IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 01:41:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
3,341 Commits 11 Branches 59 Tags 60 MiB
485e4a097f
Commit Graph

3341 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Adam Young
485e4a097f remove icons from association buttons 2011-01-25 13:11:37 -05:00
Jakub Hrozek
70a9e04f04 Enforce uniqueness on (key,info) pairs in automount keys 
https://fedorahosted.org/freeipa/ticket/293
 2011-01-25 11:13:10 -05:00
Simo Sorce
5bc7e5a9c7 Populate shared tree with replica related values 
Fixes: https://fedorahosted.org/freeipa/ticket/820
 2011-01-25 11:10:27 -05:00
Martin Kosek
82b4d5d6e8 Unused value in initdefault_encoding_utf8 
There is no use for return value of Py_InitModule3. Removing it
in this patch.

https://fedorahosted.org/freeipa/ticket/710
 2011-01-25 08:59:50 -05:00
Pavel Zuna
0c2beda3f7 Fix crash when displaying values composed of white-space chars only in CLI. 
Ticket #825
 2011-01-24 22:44:15 -05:00
Jan Zeleny
3e3cc55d24 Disable renaming to empty string 
So far it was possible to rename any object using LDAPUpdate to a name
with empty primary key. Since this can cause nasty problems, this patch
disables empty string in --rename argument.

https://fedorahosted.org/freeipa/ticket/827
 2011-01-24 22:32:55 -05:00
Simo Sorce
35b3d6b3be Make the -u option optional in unattended mode 
Fixes: https://fedorahosted.org/freeipa/ticket/836
 2011-01-24 16:45:43 -05:00
Simo Sorce
5431d56ed4 Do not set a replication dn when using SASL/GSSAPI replication 
Fixes: https://fedorahosted.org/freeipa/ticket/817
 2011-01-24 16:45:31 -05:00
Simo Sorce
e72815771e Remove trailing space 2011-01-24 14:50:50 -05:00
Rob Crittenden
678c764d40 Make a copy of objectclasses so a call can't update them globally. 
In the host plugin we may change the default objectclasses based on
the options selected. This was affecting it globally and causing
subsequent calls to fail.
 2011-01-24 14:35:11 -05:00
Rob Crittenden
96469fbc88 Fix failed tests. API for utcoffset changed and strings are more robust. 
In Python 2.7 the API for time.utcoffset() changed.

We do more automatic conversions of strings so need to loosen the tests
a bit.
 2011-01-24 14:34:38 -05:00
Rob Crittenden
6e7729726f Block anonymous access to HBAC, role and some member information. 
Prevents an unauthenticated user from accessing HBAC and role
information as well as memberof which could disclose roles,
memberships in HBAC, etc.

ticket 811
 2011-01-24 14:33:21 -05:00
Endi S. Dewata
9319385c7e Removed 'name' from 'Sudo Command Group name'. 2011-01-24 13:33:00 -05:00
Endi S. Dewata
fa5ae89d7f Added scrollable panel for delete dialog box. 2011-01-24 13:32:55 -05:00
Endi S. Dewata
5ef7b8adb8 Added spaces around radio buttons. 2011-01-24 13:32:50 -05:00
Rob Crittenden
0637bff95f Fix exception doctest failure 2011-01-24 10:42:16 -05:00
Rob Crittenden
8cc46af050 Remove del-all from dnsrecord_del from API.txt 
This was from an unpushed patch I had in my tree.
 2011-01-21 16:03:22 -05:00
Rob Crittenden
5f0c52ab97 Add new option to dns_del and always ask permission options to API.txt 2011-01-21 15:13:58 -05:00
Jan Zeleny
9b7920b0f5 Make ipa permission-add ask for optional attributes 
Either one of type, filter, subtree, targetgroup, attrs or memberof is
required.

https://fedorahosted.org/freeipa/ticket/819
 2011-01-21 14:26:31 -05:00
Rob Crittenden
cf9ec1c427 Update kerberos password policy values on LDAP binds. 
On a failed bind this will update krbLoginFailedCount and krbLastFailedAuth
and will potentially fail the bind altogether.

On a successful bind it will zero krbLoginFailedCount and set
krbLastSuccessfulAuth.

This will also enforce locked-out accounts.

See http://k5wiki.kerberos.org/wiki/Projects/Lockout for details on
kerberos lockout.

ticket 343
 2011-01-21 13:59:24 -05:00
Rob Crittenden
4361cd0242 Rename INTERNAL to NO_CLI for commands we hide from the cli. 
Also make i18n_messages and json_metadata NO_CLI.

ticket 821
 2011-01-21 13:56:02 -05:00
Rob Crittenden
35f2f1d720 Improve output when options are not found in non-interactive client install 
We should still give some feedback when things go wrong when in
non-interactive mode.

ticket 828
 2011-01-21 13:47:55 -05:00
Jan Zeleny
6d01bf037d Make command syntax less confusing in help 
The patch adds [options] to the syntax line of ipa help <command>

https://fedorahosted.org/freeipa/ticket/733
 2011-01-21 10:56:03 -05:00
Rob Crittenden
fc28fae03f Add some basic filter validation to permissions and disallow empty filters 
Try a query with a filter to see if it is at least legal. This doesn't
guarantee that the filter is at all otherwise sane.

ticket 808
 2011-01-21 10:47:43 -05:00
Simo Sorce
c22a3d25da Fix dns_is_enabled command 2011-01-20 16:07:50 -05:00
Simo Sorce
861aa9c1b8 Allow SASL/EXTERNAL authentication for the root user 
This gives the root user low privileges so that when anonymous searches are
denied the init scripts can still search the directory via ldapi to get the
list of serevices to start.

Fixes: https://fedorahosted.org/freeipa/ticket/795
 2011-01-20 15:49:30 -05:00
Simo Sorce
5af80a7583 Make krb5kdc use the ldapi socket to talk to dirsrv 
Fixes: https://fedorahosted.org/freeipa/ticket/812
 2011-01-20 15:49:30 -05:00
Adam Young
b9ad279ad2 rename static to ui 
Directory rename
 2011-01-20 14:12:47 +00:00
Simo Sorce
835436df15 Provide API to check if IPA DNS is enabled on some server 
Fixes: https://fedorahosted.org/freeipa/ticket/600
 2011-01-19 20:23:42 -05:00
Simo Sorce
a44607ecba Fix ipa_uuid to not interfer with proper error reporting 
Fixes: https://fedorahosted.org/freeipa/ticket/813
 2011-01-19 15:57:57 -05:00
Adam Young
902bd906a5 enroll dialog layout 
we were squeezing the buttons in the middle of the page.  This patch shrinks the two boxes on either side and centers the buttons.
 2011-01-19 04:58:56 -05:00
Adam Young
bc27191db6 background into Makefile 2011-01-18 21:23:59 -05:00
Adam Young
cbd121333a update API removal of idnssoamaximum from dns APIs broke the build. THis fixes it. 2011-01-18 14:43:19 -05:00
Pavel Zuna
5f4ac74563 Fix password/random logic in host plugin. 
Fix #798
 2011-01-18 12:46:53 -05:00
Pavel Zuna
74ad4f3d7d Fix updating of DNS records by the host plugin. 
Fix #799
 2011-01-18 12:46:53 -05:00
Pavel Zuna
687324c193 Remove SOA maximum parameters from DNS zone. 
There's no such thing as "maximum" in SOA record RDATA format
according to RFC 1035 and there's also no such attribute in
the schema.

Fix #788
 2011-01-18 12:46:53 -05:00
Pavel Zuna
2bb944bea7 Fix crash when building DN of host with name ending with period. 
Fix #797
 2011-01-18 12:46:53 -05:00
Endi S. Dewata
5c105a5ff4 Force flag for Hosts and Services. 
The add dialogs for Hosts and Services have been updated to include
a checkbox to force adding hosts/services that are not in DNS.

The widgets has been updated to support tooltips.
 2011-01-18 12:35:14 -05:00
Endi S. Dewata
17122d2705 Unprovision message and buttons adjustments. 
The message and buttons in the unprovision dialog box have been
updated according to the latest spec.
 2011-01-18 12:18:24 -05:00
Simo Sorce
8a6547943f Do not try to dereference bindpw if it is null 
Fixes: https://fedorahosted.org/freeipa/ticket/783
 2011-01-18 11:56:03 -05:00
Jan Zeleny
01f907c01b Move HBAC services and service groups to cn=hbac 
https://fedorahosted.org/freeipa/ticket/762
 2011-01-18 11:48:57 -05:00
Endi S. Dewata
066cf79365 CSS class for buttons without icons. 
A new CSS class has been added for buttons without icons. The
IPA.button() has been modified to use this class if there is
no icons specified.
 2011-01-18 11:33:14 -05:00
Endi S. Dewata
aa48d3b72e New certificate and Kerberos key status behavior. 
The status panel for certificates and Kerberos keys has been
modified to display only the current status with the relevant buttons.
New icons have been added to replace the red/yellow/green bullets.
 2011-01-18 11:33:09 -05:00
Adam Young
c596b92591 dns action controls 
was adding the action controls to multiple lines. Now only one
 2011-01-18 10:32:02 -05:00
Simo Sorce
77e2e13f03 Fix selinux policies for ipa_kpasswd 
Fixes: https://fedorahosted.org/freeipa/ticket/775
 2011-01-18 10:04:42 -05:00
Simo Sorce
244239e27e Let ipactl output errors to stderr 
Init scripts normally do not log to syslog, instead they write errors to the
stderr pipe. Do the same.
 2011-01-18 10:04:29 -05:00
Simo Sorce
373455026e Add a way to print output from commands 
Instead pof always capturing the output, make it possible to let
it go to the standard output pipes.
Use this in ipactl to let init scripts show their output.

Fixes: https://fedorahosted.org/freeipa/ticket/765
 2011-01-18 10:04:19 -05:00
Martin Kosek
e73efb9a90 Password generation and logging in ipa-server-install 
When a randomly generated password contains a space character
as the first or the last character, installation fails on
kdb5_ldap_util calling, which does not accept that. This patch
fixes the generator to generate space only on allowed position.

This patch also ensures that no password is printed to
server install log.

https://fedorahosted.org/freeipa/ticket/731
 2011-01-18 10:03:55 -05:00
Jan Zeleny
38bce669da Modified description of nsaccountlock attribute 
The original one was misleading, giving the value exactly opposite
meaning than it actually was.

https://fedorahosted.org/freeipa/ticket/741
 2011-01-18 10:03:55 -05:00
Rob Crittenden
886e417fd7 Set the default Int maxvalue to the maximum XML-RPC can handle. 
Also handle marshalling errors thrown by xmlrpclib more gracefully.

ticket 770
 2011-01-18 10:03:55 -05:00