Commit Graph

11 Commits

Author SHA1 Message Date
Petr Viktorin
5bcbe1df37 Run ntpdate in verbose mode, not debug (i.e. no-op) mode
Remove the debug argument to synconce_ntp since we always want the logs
to be verbose.

https://fedorahosted.org/freeipa/ticket/3048
2012-09-04 18:32:04 +02:00
Martin Kosek
f1ed123cad Replace DNS client based on acutil with python-dns
IPA client and server tool set used authconfig acutil module to
for client DNS operations. This is not optimal DNS interface for
several reasons:
- does not provide native Python object oriented interface
  but but rather C-like interface based on functions and
  structures which is not easy to use and extend
- acutil is not meant to be used by third parties besides
  authconfig and thus can break without notice

Replace the acutil with python-dns package which has a feature rich
interface for dealing with all different aspects of DNS including
DNSSEC. The main target of this patch is to replace all uses of
acutil DNS library with a use python-dns. In most cases, even
though the larger parts of the code are changed, the actual
functionality is changed only in the following cases:
- redundant DNS checks were removed from verify_fqdn function
  in installutils to make the whole DNS check simpler and
  less error-prone. Logging was improves for the remaining
  checks
- improved logging for ipa-client-install DNS discovery

https://fedorahosted.org/freeipa/ticket/2730
https://fedorahosted.org/freeipa/ticket/1837
2012-05-24 13:55:56 +02:00
Alexander Bokovoy
acb2c3106a Before kinit, try to sync time with the NTP servers of the domain we are joining
When running ipa-client-install on a system whose clock is not in sync
with the master, kinit fails and enrollment is aborted. Manual checking
of current time at the master and adjusting on the client-to-be is then
needed.

The patch tries to fetch SRV records for NTP servers of the domain we aim
to join and runs ntpdate to get time synchronized. If no SRV records are
found, sync with IPA server itself.  If that fails, warn that time might
be not in sync with KDC.

https://fedorahosted.org/freeipa/ticket/1773
2011-10-06 05:16:41 -04:00
Alexander Bokovoy
f93d71409a Setup and restore ntp configuration on the client side properly
When setting up the client-side NTP configuration, make sure that /etc/ntp/step-tickers
point to IPA NTP server as well.
When restoring the client during ipa-client-install --uninstall, make sure NTP configuration
is fully restored and NTP service is disabled if it was disabled before the installation.

https://fedorahosted.org/freeipa/ticket/1770
2011-10-05 12:52:40 +02:00
Alexander Bokovoy
45e379d5bf Convert client-side tools to platform-independent access to system services
https://fedorahosted.org/freeipa/ticket/1605
2011-09-13 11:15:31 +02:00
Jakub Hrozek
7493d781df Change FreeIPA license to GPLv3+
The changes include:
 * Change license blobs in source files to mention GPLv3+ not GPLv2 only
 * Add GPLv3+ license text
 * Package COPYING not LICENSE as the license blobs (even the old ones)
   mention COPYING specifically, it is also more common, I think

 https://fedorahosted.org/freeipa/ticket/239
2010-12-20 17:19:53 -05:00
Rob Crittenden
d9c54cd83e Clean up additional issues discovered with pylint and pychecker 2009-08-20 09:20:56 -04:00
Rob Crittenden
262ff2d731 Rename ipa-python directory to ipapython so it is a real python library
We used to install it as ipa, now installing it as ipapython. The rpm
is still ipa-python.
2009-02-09 14:35:15 -05:00
Simo Sorce
28ac93a535 Implement client uninstall
(including RHEL4 contrib setup script)
2008-03-31 17:33:55 -04:00
Rob Crittenden
97d9c235dd Set the license uniformly to GPLv2 only. 2008-02-04 15:15:52 -05:00
Karl MacMillan
36e43aed1b NTP configuration for client and server.
Configure ipa servers as an ntp server and clients
to (by default) us the ipa server as an ntp server.

Also corrected the messages about which ports should
be opened.
0001-01-01 00:00:00 +00:00