IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
732 Commits 11 Branches 60 Tags
1a1e02025824ba86ca847d59435541545b6f0aec
Commit Graph

153 Commits

Author SHA1 Message Date
Rob Crittenden
4c288e653a Re-root the IPA web UI to /ipa and the XML-RPC interface to /ipaxml. 
438021
 2008-03-24 15:54:55 -04:00
Rob Crittenden
e54a16ae1c Allow the realm to be included in the name passed to add_service_principal() 
This is more kerberos-like and it doesn't hurt anything, we just won't
allow realms other than our own to be used.

437566
 2008-03-17 14:09:44 -04:00
Rob Crittenden
c3fedca013 Don't define bogus realm/server in configuration file by default 
Add default exception handler to avoid backtraces in cmdline tools
Enhance error message when the IPA server or realm can't be found

437565
 2008-03-17 13:16:56 -04:00
Rob Crittenden
6301914941 Require that the hostname is a DNS A record and that the forward and reverse 
match.

433515
 2008-03-03 16:10:06 -05:00
Rob Crittenden
b49942fe96 Close all fds when running another program. This fixes the SELinux AVCs. 
Put installation log files into /var/log.

430024
 2008-03-03 16:14:48 -05:00
Rob Crittenden
79557e6bf2 Do argument type checking in the XML-RPC interface 
Fix error in service principals where the service wasn't being removed before
doing the DNS lookup.
 2008-02-29 10:58:07 -05:00
Rob Crittenden
ad8096b51f - Centralize try/except so the entire program is covered. This make it 
possible to catch KeyboardInterrupt during the import process.
- Add function for handling python differences with GSSError

434798
 2008-02-27 10:40:18 -05:00
Rob Crittenden
f49ed705b3 The admins group cannot be renamed. 
433880
 2008-02-27 10:50:17 -05:00
Rob Crittenden
d6d12e9dc5 Require that service principals resolve to a DNS A record. 
There is a --force option for those who know what they are doing.

433483
 2008-02-26 13:51:56 -05:00
Rob Crittenden
8f0d4a8ed3 Add failover to the XML-RPC client 
433506
 2008-02-22 14:47:15 -05:00
Rob Crittenden
02d3c5aff3 Don't allow a group to be a member of itself. 
434542
 2008-02-22 15:40:21 -05:00
Rob Crittenden
44797e3917 Command-line utility to manage password policy 
432814
 2008-02-25 13:11:15 -05:00
Rob Crittenden
84d1e08d76 Become freeipa-0.99.0 2008-02-21 16:11:42 -05:00
Rob Crittenden
f82b3b0b28 Handle input range properly and catch KeyboardInterrupt and exit gracefully 
433496
 2008-02-20 09:32:25 -05:00
Rob Crittenden
0300952ec7 Use ldap_explode_dn instead of ldap_str2dn so we can use python-ldap 2.2.0 2008-02-11 09:42:47 -05:00
Rob Crittenden
c50ebd9657 Don't set blank values so we don't end up with empty attributes 
Resolves 429895
 2008-01-30 09:31:03 -05:00
Rob Crittenden
97d9c235dd Set the license uniformly to GPLv2 only. 2008-02-04 15:15:52 -05:00
Rob Crittenden
0e3ecf6270 Marked with wrong license. IPA is GPLv2. 2008-01-31 16:49:01 -05:00
Mark McLoughlin
996a3f6698 Fix not so random random passwords 
If you run ipa_generate_password() multiple times, one
after the other, then you get the same password each time.

This is because it uses the current time to seed the
pseudo random number generator.

The easiest solution is to just use the default method
which seeds itself from /dev/urandom if available,
and uses a fractional time value otherwise.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
 2008-01-22 16:42:45 +00:00
Rob Crittenden
00e20c2003 Use Fedora package names for PyKerberos (python-kerberos) and pyasn1 
(python-pyasn1) for the specfile Requires.
 2008-01-24 13:44:38 -05:00
Rob Crittenden
3594157f54 Add a copy of the LICENSE and populate some README's 2008-01-23 10:30:18 -05:00
Rob Crittenden
042fb11fa1 Fix issues reported by rpmlint. 
- Removing shebangs (#!) from a bunch of python libraries
- Don't use a variable name in init scripts for the lock file
- Keep the init script name consistent with the binary name, so renamed
  ipa-kpasswd.init to ipa_kpasswd.init
- Add status option to the init scripts
- Move most python scripts out of /usr/share/ipa and into the python
  site-packages directories (ipaserver and ipaclient)
- Remove unnecessary sys.path.append("/usr/share/ipa")
- Fix the license string in the spec files
- Rename ipa-webgui to ipa_webgui everywhere
- Fix a couple of issues reported by pychecker in ipa-python
 2008-01-18 16:20:36 -05:00
Mark McLoughlin
9161dcbbdc Add service.is_enabled() helper 
Add a simple helper to check whether a service is enabled.

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
 2008-01-11 10:36:25 +00:00
Rob Crittenden
42d5ddc559 Service principal deletion 2008-01-11 11:44:23 -05:00
Rob Crittenden
1c4e4b3e14 Add function to retrieve a short list of attributes to make ipa-adddelegation 
easier to use.
 2008-01-04 16:39:41 -05:00
Karl MacMillan
c761409490 Update versions for release. -
Karl MacMillan
6575aa606f Merge. -
Mark McLoughlin
2dd8c346f3 Fix ipa-python packaging 
Latest Fedora 9 python distutils generates .egg-info files;
follow the recommendation at:

  http://fedoraproject.org/wiki/Packaging/Python/Eggs

and just package everything under %{python_sitelib}/

Signed-off-by: Mark McLoughlin <markmc@redhat.com>
 2007-12-13 09:31:28 +00:00
Karl MacMillan
a0eacec8e5 Cleanup from radius merge. -
Simo Sorce
3defaaf7ba Make admintools discover the domain using DNS calls to find the LDAP server. 2007-12-11 10:58:39 -05:00
Rob Crittenden
f796e50000 Add simple UI for command-line programs to be able to select when 
multiple entries are returned.
 2007-12-10 16:12:58 -05:00
Karl MacMillan
cf595511ff Move radius server components into a separate package. -
Karl MacMillan
3b4f0db73e Convert the setup of ssl from a shell script to a 
python module. This is in preparation for user
supplied certs.
 -
Karl MacMillan
ad3fcc200c Merge. -
Simo Sorce
c0b809efd5 Move dnsclient into ipa-python so that I will be able to use it in ipaconfig 2007-12-10 16:31:21 -05:00
Rob Crittenden
00489597d8 Rework input validation to more closely match what we require in the UI 2007-12-07 17:07:03 -05:00
Karl MacMillan
d2378f13d0 Merge. -
John Dennis
d53915954e merge 2007-12-04 10:08:08 -05:00
John Dennis
4e1d291d15 change location of radius data in ldap from 
cn=radius,cn=services,cn=etc
to
cn=radius
 2007-11-30 20:29:12 -05:00
John Dennis
d7a7ba4f45 add user profile command line arg to all radius 
profile command line tools to select between shared
and per user profiles

modify AttributeValueCompleter so default values prefer
previously entered values in editing session
 2007-11-28 12:06:06 -05:00
John Dennis
904b76059c merged radius work with latest mainline tip 2007-11-28 07:49:07 -05:00
John Dennis
c939c5d289 fix regular expression used in parse_key_value_pairs() 2007-11-27 22:52:11 -05:00
John Dennis
5d1ca46ea7 do a better job of handling attribute deletion 2007-11-27 16:16:10 -05:00
John Dennis
78b5987101 add parse_items(), read_items_file() 
move read_pairs_file() to ipautil
 2007-11-26 23:11:49 -05:00
John Dennis
c5a43a0168 add ItemCompleter class 2007-11-26 20:59:53 -05:00
John Dennis
09238510ff add command line utilites for radius profiles 2007-11-26 19:30:33 -05:00
John Dennis
4f33d67418 remove radius_client.py, move contents to radius_util.py 2007-11-26 11:12:58 -05:00
jdennis@VAIO
9a9a7e4058 clean up attribute names 
clean up command line args in ipa-delradiusclient
 2007-11-24 11:20:28 -05:00
John Dennis
d98686e967 Add radius profile implementations: 
get_radius_profile_by_uid
  add_radius_profile
  update_radius_profile
  delete_radius_profile
  find_radius_profiles

Rewrite command line arg handling, now support pair entry, interactive
mode with auto completion, reading pairs from a file, better handling
of mandatory values, better help, long arg names now match attribute
name in pairs

Establish mappings for all attributes and names used in clients and
profiles

Add notion of containers to radius clients and profiles in LDAP

Move common code, variables, constants, and strings into the files
radius_client.py, radius_util.py, ipautil.py to eliminate redundant
elements which could get out of sync if modified and to provide access
to other code which might benefit from using these items in the
future.

Add utility functions:
  format_list()
  parse_key_value_pairs()

Add utility class:
  AttributeValueCompleter

Unify attribute usage in radius ldap schema
 2007-11-21 13:11:10 -05:00
John Dennis
c4dbe6433d add ipa-findradiusclient search 2007-11-14 15:32:08 -05:00