freeipa.git/install/tools/ipa-server-install, branch my-master FreeIPA patches Do not display an interactive mode message in unattended mode 2013-04-24T17:33:49+00:00 Ana Krivokapic akrivoka@redhat.com 2013-04-22T14:48:43+00:00 6d2176322c672ecc257cb4407023988268376794 https://fedorahosted.org/freeipa/ticket/3576 
https://fedorahosted.org/freeipa/ticket/3576
Drop --selfsign server functionality 2013-04-15T20:56:12+00:00 Petr Viktorin pviktori@redhat.com 2013-03-27T13:25:18+00:00 e736e75ce9724ae8298a5b69d093313cd6e62b60 Design: http://freeipa.org/page/V3/Drop_selfsign_functionality Ticket: https://fedorahosted.org/freeipa/ticket/3494 
Design: http://freeipa.org/page/V3/Drop_selfsign_functionality
Ticket: https://fedorahosted.org/freeipa/ticket/3494
ipa-server-install: correct help text for --external_{cert,ca}_file 2013-04-15T11:32:58+00:00 Petr Viktorin pviktori@redhat.com 2013-03-20T13:44:22+00:00 b36380fff80d5a6755240bd65b6ef432ef2741e6 The options take PEM certificates, not PKCS#10. This corrects both the --help output and the man page. https://fedorahosted.org/freeipa/ticket/3523 
The options take PEM certificates, not PKCS#10.
This corrects both the --help output and the man page.

https://fedorahosted.org/freeipa/ticket/3523
Load the CA cert into server NSS databases 2013-04-02T13:28:50+00:00 Petr Viktorin pviktori@redhat.com 2013-03-26T14:31:07+00:00 1bc892c02daf5e6295ac2e59f17499f6f168b899 The CA cert was not loaded, so if it was missing from the PKCS#12 file, installation would fail. Pass the cert filename to the server installers and include it in the NSS DB. Part of the work for: https://fedorahosted.org/freeipa/ticket/3363 
The CA cert was not loaded, so if it was missing from the PKCS#12 file,
installation would fail.
Pass the cert filename to the server installers and include it in
the NSS DB.

Part of the work for: https://fedorahosted.org/freeipa/ticket/3363
Support installing with custom SSL certs, without a CA 2013-04-02T13:28:50+00:00 Petr Viktorin pviktori@redhat.com 2013-03-14T12:58:27+00:00 03a2c66eda695ad2d4bfe675fa2902035e6b37f0 Design: http://freeipa.org/page/V3/CA-less_install https://fedorahosted.org/freeipa/ticket/3363 
Design: http://freeipa.org/page/V3/CA-less_install
https://fedorahosted.org/freeipa/ticket/3363
ipa-server-install: Remove the --selfsign option 2013-04-02T13:28:50+00:00 Petr Viktorin pviktori@redhat.com 2013-03-08T14:13:19+00:00 34aa4901412a1a73c8594b33e367c81af0305b97 Instead, certificates in pkcs12 files can be given to set up IPA with no CA at all. Use a flag, setup_ca, to signal if a CA is being installed. Design: http://freeipa.org/page/V3/Drop_selfsign Part of the work for: https://fedorahosted.org/freeipa/ticket/3494 
Instead, certificates in pkcs12 files can be given to set up
IPA with no CA at all.
Use a flag, setup_ca, to signal if a CA is being installed.

Design: http://freeipa.org/page/V3/Drop_selfsign
Part of the work for: https://fedorahosted.org/freeipa/ticket/3494
ipa-server-install: Make temporary pin files available for the whole installation 2013-04-02T13:28:50+00:00 Petr Viktorin pviktori@redhat.com 2013-03-08T13:37:38+00:00 9c215b61acb939eab16a871b3ef06d116c6540e8 We pass names of files with pkcs12 pins to installers which may continue to use the files after the initial call to create_instance, at which point the installer has already removed them. Also, some of the files were not properly removed on failure. Use ipautil.write_tmp_file for the pin files, which returns a NamedTemporaryFile object that removes the underlying file when it is garbage-collected. Create the files at start of installation. This will allow checking the pkcs#12 files before the system is modified. 
We pass names of files with pkcs12 pins to installers which may continue to
use the files after the initial call to create_instance, at which point
the installer has already removed them.
Also, some of the files were not properly removed on failure.

Use ipautil.write_tmp_file for the pin files, which returns a
NamedTemporaryFile object that removes the underlying file when it is
garbage-collected.
Create the files at start of installation. This will allow checking
the pkcs#12 files before the system is modified.
Add mkhomedir option to ipa-server-install and ipa-replica-install 2013-03-28T07:45:37+00:00 Ana Krivokapic akrivoka@redhat.com 2013-03-27T12:48:01+00:00 dae163aa37a7ea07399a964a143f378c5cb6bffa Add the option to create home directories for users on their first login to ipa-server-install and ipa-replica-install. https://fedorahosted.org/freeipa/ticket/3515 
Add the option to create home directories for users on their
first login to ipa-server-install and ipa-replica-install.

https://fedorahosted.org/freeipa/ticket/3515
Add DNS Setup Prompt to Install 2013-03-21T08:56:54+00:00 Brian Cook bcook@redhat.com 2013-02-14T16:49:17+00:00 3ea8dabeb9e21b255bb75287743a2bbb350f61bd Currently the only way to setup integrated DNS is by passing --setup-dns to ipa-server-install. This patch modifies install so that if --setup-dns is not passed, the user is asked if they want to configure integrated dns. http://fedorahosted.org/freeipa/ticket/2575 
Currently the only way to setup integrated DNS is by passing --setup-dns
to ipa-server-install. This patch modifies install so that if
--setup-dns is not passed, the user is asked if they want to configure
integrated dns.

http://fedorahosted.org/freeipa/ticket/2575
Fix installing server with external CA 2013-03-08T14:42:20+00:00 Petr Viktorin pviktori@redhat.com 2013-02-25T16:15:23+00:00 6ff20ca2d979f481ce91f013469e53d74a95dd48 Reorganize ipa-server-instal so that DS (and NTP server) installation only happens in step one. Change CAInstance to behave correctly in two-step install. Add an `init_info` method to DSInstance that includes common attribute/sub_dict initialization from create_instance and create_replica. Use it in ipa-server-install to get a properly configured DSInstance for later tasks. https://fedorahosted.org/freeipa/ticket/3459 
Reorganize ipa-server-instal so that DS (and NTP server) installation
only happens in step one.

Change CAInstance to behave correctly in two-step install.

Add an `init_info` method to DSInstance that includes common
attribute/sub_dict initialization from create_instance and create_replica.
Use it in ipa-server-install to get a properly configured DSInstance
for later tasks.

https://fedorahosted.org/freeipa/ticket/3459