IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-08 07:13:00 -06:00
Code Issues Packages Projects Releases Wiki Activity
2,175 Commits 11 Branches 59 Tags 60 MiB
7a7041045e
Commit Graph

242 Commits

Author SHA1 Message Date
Rob Crittenden
7a7041045e Fix service_mod and add a test case 2009-08-26 09:51:15 -04:00
Rob Crittenden
d9c54cd83e Clean up additional issues discovered with pylint and pychecker 2009-08-20 09:20:56 -04:00
Rob Crittenden
c781e8a57d Add a new objectclass, ipaObject, that will add a UUID to many IPA objects 
ipaObject is defined as an auxiliary objectclass so it is up to the
plugin author to ensure that the objectclass is included an a UUID generated.
ipaUniqueId is a MUST attribute so if you include the objectclass you must
ensure that the uuid is generated.

This also fixes up some unrelated unit test failures.
 2009-08-10 16:38:42 -06:00
Pavel Zuna
b7b9f9b6a6 Add options in baseldap classes to display unaltered LDAP entries. 
The options in question is '--raw'.
 2009-08-05 09:20:49 -04:00
Pavel Zuna
322d8238a0 All-around improvements to baseldap.py classes. 
- attribute re-mapping, ordering and hiding
  (Enables plugins to completely hide LDAP internals from users
   and full localisation of command output.)
- translation of member DNs into object names
  (No more DNs when listing group members etc.)
- support for "singleton" LDAP objects
  (Objects like "pwpolicy"; not accessed by primary key.)
- new base classes for commands: LDAPModMember, LDAPAddMember
  and LDAPRemoveMember
  (Providing support for objects with 'member'-like attributes.)
- LDAPSearch implicit exit code changed to 1 when nothing is found
 2009-08-03 23:08:21 -06:00
Rob Crittenden
e31d5fb1cf Implement support for non-LDAP-based actions that use the LDAP ACI subsystem. 
There are some operations, like those for the certificate system, that
don't need to write to the directory server. So instead we have an entry
that we test against to determine whether the operation is allowed or not.

This is done by attempting a write on the entry. If it would succeed then
permission is granted. If not then denied. The write we attempt is actually
invalid so the write itself will fail but the attempt will fail first if
access is not permitted, so we can distinguish between the two without
polluting the entry.
 2009-07-10 16:41:05 -04:00
Pavel Zuna
551648b8a9 Change command names from *group-del-member to *group-remove-member. 
Signed-off-by: Jason Gerard DeRose <jderose@redhat.com>
 2009-07-09 13:25:19 -06:00
Pavel Zuna
34b5b0d563 Fix bug: number of found entries was reported incorrectly in some plugins. 2009-07-02 13:33:05 -04:00
Pavel Zuna
537ba4034d Make basegroup-{add, del}-member print failed members with error descriptions. 2009-07-02 13:33:05 -04:00
Pavel Zuna
5e4c0014df Fix bug: when deleting hosts, their services where deleted incorrectly 2009-07-02 13:33:04 -04:00
Pavel Zuna
3c5988d078 Remove outstanding 2's from plugins. 2009-07-02 13:33:04 -04:00
Pavel Zuna
da461998c1 Add automount plugin. 2009-07-02 13:33:03 -04:00
Pavel Zuna
57123f2a99 Fix minor bugs, typos, etc. discovered by unit tests in plugins. 2009-07-02 13:33:03 -04:00
Pavel Zuna
341a47f5a3 Fix bug in basegroup and passwd plugins (incorrect use of find_entry_by_attr). 2009-07-02 13:33:02 -04:00
Pavel Zuna
4b6a6c405c Rename *-create/*-delete commands to *-add/*-del respectively. 2009-07-02 13:33:02 -04:00
Pavel Zuna
c2d2344268 Replace references to basegroup2 in taskgroup plugin. 2009-07-02 13:33:02 -04:00
Pavel Zuna
b6cfae46e4 Rename plugins2 to plugins. 2009-07-02 13:33:02 -04:00
Pavel Zuna
e1e1db9c9f Rename plugins2 files (remove '2' suffix'). 2009-07-02 13:33:01 -04:00
Pavel Zuna
ebdebe802d Remove all references to use_ldap2. 2009-07-02 13:33:01 -04:00
Pavel Zuna
4b993782e6 Delete plugins using old LDAP backend. 2009-07-02 13:33:00 -04:00
Rob Crittenden
b83badd73b Fix typo in variable name, object_classs->object_class 2009-06-15 13:55:58 -04:00
Pavel Zuna
2ff4b3906f Change plugins2 using find_entries to support incomplete (truncated) search results. 2009-06-15 11:19:04 -04:00
Pavel Zuna
48e1f47ed1 Add new set of base classes for plugins using LDAP. 2009-06-15 11:18:59 -04:00
Pavel Zuna
473e03d2f7 Add host plugin port to new LDAP backend. 2009-06-12 15:53:25 -04:00
Pavel Zuna
b8fdcb3a0b Add passwd plugin port to new LDAP backend. 2009-06-10 11:55:09 -04:00
Pavel Zuna
a5292b2280 Add ACI plugin port to new LDAP backend. 2009-06-10 11:55:03 -04:00
Pavel Zuna
789fec4381 Add service plugin port to new LDAP backend. 2009-06-10 11:51:49 -04:00
Rob Crittenden
16f19990ae Fix plugin API errors 2009-06-03 09:49:14 -04:00
Rob Crittenden
3e8aac875f Fix the help text 2009-06-03 09:46:42 -04:00
Pavel Zuna
90cc00feab Make delegation plugin consistent with plugins2 and use new Crud methods. 2009-06-02 16:20:44 -04:00
Pavel Zuna
66d291001a Remove unused reference to old LDAP backend in join plugin. 2009-06-02 16:20:41 -04:00
Pavel Zuna
b29006dd0a Add pwpolicy plugin port to new LDAP backend. 2009-05-27 10:02:50 -04:00
Pavel Zuna
924010cfc9 Add defaultoptions plugin port to new LDAP backend. 2009-05-26 14:50:31 -04:00
Pavel Zuna
13b55b5a52 Add taskgroup plugin port to new LDAP backend. 2009-05-26 14:50:28 -04:00
Pavel Zuna
5a8573129c Add rolegroup plugin port to new LDAP backend. 2009-05-26 14:50:26 -04:00
Pavel Zuna
37a391cd78 Make plugins2 use lowercase when reffering to LDAP attributes. 2009-05-22 15:58:09 -06:00
Pavel Zuna
eec367b0c8 Fix bug in group2-mod command. 
posixGroup object class was added to the group entry incorrectly when modifying gid number.
 2009-05-21 15:22:58 -06:00
Rob Crittenden
fe012f4ff2 Fix a few issues introduced by the new Param.use_in_context() patch 2009-05-21 14:33:23 -04:00
Pavel Zuna
7b93f7bbd7 Add netgroup plugin port to new LDAP backend. 2009-05-20 16:46:56 -06:00
Pavel Zuna
75a70af943 Add hostgroup plugin port to new LDAP backend. 2009-05-20 16:46:48 -06:00
Pavel Zuna
1e55b0a1ab Fix counting of successfully added members. Add checks for use_ldap2 in group2. Some cosmetic changes. 2009-05-20 16:46:39 -06:00
Pavel Zuna
a3ae5047f3 Add group plugin port to new LDAP backend. 2009-05-20 16:46:28 -06:00
Rob Crittenden
e5bec4ae39 Schema change so the nisnetgroup triples work properly. 
If we use cn for hostname there is no easy way to distinguish between
a host and a hostgroup. So adding a fqdn attribute to be used to store
the hostname instead.
 2009-05-19 09:54:17 -04:00
Rob Crittenden
5e3cdb9643 Remove all services when a host is removed Revoke certificate (if any) when a service is removed 2009-05-13 14:17:21 -04:00
Rob Crittenden
014f3ff1c6 Improve revocation_reason argument 2009-05-13 14:17:03 -04:00
Rob Crittenden
1c31b5bc08 Add a reason to the NotFound exception so we can provide more robust errors 2009-05-13 14:16:44 -04:00
Rob Crittenden
0d6aaef2e1 We decided not to issue a certificate on join 2009-05-07 10:54:21 -04:00
Rob Crittenden
8f1df0fe8a Store the new certificate in a service record. Clean up some argument names to match the current standard. 2009-05-07 10:54:14 -04:00
Rob Crittenden
5405c01025 Add validator and normalizer for service principals Add --certificate argument Update default objectclasses Use the crud.Search method for service-find 2009-05-06 11:28:49 -04:00
Rob Crittenden
c0020955a5 Some minor cosmetic changes 2009-05-04 18:01:06 -04:00