IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity
15,381 Commits 11 Branches 60 Tags 60 MiB
93b0e6a96a
Commit Graph

15381 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Bokovoy
93b0e6a96a ipaclient: do not set TLS CA options in ldap.conf anymore 
OpenLDAP has made it explicit to use default CA store as provided by
OpenSSL in 2016:

	branches 2.5 and later:
	commit 4962dd6083ae0fe722eb23a618ad39e47611429b
	Author: Howard Guo <hguo@suse.com>
	Date:   Thu Nov 10 15:39:03 2016 +0100

	branch 2.4:
	commit e3affc71e05b33bfac43833c7b95fd7b7c3188f8
	Author: Howard Guo <hguo@suse.com>
	Date:   Thu Nov 10 15:39:03 2016 +0100

This means starting with OpenLDAP 2.4.45 we can drop the explicit CA
configuration in ldap.conf.

There are several use cases where an explicit IPA CA should be specified
in the configuration. These mostly concern situations where a higher
security level must be maintained. For these configurations an
administrator would need to add an explicit CA configuration to
ldap.conf if we wouldn't add it during the ipa-client-install setup.

RN: FreeIPA client installer does not add explicit TLS CA configuration
RN: to OpenLDAP's ldap.conf anymore. Since OpenLDAP 2.4.45, explicit CA
RN: configuration is not required as OpenLDAP uses the default CA store
RN: provided by OpenSSL and IPA CA is installed in the default store
RN: by the installer already.

Fixes: https://pagure.io/freeipa/issue/9258

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-11 09:03:13 +02:00
Sumit Bose
ae445f72a0 ipa-kdb: do not fail if certmap rule cannot be added 
Currently if a certificate mapping and matching rule has a typo or is of
an unsupported type the whole rule processing is aborted and the IPA
certmap plugin works without any rules effectively disabling PKINIT for
users. Since each rule would only allow more certificates for PKINIT it
would be more user/admin friendly to just ignore the failed rules with a
log message and continue with what is left or use the default rule if
nothing is left.

This change is done to add more flexibility to define new mapping and
matching templates which are e.g. needed to cover changes planned by
Microsoft as explained in
https://support.microsoft.com/en-us/topic/kb5014754-certificate-based-authentication-changes-on-windows-domain-controllers-ad2c23b0-15d8-4340-a468-4d4f3b188f16

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-10 10:03:39 +02:00
Stanislav Levin
51c31e0ad3 ipapython: Support openldap 2.6 
While python-ldap is strict dependency of IPA in downstreams, it
is optional for IPA packages published on PyPI.

Openldap 2.6 no longer ships ldap_r-2, that makes
ipapython.dn_ctypes not working against such environments.

Thanks @abbra!

Fixes: https://pagure.io/freeipa/issue/9255
Signed-off-by: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-07 16:57:35 +02:00
Alexey Tikhonov
1360c8b09f extdom: avoid sss_nss_getorigby*() calls when get*_r_wrapper() returns object from a wrong domain (performance optimization) 
Reviewed-By: Alexander Bokovoy <abbra@users.noreply.github.com>
 2022-10-06 10:13:45 +02:00
Alexey Tikhonov
4685f9d881 extdom: make sure result doesn't miss domain part 
This is required to ensure that only objects from requested domain
are returned.

Resolves: https://pagure.io/freeipa/issue/9245
Reviewed-By: Alexander Bokovoy <abbra@users.noreply.github.com>
 2022-10-06 10:13:45 +02:00
Alexey Tikhonov
113cb8d715 extdom: internal functions should be static 
Fixes following compilation warnings:
```
ipa_extdom_common.c:109:5: warning: no previous prototype for ‘__nss_to_err’ [-Wmissing-prototypes]
  109 | int __nss_to_err(enum nss_status errcode)
      |     ^~~~~~~~~~~~
ipa_extdom_common.c:738:5: warning: no previous prototype for ‘pack_ber_name_list’ [-Wmissing-prototypes]
  738 | int pack_ber_name_list(struct extdom_req *req, char **fq_name_list,
      |     ^~~~~~~~~~~~~~~~~~
```

Reviewed-By: Alexander Bokovoy <abbra@users.noreply.github.com>
 2022-10-06 10:13:45 +02:00
Florence Blanc-Renaud
3d093c66f2 ipatests: mark xfail tests using dnssec 
In fedora 37+, the signing of DNS zones is failing.
Mark xfail the gating tests impacted by this issue, to avoid
breaking the CI gating when we move to f37.

Related: https://pagure.io/freeipa/issue/9216

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-04 09:25:17 +02:00
Florence Blanc-Renaud
40b9c6fc47 ipatests: mark xfail tests using sssctl domain-status 
In fedora 37+, sssctl domain-status is failing.
Mark xfail the gating tests impacted by this issue, to avoid
breaking the CI gating when we move to f37.

Related: https://pagure.io/freeipa/issue/9234

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-04 09:25:17 +02:00
Florence Blanc-Renaud
a6485d6325 Tests: test on f37 and f36 
Fedora 37 beta is now available, move the testing pipelines to
- fedora 37 for the _latest definitions
- fedora 36 for the _previous definition

Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-04 09:25:17 +02:00
Alexander Bokovoy
41ba166c77 Remove empty translation for 'si' which breaks linter 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
김인수
d5ea8d6c9f Translated using Weblate (Korean) 
Currently translated at 2.9% (140 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ko/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
김인수
4ea9b5ef0f Translated using Weblate (Korean) 
Currently translated at 2.2% (108 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ko/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
김인수
9d1541f17d Translated using Weblate (Korean) 
Currently translated at 2.0% (99 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ko/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
김인수
f420c19bb6 Added translation using Weblate (Korean) 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Temuri Doghonadze
3379aa0aa8 Translated using Weblate (Georgian) 
Currently translated at 8.3% (401 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ka/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Temuri Doghonadze
054bd14bcf Translated using Weblate (Georgian) 
Currently translated at 7.6% (368 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ka/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Temuri Doghonadze
a1e66f5c05 Translated using Weblate (Georgian) 
Currently translated at 6.9% (333 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/ka/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
d4b9203376 Translated using Weblate (Finnish) 
Currently translated at 17.6% (848 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
6846b95336 Translated using Weblate (Ukrainian) 
Currently translated at 100.0% (4818 of 4818 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Weblate
357dd550ce Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Temuri Doghonadze
a30db2030c Added translation using Weblate (Georgian) 
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
242a0dadcf Translated using Weblate (Finnish) 
Currently translated at 17.8% (845 of 4741 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
867a38a463 Translated using Weblate (Ukrainian) 
Currently translated at 100.0% (4741 of 4741 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Weblate
c8c4e93fd6 Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
98e80985ba Translated using Weblate (Finnish) 
Currently translated at 17.7% (842 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
2b0c9d9128 Translated using Weblate (Finnish) 
Currently translated at 17.7% (840 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Ricky Tigg
67c54ce7a9 Translated using Weblate (Finnish) 
Currently translated at 17.5% (833 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Piotr Drąg
31f7860d08 Translated using Weblate (Polish) 
Currently translated at 9.5% (453 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/pl/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
dbe49df1b3 Translated using Weblate (Finnish) 
Currently translated at 17.5% (832 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
0caffa37c0 Translated using Weblate (Finnish) 
Currently translated at 17.2% (816 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Andika Triwidada
3885bd6fd7 Translated using Weblate (Indonesian) 
Currently translated at 6.8% (323 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/id/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
63fceacb17 Translated using Weblate (Finnish) 
Currently translated at 16.9% (804 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
6de25a0f20 Translated using Weblate (Ukrainian) 
Currently translated at 100.0% (4739 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Weblate
921fdd2ca8 Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
606ce6d52a Translated using Weblate (Finnish) 
Currently translated at 16.7% (794 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
10a51197f2 Translated using Weblate (Finnish) 
Currently translated at 16.1% (764 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Ricky Tigg
86f828a7e5 Translated using Weblate (Finnish) 
Currently translated at 16.0% (762 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
1c1187beed Translated using Weblate (Finnish) 
Currently translated at 15.9% (754 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Piotr Drąg
f9419bdad4 Translated using Weblate (Polish) 
Currently translated at 9.5% (452 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/pl/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Ricky Tigg
4b10b6dab4 Translated using Weblate (Finnish) 
Currently translated at 15.6% (743 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
a1c0031c90 Translated using Weblate (Finnish) 
Currently translated at 15.6% (742 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
bcc5819830 Translated using Weblate (Finnish) 
Currently translated at 15.5% (736 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
3452c6fcf0 Translated using Weblate (Finnish) 
Currently translated at 10.9% (520 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
63d332ff9e Translated using Weblate (Ukrainian) 
Currently translated at 100.0% (4739 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
d6d7c5d28b Translated using Weblate (Ukrainian) 
Currently translated at 99.4% (4713 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Yuri Chornoivan
a21bf7fe82 Translated using Weblate (Ukrainian) 
Currently translated at 98.5% (4671 of 4739 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/uk/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Weblate
3500d05f89 Update translation files 
Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Jan Kuparinen
a420226493 Translated using Weblate (Finnish) 
Currently translated at 7.7% (362 of 4672 strings)

Translation: freeipa/master
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/fi/
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Weblate
d0b336025f Update translation files 
Updated by "Update LINGUAS file" hook in Weblate.

Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Co-authored-by: Weblate <noreply@weblate.org>
Translate-URL: https://translate.fedoraproject.org/projects/freeipa/master/
Translation: freeipa/master
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
 2022-10-03 10:59:26 +03:00
Florence Blanc-Renaud
1546c0b206 ipa man page: format the EXAMPLES section 
The EXAMPLES section is missing .TP macros before some of
the provided examples, and they are displayed in the same paragraph.

Add .TP (tagged, indented paragraph) before each example.

Fixes: https://pagure.io/freeipa/issue/9252
Signed-off-by: Florence Blanc-Renaud <flo@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
 2022-10-03 07:49:07 +02:00