summaryrefslogtreecommitdiffstats
path: root/install
Commit message (Collapse)AuthorAgeFilesLines
...
* Pylint: remove unused variables from installers and scriptsMartin Basti2016-10-064-30/+23
| | | | Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* WebUI: hide buttons in certificate widget according to aclPavel Vomacka2016-09-292-1/+58
| | | | | | | | | | | | | When user is logged in and opens details page of another user there should not be visible button for adding new certificate and also the option in action menu for deleting certificate should be grayed out. This is achieved by adding custom field for certificates widget, which is able to read ACLs from result of user-show and not from cert-find result. https://fedorahosted.org/freeipa/ticket/6341 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Pylint: enable check for unused-variablesMartin Basti2016-09-274-0/+8
| | | | | | | | | | | | | | | Unused variables may: * make code less readable * create dead code * potentialy hide issues/errors Enabled check should prevent to leave unused variable in code Check is locally disabled for modules that fix is not clear or easy or have too many occurences of unused variables Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Remove unused variables in the codeMartin Basti2016-09-275-8/+4
| | | | | | | | | | | This commit removes unused variables or rename variables as "expected to be unused" by using "_" prefix. This covers only cases where fix was easy or only one unused variable was in a module Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Pylint: enable global-variable-not-assigned checkMartin Basti2016-09-231-1/+0
| | | | | | | the global keyword should be used only when variable from outside is assigned inside, otherwise it has no effect and just confuses developers Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
* pylint: fix redefine-in-handlerJan Barta2016-09-221-7/+7
| | | | | Reviewed-By: Tomas Krizek <tkrizek@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* Updated help/man information about hostnameStanislav Laznicka2016-09-222-2/+3
| | | | | | | | | The man page and help of ipa-client-install and ipa-replica-conncheck had an outdated information about what is used as a hostname. https://fedorahosted.org/freeipa/ticket/5754 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
* Added a fix for setting Priority as required field in Password Policy ↵Abhijeet Kasurde2016-09-211-1/+4
| | | | | | | | | Details facet Fixes: https://fedorahosted.org/freeipa/ticket/6335 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* WebUI: Change group name from 'normal' to 'Non-POSIX'Pavel Vomacka2016-09-212-8/+6
| | | | | | | | It will correspond with CLI and will be more self-explanatory. https://fedorahosted.org/freeipa/ticket/6334 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Update ipa-server-install man page for hostnameTomas Krizek2016-09-211-1/+1
| | | | | | | | | | | Hostname is always set, remove the text that says hostname is set only if it does not match the current hostname. https://fedorahosted.org/freeipa/ticket/6330 Reviewed-By: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* WebUI: Add handling for HTTP error 404Pavel Vomacka2016-09-151-1/+8
| | | | | | | | | | In case that API is not accessible the 404 error is thrown. There was error dialog with almost no information. The new dialog says what error is there and what can be the main cause of the error. https://fedorahosted.org/freeipa/ticket/4821 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Add 'Restore' option to action dropdown menuPavel Vomacka2016-09-083-9/+35
| | | | | | | | Also moving activate_action method several lines up - correcting logical order of methods. https://fedorahosted.org/freeipa/ticket/5818 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Use Dogtag REST API for certificate requestsFraser Tweedale2016-09-071-2/+2
| | | | | | | | | | | | The Dogtag REST API gives better responses statuses than the RPC API and properly reports failure due to disabled CA (status 409). Make 'ra' extend 'RestClient' and refactor the 'request_certificate' method to use Dogtag's REST API. Part of: https://fedorahosted.org/freeipa/ticket/6260 Part of: https://fedorahosted.org/freeipa/ticket/3473 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* WebUI add support for sub-CAs while revoking certificatesPavel Vomacka2016-09-072-30/+100
| | | | | | | | | Also the same for removing certificate hold. https://fedorahosted.org/freeipa/ticket/6216 Reviewed-By: Petr Vobornik <pvoborni@redhat.com> Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* WebUI: Fix showing certificates issued by sub-CAPavel Vomacka2016-09-071-0/+7
| | | | | | | | | The cert-show command needs to be called with cacn option. Cacn option is passed using URL attribute. https://fedorahosted.org/freeipa/ticket/6238 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add support for additional options taken from table facetPavel Vomacka2016-09-071-1/+48
| | | | | | | | | | | | | | Sometimes the entity_show command must be called with options which are gathered from result of entity_find command. These options needs to be passed as arguments in URL which points to details page. This functionality is implemented to table facet. There is new property 'additional_navigation_arguments' which is prepared for array of attributes which will be passed to URL. Part of: https://fedorahosted.org/freeipa/ticket/6238 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Always fetch forest info from root DCs when establishing one-way trustMartin Babinsky2016-09-051-1/+24
| | | | | | | | | | | | | | Prior To Windows Server 2012R2, the `netr_DsRGetForestTrustInformation` calls performed against non-root forest domain DCs were automatically routed to the root domain DCs to resolve trust topology information. This is no longer the case, so the `com.redhat.idm.trust-fetch-domains` oddjob helper used to establish one-way needs to explicitly contact root domain DCs even in the case when an external trust to non-root domain is requested. https://fedorahosted.org/freeipa/ticket/6057 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Raise error when running ipa-adtrust-install with empty netbios--nameLenka Doudova2016-08-301-5/+5
| | | | | | | | | | | | | | | When running ipa-adtrust-install, a netbios-name option must be specified. Currently if an invalid netbios name in form of empty string is specified, the installation proceeds, but changes the invalid value to a netbios name determined from domain name without any notification. Fixing this so that any attempt to supply empty string as netbios name fails with error in case of unattended installation, or to request input of valid netbios name from command line during normal installation. https://fedorahosted.org/freeipa/ticket/6120 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
* Update translationsMartin Basti2016-08-3022-24952/+64980
| | | | Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* support multiple uid values in schema compatibility treeAlexander Bokovoy2016-08-251-0/+4
| | | | | | https://fedorahosted.org/freeipa/ticket/6138 Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
* Removed unwanted line break from RefererError Dialog messageAbhijeet Kasurde2016-08-231-1/+1
| | | | | | | Fixes: https://fedorahosted.org/freeipa/ticket/5932 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Fix man page ipa-replica-manage: remove duplicate -c option from --no-lookupPetr Spacek2016-08-221-3/+3
| | | | | | https://fedorahosted.org/freeipa/ticket/6233 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Corrected minor spell check in AD Trust information doc messagesAbhijeet Kasurde2016-08-221-1/+1
| | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* trust: make sure ID range is created for the child domain even if it existsAlexander Bokovoy2016-08-221-1/+1
| | | | | | | | | | | | | | | | | | | | ID ranges for child domains of a forest trust were created incorrectly in FreeIPA 4.4.0 due to refactoring of -- if the domain was already existing, we never attempted to create the ID range for it. At the same time, when domain was missing, we attempted to add ID range and passed both forest root and the child domain names to add_range(). However, add_range() only looks at the first positional argument which was the forest root name. That ID range always exists (it is created before child domains are processed). Modify the code to make sure child domain name is passed as the first positional argument. In addition, the oddjob helper should explicitly set context='server' so that idrange code will be able to see and use ipaserver/dcerpc.py helpers. Resolves: https://fedorahosted.org/freeipa/ticket/5738 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* adtrust-install: Mention AD GC port 3286 in list of required ports.Petr Spacek2016-08-222-0/+3
| | | | | | | | | Port name "msft-gc" is taken form /etc/services file provided by package setup-2.10.1-1.fc24.noarch. https://fedorahosted.org/freeipa/ticket/6235 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* support schema files from third-party pluginsAlexander Bokovoy2016-08-194-0/+32
| | | | | | | | | | | | | Allow upgrade process to include schema files from third-party plugins installed in /usr/share/ipa/schema.d/*.schema. The directory /usr/shar/eipa/schema.d is owned by the server-common subpackage and therefore third-party plugins should depend on freeipa-server-common (ipa-server-common) package in their package dependencies. Resolves: https://fedorahosted.org/freeipa/ticket/5864 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Add 'trusted to auth as user' checkboxPavel Vomacka2016-08-172-0/+10
| | | | | | | | Add new checkbox to host and service details page Prerequisite for: https://fedorahosted.org/freeipa/ticket/5764 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* Set servers list as default facet in topology facet groupPavel Vomacka2016-08-171-1/+1
| | | | | | | | | | Since there is a new warning about only one CA server, the default facet of topology facet group is set to servers list where the warning is. So the warning will be shown right after clicking on Topology section. Part of: https://fedorahosted.org/freeipa/ticket/5828 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
* Add warning about only one existing CA serverPavel Vomacka2016-08-172-1/+74
| | | | | | | | | | It is not safe to have only one CA server in topology. Therefore there is a check and in case that there is only one CA server a warning is shown. The warning is shown after each refreshing of servers facet. https://fedorahosted.org/freeipa/ticket/5828 Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
* Fix unicode characters in ca and domain addersPavel Vomacka2016-08-091-1/+3
| | | | | | | | | | | | Topology graph didn't show plus icons correctly. There is a problem with uglifying of javascript code. It does not leave unicode character written in hexadecimal format unchanged. Therefore this workaround which inserts needed character using Javascript function and uglifiyng does not affect it. https://fedorahosted.org/freeipa/ticket/6175 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Improvements for the ipa-cacert-manage man and helpStanislav Laznicka2016-08-091-13/+25
| | | | | | | | | | | | The man page for ipa-cacert-manage didn't mention that some options are only applicable to the install some to the renew subcommand. Also fixed a few missing articles. https://fedorahosted.org/freeipa/ticket/6013 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* Update ipa-replica-install documentationTomas Krizek2016-08-052-2/+2
| | | | | | | | | Update the ipa-replica-install man page and help to reflect that replica_file is optional instead of mandatory. https://fedorahosted.org/freeipa/ticket/6164 Reviewed-By: Martin Basti <mbasti@redhat.com>
* Minor fix in ipa-replica-manage MAN pageAbhijeet Kasurde2016-07-281-7/+7
| | | | | | | Fixes: https://fedorahosted.org/freeipa/ticket/6058 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* Remove full name from adding user to user group dialogPavel Vomacka2016-07-281-6/+1
| | | | | | | | | As the 'cn' is not in the response of user-show there is empty column in adder dialog. Therefore the column was removed. https://fedorahosted.org/freeipa/ticket/6055 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Create indexes for krbCanonicalName attributeMartin Babinsky2016-07-272-0/+17
| | | | | | | | | | | krbCanonicalName is for a long time among the attributes guarded by uniqueness plugins, but there was never an index for it. Now that the attribute is really used to store canonical principal names we need to add index for it to avoid performance regressions. https://fedorahosted.org/freeipa/ticket/6100 Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
* Close host adder dialog before showing 4304 dialogPavel Vomacka2016-07-271-0/+1
| | | | | | | | The adder dialog window stayed opened but not visible. This patch closes it. https://fedorahosted.org/freeipa/ticket/6050 Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
* unite log file name of ipa-ca-installPetr Vobornik2016-07-211-1/+1
| | | | | | | | | | | | | | | | | | | ipa-ca-install said that it used /var/log/ipareplica-ca-install.log but in fact it used /var/log/ipaserver-ca-install.log This patch unites it to ipareplica-ca-install.log It was chosen because of backwards compatibility - ipareplica-ca-install was more commonly used. ipaserver-ca-install.log was used only in rare CA less -> CA installation. https://fedorahosted.org/freeipa/ticket/6086 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* Use server API in com.redhat.idm.trust-fetch-domains oddjob helperMartin Babinsky2016-07-191-1/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/6082 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipa-compat-manage: use server API to retrieve plugin statusMartin Babinsky2016-07-121-1/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/6033 Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
* ipa-nis-manage: Use server API to retrieve plugin statusMartin Babinsky2016-07-121-1/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/6027 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
* IPA 4.4.0 TranslationsMartin Basti2016-07-0122-2718/+3786
| | | | Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
* Add widget for kerberos aliases to service pagePavel Vomacka2016-07-011-5/+12
| | | | | | | | | Also changes the name of option which is send during adding new service from 'krbprincipalname' to 'krbcanonicalname'. https://fedorahosted.org/freeipa/ticket/5927 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add widget for kerberos aliases to hosts pagePavel Vomacka2016-07-011-1/+8
| | | | | | https://fedorahosted.org/freeipa/ticket/5927 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add widget for kerberos aliases to user pagePavel Vomacka2016-07-011-1/+8
| | | | | | https://fedorahosted.org/freeipa/ticket/5927 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add widgets for kerberos aliasesPavel Vomacka2016-07-012-0/+114
| | | | | | | | Create own custom_command_multivalued_widget for kerberos aliases. https://fedorahosted.org/freeipa/ticket/5927 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Set default confirmation button label to 'Remove'Pavel Vomacka2016-07-011-1/+2
| | | | | | Part of: https://fedorahosted.org/freeipa/ticket/5831 Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Change error handling in custom_command_multivalued_widgetPavel Vomacka2016-07-011-3/+11
| | | | | | | | | | | The custom_command_multivalued_widget now handles remove and add commands errors correctly and shows error message. Part of: https://fedorahosted.org/freeipa/ticket/5381 add_error Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* replace an ACI relying on presence of deprecated objectclassMartin Babinsky2016-07-011-1/+2
| | | | | Reviewed-By: David Kupka <dkupka@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Add ACI for admins to modify principal attributesMartin Babinsky2016-07-011-0/+2
| | | | | | | | | | | | This is required for admins to utilize the APIs that enable them to add/remove principal aliases to entities. https://fedorahosted.org/freeipa/ticket/3864 https://fedorahosted.org/freeipa/ticket/3961 https://fedorahosted.org/freeipa/ticket/5413 Reviewed-By: David Kupka <dkupka@redhat.com> Reviewed-By: Jan Cholasta <jcholast@redhat.com>
* Do not log to file in remote conncheck sideMartin Basti2016-07-011-1/+1
| | | | | | https://fedorahosted.org/freeipa/ticket/5757 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
generated by cgit (git 2.34.1) at 2025-09-02 22:05:39 +0000