct editing in the CLI, remove it from the list of attributes that admin cannot edit by default. Part of: https://fedorahosted.org/freeipa/ticket/3306
* Make sure state of services is preserved after client uninstallAna Krivokapic2014-01-141-34/+47
| | | | | | | | | IPA client installation did not preserve the status of nscd and nslcd services correctly. E.g. nscd would be started after uninstallation, even though it wasn't running before client installation. Make sure the state of services is saved before installation and correctly restored after uninstallation. https://fedorahosted.org/freeipa/ticket/3790
* Use raw LDAP data in ldapupdate.Jan Cholasta2014-01-101-23/+7
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Do not crash on bad LDAP data when formatting decode error message.Jan Cholasta2014-01-101-1/+1
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Store old entry state in dict rather than LDAPEntry.Jan Cholasta2014-01-102-31/+19
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Remove legacy LDAPEntry properties data and orig_data.Jan Cholasta2014-01-103-19/+4
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Remove unused LDAPClient methods get_syntax and get_single_value.Jan Cholasta2014-01-101-12/+0
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Add LDAPEntry method generate_modlist.Jan Cholasta2014-01-103-48/+41
| | | | | | | Use LDAPEntry.generate_modlist instead of LDAPClient._generate_modlist and remove LDAPClient._generate_modlist. https://fedorahosted.org/freeipa/ticket/3488
* Reduce amount of LDAPEntry.reset_modlist calls in ldapupdate.Jan Cholasta2014-01-101-8/+4
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Use LDAPClient.update_entry for LDAP mods in ldapupdate.Jan Cholasta2014-01-102-62/+2
| | | | | | Remove legacy IPAdmin methods generateModList and updateEntry. https://fedorahosted.org/freeipa/ticket/3488
* Make IPASimpleLDAPObject.get_single_value result overridable.Jan Cholasta2014-01-101-3/+13
| | | | | | Add some default overrides. https://fedorahosted.org/freeipa/ticket/3488
* Move LDAPClient method get_single_value to IPASimpleLDAPObject.Jan Cholasta2014-01-101-18/+30
| | | | | | Refactor IPASimpleLDAPObject methods get_syntax and get_single_value. https://fedorahosted.org/freeipa/ticket/3488
* Use old entry state in LDAPClient.update_entry.Jan Cholasta2014-01-102-32/+27
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Rename LDAPEntry method commit to reset_modlist.Jan Cholasta2014-01-102-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/3488
* Add rpmbuild/ to .gitignoreNathaniel McCallum2014-01-101-0/+1
|
* hbactest does not work for external usersMartin Kosek2014-01-101-3/+5
| | | | | | | | | | Original patch for ticket #3803 implemented support to resolve SIDs through SSSD. However, it also broke hbactest for external users. The result of the updated external member group search must be local non-external groups, not the external ones. Otherwise the rule is not matched. https://fedorahosted.org/freeipa/ticket/3803
* Revert restart scripts file permissions changeMartin Kosek2014-01-082-0/+0
| | | | | Previous commit accidentally added executable permission to restart_pkicad and stop_pkicad.
* PKI service restart after CA renewal failedJan Cholasta2014-01-086-30/+42
| | | | | | | | | | Fix both the service restart procedure and registration of old pki-cad well known service name. This patch was adapted from original patch of Jan Cholasta 178 to fix ticket 4092. https://fedorahosted.org/freeipa/ticket/4092
* Allow anonymous and all permissionsPetr Viktorin2014-01-074-5/+325
| | | | | | | Disallow adding permissions with non-default bindtype to privileges Ticket: https://fedorahosted.org/freeipa/ticket/4032 Design: http://www.freeipa.org/page/V3/Anonymous_and_All_permissions
* Use new registration API in the privilege pluginPetr Viktorin2014-01-071-20/+14
|
* cli.print_attribute: Convert values to stringsPetr Viktorin2014-01-031-1/+1
| | | | | | | | When output_for_cli was called directly, rather than for values received through XML or JSON API, joining multiple values failed on non-strings such as DN objects. Convert output to strings before printing it out.
* Increase Java stack size on s390 platformsMartin Kosek2014-01-031-2/+2
| | | | | | As reported in https://bugzilla.redhat.com/show_bug.cgi?id=1040576, the default stack trace needs to be also increased on s390 platforms to prevent rhino segfault.
* Use /usr/bin/python2Xiao-Long Chen2014-01-0354-61/+60
| | | | | | | | | | | | Part of the effort to port FreeIPA to Arch Linux, where Python 3 is the default. FreeIPA hasn't been ported to Python 3, so the code must be modified to run /usr/bin/python2 https://fedorahosted.org/freeipa/ticket/3438 Updated by pviktori@redhat.com
* Fix incorrect path in error message on sysrestore failureTomas Babej2013-12-201-5/+10
| | | | | | | | On sysrestore failure, user is prompted out to remove the sysrestore file. However, the path to the sysrestore file mentioned in the sentence is not correct. https://fedorahosted.org/freeipa/ticket/4080
generated by cgit (git 2.34.1) at 2025-08-31 22:22:01 +0000