Fix get_url_list() so that the configured master server is there
just once. This fix lets /usr/bin/ipa try connecting to all IPA
masters just once and not print confusing server list with
dupled master.
https://fedorahosted.org/freeipa/ticket/1817
The following list pages were modified to show these columns only:
* HBAC rules: name, type, enabled, description
* Sudo rules: name, enabled, description
Ticket #1796
If we can get a ticket for the master then we know we got all right.
This should avoid being prompted again by ssh if the kinit failed and for some
reason the error was not caught (seen in live tests).
The samba LDAP schema is updated to the lastest version available from the
samba source code to be able to use the new trust related object class and
attributes.
In the adder dialog for groups the checkbox has been modified to use
the correct field name "nonposix" and be checked by default.
Note: This is a temporary fix to minimize the changes due to release
schedule. Eventually the field label will be changed into "Non-POSIX
group" and the checkbox will be unchecked by default, which is more
consistent with CLI.
Ticket #1799
The server package needs to be installed before the server-selinux
package otherwise the SELinux contexts won't get set properly.
The (postun) is so you can continue to do yum erase freeipa-python
and it will pick up everything else.
https://fedorahosted.org/freeipa/ticket/1779
The hidden fqdn field in the host adder dialog has been changed to
use a generic widget instead of text widget to avoid null pointer
error since the UI elements are never created.
Ticket #1788
The validator will still fire, just after the load_files() call. Basically
it will hit the validator twice. The first time it will exit because the
value of csr is a filename. The second time it will run the validator against
the contents of the file.
ticket https://fedorahosted.org/freeipa/ticket/1777
- Remove ipa-pki-proxy.conf when IPA is uninstalled
- Move file removal to httpinstance.py and use remove_file()
- Add a version stanza
- Create the file if it doesn't exist on upgraded installs
https://fedorahosted.org/freeipa/ticket/1771
Repoint cn=Managed Entries,cn=plugins,cn=config in common_setup
Create: cn=Managed Entries,cn=etc,$SUFFIX
Create: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
Create: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
Create method for dynamically migrating any and all custom Managed Entries
from the cn=config space into the new container.
Separate the connection creation during update so that a restart can
be performed to initialize changes before performing a delete.
Add wait_for_open_socket() method in installutils
https://fedorahosted.org/freeipa/ticket/1708
https://fedorahosted.org/freeipa/ticket/1763
When external host is specified in HBAC rule, it needs to be added to
the set of source hosts this rule applies to. Add (list of external hosts)
explicitly when converting FreeIPA rules to PyHBAC objects.
Refactor FreeIPA code to allow abstracting all calls to external processes and
dependencies on modification of system-wide configuration. A platform provider
would give its own implementation of those methods and FreeIPA would use it
based on what's built in packaging process.
https://fedorahosted.org/freeipa/ticket/1605
The optional uid field in user's adder dialog did not appear when
the link is clicked to show the field. This is a regression introduced
in the patch for ticket #1648.
The click handler for the link field has been moved into a new closure
so that the variables point to the correct elements.
Note: the duplicate code in IPA.details_table_section.create() and
IPA.dialog.create() will be addressed separately in ticket #1394.
https://fedorahosted.org/freeipa/ticket/1640
On the HBAC Rules page, where the rules are listed, if no rule is selected, the "Delete" button is not enabled, and cannot be clicked on.
But edit a Rule, and Delete button is enabled in the available sections - regardless of, if an object is selected to be deleted or not, or even if there is no object to be selected to delete.
One can click on this button...but then - there is no message indicating that something should be selected for deletion for this button to do anything.
Notes:
* fixed association_table_widget and association_facet
The adder dialog for the user and host tables in sudo rule details
page have been fixed to use --not-in-sudorules to avoid showing
entries that are already added into the rule either directly or
indirectly via groups.
This does not apply to the command and run-as tables because they
do not support such option.
Ticket #1768
In order to maintain consistent layout between details page and dialog
boxes the IPA.details_list_section has been replaced with
IPA.details_table_section which is based on table.
The IPA.target_section and other subclasses of IPA.details_list_section
have been converted to use IPA.details_table_section as well.
The unit tests have been updated accordingly.
Ticket #1648
