freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Author	SHA1	Message	Date
Jan Cholasta	2d357a312f	Fix various bugs in ipa-opt-counter and ipa-otp-lasttoken Fixes a wrong sizeof argument and unchecked return values. https://fedorahosted.org/freeipa/ticket/4651 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>	2014-11-05 15:28:27 +01:00
Jan Cholasta	56d832912f	Fix memory leaks in ipa-extdom-extop https://fedorahosted.org/freeipa/ticket/4651 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>	2014-11-05 15:28:27 +01:00
Jan Cholasta	04a6f712e4	Fix possible NULL dereference in ipa-kdb https://fedorahosted.org/freeipa/ticket/4651 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>	2014-11-05 15:28:27 +01:00
Jan Cholasta	59af17d5e4	Fail if certmonger can't see new CA certificate in LDAP in ipa-cacert-manage This should not normally happen, but if it does, report an error instead of waiting idefinitely for the certificate to appear. https://fedorahosted.org/freeipa/ticket/4629 Reviewed-By: David Kupka <dkupka@redhat.com>	2014-11-05 15:26:42 +01:00
David Kupka	71c24b187a	Respect UID and GID soft static allocation. https://fedoraproject.org/wiki/Packaging:UsersAndGroups?rd=Packaging/UsersAndGroups#Soft_static_allocation https://fedorahosted.org/freeipa/ticket/4585 Reviewed-By: Martin Basti <mbasti@redhat.com>	2014-11-05 15:22:51 +01:00
Martin Basti	49a73e1d6b	Fix CI tests: install_adtrust IPA uses both named and named-pkcs11 service. If named is masked use named-pkcs11, instead of raising exception Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-11-04 16:23:41 +01:00
Martin Basti	a21443168e	Add bind-dyndb-ldap working dir to IPA specfile https://fedorahosted.org/freeipa/ticket/4657#comment:6 Reviewed-By: Petr Spacek <pspacek@redhat.com>	2014-10-31 15:04:53 +01:00
Jan Cholasta	1b940d39f3	Do not wait for new CA certificate to appear in LDAP in ipa-certupdate If new certificate is not available, reuse the old one, instead of waiting indefinitely for the new certificate to appear. https://fedorahosted.org/freeipa/ticket/4628 Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-30 10:51:36 +01:00
Jan Cholasta	2ee248bd7e	Handle profile changes in dogtag-ipa-ca-renew-agent To update the CA certificate in the Dogtag NSS database, the "ipa-cacert-manage renew" and "ipa-certupdate" commands temporarily change the profile of the CA certificate certmonger request, resubmit it and change the profile back to the original one. When something goes wrong while resubmitting the request, it needs to be modified and resubmitted again manually. This might fail with invalid cookie error, because changing the profile does not change the internal state of the request. Detect this in dogtag-ipa-ca-renew-agent and reset the internal state when profile is changed. https://fedorahosted.org/freeipa/ticket/4627 Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-29 15:06:05 +01:00
Petr Spacek	4e42d17130	Fix zone name to directory name conversion in BINDMgr. https://fedorahosted.org/freeipa/ticket/4657 Reviewed-By: Martin Basti <mbasti@redhat.com>	2014-10-29 15:02:08 +01:00
Martin Basti	75cdc50ba9	Fix dns zonemgr validation regression https://fedorahosted.org/freeipa/ticket/4663 Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-27 15:55:34 +01:00
Alexander Bokovoy	47ab6351f1	Add ipaSshPubkey and gidNumber to the ACI to read ID user overrides https://fedorahosted.org/freeipa/ticket/4664 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-24 15:54:43 +02:00
Jan Cholasta	e22cf5bafc	Do not check if port 8443 is available in step 2 of external CA install The port is never available in step 2 of external CA install, as Dogtag is already running. https://fedorahosted.org/freeipa/ticket/4660 Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-22 14:20:27 +02:00
Petr Vobornik	1300f82b9c	build: increase java stack size for all arches Gradually new arches which need a bigger stack size for web ui build appear. It's safer to increase the stack size for every architecture and avoid possible future issues. Reason: build fail on armv7hl Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-22 13:55:28 +02:00
Petr Vobornik	5bcaea7e61	Become IPA 4.1.0	2014-10-21 16:08:54 +02:00
Martin Basti	04816e7654	fix forwarder validation errors Fix tests, validation in dnsconfig mod, wuser warning Reviewed-By: Petr Spacek <pspacek@redhat.com>	2014-10-21 15:55:09 +02:00
Alexander Bokovoy	77b5a81da8	Default to use TLSv1.0 and TLSv1.1 on the IPA server side We only will be changing the setting on the install. For modifying existing configurations please follow instructions at https://access.redhat.com/solutions/1232413 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-21 15:54:02 +02:00
Martin Basti	27290bf32d	fix DNSSEC restore named state Reviewed-By: Petr Spacek <pspacek@redhat.com>	2014-10-21 15:52:47 +02:00
Alexander Bokovoy	2bc287479e	updater: enable uid uniqueness plugin for posixAccounts https://fedorahosted.org/freeipa/ticket/4636 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-21 13:46:55 +02:00
Jan Cholasta	98100feb4e	DNSSEC: remove container_dnssec_keys Reviewed-By: Martin Basti <mbasti@redhat.com>	2014-10-21 12:22:18 +02:00
Martin Basti	b84fc92fd7	DNSSEC: change link to ipa page Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	bcb1e91a19	DNSSEC: add files to backup Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Petr Spacek	dc5b3af72a	DNSSEC: add ipa dnssec daemons Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	4ddc978cea	DNSSEC: ACI Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	d254bcb146	DNSSEC: upgrading Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	45353245dd	DNSSEC: uninstallation Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	877fedf6e4	DNSSEC: installation Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	cc50112f79	DNSSEC: modify named service to support dnssec Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	f01acf8e53	DNSSEC: validate forwarders Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	9af49ff97f	DNSSEC: platform paths and services Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	abf4418c46	DNSSEC: opendnssec services Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	52acc54f9e	DNSSEC: DNS key synchronization daemon Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	3c7bc2a4fd	DNSSEC: add ipapk11helper module Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	3f0440f195	DNSSEC: schema Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	82961a03af	DNSSEC: dependencies Tickets: https://fedorahosted.org/freeipa/ticket/3801 https://fedorahosted.org/freeipa/ticket/4417 Design: https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Martin Basti	f31f5f5344	Add mask, unmask methods for service This patch allows mask and unmask services in IPA Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: David Kupka <dkupka@redhat.com>	2014-10-21 12:18:55 +02:00
Tomas Babej	d969f73ed5	spec: Bump SSSD requires to 1.12.2 https://fedorahosted.org/freeipa/ticket/3979 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-21 10:34:03 +02:00
Petr Vobornik	9053673342	webui: update combobox input on list click Change event of combobox is not triggered when there is only one value. Calling it's handler even for option's 'click' event makes sure that value of input gets always updated. https://fedorahosted.org/freeipa/ticket/4655 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-21 10:32:46 +02:00
Petr Vobornik	d3de9c0ca1	webui: do not show closed dialog Fixes issues when dialog is not removed from `IPA.opened_dialogs` registry when dialog.close() is called while the dialog is not shown, i.e., while other dialog is shown. Without it, the dialog is could be incorrectly displayed. New dialog's property `opened` handles whether dialog is intended to be opened. How to test: Add new host with IP address outside of managed reverse zones to get error 4304. https://fedorahosted.org/freeipa/ticket/4656 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-21 10:29:53 +02:00
Sumit Bose	99b10e5067	extdom: remove unused dependency to libsss_idmap https://fedorahosted.org/freeipa/ticket/3979 Reviewed-By: Jakub Hrozek <jhrozek@redhat.com>	2014-10-21 10:17:54 +02:00
Sumit Bose	85f229d06d	extdom: add support for sss_nss_getorigbyname() https://fedorahosted.org/freeipa/ticket/3979 Reviewed-By: Jakub Hrozek <jhrozek@redhat.com>	2014-10-21 10:17:54 +02:00
Alexander Bokovoy	8629f17efc	Change ipaOverrideTarget OID to avoid conflict with DNSSEC feature	2014-10-21 10:48:08 +03:00
Martin Basti	1b7bc35b03	Remove ipaContainer, ipaOrderedContainer objectclass https://fedorahosted.org/freeipa/ticket/4646 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-20 16:58:16 +02:00
Alexander Bokovoy	50f46fdedd	Support idviews in compat tree Reviewed-By: Tomas Babej <tbabej@redhat.com>	2014-10-20 16:47:49 +02:00
Petr Vobornik	34fb9f02ef	webui: do not offer ipa users to Default Trust View https://fedorahosted.org/freeipa/ticket/4616 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:29:10 +02:00
Petr Vobornik	3485c6e689	webui: hide (un)apply buttons for Default Trust View Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:25:22 +02:00
Petr Vobornik	04a3dad96d	webui: hide applied to hosts tab for Default Trust View because applying Default Trust view on hosts is not allowed https://fedorahosted.org/freeipa/ticket/4615 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:25:22 +02:00
Petr Vobornik	2046470be5	webui: change order of idview's facet groups Applied to hosts facet should not be default because, e.g., for Default Trust View it shouldn't be even visible(o use). Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:25:22 +02:00
Petr Vobornik	b05f39510c	webui: make Evented a part of base IPA.object 1. All framework objects to use event interface 2. Framework objects can be part of specification objects but they are not deep-cloned as the rest of specification objects - usually it would cause infinite loop. This make easier to add context as a $pre-op object without a need for $pre-op function. Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:25:22 +02:00
Petr Vobornik	502bf56713	webui: allow --force in dnszone-mod and dnsrecord-add Allow to use --force when changing authoritative nameserver address in DNS zone. Same for dnsrecord-add for NS record. https://fedorahosted.org/freeipa/ticket/4573 Reviewed-By: Endi Sukma Dewata <edewata@redhat.com>	2014-10-20 12:06:02 +02:00

1 2 3 4 5 ...

7670 Commits