Commit Graph

680 Commits

Author SHA1 Message Date
Jakub Hrozek
22c3a681da Fine tuning DNS options
Add pointer to self to /etc/hosts to avoid chicken/egg problems when
restarting DNS.

On servers set both dns_lookup_realm and dns_lookup_kdc to false so we don't
attempt to do any resolving. Leave it to true on clients.

Set rdns to false on both server and client.

https://fedorahosted.org/freeipa/ticket/931
2011-02-14 14:45:22 -05:00
Adam Young
03e83f6cc8 DNS record search
The current version of the DNS Plugin does not support searching by record, so that is commented out.

The search field wasn't working either.  The search criteria had to be appended to the params array, just after the zone.

https://fedorahosted.org/freeipa/ticket/907
2011-02-14 13:28:42 -05:00
Nalin Dahyabhai
4d85fb18a2 drop the group.upg NIS map
The group.upg NIS map was an experiment in providing UPG groups
dynamically, and is not one of the maps that I'd ever expect a NIS
client to "know" to search.  We should probably just drop it.
2011-02-14 11:35:03 -05:00
Rob Crittenden
1315ba19d2 Add permission/privilege for updating IPA configuration.
ticket 950
2011-02-14 10:22:55 -05:00
Rob Crittenden
76f2d2eac2 Handle bad DM password in ipa-host-net-manage & ipa-copmat-manage.
This was resulting in a traceback because while conn was not None
it wasn't connected either.

ticket 920
2011-02-14 10:13:52 -05:00
Endi S. Dewata
6880daefee Fixed add service dialog box.
Previously the add service dialog box shows a 'Principal:' label with
no text field next to it. It now has been removed. The dialog box
has been widened to avoid line wrapping of the buttons.
2011-02-11 16:27:59 -05:00
Adam Young
29cf66046a remove deprecated record types 2011-02-11 16:26:09 -05:00
Adam Young
f1e46f36d2 allow null keys for show
https://fedorahosted.org/freeipa/ticket/951
2011-02-11 15:47:53 -05:00
Adam Young
d14ef576c3 column formatting Allow optional formatting for columns Provide Data formate for host modificaiton
date format
2011-02-11 15:04:31 -05:00
Adam Young
6f6d50f37f target section without radio buttons ACI target section refactored into an array of widget-like objects. The radio buttons have been replaced by a select box. THe select is not visible on the details page. 2011-02-11 15:04:31 -05:00
Jakub Hrozek
b069af3bc9 Fix migration page 2011-02-11 13:28:22 -05:00
Martin Kosek
30fdafcfbe ipa-dns-install does not exit on error
This patch fixes behavior of ipa-dns-install, which does not
exit when an invalid configuration of /etc/hosts is detected.

https://fedorahosted.org/freeipa/ticket/736
2011-02-11 10:34:03 -05:00
Martin Kosek
fb751686a1 Fix return codes for ipactl
This patch fixes ipactl to return non-zero value when something
goes wrong.

https://fedorahosted.org/freeipa/ticket/894
2011-02-10 13:59:03 -05:00
Rob Crittenden
b77046d550 Disable replication version plugin by default.
The 389-ds replication plugin may not be installed on all platforms
and our replication version plugin will cause 389-ds to not start
if it is loaded and the replication plugin is not. So disable by
default.

When a replica is prepared we check for the replication plugin.
If it exists we will enable the replication version plugin.

Likewise on installation of a replica we check for existence of
the repliation plugin and if it is there then we enable the version
plugin before replication begins.

ticket 918
2011-02-10 13:54:39 -05:00
Rob Crittenden
d9eb19b0e8 Make main selfservice aci visible to the selfservice plugin.
ticket 934
2011-02-10 11:16:58 -05:00
Endi S. Dewata
8d597dcbb0 Moved add dialog into search facet.
Previously the add dialog is added into entity. The dialog is only
used by the search facet, so it's now moved into the search facet.
2011-02-09 19:46:49 -05:00
System Administrator
25abf07360 Cross brower adjustments for the action-panel. 2011-02-09 11:22:52 -05:00
Endi S. Dewata
7be127512b Read-only text widget's save() should return null. 2011-02-07 15:31:42 -05:00
Rob Crittenden
9b73da1d54 Refresh state data before removing the dirsrv user, fixes uninstall.
The state is read only at initialization time. This works ok when
individual services remove their state data but when worked upon again
at the top-level it still has the full state in memory, so when the
state file is re-written all of the data that was removed is re-added.

ticket 916
2011-02-07 14:41:05 -05:00
Endi S. Dewata
311660dec2 Hide initial status.
Previously all certificate & Kerberos key statuses (valid, missing
and revoked) will appear briefly at the same time during page load.
This has been fixed by setting the initial style to hidden.
2011-02-07 14:34:22 -05:00
Endi S. Dewata
4ee6882e9f Removed unused code. 2011-02-07 11:31:21 -05:00
Endi S. Dewata
348d734c59 Restructuring details page.
Previously the IPA.details_list_section can only be used with widgets
that generates <dd> tag because it uses the following structure:

<dl>
  <dt>Telephone Number:</dt>
  <span name="teleponenumber">
    <dd>111-1111</dd>
    <dd>222-2222</dd>
  </span>
</dl>

The <dd> tag was previously used to handle multi-valued attributes.
Since multi-valued attributes are now handled by the recently added
IPA.multivalued_text_widget, the structure can be changed as follows:

<dl>
  <dt>Telephone Number:</dt>
  <dd>
    <span name="telephonenumber">
      <div>111-1111</div>
      <div>222-2222</div>
    </span>
  </dd>
</dl>

This allows IPA.details_list_section to be used with any widgets
without requiring the <dd> tag.
2011-02-07 11:31:17 -05:00
Adam Young
a6849ef2ba removed duplicate postion
olny need to specify once
2011-02-04 16:13:14 -05:00
Endi S. Dewata
bd493d47a7 Added multi-valued text widget.
A multi-valued text widget has been created to replace the old
IPA.details_field. The old code was designed to handle all data
types, and it uses one <dd> tag for each value, so the code is
still incomplete and complex. The new code was designed to handle
only multi-valued text attributes, and it uses one <dd> tag for
all values, so it's easier to maintain. There are already other
widgets that can be used to handle other data types.

The new code supports line-level undo and line-out for removal
like the old code, but there are some changes:
 - Undoing a newly added line will remove the entire line.
 - Editing the value of a removed line will cancel the removal.
 - It provides 'undo all' link to reset the entire attribute.

The old code will be cleaned up in a subsequent patch.
2011-02-03 20:09:15 -05:00
Adam Young
ff646ec3a4 favicon
adds a favicon that is the freeipa cube
2011-02-03 15:04:23 -05:00
Endi S. Dewata
ce995bf1b9 Fixed CSS error. 2011-02-03 11:02:54 -05:00
Martin Kosek
4880598fbd ipa-server-install inconsistent capitalization
A cosmetic patch to IPA server installation output aimed to make
capitalization in installer output consistent. Several installation
tasks started with a lowercase letter and several installation
task steps started with an uppercase letter.

https://fedorahosted.org/freeipa/ticket/776
2011-02-03 10:34:01 -05:00
Endi S. Dewata
a686f36906 Fixed section expand/collapse in user details.
The section names were missing from the entity definition.
2011-02-03 09:04:17 -05:00
Adam Young
afce50a3e4 city and state
using approapriate lcoality and state abbreviations for the attributes: l and st
2011-02-02 16:59:44 -05:00
Endi S. Dewata
d389e054f6 Added undo for permission target.
https://fedorahosted.org/freeipa/ticket/885
2011-02-02 15:56:50 -05:00
Jakub Hrozek
bb56285f6b IPv6 enhancements
* Make host-add, host-del and reverse zone creation IPv6 aware
* Make Bind listen on IPv6 interfaces, too

https://fedorahosted.org/freeipa/ticket/398
2011-02-02 12:39:35 -05:00
Adam Young
2518612b0d core widget unit tests baseline set of unit tests for checking that each widget conforms to the contract 2011-02-02 10:59:46 -05:00
Rob Crittenden
275998f6bd Add support for tracking and counting entitlements
Adds a plugin, entitle, to register to the entitlement server, consume
entitlements and to count and track them. It is also possible to
import an entitlement certificate (if for example the remote entitlement
server is unaviailable).

This uses the candlepin server from https://fedorahosted.org/candlepin/wiki
for entitlements.

Add a cron job to validate the entitlement status and syslog the results.

tickets 28, 79, 278
2011-02-02 10:00:38 -05:00
Rob Crittenden
f3d04bfc40 Fix installing with an external CA and wait for dogtag to come up
There wasn't an exception in the "is the server already installed"
check for a two-stage CA installation.

Made the installer slightly more robust. We create a cache file of
answers so the next run won't ask all the questions again. This cache
is removed when the installation is complete. Previously nothing would work
if the installer was run more than once, this should be fixed now.
The cache is encrypted using the DM password.

The second problem is that the tomcat6 init script returns control
before the web apps are up. Add a small loop in our restart method
to wait for the 9180 port to be available.

This also adds an additional restart to ensure that nonces are disabled.

ticket 835

revise
2011-02-01 17:52:57 -05:00
Adam Young
c704ae605a undo entity widget adds line level undo for the entity-select-widget now shows the undo link on filter change does JSON queries on keyup instead of keypress https://fedorahosted.org/freeipa/ticket/886 2011-02-01 16:37:42 -05:00
Rob Crittenden
c6ef39b2c0 Add new schema to store information about permissions.
There are some permissions we can't display because they are stored
outside of the basedn (such as the replication permissions). We
are adding a new attribute to store extra information to make this
clear, in this case SYSTEM.

ticket 853
2011-02-01 16:00:41 -05:00
Adam Young
ec59e618da use entity select widget for permissions
https://fedorahosted.org/freeipa/ticket/879
2011-02-01 14:56:41 -05:00
Simo Sorce
5c6232e24d Force sync in both direction before changing replication agreements
Fixes: https://fedorahosted.org/freeipa/ticket/887
2011-02-01 13:49:41 -05:00
Endi S. Dewata
8cff0812d5 Fixed attribute name for delegation member group. 2011-02-01 12:03:45 -05:00
Endi S. Dewata
613a3d0f56 Added undo for permission rights.
https://fedorahosted.org/freeipa/ticket/884
2011-02-01 08:30:35 -05:00
Endi S. Dewata
7c23d5aff9 Fixed missing object reference. 2011-01-31 23:29:07 -05:00
Adam Young
f85771b2a7 aci association fixes
declarative priv definition
fixes role_add_privilege and privilege_add_permisison
2011-01-31 23:09:13 -05:00
Jakub Hrozek
0dce1bc9e1 Add an address for a nameserver when a new zone is created during install
https://fedorahosted.org/freeipa/ticket/881
2011-01-31 22:15:45 -05:00
Adam Young
a7e89190fa association fixes
PLaces custom association facets into the proper facet groups
usesthe associators if they are specifiedfor an association
2011-01-31 20:42:09 -05:00
Simo Sorce
cc9abf5d38 Use a common group for all DS instances
Also remove the option to choose a user.
It is silly to keep it, when you can't choose the group nor the CA
directory user.

Fixes: https://fedorahosted.org/freeipa/ticket/851
2011-01-31 16:35:53 -05:00
Endi S. Dewata
a629f3f4c7 Removed permission description from UI
https://fedorahosted.org/freeipa/ticket/877
2011-01-31 15:06:47 -05:00
Adam Young
f89860b77e reduce scope of remove link it was global https://fedorahosted.org/freeipa/ticket/212 2011-01-31 14:31:44 -05:00
Rob Crittenden
bf4f77d985 Rename permissions and privileges to be more readable.
This also drops description from permissions since it seems redundant and
fixes up the help text a little.

ticket 792
2011-01-31 13:17:38 -05:00
Adam Young
c281e786c8 widget unit tests
unit test for basic functionality, text, and checkbox widgets
2011-01-31 13:12:53 -05:00
Endi S. Dewata
987507efd0 Fixed IPA.widget's load, save, and is_dirty.
This patch fixes the problem leaving the user details page.
2011-01-30 15:32:59 -05:00