From 3fdca99c48f19d6af7182b69bea0ee11100a9dd7 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 14 Jul 2011 23:35:01 -0400 Subject: Create tool to manage dogtag replication agreements For the most part the existing replication code worked with the following exceptions: - Added more port options - It assumed that initial connections were done to an SSL port. Added ability to use startTLS - It assumed that the name of the agreement was the same on both sides. In dogtag one is marked as master and one as clone. A new option is added, master, the determines which side we're working on or None if it isn't a dogtag agreement. - Don't set the attribute exclude list on dogtag agreements - dogtag doesn't set a schedule by default (which is actually recommended by 389-ds). This causes problems when doing a force-sync though so if one is done we set a schedule to run all the time. Otherwise the temporary schedule can't be removed (LDAP operations error). https://fedorahosted.org/freeipa/ticket/1250 --- freeipa.spec.in | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'freeipa.spec.in') diff --git a/freeipa.spec.in b/freeipa.spec.in index 276001ae..2cbfed86 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -365,6 +365,7 @@ fi %{_sbindir}/ipa-replica-install %{_sbindir}/ipa-replica-prepare %{_sbindir}/ipa-replica-manage +%{_sbindir}/ipa-csreplica-manage %{_sbindir}/ipa-server-certinstall %{_sbindir}/ipa-ldap-updater %{_sbindir}/ipa-compat-manage @@ -437,6 +438,7 @@ fi %{_mandir}/man1/ipa-replica-conncheck.1.gz %{_mandir}/man1/ipa-replica-install.1.gz %{_mandir}/man1/ipa-replica-manage.1.gz +%{_mandir}/man1/ipa-csreplica-manage.1.gz %{_mandir}/man1/ipa-replica-prepare.1.gz %{_mandir}/man1/ipa-server-certinstall.1.gz %{_mandir}/man1/ipa-server-install.1.gz @@ -504,7 +506,10 @@ fi %ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/default.conf %changelog -* Wed Jul 6 2011 Adam Young - 2.0.90-5 +* Thu Jul 14 2011 Rob Crittenden - 2.0.90-6 +- Add ipa-csreplica-manage tool. + +* Wed Jul 6 2011 Adam Young - 2.0.90-5 - Add HTML file describing issues with HBAC deny rules * Fri Jun 17 2011 Rob Crittenden - 2.0.90-4 -- cgit