IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-25 16:31:08 -06:00
Code Issues Packages Projects Releases Wiki Activity
716 Commits 11 Branches 59 Tags 60 MiB
546155c3af
Commit Graph

716 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Crittenden
546155c3af Fix build breakage. We now provide a man file, need to specify location to rpm 2008-03-11 17:02:22 -04:00
Simo Sorce
c2d3a9343f Add --quiet option to ipa-getkeytab 
Return message on success
Avoid SASL output from being printed
Make sure the man page is up to date
 2008-03-05 14:54:13 -05:00
Rob Crittenden
7fd656477a Prevent server and domain from being undefined or blank when we need them 
Improve LDAP error reporting
Don't return the str() of discovery values because it can return "None"

436130
 2008-03-05 16:33:12 -05:00
Rob Crittenden
d7e30fa7ee Use standard size and alignment for the packed data so it works on 64-bit hosts 2008-03-06 21:59:19 -05:00
Rob Crittenden
2e46645ad5 Remove some duplicate id's that are not valid HTML 
Remove the footer. It was a leftover from the original TurboGears-generated
project that Kevin McCarthy had modified.
 2008-03-05 13:36:39 -05:00
Rob Crittenden
74c29b1bf6 Remove the ability for the average user to add/delete groups on user edit page 
If they have any delegations at all (are in editors group) they will have
these links.

433387
 2008-03-04 14:27:06 -05:00
Rob Crittenden
ea53922951 Filter out K/M and krbtgt principals from the service principals list. 
435713
 2008-03-03 17:11:38 -05:00
Rob Crittenden
6301914941 Require that the hostname is a DNS A record and that the forward and reverse 
match.

433515
 2008-03-03 16:10:06 -05:00
Rob Crittenden
e88d62ffcf Allow python to look in /usr/sbin for ipa_webgui 
429999
 2008-03-04 15:06:11 -05:00
Rob Crittenden
f948904b5c KDC is Key Distribution Center, not Kerberos Domain Controller 
435949
 2008-03-04 14:47:47 -05:00
Simo Sorce
449344e683 Fix boot.ldif generation, the domain name component must be derived 
from the realm not the domain.
One line fix.
 2008-03-04 14:25:10 -05:00
Rob Crittenden
b3c8780c1d Fix build breakage. 2008-03-03 22:30:10 -05:00
Rob Crittenden
b49942fe96 Close all fds when running another program. This fixes the SELinux AVCs. 
Put installation log files into /var/log.

430024
 2008-03-03 16:14:48 -05:00
Rob Crittenden
79557e6bf2 Do argument type checking in the XML-RPC interface 
Fix error in service principals where the service wasn't being removed before
doing the DNS lookup.
 2008-02-29 10:58:07 -05:00
Rob Crittenden
cc3b9cddef Add small script to start/stop all of the services that IPA requires in the 
proper order.

435026
 2008-02-28 11:37:06 -05:00
Rob Crittenden
6b960c008a Allow groups to be added as a group membe 
435134
 2008-02-28 11:34:34 -05:00
Simo Sorce
d7ad62cd7e Make sure all entries are generated by us according to IPA 
default tree. This patch make sure that the DS setup script
does not add unwanted entries.
 2008-02-28 13:35:10 -05:00
Nathan Kinder
2c559fce85 Fixed the way we call ipa-client-install from ipa-replica-install. 
434980
 2008-02-28 15:24:10 -08:00
Rob Crittenden
ab86f52999 Fix off-by-one error in the number of steps to install a service 2008-02-28 21:57:52 -05:00
Rob Crittenden
6533bc1a84 Add action statement to ldap.conf update 
Move imports into try/except so that ctrl-C can always be caught
Fix typo
 2008-02-27 16:17:38 -05:00
Rob Crittenden
999bd4fb1e In the UI we don't want to display Edit links unless someone can actually 
edit things. We use the 'editors' group for this. This group itself grants
no permission other than displaying certain things in the UI.

In order to be in the editors group a user must be a member of a group that
is the source group in a delegation. The memberof plugin will do all the
hard work to be sure that a user's memberof contains cn=editors if they
are in a delegated group.

432874
 2008-02-27 15:14:52 -05:00
Rob Crittenden
ad8096b51f - Centralize try/except so the entire program is covered. This make it 
possible to catch KeyboardInterrupt during the import process.
- Add function for handling python differences with GSSError

434798
 2008-02-27 10:40:18 -05:00
Rob Crittenden
d5f5026454 Don't log passwords in ipaserver-install.log 
433509
 2008-02-26 10:48:45 -05:00
Rob Crittenden
f49ed705b3 The admins group cannot be renamed. 
433880
 2008-02-27 10:50:17 -05:00
Rob Crittenden
f02b5c1962 Use correct variable for determining the host name 
435055
 2008-02-26 22:34:06 -05:00
Rob Crittenden
d6d12e9dc5 Require that service principals resolve to a DNS A record. 
There is a --force option for those who know what they are doing.

433483
 2008-02-26 13:51:56 -05:00
Rob Crittenden
111a475b15 Don't try to use options.realm_name unless it was passed in 
Don't allow empty responses to domain and realm name
Handle ctrl-C

434982
 2008-02-26 15:31:34 -05:00
Rob Crittenden
8f0d4a8ed3 Add failover to the XML-RPC client 
433506
 2008-02-22 14:47:15 -05:00
Simo Sorce
c367b917d7 Contribute, RHEL4 compatible, simple setup script 2008-02-26 12:34:02 -05:00
Rob Crittenden
66df51c754 Use the label "Full Name" for "Common Name" 
433525
 2008-02-26 09:33:39 -05:00
Simo Sorce
d2fd2270cd We do not require the Master password anymore, fix code and error message 2008-02-25 17:18:18 -05:00
Simo Sorce
e50f0fdbee Fix unattended install 2008-02-25 17:16:18 -05:00
Rob Crittenden
3617100849 Compress man pages after installation 2008-02-25 16:34:00 -05:00
Rob Crittenden
6d759d7dcb Move ipa-getkeytab man page into proper subdir 
433878
 2008-02-25 14:56:09 -05:00
Rob Crittenden
02d3c5aff3 Don't allow a group to be a member of itself. 
434542
 2008-02-22 15:40:21 -05:00
Rob Crittenden
44797e3917 Command-line utility to manage password policy 
432814
 2008-02-25 13:11:15 -05:00
Rob Crittenden
b9c7056a2a Remove HTML from Javascript error message and fix up language to be clearer 
433374
 2008-02-22 09:36:12 -05:00
Rob Crittenden
231913f3c2 Make sure KrbPrincipalName is unique server-wide 
Fix the build. Somehow this file didn't get committed.
 2008-02-21 23:22:31 -05:00
Simo Sorce
144a728182 Make sure KrbPrincipalName is unique server-wide 2008-02-21 22:31:16 -05:00
Simo Sorce
fbb2637a48 Syntax error, ')' in the worng place throws nasty 500 errors on ldap errors :) 2008-02-21 17:16:17 -05:00
Rob Crittenden
b4c11c9bea Remove reference to wrong command 
Clean up language around automatically appending the Kerberos realm

433800
 2008-02-21 22:37:36 -05:00
Rob Crittenden
49148dc34a Redirect users when they don't use the FQDN on both SSL and non-SSL ports 
We update the mod_nss configuration (nss.conf) during installation to include
ipa-rewrite.conf to handle the SSL side.

433054
 2008-02-21 16:25:09 -05:00
Rob Crittenden
84d1e08d76 Become freeipa-0.99.0 2008-02-21 16:11:42 -05:00
Rob Crittenden
3ede5e42a5 Don't clear out the uid from the session until the record has been updated. 2008-02-20 16:57:01 -05:00
Rob Crittenden
4c588b3d5f Don't let a regular user edit their own active status or manager 
433384
 2008-02-20 23:24:39 -05:00
Rob Crittenden
4bf136d95c Use basestring class when testing to see if an object is a string to support 
both Unicode and byte strings.

433651
 2008-02-21 11:09:53 -05:00
Rob Crittenden
87d9c037e4 Add some additional error handling 
433347
 2008-02-20 16:31:32 -05:00
Simo Sorce
80feb3aecf cosmetic fixes 2008-02-21 14:39:50 -05:00
Simo Sorce
ae0eaa0120 Let users write their own password, should fix 433707 2008-02-21 09:51:47 -05:00
Simo Sorce
33b746df58 merge 2008-02-21 09:38:39 -05:00