freeipa.git - FreeIPA patches

	Commit message (Collapse)	Author	Age	Files	Lines
*	Set explicit confdir option for global contexts	Christian Heimes	2016-12-02	1	-1/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Some API contexts are used to modify global state (e.g. files in /etc and /var). These contexts do not support confdir overrides. Initialize the API with an explicit confdir argument to paths.ETC_IPA. The special contexts are: * backup * cli_installer * installer * ipctl * renew * restore * server * updates The patch also corrects the context of the ipa-httpd-kdcproxy script to 'server'. https://fedorahosted.org/freeipa/ticket/6389 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
*	ipautil: move kinit functions to ipalib.install	Jan Cholasta	2016-11-29	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \|	kinit_password() depends on ipaplatform. Move kinit_password() as well as kinit_keytab() to a new ipalib.install.kinit module, as they are used only from installers. https://fedorahosted.org/freeipa/ticket/6474 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
*	ipapython: move dnssec, p11helper and secrets to ipaserver	Jan Cholasta	2016-11-29	1	-2/+1
\| \| \| \| \| \| \| \| \| \| \|	The dnssec and secrets subpackages and the p11helper module depend on ipaplatform. Move them to ipaserver as they are used only on the server. https://fedorahosted.org/freeipa/ticket/6474 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
*	Pylint: enable global-variable-not-assigned check	Martin Basti	2016-09-23	1	-1/+3
\| \| \| \| \| \| \|	the global keyword should be used only when variable from outside is assigned inside, otherwise it has no effect and just confuses developers Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
*	Remove unused imports	Martin Basti	2015-12-23	1	-2/+0
\| \| \| \| \| \| \|	This patch removes unused imports, alse pylint has been configured to check unused imports. Reviewed-By: Jan Cholasta <jcholast@redhat.com>
*	improve the handling of krb5-related errors in dnssec daemons	Martin Babinsky	2015-08-18	1	-2/+2
\| \| \| \| \| \| \| \| \|	ipa-dnskeysync* and ipa-ods-exporter handle kerberos errors more gracefully instead of crashing with tracebacks. https://fedorahosted.org/freeipa/ticket/5229 Reviewed-By: Martin Basti <mbasti@redhat.com>
*	Modernize 'except' clauses	Petr Viktorin	2015-08-12	1	-2/+2
\| \| \| \| \| \| \|	The 'as' syntax works from Python 2 on, and Python 3 will drop the "comma" syntax. Reviewed-By: Tomas Babej <tbabej@redhat.com>
*	Modernize number literals	Petr Viktorin	2015-07-31	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Use Python-3 compatible syntax, without breaking compatibility with py 2.7 - Octals literals start with 0o to prevent confusion - The "L" at the end of large int literals is not required as they use long on Python 2 automatically. - Using 'int' instead of 'long' for small numbers is OK in all cases except strict type checking checking, e.g. type(0). https://fedorahosted.org/freeipa/ticket/4985 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
*	ipalib: Load ipaserver plugins when api.env.in_server is True	Jan Cholasta	2015-07-01	1	-1/+0
\| \| \| \| \| \| \|	https://fedorahosted.org/freeipa/ticket/3090 https://fedorahosted.org/freeipa/ticket/5073 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
*	Hide traceback in ipa-dnskeysyncd if kinit failed.	Petr Spacek	2015-06-24	1	-1/+6
\| \| \| \| \| \|	https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
*	DNSSEC: fix traceback during shutdown phase	Martin Basti	2015-06-15	1	-11/+11
\| \| \| \| \| \| \|	ipa-dnskeysyncd causes traceback when receive SIGTERM, SIGINT Ticket: https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Petr Spacek <pspacek@redhat.com>
*	use separate ccache filename for each IPA DNSSEC daemon	Martin Babinsky	2015-04-24	1	-1/+1
\| \| \| \| \| \| \| \| \|	ipa-dnskeysyncd, ipa-dnskeysync-replica, and ipa-ods-exporter use a generic 'ccache' filename for credential storage, making debugging Kerberos-related errors unnecessarily complicated. This patch renames the ccache files so that each of these daemons now has its own credenital cache. Reviewed-By: Petr Spacek <pspacek@redhat.com>
*	Adopted kinit_keytab and kinit_password for kerberos auth	Martin Babinsky	2015-04-20	1	-1/+3
\| \| \| \| \| \| \| \| \|	Calls to ipautil.run using kinit were replaced with calls kinit_keytab/kinit_password functions implemented in the PATCH 0015. Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Simo Sorce <ssorce@redhat.com> Reviewed-By: Petr Spacek <pspacek@redhat.com>
*	DNSSEC: Do not log into files	Martin Basti	2015-04-02	1	-1/+1
\| \| \| \| \| \| \| \|	We want to log DNSSEC daemons only into console (journald) https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Petr Spacek <pspacek@redhat.com>
*	ipapython: Fix incorrect python shebangs	Tomas Babej	2015-01-26	1	-1/+1
\| \| \| \| \| \|	Make sure shebangs explicitly reference python2. Reviewed-By: Martin Basti <mbasti@redhat.com>
*	DNSSEC catch ldap exceptions in ipa-dnskeysyncd	Martin Basti	2015-01-23	1	-2/+6
\| \| \| \| \| \|	Server down exception causes lot of false positive abrt reports. Reviewed-By: Jan Cholasta <jcholast@redhat.com>
*	DNSSEC: add ipa dnssec daemons	Petr Spacek	2014-10-21	1	-0/+106
	Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>