summaryrefslogtreecommitdiffstats
path: root/client
Commit message (Collapse)AuthorAgeFilesLines
* client-install: log exceptions from certmonger.request_certPetr Spacek2016-07-011-3/+3
| | | | Reviewed-By: Martin Basti <mbasti@redhat.com>
* Do not allow installation in FIPS modeFlorence Blanc-Renaud2016-06-291-1/+4
| | | | | | | https://fedorahosted.org/freeipa/ticket/5761 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
* client-install: do not fail if DNS times out during DNS update generationPetr Spacek2016-06-291-0/+4
| | | | | | https://fedorahosted.org/freeipa/ticket/5962 Reviewed-By: Martin Basti <mbasti@redhat.com>
* client: Share validator and domain name normalization with server installPetr Spacek2016-06-281-1/+9
| | | | | | https://fedorahosted.org/freeipa/ticket/5976 Reviewed-By: Martin Basti <mbasti@redhat.com>
* ipa-rmkeytab, ipa-join: don't fail if init of gettext failedMartin Basti2016-06-272-2/+2
| | | | | | | | | | If locale setting was incorect, gettext failed to initialize and scripts failed. this commit replaces error exit with warning message. (Better to have untranslated output than fail) https://fedorahosted.org/freeipa/ticket/5973 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* Increase ipa-getkeytab LDAP timeout to 100secMartin Basti2016-06-271-2/+2
| | | | | | | | | On slower machines, the original time 10s is not enough. Raising timeout to 100sec should help. https://fedorahosted.org/freeipa/ticket/5842 Reviewed-By: Petr Spacek <pspacek@redhat.com>
* man: Decribe ipa-client-install workaround for broken D-Bus enviroment.David Kupka2016-06-091-0/+11
| | | | | | https://fedorahosted.org/freeipa/ticket/5694 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* Added krb5.conf.d/ to included dirs in krb5.confStanislav Laznicka2016-06-051-1/+2
| | | | | | | | | The include of /etc/krb5.conf.d/ is required for crypto-policies to work properly https://fedorahosted.org/freeipa/ticket/5912 Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* client install: finalize API after CA certs are availableJan Cholasta2016-06-031-1/+2
| | | | | | | | | This is required for the finalize call to be able connect to the server to retrieve API schema. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* rpc: specify connection options in API configJan Cholasta2016-06-031-51/+53
| | | | | | | | | Specify RPC connection options once in API.bootstrap rather than in each invocation of rpcclient.connect. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* rpc: respect API config in RPCClient.create_connectionJan Cholasta2016-06-031-1/+2
| | | | | | | | | | When connecting rpcclient, get the default values of the `verbose`, `fallback` and `delegate` options from API config rather than hard-code them. https://fedorahosted.org/freeipa/ticket/4739 Reviewed-By: David Kupka <dkupka@redhat.com>
* Added <my_hostname>=<IPA REALM> mapping to krb5.confStanislav Laznicka2016-06-021-4/+7
| | | | | | https://fedorahosted.org/freeipa/ticket/5903 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Use root_logger for verify_host_resolvable()Petr Spacek2016-05-301-1/+1
| | | | | | | | | | After discussion with Martin Basti we decided to standardize on root_logger with hope that one day we will use root_logger.getLogger('module') to make logging prettier and tunable per module. https://fedorahosted.org/freeipa/ticket/5710 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Migrate from #ifndef guards to #pragma onceNathaniel McCallum2016-05-291-4/+1
| | | | | | | | | | | | Using a pragma instead of guards is easier to write, less error prone and avoids name clashes (a source of very subtle bugs). This pragma is supported on almost all compilers, including all the compilers we care about: https://en.wikipedia.org/wiki/Pragma_once#Portability. This patch does not change the autogenerated files: asn1/asn1c/*.h. Reviewed-By: Martin Basti <mbasti@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com>
* Remove deprecated hostname restoration from Fedora18Martin Basti2016-04-261-2/+1
| | | | | | | | This is not needed on new Fedora, because restore will not be effective. https://fedorahosted.org/freeipa/ticket/5794 Reviewed-By: David Kupka <dkupka@redhat.com>
* Always set hostnameMartin Basti2016-04-261-2/+2
| | | | | | | | | | | This prevents cases when hostname on system is set inconsistently (transient and static hostname differs) and may cause IPA errors. This commit ensures that all hostnames are set properly. https://fedorahosted.org/freeipa/ticket/5794 Reviewed-By: David Kupka <dkupka@redhat.com>
* ipa-client-install: fix typo in nslcd service namePetr Vobornik2016-04-221-1/+1
| | | | | | related but does not implement https://fedorahosted.org/freeipa/ticket/5806 Reviewed-By: Rob Crittenden <rcritten@redhat.com>
* Use netifaces module instead of 'ip' commandMartin Basti2016-04-141-26/+19
| | | | | | | | | Netifaces allows to get addresses from local interfaces of the host in safer way than parsing output of the ip command. https://fedorahosted.org/freeipa/ticket/5591 Reviewed-By: David Kupka <dkupka@redhat.com>
* Pylint: fix definition of global variablesMartin Basti2016-03-221-6/+5
| | | | | | | | | | Global variables should be defined in the outer space, not just marked as global inside functions. Removes unused global variables Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* pylint: remove bare exceptMartin Basti2016-03-221-2/+2
| | | | | | | Bare except should not be used. Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Lukas Slebodnik <lslebodn@redhat.com>
* client: enable ChallengeResponseAuthentication in sshd_configMartin Basti2016-03-181-0/+1
| | | | | | | | | | | | In order to enable SSSD smart prompting and allow it to ask for 1FA and 2FA separately, ChallengeResponseAuthentication should be set to yes. This change will enable better processing of the 2FA value and it will also enable other features, like allow SSSD to make the 2FA option in some cases and have a way of informing user that 2FA is optional. https://fedorahosted.org/freeipa/ticket/5703 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* krb5conf: use 'true' instead of 'yes' for forwardable optionMartin Basti2016-03-091-1/+1
| | | | | | | | | 'yes' is also valid value in krb5.conf but we should be consistent and use only 'true' as we do for other options. https://fedorahosted.org/freeipa/ticket/5518 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* CONFIGURE: Replace obsolete macrosLukas Slebodnik2016-03-081-2/+1
| | | | | | | | | The AC_PROG_LIBTOOL macro is obsoleted by since libtool-2.0 which is already in rhel6+ https://fedorahosted.org/FedoraReview/wiki/AutoTools Reviewed-By: Martin Basti <mbasti@redhat.com>
* Remove unused arguments from update_ssh_keys methodMartin Basti2016-03-041-2/+4
| | | | | | | First argumet has been unused and can be safely removed, because server is not used for nsupdate anymore Reviewed-By: David Kupka <dkupka@redhat.com>
* fix suspicious except statementsMartin Basti2016-03-041-1/+1
| | | | | | | | | The "except ValueError as UnicodeDecodeError" looks very suspicious. Commit change except to catch both exceptions. https://fedorahosted.org/freeipa/ticket/5718 Reviewed-By: Tomas Babej <tbabej@redhat.com>
* client: stop using /etc/pki/nssdbJan Cholasta2016-02-242-32/+0
| | | | | | | | | | Don't put any IPA certificates to /etc/pki/nssdb - IPA itself uses /etc/ipa/nssdb and IPA CA certificates are provided to the system using p11-kit. Remove leftovers on upgrade. https://fedorahosted.org/freeipa/ticket/5592 Reviewed-By: David Kupka <dkupka@redhat.com>
* ipa-getkeytab: Handle the possibility of not obtaining a resultTomas Babej2016-01-271-0/+4
| | | | | | | | | The ldap_result operation can time out, returning a NULL result, which in turn causes the parsing operation to crash. https://fedorahosted.org/freeipa/ticket/5642 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Split ipa-client/ into ipaclient/ (Python library) and client/ (C, scripts)Petr Viktorin2016-01-2720-0/+7704
Make ipaclient a Python library like ipapython, ipalib, etc. Use setup.py instead of autotools for installing it. Move C client tools, Python scripts, and man pages, to client/. Remove old, empty or outdated, boilerplate files (NEWS, README, AUTHORS). Remove /setup-client.py (ipalib/setup.py should be used instead). Update Makefiles and the spec file accordingly. https://fedorahosted.org/freeipa/ticket/5638 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-01 16:09:00 +0000