IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-15 19:01:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
902 Commits 11 Branches 59 Tags 60 MiB
3f85a011c6
Commit Graph

707 Commits

Author SHA1 Message Date
Simo Sorce
aead1f652e If krbPasswordExpiration or krbLastPwdChange are not present on the entry 
we might segfault trying a direct strcmp(), check they are not NULL.
Also fix a couple of memleaks.
 2008-07-07 10:01:29 -04:00
Simo Sorce
79df2465a7 After the rework of the code that binds to specific interfaces to 
correctly support multihomed server, we need to add a couple of
SELinux lines to the policy file. (lines suggested by Dan Walsh)
 2008-07-07 10:01:20 -04:00
Rob Crittenden
fb9f92c9f3 Merge branch 'master' of ssh://rcritten@git.fedorahosted.org/git/freeipa 2008-07-03 15:20:36 -04:00
Rob Crittenden
1bd0a868a2 NSS_DIR is already fetched into a variable, use that instead. 
451098
 2008-07-03 15:20:19 -04:00
Simo Sorce
675df04806 Make sure we listen only on the krb5 port and therefore disable krb4 support 2008-07-02 15:24:36 -04:00
Rob Crittenden
e9196e2d93 Properly convert the realm to a DS instance name 
451014
 2008-07-01 15:07:00 -04:00
Rob Crittenden
ec597b0ef1 Ensure correct permissions and file ownership of Apache NSS database 
451098
 2008-07-01 15:06:59 -04:00
Martin Nagy
6cce2f45e8 Fix some small issues that caused compiler warnings, like uninitialized or unused variables or missing krb5 prototypes. 2008-06-30 14:17:10 -04:00
Simo Sorce
f5d9dd647f slapi_pw_find_sv() expects an array, make sure we have a NULL terminated 
one to avoid potential segfaults
Avoid leaking memory too.
 2008-06-30 14:13:25 -04:00
Simo Sorce
798d345e13 Very ugly fix to configure to make it actually find a 
correctly installed slapi-plugin.h file
 2008-06-16 13:52:26 -04:00
Simo Sorce
d2bd1b29a0 Must index uidnumber and gidnumber and any attribute that dna plugin is going 
to generate or that we need to search on.
 2008-06-12 19:06:38 -04:00
Simo Sorce
9c34dde165 Change default. 
By default increment by one  but set the maximum value to one million.

when installing a replica change values to start from 1 million +1 and
cap it to 2 million and so on for any other replica.
 2008-06-12 19:05:45 -04:00
Rob Crittenden
4665700fef Index the memberof attribute 
450951
 2008-06-11 17:26:45 -04:00
Simo Sorce
b3ca8359ee Fix cut&paste error 2008-06-11 11:36:21 -04:00
Simo Sorce
77906dce20 Fix typo in inet type 2008-06-11 11:36:14 -04:00
Günther Deschner
ea981d3065 ipa-server: fail the build early when DS slapi plugin headers are not available. 
Guenther
 2008-06-11 11:33:16 -04:00
Simo Sorce
3f4b182bc4 Let DS encode the password, this will allow IPA -> AD password 
synchronization to work again.
 2008-06-11 09:18:38 -04:00
Rob Crittenden
d1322c6517 Ensure that the realm name is upper-case. 
449182
 2008-06-09 22:18:00 -04:00
Rob Crittenden
ad3e4d4ed5 Ignore empty values when converting a multi-valued form field back to a list. This will prevent validation errors when validate.UniqueList() is executed. 
449785
 2008-06-09 22:15:22 -04:00
Rob Crittenden
42cada4594 When an LDAP connection fails, display the host one is trying to connect to. 
450111
 2008-06-09 22:13:54 -04:00
Rob Crittenden
48f2e3c3db Add our own SIGTERM handler so we can do clean shutdowns. 
Also fix foreground mode.

450211
 2008-06-09 22:11:08 -04:00
Rob Crittenden
77483ac808 Make it clear which packages are being configured and which aren't. 
450175
 2008-06-09 22:09:19 -04:00
Rob Crittenden
1f511d4b75 Add sbin_t directory read permissions 
449760
 2008-06-05 13:02:38 -04:00
Rob Crittenden
d600f9bb09 Fix typo 
450077
 2008-06-05 09:00:20 -04:00
Rob Crittenden
b26fc32d9d Fix import for version 2008-06-04 17:32:51 -04:00
Rob Crittenden
68e14ed8ba Add -p/--password option so the DM password can be passed on the command-line. 
The import for version moved from ipaserver to ipa, fix that as well.

449858
 2008-06-04 17:32:47 -04:00
Rob Crittenden
12899d9053 Don't make the search criteria lower-case so one can do case-sensitive searches (such as looking for HTTP principals) 
449975
 2008-06-04 16:34:47 -04:00
Rob Crittenden
9bcd31efc5 Fix issue of double logging in ipa_error.log. 
We open the log in ipa_webgui and this was being inherited by TurboGears
which uses the same log so everything was getting logged twice. Shut down
the log in ipa_webgui at the last possible moment. This will not catch
configuration errors.

Add a Not Found template.

Only print a traceback on 500 errors.
 2008-06-03 22:41:09 -04:00
Rob Crittenden
c58b7a3d7c Move version.py to the common ipa directory instead of being server-based so it can be used by the client tool. 
Fix the client tool imports to fail more gracefully.
 2008-06-03 22:39:11 -04:00
Rob Crittenden
f87dc9123b Don't prompt regarding previous DS installations in unattended mode. 
449150
 2008-05-30 16:14:51 -04:00
Rich Megginson
2d588a8254 Fedora DS 1.1.1 exposes a public task api. In order for ipa-1-0 to build against this, ipa-memberof.c needs to be able to use the public api or the private one. 2008-05-30 13:49:46 -04:00
Rob Crittenden
165d26ce2b Make check_inst() a standalone function in bindinstance. 
When an install instance is created that contains a pointer to a sysrestore
point it loads in the current configuration when instantiated. If an
instance is instantiated but not used then changes may occur to the
system state that it is unaware of. So one needs to take care in the order
that things are done to avoid losing information.

When bind was setup it was overwriting all data in sysrestore.state and
leaving just a [named] section. This caused problems at uninstall.

448173
 2008-05-30 11:21:11 -04:00
Rob Crittenden
8f6303adf0 Fix typo in log statement 
448948
 2008-05-29 13:23:43 -04:00
Simo Sorce
4f81c2faec Make ipa_kpasswd listen on each single interface explicitly 
instead of 0.0.0.0, this allows us to reply to a UDP request
by using the right source address to build the kerberos reply.
 2008-05-29 09:43:39 -04:00
Simo Sorce
8fb4809465 Use openldap libraries by default as mozldap libs seem to break 
ldap_extended_operation() somehow and ipa_kpasswd stops working
 2008-05-29 09:43:28 -04:00
Simo Sorce
dc7d62d543 Fix crash bug in ipa_kpasswd 2008-05-29 09:43:20 -04:00
Simo Sorce
53afb67537 Fix the case where domain != lower(REALM) 
add the domain to the ipa.conf file for apps that need to know
This should fix a bug in the replica setup
 2008-05-29 09:43:00 -04:00
Rob Crittenden
c5d6ad5c6e Set default logging level to INFO (still logs to Apache) 
Add function entry log for the core IPA XML-RPC functions.
 2008-05-28 14:13:19 -04:00
Simo Sorce
f32f8d6d82 Use a value that is explicitly 64bit on all architectures 2008-05-23 15:07:49 -04:00
Simo Sorce
3931d1d753 Move admin into cn=users,cn=accounts 
After some deep thinking I think the advantages of keeping all
posix enabled user accounts under cn=users,cn=accounts overweight a
perceived better protection of the admin account by keeping it in a
separate tree.
 2008-05-23 15:07:37 -04:00
Simo Sorce
0695649926 Don't make the rpm %post fail just because the server has never been 
configured before (and therefore there is nothing to upgrade, just let
it spit out warnings for admins that actually check whats going on.
 2008-05-22 17:20:09 -04:00
Rob Crittenden
927447b144 Fix up function return values so we can return 1 on an installation error. 
447973
 2008-05-22 16:37:33 -04:00
Rob Crittenden
a087818197 Move non-user-configurable configuration elements to TurboGears app.cfg file. 
432908
 2008-05-22 16:31:08 -04:00
Simo Sorce
0d023b2680 Fix testing for asprintf errors, we need to test the return value as 
per standard the  buffer status is undefined.
While there also introduce a new spearate variable to return the final
error and keep using ret for local error checks. This avoid potentially
overwriting the correct return value when checking for asprintf ...
 2008-05-22 11:44:02 -04:00
Martin Nagy
1069324eba Only ask the user to install bind. 2008-05-22 11:40:31 -04:00
Martin Nagy
2f69e7e18d Change file mode of log files to 600. 
446869
 2008-05-20 22:43:03 -04:00
Rob Crittenden
fcd3260955 Ensure hostnames are lower during installation and when adding service princs 
447381
 2008-05-20 15:07:24 -04:00
Rob Crittenden
fe2f69718f Remove broken link for IE configuration and replace sample domain/realm. Also fix some HTML errors: missing DOCTYPE, title, head. 
The web page actually comes up as a link in a search on Microsoft's site
but the content is gone. It is possible it will come back at some point, who
knows.

447445
 2008-05-20 15:05:50 -04:00
Rob Crittenden
d640eb17e5 Add validators.py to the list of files. 
445286
 2008-05-20 15:03:58 -04:00
Rob Crittenden
d142b5376d Do uniqueness check on phone numbers and cn entered via the UI. 
445286
 2008-05-20 11:38:35 -04:00