Commit Graph

3475 Commits

Author SHA1 Message Date
Martin Kosek
30fdafcfbe ipa-dns-install does not exit on error
This patch fixes behavior of ipa-dns-install, which does not
exit when an invalid configuration of /etc/hosts is detected.

https://fedorahosted.org/freeipa/ticket/736
2011-02-11 10:34:03 -05:00
Martin Kosek
5768924710 Extend API validator
makeapi script is used to check if ipalib API is consistent with the
known state in API.txt. When the API is changed, major API version
should be updated. However, when new options/arguments/outputs were
added to an ipalib command, `makeapi --validate' call did not capture
this.

This patch fixes this issue and ensures that also the last command
in API.txt is checked (it was not before this patch).

https://fedorahosted.org/freeipa/ticket/868
2011-02-11 10:29:55 -05:00
Rob Crittenden
95b0563817 Ensure that file ownership doesn't change when config is updated.
Out of the blue update_file() and set_directive() changed file
ownership to root:root when it updated some files. This was causing
dogtag to break. So grab the owner before opening the file and reset
it after closing.

ticket 928
2011-02-11 09:51:44 -05:00
Rob Crittenden
a880396de9 Add pyOpenSSL as a BuildRequires 2011-02-11 09:35:38 -05:00
Rob Crittenden
2b2642e0c2 Rename ipa.spec.in to freeipa.spec.in in BUILD.txt.
This is the shortcut to installing the build-deps.

ticket 859
2011-02-10 17:52:43 -05:00
Jan Zeleny
978be50666 Provide a way to display CLI-LDAP relation
Since some LDAP attributes have their cli_name value defined,
so they can be more user friendly, it can be difficult for user to find
out which attributes do the parameteres given to CLI really represent.
This patch provides new command, which will take another IPA command as
and argument and display attributes which given command takes and what
LDAP attributes are they mapped to.

https://fedorahosted.org/freeipa/ticket/447
2011-02-10 15:11:26 -05:00
Rob Crittenden
456101bd29 Update API.txt with updated usercertificate in service-find 2011-02-10 14:51:39 -05:00
Martin Kosek
fb751686a1 Fix return codes for ipactl
This patch fixes ipactl to return non-zero value when something
goes wrong.

https://fedorahosted.org/freeipa/ticket/894
2011-02-10 13:59:03 -05:00
Rob Crittenden
b77046d550 Disable replication version plugin by default.
The 389-ds replication plugin may not be installed on all platforms
and our replication version plugin will cause 389-ds to not start
if it is loaded and the replication plugin is not. So disable by
default.

When a replica is prepared we check for the replication plugin.
If it exists we will enable the replication version plugin.

Likewise on installation of a replica we check for existence of
the repliation plugin and if it is there then we enable the version
plugin before replication begins.

ticket 918
2011-02-10 13:54:39 -05:00
Rob Crittenden
c187b276ad Fix test failures caused by the performance patch.
It isn't safe to assume there is an environment or mode in any given
object. Only skip the extra work if the object explicitly has production
in it.
2011-02-10 13:52:29 -05:00
Rob Crittenden
f34c0ab916 Set minimum version of sssd to 1.5.1
ticket 926
2011-02-10 13:51:35 -05:00
Rob Crittenden
fd50d9e900 nscd should be disabled before sssd is configured/started.
If not then sssd spits out a warning message:

sssd: nscd socket was detected.  As nscd caching capabilities may conflict
with SSSD, it is recommended to not run nscd in parallel with SSSD

Stop nscd before configuring sssd so we don't confuse our users.

ticket 743
2011-02-10 13:50:47 -05:00
Rob Crittenden
e6d3b7031d Fix prompt for confirmation of fixed values wrapping around terminal.
ticket 940
2011-02-10 13:50:06 -05:00
Rob Crittenden
51b0a8b4e8 Remove certificate as service a search option.
ticket 912
2011-02-10 13:49:05 -05:00
Jan Cholasta
8c1647af2e Remove unnecessary BuildRequires from the specfile. 2011-02-10 13:47:45 -05:00
Pavel Zuna
bfe33760d1 Display error messages for failed manageby in service-add/remove-host.
Fix #830
2011-02-10 13:42:26 -05:00
Rob Crittenden
d9eb19b0e8 Make main selfservice aci visible to the selfservice plugin.
ticket 934
2011-02-10 11:16:58 -05:00
Rob Crittenden
121da04579 Add the entitlement API to API.txt
It was missed because the whole module was skipped if python-rhsm wasn't
loaded.

ticket 919
2011-02-10 11:16:58 -05:00
Pavel Zuna
c24725ed38 Update krbtpolicy doc to inform that restarting krb5kdc might be needed.
Fix #844
2011-02-10 11:16:58 -05:00
Pavel Zuna
46dbf0ae55 Fix crash in DNS installer.
Fix #927
2011-02-10 11:16:57 -05:00
Pavel Zuna
acc437c5fe Update config doc to reflect that 0 is not allowed for search time limit.
Fix #837
2011-02-10 11:16:57 -05:00
Pavel Zuna
ab7e702487 Set minimum for Kerberos policy max life and max renew.
Fix #847
2011-02-10 11:16:57 -05:00
Jan Zeleny
a247c3f30a Fix of a small typo 2011-02-10 11:16:56 -05:00
Rob Crittenden
ec0911e61b Become IPA v2 beta 2 (2.0.0.pre2) 2011-02-10 11:16:56 -05:00
Endi S. Dewata
8d597dcbb0 Moved add dialog into search facet.
Previously the add dialog is added into entity. The dialog is only
used by the search facet, so it's now moved into the search facet.
2011-02-09 19:46:49 -05:00
System Administrator
25abf07360 Cross brower adjustments for the action-panel. 2011-02-09 11:22:52 -05:00
Endi S. Dewata
7be127512b Read-only text widget's save() should return null. 2011-02-07 15:31:42 -05:00
Rob Crittenden
9b73da1d54 Refresh state data before removing the dirsrv user, fixes uninstall.
The state is read only at initialization time. This works ok when
individual services remove their state data but when worked upon again
at the top-level it still has the full state in memory, so when the
state file is re-written all of the data that was removed is re-added.

ticket 916
2011-02-07 14:41:05 -05:00
Endi S. Dewata
311660dec2 Hide initial status.
Previously all certificate & Kerberos key statuses (valid, missing
and revoked) will appear briefly at the same time during page load.
This has been fixed by setting the initial style to hidden.
2011-02-07 14:34:22 -05:00
Endi S. Dewata
4ee6882e9f Removed unused code. 2011-02-07 11:31:21 -05:00
Endi S. Dewata
348d734c59 Restructuring details page.
Previously the IPA.details_list_section can only be used with widgets
that generates <dd> tag because it uses the following structure:

<dl>
  <dt>Telephone Number:</dt>
  <span name="teleponenumber">
    <dd>111-1111</dd>
    <dd>222-2222</dd>
  </span>
</dl>

The <dd> tag was previously used to handle multi-valued attributes.
Since multi-valued attributes are now handled by the recently added
IPA.multivalued_text_widget, the structure can be changed as follows:

<dl>
  <dt>Telephone Number:</dt>
  <dd>
    <span name="telephonenumber">
      <div>111-1111</div>
      <div>222-2222</div>
    </span>
  </dd>
</dl>

This allows IPA.details_list_section to be used with any widgets
without requiring the <dd> tag.
2011-02-07 11:31:17 -05:00
Adam Young
a6849ef2ba removed duplicate postion
olny need to specify once
2011-02-04 16:13:14 -05:00
Endi S. Dewata
bd493d47a7 Added multi-valued text widget.
A multi-valued text widget has been created to replace the old
IPA.details_field. The old code was designed to handle all data
types, and it uses one <dd> tag for each value, so the code is
still incomplete and complex. The new code was designed to handle
only multi-valued text attributes, and it uses one <dd> tag for
all values, so it's easier to maintain. There are already other
widgets that can be used to handle other data types.

The new code supports line-level undo and line-out for removal
like the old code, but there are some changes:
 - Undoing a newly added line will remove the entire line.
 - Editing the value of a removed line will cancel the removal.
 - It provides 'undo all' link to reset the entire attribute.

The old code will be cleaned up in a subsequent patch.
2011-02-03 20:09:15 -05:00
Adam Young
ff646ec3a4 favicon
adds a favicon that is the freeipa cube
2011-02-03 15:04:23 -05:00
Endi S. Dewata
ce995bf1b9 Fixed CSS error. 2011-02-03 11:02:54 -05:00
Rob Crittenden
d30592ed6d Update minimum version of 389-ds-base, mod_nss and selinux-policy.
* Set min version of 389-ds-base to 1.2.8
* Set min version of mod_nss 1.0.8-10
* Set min version of selinux-policy to 3.9.7-27
2011-02-03 10:35:05 -05:00
Martin Kosek
4880598fbd ipa-server-install inconsistent capitalization
A cosmetic patch to IPA server installation output aimed to make
capitalization in installer output consistent. Several installation
tasks started with a lowercase letter and several installation
task steps started with an uppercase letter.

https://fedorahosted.org/freeipa/ticket/776
2011-02-03 10:34:01 -05:00
Martin Kosek
c9ff669cdd Inconsistent error message for ipa group-detach
When attempting to detach a private group that doesn't exist, the
error message returned is not consistent with the error returned by
the other topic commands. This patch adds a standard message.

https://fedorahosted.org/freeipa/ticket/291
2011-02-03 10:33:22 -05:00
Endi S. Dewata
a686f36906 Fixed section expand/collapse in user details.
The section names were missing from the entity definition.
2011-02-03 09:04:17 -05:00
Adam Young
afce50a3e4 city and state
using approapriate lcoality and state abbreviations for the attributes: l and st
2011-02-02 16:59:44 -05:00
Rob Crittenden
0188158a76 Use correct LDAP attributes for city and state.
Also add a unit test for address.

Ticket 889
2011-02-02 16:53:32 -05:00
Endi S. Dewata
d389e054f6 Added undo for permission target.
https://fedorahosted.org/freeipa/ticket/885
2011-02-02 15:56:50 -05:00
Martin Kosek
0353a2be67 Typos in freeIPA messages
This patch fixes several reported typos in IPA messages and
in comments.

Contributors file has been updated + the original author of the
patch reporting the typos was added.

https://fedorahosted.org/freeipa/ticket/848
2011-02-02 15:38:50 -05:00
Jakub Hrozek
bb56285f6b IPv6 enhancements
* Make host-add, host-del and reverse zone creation IPv6 aware
* Make Bind listen on IPv6 interfaces, too

https://fedorahosted.org/freeipa/ticket/398
2011-02-02 12:39:35 -05:00
Adam Young
2518612b0d core widget unit tests baseline set of unit tests for checking that each widget conforms to the contract 2011-02-02 10:59:46 -05:00
Pavel Zuna
04ba37500b Fix minor bug in host-add logic.
Ticket #798
2011-02-02 10:47:55 -05:00
Pavel Zuna
dba751758c Fix crash in ipa help for NO_CLI plugins.
Fix #854
2011-02-02 10:47:53 -05:00
Rob Crittenden
275998f6bd Add support for tracking and counting entitlements
Adds a plugin, entitle, to register to the entitlement server, consume
entitlements and to count and track them. It is also possible to
import an entitlement certificate (if for example the remote entitlement
server is unaviailable).

This uses the candlepin server from https://fedorahosted.org/candlepin/wiki
for entitlements.

Add a cron job to validate the entitlement status and syslog the results.

tickets 28, 79, 278
2011-02-02 10:00:38 -05:00
Rob Crittenden
f3d04bfc40 Fix installing with an external CA and wait for dogtag to come up
There wasn't an exception in the "is the server already installed"
check for a two-stage CA installation.

Made the installer slightly more robust. We create a cache file of
answers so the next run won't ask all the questions again. This cache
is removed when the installation is complete. Previously nothing would work
if the installer was run more than once, this should be fixed now.
The cache is encrypted using the DM password.

The second problem is that the tomcat6 init script returns control
before the web apps are up. Add a small loop in our restart method
to wait for the 9180 port to be available.

This also adds an additional restart to ensure that nonces are disabled.

ticket 835

revise
2011-02-01 17:52:57 -05:00
Adam Young
c704ae605a undo entity widget adds line level undo for the entity-select-widget now shows the undo link on filter change does JSON queries on keyup instead of keypress https://fedorahosted.org/freeipa/ticket/886 2011-02-01 16:37:42 -05:00