summaryrefslogtreecommitdiffstats
path: root/freeipa.spec.in
Commit message (Collapse)AuthorAgeFilesLines
* Added ipa-drm-installAde Lee2014-05-271-0/+2
| | | | | | | | | | ipa-drm-install can be used (with no arguments) to add a DRM to an existing ipa instance that already contains a Dogtag CA. In a subsequent patch, I will add logic to this script to detect if a drm naming context exists, and if so, to look for a replica file for installing on a replica.
* ipalib.version: Add VENDOR_VERSIONPetr Viktorin2014-05-271-2/+6
| | | | | | | | | This will allow us to make vendors' lives easier by embedding a vendor tag to installation logs. Part of the work for: https://fedorahosted.org/freeipa/ticket/4219 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Increase Java stack size for Web UI build on aarch64Petr Vobornik2014-05-261-1/+1
| | | | Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Clean up Smartproxy support, drop unused codeRob Crittenden2014-05-131-14/+2
| | | | | | | | | Drop the logrotate file because Apache manages the logs Drop the systemd configuration because we run in Apache Import json_encode_binary from ipalib Fix Requires Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Implement an IPA Foreman smartproxy serverRob Crittenden2014-04-301-1/+42
| | | | | | | | | | | | | | | | | | This currently server supports only host and hostgroup commands for retrieving, adding and deleting entries. The incoming requests are completely unauthenticated and by default requests must be local. Utilize GSS-Proxy to manage the TGT. Configuration information is in the ipa-smartproxy man page. Design: http://www.freeipa.org/page/V3/Smart_Proxy https://fedorahosted.org/freeipa/ticket/4128 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* webui: login screen widgetPetr Vobornik2014-04-151-0/+1
| | | | | | | | | | | | | | | | | | Reimplementation of unauthorized dialog into separate widget. It uses RCUE design. New features compared to unauthorized dialog: - reflects auth methods from `auth` module - validation summary - differentiates Kerberos auth failure with session expiration - Caps Lock warning - form based method doesn't allow password only submission https://fedorahosted.org/freeipa/ticket/4017 https://fedorahosted.org/freeipa/ticket/3903 Reviewed-By: Adam Misnyovszki <amisnyov@redhat.com>
* freeipa.spec.in: update dependencies to 389-ds and selinux-policyAlexander Bokovoy2014-04-041-3/+3
| | | | | | | | | | | | | 389-ds-base 1.3.2.16 implements reordering of sub-plugins based on the ordering of the main plugin. We need it to make OTP working over compat tree. selinux-polic 3.12.1-135 fixes issues which prevented httpd to work with kernel keyring-based credentials caches. This change is Fedora 20+. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* Add requires for pki-core-10.1.1-1.fc20Martin Kosek2014-03-281-1/+1
| | | | | | Fixes PKI installation errors on Fedora 20. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Add missing dependencies to freeipa-python packageMartin Kosek2014-03-261-1/+2
| | | | | | | | | python-pyasn1 and python-qrcode were imported by ipalib but not required by python subpackage. https://fedorahosted.org/freeipa/ticket/4275 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Remove dogtag-ipa-retrieve-agent-submit.Jan Cholasta2014-03-251-1/+0
| | | | Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Add new certmonger CA helper dogtag-ipa-ca-renew-agent.Jan Cholasta2014-03-251-0/+1
| | | | | | The helper will be used to handle CA-related certificate renewal requests. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Use certmonger D-Bus API to configure certmonger in CA install.Jan Cholasta2014-03-251-1/+1
| | | | | | Before, certmonger was configured by modifying its internal database directly. Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* Add missing dependencyNalin Dahyabhai2014-03-141-0/+1
| | | | | | | We use Java classes which are bundled with rhino when uglifying Javascript sources at build-time, so we need rhino at build-time. Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
* Add OTP last token pluginNathaniel McCallum2014-02-211-0/+2
| | | | | | | | | | This plugin prevents the deletion or deactivation of the last valid token for a user. This prevents the user from migrating back to single factor authentication once OTP has been enabled. Thanks to Mark Reynolds for helping me with this patch. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Update ACIs to permit users to add/delete their own tokensNathaniel McCallum2014-02-131-3/+3
| | | | | | https://fedorahosted.org/freeipa/ticket/4087 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* Move ipa-otpd socket directoryNathaniel McCallum2014-02-111-1/+1
| | | | | https://fedorahosted.org/freeipa/ticket/4167 Reviewed-By: Martin Kosek <mkosek@redhat.com>
* Remove working directory for bind-dyndb-ldap plugin.Petr Spacek2014-01-271-1/+0
| | | | | | | | | The working directory will be provided directly by bind-dyndb-ldap package. This partially reverts commit 689382dc833e687d30349b10a8fd7dc740d54d08. https://fedorahosted.org/freeipa/ticket/3967
* Limit memberOf and refInt DS plugins to main IPA suffix.Petr Spacek2014-01-271-3/+3
| | | | | | This drastically improves performance of retro changelog trimming. https://fedorahosted.org/freeipa/ticket/3967
* Fix ntpd config on clients.Jan Cholasta2014-01-241-0/+10
| | | | https://fedorahosted.org/freeipa/ticket/4094
* Use only system fontsPetr Vobornik2014-01-211-4/+3
| | | | | | | | | | | | | | | | This commit changes how fonts are used. - remove usage of bundled fonts and only system fonts are used instead - by using alias in httpd conf - by using local("Font Name") directive in font-face - removed usage of overpass font - redefined Open Sans font-face declarations. Note: upstream is doing the same change so we will be fine on upgrade. - introduce variable.less for variable definitions and overrides. This file will be very useful when we upgrade to newer RCUE so we will be able to redefine their and bootstrap's variables. Fixes: https://fedorahosted.org/freeipa/ticket/2861
* Use RCUE fontsPetr Vobornik2014-01-211-4/+4
| | | | https://fedorahosted.org/freeipa/ticket/3902
* RCUE initial commitPetr Vobornik2014-01-211-0/+2
| | | | https://fedorahosted.org/freeipa/ticket/3902
* Enable Retro Changelog and Content Synchronization DS pluginsAna Krivokapic2014-01-141-0/+1
| | | | | | | | | Enable Retro Changelog and Content Synchronization DS plugins which are required for SyncRepl support. Create a working directory /var/named/ipa required by bind-dyndb-ldap v4+. https://fedorahosted.org/freeipa/ticket/3967
* Increase Java stack size on s390 platformsMartin Kosek2014-01-031-2/+2
| | | | | | As reported in https://bugzilla.redhat.com/show_bug.cgi?id=1040576, the default stack trace needs to be also increased on s390 platforms to prevent rhino segfault.
* Use /usr/bin/python2Xiao-Long Chen2014-01-031-2/+2
| | | | | | | | | | | | Part of the effort to port FreeIPA to Arch Linux, where Python 3 is the default. FreeIPA hasn't been ported to Python 3, so the code must be modified to run /usr/bin/python2 https://fedorahosted.org/freeipa/ticket/3438 Updated by pviktori@redhat.com
* Add OTP support to ipalib CLINathaniel McCallum2013-12-181-0/+2
| | | | https://fedorahosted.org/freeipa/ticket/3368
* Increase Java stack size on PPC platformsMartin Kosek2013-12-131-0/+4
| | | | | | Wit the default stack size, rhino segfaulted on PPC platforms. https://bugzilla.redhat.com/show_bug.cgi?id=1040576
* Remove CFLAGS duplication.Jan Cholasta2013-12-061-1/+0
| | | | https://fedorahosted.org/freeipa/ticket/3896
* Include LDFLAGS provided by rpmbuild in global LDFLAGS in the spec file.Jan Cholasta2013-12-061-0/+1
| | | | | | Remove explicitly specified hardening flags from LDFLAGS in ipa-otpd. https://fedorahosted.org/freeipa/ticket/3896
* Prefer user CFLAGS/CPPFLAGS over those provided by rpmbuild in the spec file.Jan Cholasta2013-12-061-2/+2
| | | | https://fedorahosted.org/freeipa/ticket/3896
* Own /usr/share/ipa/ui/js/ in the spec file.Jan Cholasta2013-12-021-0/+1
| | | | https://fedorahosted.org/freeipa/ticket/4010
* Use hardening flags for ipa-optd.Jan Cholasta2013-12-021-0/+4
| | | | https://fedorahosted.org/freeipa/ticket/4010
* Remove changelog from the specPetr Viktorin2013-11-261-732/+3
| | | | | | | | The project's history is kept in Git. We used the spec changelog for changes to the spec itself, which doesn't make much sense. Downstreams like Fedora use their own changelog anyway. A single entry is left for tools that expect a changelog.
* Remove mod_ssl port workaround.Jan Cholasta2013-11-261-2/+6
| | | | https://fedorahosted.org/freeipa/ticket/4021
* platform: Add Fedora 19 platform fileTomas Babej2013-11-201-0/+13
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3504
* Removed old firefox configuration scriptsMartin Basti2013-11-151-3/+0
| | | | Part of ticket https://fedorahosted.org/freeipa/ticket/3821
* Fix date in last changelog entryPetr Viktorin2013-10-251-1/+1
|
* Remove mod_ssl conflictMartin Kosek2013-10-251-5/+4
| | | | | | | | | | | Since mod_nss-1.0.8-24, mod_nss and mod_ssl can co-exist on one machine (of course, when listening to different ports). To make sure that mod_ssl is not configured to listen on 443 (default mod_ssl configuration), add a check to the installer checking of either mod_nss or mod_ssl was configured to listen on that port. https://fedorahosted.org/freeipa/ticket/3974
* Require new SSSD to pull required AD subdomain fixesMartin Kosek2013-10-041-1/+1
|
* Move tests to test directoriesPetr Viktorin2013-09-251-1/+1
| | | | | | | | Nose doesn't pick up directories that don't begin with 'test'. Rename ipatests/test_ipaserver/install to test_install so that it's run. Also, merge test_ipautil.py from ipapython/test into tests/test_ipapython, so the whole test suite is in one place.
* Follow tmpfiles.d packaging guidelinesAna Krivokapic2013-09-161-3/+6
| | | | https://fedorahosted.org/freeipa/ticket/3881
* Add man pages for testing toolsPetr Viktorin2013-08-291-0/+6
| | | | | | Add man pages for ipa-run-tests, ipa-test-task, and ipa-test-config. https://fedorahosted.org/freeipa/ticket/3855 (part 5)
* Allow freeipa-tests to work with older paramiko versionsPetr Viktorin2013-08-131-1/+4
| | | | | | The integration testing framework used Paramiko SFTP files as context managers. This feature is only available in Paramiko 1.10+. Use an explicit context manager so that we don't rely on the feature.
* Fix selected minor issues in the spec file and licenseMartin Kosek2013-08-131-4/+5
| | | | | | | | | | | | This patch fixes: - too long description for server-trust-ad subpackage - adds (noreplace) flag %{_sysconfdir}/tmpfiles.d/ipa.conf to avoid overwriting potential user changes - changes permissions on default_encoding_utf8.so to prevent it pollute python subpackage Provides. - wrong address in GPL v2 license preamble in 2 distributed files https://fedorahosted.org/freeipa/ticket/3855
* Remove rpmlint warnings in spec fileMartin Kosek2013-08-131-23/+23
| | | | | | | | | Specifically: - combination of spaces and tabs in one line - using macros in comments - using "egrep" instead of "grep -E" https://fedorahosted.org/freeipa/ticket/3855
* Remove support for IPA deployments with no persistent searchTomas Babej2013-08-091-1/+1
| | | | | | | | | Drops the code from ipa-server-install, ipa-dns-install and the BindInstance itself. Also changed ipa-upgradeconfig script so that it does not set zone_refresh to 0 on upgrades, as the option is deprecated. https://fedorahosted.org/freeipa/ticket/3632
* Add requires for slapi-nis and SSSDMartin Kosek2013-08-081-2/+6
| | | | | Require slapi-nis 0.47.7 and sssd 1.11.0-0.1.beta2 required for core features of 3.3.0 release.
* Add ipa-advise plugins for legacy clientsAna Krivokapic2013-08-071-0/+3
| | | | | | | | | | | | | | | | | Old versions of SSSD do not directly support cross-realm trusts between IPA and AD. This patch introduces plugins for the ipa-advise tool, which should help with configuring an old version of SSSD (1.5-1.8) to gain access to resources in trusted domain. Since the configuration steps differ depending on whether the platform includes the authconfig tool, two plugins are needed: * config-redhat-sssd-before-1-9 - provides configuration for Red Hat based systems, as these system include the autconfig utility * config-generic-sssd-before-1-9 - provides configuration for other platforms https://fedorahosted.org/freeipa/ticket/3671 https://fedorahosted.org/freeipa/ticket/3672
* Free NSS objects in --external-ca scenarioMartin Kosek2013-07-261-1/+4
| | | | | | | | | | In external CA installation, ipa-server-install leaked NSS objects which caused an installation crash later when a subsequent call of NSSConnection tried to free them. Properly freeing the NSS objects avoid this crash. https://fedorahosted.org/freeipa/ticket/3773
* Add tar and xz dependencies to the freeipa-tests packagePetr Viktorin2013-07-251-0/+5
| | | | | The beakerLib plugin collects log files via compressed tarballs, so these dependencies are needed
generated by cgit (git 2.34.1) at 2024-05-01 01:03:09 +0000