IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-15 19:01:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
870 Commits 11 Branches 59 Tags 60 MiB
68e14ed8ba
Commit Graph

870 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Crittenden
68e14ed8ba Add -p/--password option so the DM password can be passed on the command-line. 
The import for version moved from ipaserver to ipa, fix that as well.

449858
 2008-06-04 17:32:47 -04:00
Rob Crittenden
12899d9053 Don't make the search criteria lower-case so one can do case-sensitive searches (such as looking for HTTP principals) 
449975
 2008-06-04 16:34:47 -04:00
Rob Crittenden
5c916a1cc8 Fix some minor man page issues. 
438771
 2008-06-04 12:50:13 -04:00
Rob Crittenden
d6f7998fe7 Fix some formatting issues and correct the example. 
443009
 2008-06-04 11:14:33 -04:00
Rob Crittenden
28008a4bf2 Fix typo and reorder -q|--quiet so it displays nicer. popt isn't putting it on a separate line so moving it up front makes it easier to find. 
443014
 2008-06-04 11:05:47 -04:00
Rob Crittenden
9bcd31efc5 Fix issue of double logging in ipa_error.log. 
We open the log in ipa_webgui and this was being inherited by TurboGears
which uses the same log so everything was getting logged twice. Shut down
the log in ipa_webgui at the last possible moment. This will not catch
configuration errors.

Add a Not Found template.

Only print a traceback on 500 errors.
 2008-06-03 22:41:09 -04:00
Rob Crittenden
c58b7a3d7c Move version.py to the common ipa directory instead of being server-based so it can be used by the client tool. 
Fix the client tool imports to fail more gracefully.
 2008-06-03 22:39:11 -04:00
Rob Crittenden
5a56b7c885 Fix some minor man page issues. 
438771
 2008-06-03 14:33:18 -04:00
Rob Crittenden
f87dc9123b Don't prompt regarding previous DS installations in unattended mode. 
449150
 2008-05-30 16:14:51 -04:00
Rob Crittenden
e935287f6e Try to clear up messages prompting for domain and IPA server when DNS discovery fails to find them. 2008-05-30 15:44:56 -04:00
Rich Megginson
2d588a8254 Fedora DS 1.1.1 exposes a public task api. In order for ipa-1-0 to build against this, ipa-memberof.c needs to be able to use the public api or the private one. 2008-05-30 13:49:46 -04:00
Rob Crittenden
8f639ea924 Add two now options, --addattr and --setattr, to allow arbitrary attributes to be added and set when a new user or group is created. 
Make the user password not mandatory and add new option, -P, to prompt
for a password interactively.

449006
 2008-05-30 11:22:56 -04:00
Rob Crittenden
165d26ce2b Make check_inst() a standalone function in bindinstance. 
When an install instance is created that contains a pointer to a sysrestore
point it loads in the current configuration when instantiated. If an
instance is instantiated but not used then changes may occur to the
system state that it is unaware of. So one needs to take care in the order
that things are done to avoid losing information.

When bind was setup it was overwriting all data in sysrestore.state and
leaving just a [named] section. This caused problems at uninstall.

448173
 2008-05-30 11:21:11 -04:00
Rob Crittenden
e3ba80e3d3 Actually pass along the verbose option to IPAClient. 
443987
 2008-05-29 16:04:28 -04:00
Rob Crittenden
8f6303adf0 Fix typo in log statement 
448948
 2008-05-29 13:23:43 -04:00
Simo Sorce
4f81c2faec Make ipa_kpasswd listen on each single interface explicitly 
instead of 0.0.0.0, this allows us to reply to a UDP request
by using the right source address to build the kerberos reply.
 2008-05-29 09:43:39 -04:00
Simo Sorce
8fb4809465 Use openldap libraries by default as mozldap libs seem to break 
ldap_extended_operation() somehow and ipa_kpasswd stops working
 2008-05-29 09:43:28 -04:00
Simo Sorce
dc7d62d543 Fix crash bug in ipa_kpasswd 2008-05-29 09:43:20 -04:00
Simo Sorce
8f082f2d4f Now that admin is in the common users tree make the nss_ldap 
configuration look at the specific tree where users are and
not search the full server.
 2008-05-29 09:43:08 -04:00
Simo Sorce
53afb67537 Fix the case where domain != lower(REALM) 
add the domain to the ipa.conf file for apps that need to know
This should fix a bug in the replica setup
 2008-05-29 09:43:00 -04:00
Rob Crittenden
c5d6ad5c6e Set default logging level to INFO (still logs to Apache) 
Add function entry log for the core IPA XML-RPC functions.
 2008-05-28 14:13:19 -04:00
Rob Crittenden
0f9b944dde Add python-configobj as a Requires and do some other specfile cleanups. 
432814
 2008-05-28 14:09:08 -04:00
Simo Sorce
f32f8d6d82 Use a value that is explicitly 64bit on all architectures 2008-05-23 15:07:49 -04:00
Simo Sorce
3931d1d753 Move admin into cn=users,cn=accounts 
After some deep thinking I think the advantages of keeping all
posix enabled user accounts under cn=users,cn=accounts overweight a
perceived better protection of the admin account by keeping it in a
separate tree.
 2008-05-23 15:07:37 -04:00
Simo Sorce
0695649926 Don't make the rpm %post fail just because the server has never been 
configured before (and therefore there is nothing to upgrade, just let
it spit out warnings for admins that actually check whats going on.
 2008-05-22 17:20:09 -04:00
Rob Crittenden
927447b144 Fix up function return values so we can return 1 on an installation error. 
447973
 2008-05-22 16:37:33 -04:00
Rob Crittenden
a087818197 Move non-user-configurable configuration elements to TurboGears app.cfg file. 
432908
 2008-05-22 16:31:08 -04:00
Simo Sorce
0d023b2680 Fix testing for asprintf errors, we need to test the return value as 
per standard the  buffer status is undefined.
While there also introduce a new spearate variable to return the final
error and keep using ret for local error checks. This avoid potentially
overwriting the correct return value when checking for asprintf ...
 2008-05-22 11:44:02 -04:00
Martin Nagy
1069324eba Only ask the user to install bind. 2008-05-22 11:40:31 -04:00
Martin Nagy
2f69e7e18d Change file mode of log files to 600. 
446869
 2008-05-20 22:43:03 -04:00
Rob Crittenden
fcd3260955 Ensure hostnames are lower during installation and when adding service princs 
447381
 2008-05-20 15:07:24 -04:00
Rob Crittenden
fe2f69718f Remove broken link for IE configuration and replace sample domain/realm. Also fix some HTML errors: missing DOCTYPE, title, head. 
The web page actually comes up as a link in a search on Microsoft's site
but the content is gone. It is possible it will come back at some point, who
knows.

447445
 2008-05-20 15:05:50 -04:00
Rob Crittenden
d640eb17e5 Add validators.py to the list of files. 
445286
 2008-05-20 15:03:58 -04:00
Rob Crittenden
d142b5376d Do uniqueness check on phone numbers and cn entered via the UI. 
445286
 2008-05-20 11:38:35 -04:00
Rob Crittenden
6c87f83180 Don't pass the Directory Manager password on the command-line to ldapmodify. 
446865
 2008-05-19 17:07:41 -04:00
Simo Sorce
6119f83799 Use split instead of find as split does not fail to provide a complete 
component if no '.' is found.
 2008-05-15 14:26:25 -04:00
Jim Meyering
58592c3b4f detect failure to write ipa_kpasswd.pid file 
* ipa_kpasswd.c (main): Detect not just open failure,
but also any write failure.
 2008-05-15 12:59:28 -04:00
Jim Meyering
0d2212fe2f remove useless if-before-free tests 
I've been on a crusade (;-) to remove useless if-before-free tests,
so ran a script that spotted some here.  I think I removed the first
batch (without braces) automatically, then manually removed the ones
with curly braces around the free statements.

You may well have doubts about the portability of removing those
tests, but as long as you don't care about SunOS4 or earlier, you'll
be fine.  I've done similar things for e.g., coreutils, glibc, and git,
and have had no problems.
 2008-05-15 12:59:28 -04:00
Jim Meyering
3256365277 * ipa_pwd_extop.c (encrypt_encode_key): Handle malloc failure. 2008-05-15 12:59:28 -04:00
Simo Sorce
d0f0d97be6 If there is an error we need to send back a reply ourselves. 
Return also an intelligible error message.
 2008-05-15 12:59:28 -04:00
Simo Sorce
fb3555c483 For some unknown reason the sort control returns values sorted in reverse. 
Ask for inverse order to get them straight ...
 2008-05-15 12:59:28 -04:00
Simo Sorce
10f0881dba Implement checks to make sure we are not assigning a number that is in use. 
Change config to support a maximum value so that ranges can be defined.
Add stubs to reach out and ask to swap in new ranges and notify that new
chuncks are needed/used.
 2008-05-15 12:59:28 -04:00
Martin Nagy
2d608a8354 Don't ask the user again if he wants to replace bind configuration files if he specified --setup-bind. 
430090
 2008-05-14 16:25:10 -04:00
Martin Nagy
28f312664e Fix typo, /etc/resolve.conf -> /etc/resolv.conf. 
444660
 2008-05-14 16:25:06 -04:00
Rob Crittenden
2b05d973a4 Fix typo in ipa-client-install manpage. 
446201
 2008-05-14 11:41:56 -04:00
Rob Crittenden
92d7f9c28a Make sure all services are stopped during uninstall. 
We were just shutting down the KDC if it had been started prior to IPA
installation. We need to stop it in all cases.

And we should restart nscd as it may have made an LDAP connection.

440322
 2008-05-14 09:57:09 -04:00
Rob Crittenden
99141e3a04 Enforce the maximum username length set by IPA Policy 
439891
 2008-05-14 09:48:21 -04:00
Rob Crittenden
319cb38e28 Do a more thorough job of removing an existing DS instance. 
Add /usr/lib/dirsrv/slapd-INSTANCE to the list of directories removed.

442753
 2008-05-13 22:53:01 -04:00
Rob Crittenden
3daa94ccc0 Catch name resolution errors coming from the socket module. 
442650
 2008-05-13 12:00:21 -04:00
Rob Crittenden
b1cc4199fa The admin user doesn't have the inetorgperson objectclass so don't have a givenname attribute. The UI is currently hardcoded to require "first name" which renders the admin user uneditable via the UI. 
This is a hack that will allow admin to be edited, assuming that one doesn't
try to add a firstname field.

440548
 2008-05-13 11:59:46 -04:00