IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
11,241 Commits 11 Branches 60 Tags
556f2273606ce4de9d4b0869c55946209a9c5a6f
Commit Graph

11241 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Timo Aaltonen
556f227360 fix file conflict with server-trust-ad 2016-01-05 12:13:00 +02:00
Timo Aaltonen
0e10eac435 fix python-ipatests section 2016-01-05 10:51:07 +02:00
Timo Aaltonen
7891f1edf4 fix python-ipatests lintian overrides 2016-01-05 10:50:48 +02:00
Timo Aaltonen
0a5ba89d51 add python depends to server-dns 2016-01-05 10:41:29 +02:00
Timo Aaltonen
750ced3c9f admintools: Use the new location for bash completions. 2016-01-05 10:40:24 +02:00
Timo Aaltonen
eeca3c0ec8 control: fix typo in python-ipalib shlibs deps 2016-01-05 10:26:29 +02:00
Timo Aaltonen
307796b47b fix not-binnmuable-all-depends-any/-any-depends-all errors 2016-01-05 10:24:52 +02:00
Timo Aaltonen
cbb5fa2939 Split freeipa-server-dns from server. 2016-01-05 10:06:29 +02:00
Timo Aaltonen
8ae9cbb1e1 add debhelper token to server.postrm 2016-01-05 10:01:01 +02:00
Timo Aaltonen
cf6c7cc996 add etc/ipa/kdcproxy to server 2016-01-05 08:58:26 +02:00
Timo Aaltonen
1c8f09c874 control: Move python-libsss-nss-idmap dep to python-ipaserver. 2016-01-05 08:57:58 +02:00
Timo Aaltonen
a4118670d0 control, server: Migrate to mod-auth-gssapi. 2016-01-04 22:15:23 +02:00
Timo Aaltonen
470a00c874 control, rules: Add support for kdcproxy. 2016-01-04 21:50:55 +02:00
Timo Aaltonen
ef51b5cbce control: Bump 389-ds-base* deps. 2016-01-04 19:33:41 +02:00
Timo Aaltonen
fab6e86f12 control: Add python-setuptools to python-ipalib deps. 2016-01-04 15:44:08 +02:00
Timo Aaltonen
38f75ea5b8 server.postinst: Use ipa-server-upgrade. 2016-01-04 15:40:42 +02:00
Timo Aaltonen
67ba53011c update *.install 2016-01-04 15:35:55 +02:00
Timo Aaltonen
5c612d5c79 control: Bump certmonger deps, add oddjob to server and oddjob- mkhomedir to client deps. 2016-01-04 15:34:25 +02:00
Timo Aaltonen
54ce073447 prefix.patch: Fix ipalib install too. 2016-01-04 15:26:57 +02:00
Timo Aaltonen
65ac59a14c control: Split python stuff from server, client, tests to python- ipa{server,client,tests} 
rename python-freeipa to match and move translations to freeipa-common. Mark them Arch:all where possible, and add Breaks/Replaces.
 2016-01-04 14:23:49 +02:00
Timo Aaltonen
f5ee4d2853 control: Add python-six to build-deps and python-freeipa deps. 2015-12-31 13:08:23 +02:00
Timo Aaltonen
6b927359b7 control: Bump sssd deps to 1.13.1. 2015-12-31 13:05:08 +02:00
Timo Aaltonen
b68bfc63c2 control: Drop python-m2crypto from deps, obsolete. 2015-12-31 13:03:12 +02:00
Timo Aaltonen
d5d2b667d7 control: Add pki-base to build-deps and pki-kra to server deps, bump pki-ca version. 2015-12-31 13:01:56 +02:00
Timo Aaltonen
171f336a1a control: Bump libkrb5-dev build-dep. 2015-12-31 12:48:00 +02:00
Timo Aaltonen
7be157fa27 control: Add libini-config-dev and python-dbus to build-deps, replace wget with curl. 2015-12-31 12:43:29 +02:00
Timo Aaltonen
60b30af410 control: Depend on python-gssapi instead of python-kerberos/-krbV. 2015-12-31 12:31:01 +02:00
Timo Aaltonen
d45b29662b refresh patches, drop revert-pykerberos-api-change.diff which is obsolete 2015-12-31 12:27:19 +02:00
Timo Aaltonen
f25a4875d5 drop upstreamed patches, bump version 2015-12-31 12:05:21 +02:00
Timo Aaltonen
859cc3e2a4 Merge branch 'master-next-exp' into m-exp 2015-12-31 11:58:08 +02:00
Timo Aaltonen
a2660f846c Merge tag 'release-4-2-2' into m-exp 
tagging IPAv4 4.2.2
 2015-12-31 11:57:39 +02:00
Milan Kubík
b402a8dc0f ipatests: replace the test-example.com domain in tests 
Latest DNS patches introduced checks for the added zones.
If a zone exists, the add fails if not forced. The domain
test-example.com is resolvable thus causing errors in the test.

Also adds missing __init__.py to the ipatests.test_cmdline package.

Reviewed-By: Oleg Fayans <ofayans@redhat.com>
 2015-12-17 15:15:28 +01:00
Petr Viktorin
8dbae7d4ed Package ipapython, ipalib, ipaplatform, ipatests for Python 3 
Running make with PYTHON=/usr/bin/python3 will build/install the
bits for Python 3.

Executable scripts in ipatests have symlinks Python version suffixes
as per Fedora guidelines. Suffix-less names point to the Python 2 versions.

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2015-12-17 10:52:57 +01:00
Petr Spacek
d35067515e dns: Handle SERVFAIL in check if domain already exists. 
In cases where domain is already delegated to IPA prior installation
we might get timeout or SERVFAIL. The answer depends on the recursive
server we are using for the check.

Reviewed-By: David Kupka <dkupka@redhat.com>
 2015-12-16 15:25:53 +01:00
Jan Cholasta
2b28704f92 ipautil: remove unused import causing cyclic import in tests 
https://fedorahosted.org/freeipa/ticket/5551
 2015-12-15 15:37:10 +01:00
Petr Vobornik
792c965075 Become IPA 4.3.0 2015-12-14 23:20:54 +01:00
David Kupka
1534061d9b dns: Add --auto-reverse option. 
Introducing '--auto-reverse' option. When specified reverse records for
all server's IP addresses are checked and when record nor reverse zone
does not exist reverse zone is created.

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-12-14 18:53:53 +01:00
David Kupka
8d19da49c4 dns: Check if domain already exists. 
Raise an error when the domain already exists. This can be overriden using
--force or --allow-zone-overlap options.

https://fedorahosted.org/freeipa/ticket/3681

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-12-14 18:53:53 +01:00
David Kupka
6c107d819c dns: do not add (forward)zone if it is already resolvable. 
Check if the zone user wants to add is already resolvable and refuse to
create it if yes. --skip-overlap-check and --force options suppress this check.

https://fedorahosted.org/freeipa/ticket/5087

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-12-14 18:53:53 +01:00
Martin Babinsky
5886f87f97 ipa-client-install: create a temporary directory for ccache files 
gssapi.Credentials instantiation in ipautil.kinit_keytab() raises 'Bad format
in credential cache' error when a name of an existing zero-length file is
passed as a ccache parameter. Use temporary directory instead and let GSSAPI
to create file-based ccache on demand.

https://fedorahosted.org/freeipa/ticket/5528

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 18:50:38 +01:00
Martin Babinsky
c4b9b295d8 CI tests: remove '-p' option from ipa-dns-install calls 
fix for https://fedorahosted.org/freeipa/ticket/4933 made ipa-dns-install to
use LDAPI and deprecated -p option for directory manager password. This patche
remove the option from calls to ipa-dns-install in CI tests so that
deprecation warning does not clutter the logs.

Reviewed-By: Milan Kubik <mkubik@redhat.com>
 2015-12-14 15:41:28 +01:00
Jan Cholasta
110e3dfc54 replica promotion: let ipa-client-install validate enrollment options 
ipa-client-install output is redirected to standard output, so let it print
its own error message for missing options.

https://fedorahosted.org/freeipa/ticket/5542

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 15:38:32 +01:00
Martin Basti
4272ba40ea Explicitly call chmod on newly created directories 
Without calling os.chmod(), umask is effective and may cause that
directory is created with permission that causes failure.

This can be related to https://fedorahosted.org/freeipa/ticket/5520

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:57:26 +01:00
Martin Basti
5e2cd38ab9 DNS: fix file permissions 
With non default umask named-pkcs11 cannot access the softhsm token storage

https://fedorahosted.org/freeipa/ticket/5520

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:57:26 +01:00
Jan Cholasta
c856401478 server install: redirect ipa-client-install output to standard output 
https://fedorahosted.org/freeipa/ticket/5527

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:46:45 +01:00
Jan Cholasta
f49cdfe392 ipautil: allow redirecting command output to standard output in run() 
https://fedorahosted.org/freeipa/ticket/5527

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:46:45 +01:00
Jan Cholasta
b248dfda39 ca install: use host credentials in domain level 1 
https://fedorahosted.org/freeipa/ticket/5399

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-12-14 14:40:17 +01:00
Jan Cholasta
6ea868e172 aci: merge domain and CA suffix replication agreement ACIs 
Merge the two identical sets of replication agreement permission ACIs for
the domain and CA suffixes into a single set suitable for replication
agreements for both suffixes. This makes the replication agreement
permissions behave correctly during CA replica install, so that any
non-admin user with the proper permissions (such as members of the
ipaservers host group) can set up replication for the CA suffix.

https://fedorahosted.org/freeipa/ticket/5399

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-12-14 14:40:17 +01:00
Fraser Tweedale
38861428e7 dogtaginstance: remove unused function 'check_inst' 
Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:32:36 +01:00
Jan Cholasta
d68613194b replica promotion: notify user about ignoring client enrollment options 
When IPA client is already installed, notify the user that the enrollment
options are ignored in ipa-replica-install.

https://fedorahosted.org/freeipa/ticket/5530

Reviewed-By: Tomas Babej <tbabej@redhat.com>
 2015-12-14 14:23:37 +01:00