IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-27 16:46:42 -06:00
Code Issues Packages Projects Releases Wiki Activity
924 Commits 11 Branches 59 Tags 60 MiB
110f60da8e
Commit Graph

38 Commits

Author SHA1 Message Date
Martin Nagy
f7ca405716 Wrap up the raw_input() to user_input() for convenience and uniformity. 2008-07-23 10:05:06 -04:00
Rob Crittenden
c58b7a3d7c Move version.py to the common ipa directory instead of being server-based so it can be used by the client tool. 
Fix the client tool imports to fail more gracefully.
 2008-06-03 22:39:11 -04:00
Rob Crittenden
e935287f6e Try to clear up messages prompting for domain and IPA server when DNS discovery fails to find them. 2008-05-30 15:44:56 -04:00
Simo Sorce
8f082f2d4f Now that admin is in the common users tree make the nss_ldap 
configuration look at the specific tree where users are and
not search the full server.
 2008-05-29 09:43:08 -04:00
Simo Sorce
53afb67537 Fix the case where domain != lower(REALM) 
add the domain to the ipa.conf file for apps that need to know
This should fix a bug in the replica setup
 2008-05-29 09:43:00 -04:00
Martin Nagy
2f69e7e18d Change file mode of log files to 600. 
446869
 2008-05-20 22:43:03 -04:00
Rob Crittenden
92d7f9c28a Make sure all services are stopped during uninstall. 
We were just shutting down the KDC if it had been started prior to IPA
installation. We need to stop it in all cases.

And we should restart nscd as it may have made an LDAP connection.

440322
 2008-05-14 09:57:09 -04:00
Simo Sorce
a86b1eaeed fix stupid typo, 
thanks Nalin for spotting this.
 2008-05-10 11:25:31 -04:00
Simo Sorce
5c4b1770c0 On IPA Servers connect to ourselves using localhost, 
and avoid searching for KDC servers via DNS, we just connect
to ourselves.
 2008-05-08 17:31:19 -04:00
Simo Sorce
298747e15a Make sure we always have the [domain-realm] section or kerberos libs misbheave. 2008-04-22 15:28:42 -04:00
Simo Sorce
24a7cf3714 Fix client discovery and make sure command line options are not overwritten 
with discovered options, just verified.
 2008-04-09 15:55:46 -04:00
Simo Sorce
c45d58cc3f Make sure we start the NSCD daemon. 
It makes a huge difference on clients, if we cache lookups
 2008-04-08 14:58:52 -04:00
Simo Sorce
625d9b2de8 - Better defaults for nss_ldap 
- Make sure timeouts are not too high, so that machine does not hang if remote
  servers are not reachable
- Make sure root can always login no matter what the status of the ldap
  servers
- use rfc2307bis schema directive
 2008-04-01 18:04:59 -04:00
Simo Sorce
28ac93a535 Implement client uninstall 
(including RHEL4 contrib setup script)
 2008-03-31 17:33:55 -04:00
Simo Sorce
8bfe814358 Allow client install to specify ntp server name 2008-03-14 08:42:06 -04:00
Rob Crittenden
7fd656477a Prevent server and domain from being undefined or blank when we need them 
Improve LDAP error reporting
Don't return the str() of discovery values because it can return "None"

436130
 2008-03-05 16:33:12 -05:00
Rob Crittenden
b49942fe96 Close all fds when running another program. This fixes the SELinux AVCs. 
Put installation log files into /var/log.

430024
 2008-03-03 16:14:48 -05:00
Rob Crittenden
6533bc1a84 Add action statement to ldap.conf update 
Move imports into try/except so that ctrl-C can always be caught
Fix typo
 2008-02-27 16:17:38 -05:00
Rob Crittenden
111a475b15 Don't try to use options.realm_name unless it was passed in 
Don't allow empty responses to domain and realm name
Handle ctrl-C

434982
 2008-02-26 15:31:34 -05:00
Rob Crittenden
cbb6b5a005 Provide feedback on what is being done during ipa-client-install 
429541
 2008-02-20 17:09:02 -05:00
Simo Sorce
30195fb5fb Pass in server and domain parameters if provided, so that they are not ignored 2008-02-19 15:57:53 -05:00
Simo Sorce
46cb6e9bdd Run ipa-client-install after server install bits 2008-02-20 10:16:19 -05:00
Simo Sorce
3902a381d5 Add uniqueMember -> member mapping into /etc/ldap.conf on installation 2008-02-05 15:41:55 -05:00
Rob Crittenden
042fb11fa1 Fix issues reported by rpmlint. 
- Removing shebangs (#!) from a bunch of python libraries
- Don't use a variable name in init scripts for the lock file
- Keep the init script name consistent with the binary name, so renamed
  ipa-kpasswd.init to ipa_kpasswd.init
- Add status option to the init scripts
- Move most python scripts out of /usr/share/ipa and into the python
  site-packages directories (ipaserver and ipaclient)
- Remove unnecessary sys.path.append("/usr/share/ipa")
- Fix the license string in the spec files
- Rename ipa-webgui to ipa_webgui everywhere
- Fix a couple of issues reported by pychecker in ipa-python
 2008-01-18 16:20:36 -05:00
Rob Crittenden
aaa3cfd58c Fix case where a question was being asked in unattended mode. 
Catch permission errors on install.
Initialize srv so the error message works if the user presses enter
 2008-01-17 16:36:05 -05:00
Karl MacMillan
2892c28f56 Improve confirmation. 0001-01-01 00:00:00 +00:00
Karl MacMillan
380756ace9 Confirm before configuring the client. 0001-01-01 00:00:00 +00:00
Simo Sorce
25c542870d Fix client installation tool 2007-12-04 09:01:40 -05:00
Simo Sorce
b51f4b28ec - Set correct values in ipa.conf during client install so that admin tools can 
reach the xml-rpc server.
- Assume the kdc/ldap server == xml-rpc server for v1.


Initial code to read the Kerberos Master Key from the Directory
 2007-11-16 20:18:36 -05:00
Karl MacMillan
36e43aed1b NTP configuration for client and server. 
Configure ipa servers as an ntp server and clients
to (by default) us the ipa server as an ntp server.

Also corrected the messages about which ports should
be opened.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
2703be51c8 Print warning about NTP 
After looking into setting up ntpd on the IPA servers I decided it
was better just to warn admins. There are just too many valid setups
for time synchronization for us to try to get this right. Additionally,
just installing ntp and accepting the default config will result in
a configuration that is perfectly valid for IPA.

This patch checks if ntpd is running and suggests enabling it if it
is not - for client and server. It also adds some suggested next
steps to the server installation.
 0001-01-01 00:00:00 +00:00
Karl MacMillan
1fcc3c6650 Autotool ipa-client - patch from William Jon McCann <mccann@jhu.edu> 0001-01-01 00:00:00 +00:00
Simo Sorce
3fd4b9ba2c Initial support for confiuguring a DNS Server during installation. 
It's not perfect yet but good enough to include it.
 2007-09-20 15:10:21 -04:00
Simo Sorce
566018f4d4 Better file parsing routines, 
also switch to recreate ldap.conf and krb5.conf from scratch on clients,
avoid nasty failures in case the original files contained strange directives
 2007-09-06 17:57:54 -04:00
Simo Sorce
584baa7ee2 merge ipa-server/ipaserver/util.py into ipa-python/ipautil.py 
this way freeipa-client does not depend on freeipa-server
 2007-09-04 16:13:15 -04:00
Simo Sorce
12b46527c6 Complete autodiscovery with autoconfiguration 
The code is still not perfect and rely on a yet unreleased
nss_ldap package that fix dns discovery problems within nss_ldap
itself.
Also the manipulation of krb5.conf need to be improved
 2007-08-30 19:40:54 -04:00
Simo Sorce
48bb474e68 Add interactive prompts to ipa-server-install 
Change unattended flag to be -U
Change master password flag to be -P instead of -m
Improve ipa-client-install readability for user prompts
 2007-08-20 18:40:32 -04:00
Simo Sorce
0e419aa4bf Add a prototype client tool to configure a client of the IPA server 
Right now it does only discovery (or fallback)
 2007-08-16 18:00:16 -04:00