Commit Graph

9 Commits

Author SHA1 Message Date
Rob Crittenden
f976f6cfd8 Use replace instead of add to set new default ipaSELinuxUserMapOrder
The add was in effect replacing whatever data was already there
causing any custom order to be lost on each run of
ipa-server-upgrade.

https://pagure.io/freeipa/issue/6610

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
2018-06-08 10:49:18 +02:00
Martin Babinsky
594c87daf8 Short name resolution: introduce the required schema
Add ipaDomainResolutionOrder and ipaNameResolutionData to IPAv3 schema.
Extend ipaConfig object with ipaNameResolutionData objectclass during
update.

https://pagure.io/freeipa/issue/6372

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2017-03-14 18:37:10 +01:00
Nathaniel McCallum
3f85f09a83 Add support for managing user auth types
https://fedorahosted.org/freeipa/ticket/3368
2013-11-08 12:48:15 +01:00
Martin Kosek
44d1886d39 Remove deprecated AllowLMhash config
Remove this ipaConfigString value as LM hash is deprecated and in
fact even insecure.

https://fedorahosted.org/freeipa/ticket/3795
2013-11-01 09:30:10 +01:00
Rob Crittenden
7c2eb48850 Set MLS/MCS for user_u context to what will be on remote systems.
The user_u context in the default list was broader than is actually
configured by default on systems.

https://fedorahosted.org/freeipa/ticket/3224
2012-11-02 10:17:51 -04:00
Rob Crittenden
79b90d1465 Set SELinux default context to unconfined_u:s0-s0:c0.c1023
Don't require ipaselinuxdefaultuser to be set. If this is unset then
SSSD will use the system default.

https://fedorahosted.org/freeipa/ticket/3045
2012-09-13 12:35:43 +02:00
Rob Crittenden
0086a3f5c3 Add update files for SELinuxUserMap
https://fedorahosted.org/freeipa/ticket/2344
2012-02-15 12:28:37 +01:00
Jan Cholasta
63ea0a304e Add LDAP schema for SSH public keys.
https://fedorahosted.org/freeipa/ticket/754
2012-02-13 22:20:18 -05:00
Rob Crittenden
55512dc938 Add SELinux user mapping framework.
This will allow one to define what SELinux context a given user gets
on a given machine. A rule can contain a set of users and hosts or it
can point to an existing HBAC rule that defines them.

https://fedorahosted.org/freeipa/ticket/755
2011-12-09 16:46:25 +02:00