IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
2,000 Commits 11 Branches 60 Tags 60 MiB
64fa3dd4c3
Commit Graph

793 Commits

Author SHA1 Message Date
Rob Crittenden
64fa3dd4c3 Finish work replacing the errors module with errors2 
Once this is committed we can start the process of renaming errors2 as errors.
I thought that combinig this into one commit would be more difficult to
review.
 2009-04-20 13:58:26 -04:00
Rob Crittenden
a9387b48e6 Handle GSSAPI exceptions more gracefully 2009-04-20 13:44:08 -04:00
Rob Crittenden
e6171404bf Make parentmap a autofill variable and add tests when parentmap is not passed 2009-04-13 15:22:49 -04:00
Rob Crittenden
8821d8cac3 Fill in default values for os and platform 2009-04-13 14:54:16 -04:00
root
6ca80e312a Add 'container_hbac' env variable. 2009-04-03 14:07:30 -04:00
Rob Crittenden
484eff1016 Implement an installer for the Dogtag certificate system. 
The CA is currently not automatically installed. You have to pass in the
--ca flag to install it.

What works:
- installation
- unistallation
- cert/ra plugins can issue and retrieve server certs

What doesn't work:
- self-signed CA is still created and issues Apache and DS certs
- dogtag and python-nss not in rpm requires
- requires that CS be in the "pre" install state from pkicreate
 2009-04-03 14:06:09 -04:00
Jason Gerard DeRose
a6294ba041 Renamed remaining plugins still using f_* b_* convention 2009-04-01 10:34:57 -04:00
Rob Crittenden
d6814f3aae Implement a few new targets for ACIs 
Also switch to the StrEnum parameter type for some options so we let the
framework do the enforcement
 2009-03-25 11:03:03 -04:00
Rob Crittenden
1b1f9af01c Add a 'showall' command so one can pick from a list of tasks to add to a role 2009-03-25 11:02:49 -04:00
Rob Crittenden
5aed824a6c Use tuples instead of lists for class variables 2009-03-25 11:02:47 -04:00
Rob Crittenden
233a4cb5fd Raise a more specific error when a user lacks the proper permissions. 
The info part of the message will contain details on what permission
failed on what attribute.
 2009-03-25 11:02:44 -04:00
Rob Crittenden
65e6259075 Always print the dn first when printing an entry 2009-03-25 11:02:42 -04:00
Rob Crittenden
a8a2664190 Add new type List that converts delimited values into a tuple 2009-03-20 09:29:44 -04:00
Rob Crittenden
c39a29e0cf Converted to use new baseclass, remove the one with the f_ prefix 2009-03-20 09:28:26 -04:00
Rob Crittenden
b627f50121 Convert to use the new basegroup framework 2009-03-20 09:28:18 -04:00
Rob Crittenden
9bc1419ac0 Convert to use the new basegroup framework 2009-03-20 09:28:16 -04:00
Rob Crittenden
33df0a3915 Convert to use the new basegroup framework 2009-03-20 09:28:14 -04:00
Rob Crittenden
1445a36026 Modify the taskgroup plugin to use the new group baseclass and add tests 2009-03-20 09:28:12 -04:00
Rob Crittenden
a55c5d6bcd New plugin to handle role groups 
Role groups will be part of the ACI system. It will let one create broad
categories of permissions. Things like: helpdesk, user admin, group admin,
whatever.
 2009-03-20 09:28:09 -04:00
Rob Crittenden
5e2e3fd17d Add generic base class that will most of the heavy lifting for groups 2009-03-20 09:28:06 -04:00
Rob Crittenden
8d796eedee kw is supposed to contain just lower-case values 2009-03-19 16:02:12 -04:00
Rob Crittenden
51193923f1 kw is supposed to contain just lower-case values 2009-03-19 16:02:09 -04:00
Rob Crittenden
bc056cda2d Update the ACI class to be more robust and the beginnings of an ACI plugin 
The ACI plugin is really  meant for developers to help manage the ACIs.
It may or may not be shipped. If it is it will be disabled by default.
It is very much a shoot-in-foot problem waiting to happen.
 2009-03-18 15:47:06 -04:00
Rob Crittenden
4c5806b4b4 Fix some minor issues in group and service plugins 2009-03-17 14:52:38 -04:00
Rob Crittenden
6fa330662a Add taskgroups plugin 
Taskgroups are what we grant permission to with the new ACI system.
 2009-03-17 14:52:17 -04:00
Jason Gerard DeRose
13ff27e9ec Fixed Executioner.execute() so that its 'name' argument doesn't conflict with a param called 'name' (which is a valid param name) 2009-03-13 10:31:00 -04:00
Rob Crittenden
eb0601a19c Plugin to handle IPA configuration 2009-03-04 09:56:16 -05:00
Rob Crittenden
7933a196a1 Set a minimum value for password policy integers 2009-03-04 09:56:13 -05:00
Rob Crittenden
dbbae00b17 Add maxvalue and minvalue kwargs and rules to Int and Float 2009-03-03 17:49:15 -05:00
Rob Crittenden
bd9f7cd720 Fix some netgroup issues related to not all groups being posixGroups 2009-02-27 23:18:35 -05:00
Rob Crittenden
be0cac932a Update objectclasses for groups, by default not posix groups. 
This change depends on DS bugs 487574 and 487725. Groups cannot be
promoted properly without these fixed. It will fail with an
Object Class violation because gidNumber isn't set.
 2009-02-27 23:18:19 -05:00
Jason Gerard DeRose
1359618e7e Fixed broken autfill logic in cli.prompt_interactively() 2009-02-27 12:58:32 -05:00
Rob Crittenden
3fdf9abfce Enforce netgroup uniqueness, allow netgroups to be members of netgroups 
When adding an entry, convert a constraint violation of "already exists"
into a DuplicateEntry exception so the user gets a useful response
 2009-02-27 12:57:21 -05:00
Rob Crittenden
af0c0c309d Added tofiles command and some documentation to the automount plugin 2009-02-24 16:54:28 -05:00
Pavel Zuna
e913d7483b Fix multivalue params requiring default to be of type self.type instead of tuple. 2009-02-23 13:49:26 -05:00
Pavel Zuna
016b82250e Add ipalib.frontend.Command method to build an entry from params with attribute=True. 
Often plugins need to build LDAP entries from params. This should make things a bit easier.
Crud methods (Create, Retrieve, Update, Delete, Search) have attribute=True by default.
And it also works for multivalue params.
 2009-02-23 13:49:21 -05:00
Rob Crittenden
f2abe05398 Use OpenSSL for SSL instead of the built-in python version. 2009-02-20 10:40:54 -05:00
Rob Crittenden
b53edad254 raise exceptions in the proper form 2009-02-20 10:40:50 -05:00
Rob Crittenden
1a8ec58602 Utility function to get the local hostname 2009-02-19 10:09:24 -05:00
Rob Crittenden
83d5987db9 A new exception for requiring root, RootRequired 2009-02-19 10:09:21 -05:00
Rob Crittenden
4476f6b939 The start of machine join 2009-02-19 10:09:07 -05:00
Rob Crittenden
5a6d2dd0d9 Print out multi-valued values one per-line instead of comman-delimited 2009-02-19 10:08:52 -05:00
Rob Crittenden
ccf703a2b6 Add new users as a member of the default group 2009-02-19 10:08:11 -05:00
Rob Crittenden
fb3f86f703 Add --all option to show/find, add default attrs to show, cleanup output 2009-02-19 10:07:39 -05:00
Jason Gerard DeRose
7e23ee7cc6 Removed 'Assert False' that was mistakingly left in cert.py; small cleanup in cert.py and ra.py imports 2009-02-17 16:03:10 -05:00
Jason Gerard DeRose
4ab133c3cb Implemented more elegant way for entire plugin module to be conditionally skipped; updated cert.py and ra.py modules to use this 2009-02-17 16:03:10 -05:00
Jason Gerard DeRose
e0fe732318 Added env.enable_ra variable and change cert.py and ra.py plugin modules to register plugins conditionally 2009-02-17 16:03:09 -05:00
Jason Gerard DeRose
97c04c491b Continued cleanup cert/ra plugins 2009-02-17 16:03:09 -05:00
Jason Gerard DeRose
b5b2e55be5 Add pattern matching to Str and Bytes 2009-02-17 16:03:08 -05:00
Jason Gerard DeRose
18cecdc515 Removed depreciated xmlrpc_marshal() and xmlrpc_unmarshal() functions 2009-02-17 16:03:08 -05:00