General fixes.

Do not start ipa_kpasswd by default yet

ipa-server/freeipa-server.spec

@@ -14,7 +14,7 @@ BuildRequires: fedora-ds-base-devel openldap-devel krb5-devel nss-devel mozldap-
 Requires: python fedora-ds-base krb5-server krb5-server-ldap nss-tools openldap-clients httpd mod_python mod_auth_kerb python-ldap freeipa-python ntp cyrus-sasl-gssapi nss TurboGears
 
 %define httpd_conf /etc/httpd/conf.d
-%define plugin_dir /usr/lib/fedora-ds/plugins
+%define plugin_dir /usr/lib/dirsrv/plugins
 
 %description
 FreeIPA is a server for identity, policy, and audit.

ipa-server/ipa-install/ipa-server-install

@@ -132,7 +132,7 @@ def main():
     run(["/sbin/chkconfig", "ipa-kpasswd", "on"])
 
     # Start Kpasswd
-    run(["/sbin/service", "ipa-kpasswd", "start"])
+    # run(["/sbin/service", "ipa-kpasswd", "start"])
 
     # Create the config file
     fd = open("/etc/ipa/ipa.conf", "w")

ipa-server/ipa-slapi-plugins/ipa-pwd-extop/pwd-extop-conf.ldif

@@ -1,4 +1,5 @@
 dn: cn=ipa_pwd_extop,cn=plugins,cn=config
+changetype: add
 objectclass: top
 objectclass: nsSlapdPlugin
 objectclass: extensibleObject

ipa-server/ipaserver/krbinstance.py

@@ -150,9 +150,8 @@ class KrbInstance:
         args = ["/usr/kerberos/sbin/kdb5_ldap_util", "-D", "uid=kdc,cn=kerberos,"+self.suffix, "-w", self.kdc_password, "create", "-s", "-P", self.master_password, "-r", self.realm, "-subtrees", self.suffix, "-sscope", "sub"]
         run(args)
 
-    # TODO: NOT called yet, need to find out how to make sure the plugin is available first
+    #add the password extop module
     def __add_pwd_extop_module(self):
-        #add the password extop module
         extop_txt = template_file(SHARE_DIR + "pwd-extop-conf.ldif", self.sub_dict)
         extop_fd = write_tmp_file(extop_txt)
         ldap_mod(extop_fd, "cn=Directory Manager", self.admin_password)