IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-06 22:33:00 -06:00
Code Issues Packages Projects Releases Wiki Activity
2,429 Commits 11 Branches 59 Tags 60 MiB
c0c86232f4
Commit Graph

320 Commits

Author SHA1 Message Date
Pavel Zuna
48e1f47ed1 Add new set of base classes for plugins using LDAP. 2009-06-15 11:18:59 -04:00
Pavel Zuna
473e03d2f7 Add host plugin port to new LDAP backend. 2009-06-12 15:53:25 -04:00
Pavel Zuna
b8fdcb3a0b Add passwd plugin port to new LDAP backend. 2009-06-10 11:55:09 -04:00
Pavel Zuna
a5292b2280 Add ACI plugin port to new LDAP backend. 2009-06-10 11:55:03 -04:00
Pavel Zuna
789fec4381 Add service plugin port to new LDAP backend. 2009-06-10 11:51:49 -04:00
Rob Crittenden
16f19990ae Fix plugin API errors 2009-06-03 09:49:14 -04:00
Rob Crittenden
3e8aac875f Fix the help text 2009-06-03 09:46:42 -04:00
Pavel Zuna
90cc00feab Make delegation plugin consistent with plugins2 and use new Crud methods. 2009-06-02 16:20:44 -04:00
Pavel Zuna
66d291001a Remove unused reference to old LDAP backend in join plugin. 2009-06-02 16:20:41 -04:00
Pavel Zuna
b29006dd0a Add pwpolicy plugin port to new LDAP backend. 2009-05-27 10:02:50 -04:00
Pavel Zuna
924010cfc9 Add defaultoptions plugin port to new LDAP backend. 2009-05-26 14:50:31 -04:00
Pavel Zuna
13b55b5a52 Add taskgroup plugin port to new LDAP backend. 2009-05-26 14:50:28 -04:00
Pavel Zuna
5a8573129c Add rolegroup plugin port to new LDAP backend. 2009-05-26 14:50:26 -04:00
Pavel Zuna
37a391cd78 Make plugins2 use lowercase when reffering to LDAP attributes. 2009-05-22 15:58:09 -06:00
Pavel Zuna
eec367b0c8 Fix bug in group2-mod command. 
posixGroup object class was added to the group entry incorrectly when modifying gid number.
 2009-05-21 15:22:58 -06:00
Rob Crittenden
fe012f4ff2 Fix a few issues introduced by the new Param.use_in_context() patch 2009-05-21 14:33:23 -04:00
Pavel Zuna
7b93f7bbd7 Add netgroup plugin port to new LDAP backend. 2009-05-20 16:46:56 -06:00
Pavel Zuna
75a70af943 Add hostgroup plugin port to new LDAP backend. 2009-05-20 16:46:48 -06:00
Pavel Zuna
1e55b0a1ab Fix counting of successfully added members. Add checks for use_ldap2 in group2. Some cosmetic changes. 2009-05-20 16:46:39 -06:00
Pavel Zuna
a3ae5047f3 Add group plugin port to new LDAP backend. 2009-05-20 16:46:28 -06:00
Rob Crittenden
e5bec4ae39 Schema change so the nisnetgroup triples work properly. 
If we use cn for hostname there is no easy way to distinguish between
a host and a hostgroup. So adding a fqdn attribute to be used to store
the hostname instead.
 2009-05-19 09:54:17 -04:00
Rob Crittenden
5e3cdb9643 Remove all services when a host is removed Revoke certificate (if any) when a service is removed 2009-05-13 14:17:21 -04:00
Rob Crittenden
014f3ff1c6 Improve revocation_reason argument 2009-05-13 14:17:03 -04:00
Rob Crittenden
1c31b5bc08 Add a reason to the NotFound exception so we can provide more robust errors 2009-05-13 14:16:44 -04:00
Rob Crittenden
0d6aaef2e1 We decided not to issue a certificate on join 2009-05-07 10:54:21 -04:00
Rob Crittenden
8f1df0fe8a Store the new certificate in a service record. Clean up some argument names to match the current standard. 2009-05-07 10:54:14 -04:00
Rob Crittenden
5405c01025 Add validator and normalizer for service principals Add --certificate argument Update default objectclasses Use the crud.Search method for service-find 2009-05-06 11:28:49 -04:00
Rob Crittenden
c0020955a5 Some minor cosmetic changes 2009-05-04 18:01:06 -04:00
Rob Crittenden
d4076915cd Add posixGroup to the objectclass list if gidnumber is set 
498335
 2009-05-04 17:43:00 -04:00
Rob Crittenden
c8ee910ff6 Issue an SSL server cert when joining the IPA domain 2009-05-04 17:41:06 -04:00
Rob Crittenden
8424ea8c03 A class for dealing with a temporary NSS certificate database 2009-05-04 16:56:12 -04:00
Pavel Zuna
36c239cda4 Add DNS management plugin port to the new ldap backend. 2009-04-30 16:17:49 -04:00
Pavel Zuna
75b551fd5e Use right attribute name for e-mail in user2 plugin. 2009-04-30 13:50:05 -04:00
Rob Crittenden
21ccdec860 Add missing required attribute, nisdomainname 2009-04-30 13:26:27 -04:00
Rob Crittenden
536b215078 Use correct attribute for e-mail address 
Resolves 498269
 2009-04-29 13:51:47 -04:00
David O'Brien
763c7ef914 trivial update to standardize terms in docstring 2009-04-28 13:32:01 -04:00
Pavel Zuna
7d0bd4b895 Rename errors2.py to errors.py. Modify all affected files. 2009-04-23 10:29:14 -04:00
Pavel Zuna
af82879009 Add user plugin port with some bugs fixed to the new LDAP backend. 2009-04-22 15:16:51 -04:00
Rob Crittenden
64fa3dd4c3 Finish work replacing the errors module with errors2 
Once this is committed we can start the process of renaming errors2 as errors.
I thought that combinig this into one commit would be more difficult to
review.
 2009-04-20 13:58:26 -04:00
Rob Crittenden
e6171404bf Make parentmap a autofill variable and add tests when parentmap is not passed 2009-04-13 15:22:49 -04:00
Rob Crittenden
8821d8cac3 Fill in default values for os and platform 2009-04-13 14:54:16 -04:00
Jason Gerard DeRose
a6294ba041 Renamed remaining plugins still using f_* b_* convention 2009-04-01 10:34:57 -04:00
Rob Crittenden
d6814f3aae Implement a few new targets for ACIs 
Also switch to the StrEnum parameter type for some options so we let the
framework do the enforcement
 2009-03-25 11:03:03 -04:00
Rob Crittenden
1b1f9af01c Add a 'showall' command so one can pick from a list of tasks to add to a role 2009-03-25 11:02:49 -04:00
Rob Crittenden
5aed824a6c Use tuples instead of lists for class variables 2009-03-25 11:02:47 -04:00
Rob Crittenden
c39a29e0cf Converted to use new baseclass, remove the one with the f_ prefix 2009-03-20 09:28:26 -04:00
Rob Crittenden
b627f50121 Convert to use the new basegroup framework 2009-03-20 09:28:18 -04:00
Rob Crittenden
9bc1419ac0 Convert to use the new basegroup framework 2009-03-20 09:28:16 -04:00
Rob Crittenden
33df0a3915 Convert to use the new basegroup framework 2009-03-20 09:28:14 -04:00
Rob Crittenden
1445a36026 Modify the taskgroup plugin to use the new group baseclass and add tests 2009-03-20 09:28:12 -04:00
Rob Crittenden
a55c5d6bcd New plugin to handle role groups 
Role groups will be part of the ACI system. It will let one create broad
categories of permissions. Things like: helpdesk, user admin, group admin,
whatever.
 2009-03-20 09:28:09 -04:00
Rob Crittenden
5e2e3fd17d Add generic base class that will most of the heavy lifting for groups 2009-03-20 09:28:06 -04:00
Rob Crittenden
8d796eedee kw is supposed to contain just lower-case values 2009-03-19 16:02:12 -04:00
Rob Crittenden
51193923f1 kw is supposed to contain just lower-case values 2009-03-19 16:02:09 -04:00
Rob Crittenden
bc056cda2d Update the ACI class to be more robust and the beginnings of an ACI plugin 
The ACI plugin is really  meant for developers to help manage the ACIs.
It may or may not be shipped. If it is it will be disabled by default.
It is very much a shoot-in-foot problem waiting to happen.
 2009-03-18 15:47:06 -04:00
Rob Crittenden
4c5806b4b4 Fix some minor issues in group and service plugins 2009-03-17 14:52:38 -04:00
Rob Crittenden
6fa330662a Add taskgroups plugin 
Taskgroups are what we grant permission to with the new ACI system.
 2009-03-17 14:52:17 -04:00
Rob Crittenden
eb0601a19c Plugin to handle IPA configuration 2009-03-04 09:56:16 -05:00
Rob Crittenden
7933a196a1 Set a minimum value for password policy integers 2009-03-04 09:56:13 -05:00
Rob Crittenden
bd9f7cd720 Fix some netgroup issues related to not all groups being posixGroups 2009-02-27 23:18:35 -05:00
Rob Crittenden
be0cac932a Update objectclasses for groups, by default not posix groups. 
This change depends on DS bugs 487574 and 487725. Groups cannot be
promoted properly without these fixed. It will fail with an
Object Class violation because gidNumber isn't set.
 2009-02-27 23:18:19 -05:00
Rob Crittenden
3fdf9abfce Enforce netgroup uniqueness, allow netgroups to be members of netgroups 
When adding an entry, convert a constraint violation of "already exists"
into a DuplicateEntry exception so the user gets a useful response
 2009-02-27 12:57:21 -05:00
Rob Crittenden
af0c0c309d Added tofiles command and some documentation to the automount plugin 2009-02-24 16:54:28 -05:00
Rob Crittenden
b53edad254 raise exceptions in the proper form 2009-02-20 10:40:50 -05:00
Rob Crittenden
4476f6b939 The start of machine join 2009-02-19 10:09:07 -05:00
Rob Crittenden
ccf703a2b6 Add new users as a member of the default group 2009-02-19 10:08:11 -05:00
Rob Crittenden
fb3f86f703 Add --all option to show/find, add default attrs to show, cleanup output 2009-02-19 10:07:39 -05:00
Jason Gerard DeRose
7e23ee7cc6 Removed 'Assert False' that was mistakingly left in cert.py; small cleanup in cert.py and ra.py imports 2009-02-17 16:03:10 -05:00
Jason Gerard DeRose
4ab133c3cb Implemented more elegant way for entire plugin module to be conditionally skipped; updated cert.py and ra.py modules to use this 2009-02-17 16:03:10 -05:00
Jason Gerard DeRose
e0fe732318 Added env.enable_ra variable and change cert.py and ra.py plugin modules to register plugins conditionally 2009-02-17 16:03:09 -05:00
Jason Gerard DeRose
97c04c491b Continued cleanup cert/ra plugins 2009-02-17 16:03:09 -05:00
Jason Gerard DeRose
336c4c2caf Removed depreciated ipalib/plugins/b_xmlrpc.py module 2009-02-17 16:03:08 -05:00
Jason Gerard DeRose
d9d5e8b2d5 Some cleanup in cert plugins module, changed to shorter command names all starting with cert_* 2009-02-17 16:03:08 -05:00
Jason Gerard DeRose
eb73a4fef5 Renamed f_ra.py plugin to cert.py 2009-02-17 16:03:07 -05:00
Jakub Hrozek
079f89d461 Add application frontend plugin 2009-02-10 14:10:54 -05:00
Rob Crittenden
2d7e0de5ea Get merged tree into an installalble state. 
I have only tested the all, rpms and *clean targets directly.
install may work but the rpm moves a lot of things around for us.

The Apache configuration file isn't in its final state but it works
with the new mod_python configuration.
 2009-02-03 15:29:20 -05:00
Jason Gerard DeRose
c2b0c80140 Started work on a much simplified mod_python server 2009-02-03 15:29:05 -05:00
Jason Gerard DeRose
92a150b4f1 Some tweaks in user plugins, ported to new crud base classes 2009-02-03 15:29:05 -05:00
Rob Crittenden
5717c9d668 Applied Rob's errors patch 2009-02-03 15:29:04 -05:00
Jason Gerard DeRose
231f0bd65a Finished reworked cli.CLI class into cli.cli plugin 2009-02-03 15:29:04 -05:00
Jason Gerard DeRose
244346dbcb More work on xmlrpc stuff, started migrated more code to use errors2 instead of errors 2009-02-03 15:29:01 -05:00
Jason Gerard DeRose
24b6cb89d4 Further migration toward new xmlrcp code; fixed problem with unicode Fault.faultString; fixed problem where ServerProxy method was not called correctly 2009-02-03 15:29:01 -05:00
Jason Gerard DeRose
9f48612a56 Sundry work getting ready to switch to new XML-RPC client/server code 2009-02-03 15:29:00 -05:00
Jason Gerard DeRose
46c10d4608 Removed bogus CLI.set_defaults() method that was causing non-required values to get filled in 2009-02-03 15:29:00 -05:00
Jason Gerard DeRose
6aadeb9aea Added Object.params_minus() method; various small tweaks 2009-02-03 15:29:00 -05:00
Jason Gerard DeRose
529819b02b Renamed f_misc.py plugin module to misc.py 2009-02-03 15:29:00 -05:00
Rob Crittenden
98ab09fafc Initial implementation of netgroups 2009-01-19 10:40:12 -05:00
Rob Crittenden
8154131ce1 Use correct function for outputing a string 2009-01-19 10:40:11 -05:00
Rob Crittenden
bc40686b7f Fix rule definition to match new API 2009-01-19 10:40:11 -05:00
Jason Gerard DeRose
fdda31c50b Fixed a problem in the host plugin module; added not in TODO about using Param.query 2009-01-14 22:59:44 -07:00
Jason Gerard DeRose
a10144be24 Updated service plugins module to where it can at least be imported 2009-01-14 22:35:13 -07:00
Jason Gerard DeRose
86b7ebf717 Updated ra plugins module to where it can at least be imported 2009-01-14 22:29:59 -07:00
Jason Gerard DeRose
a41a7f406f Updated pwpolicy plugins module to where it can at least be imported 2009-01-14 22:25:45 -07:00
Jason Gerard DeRose
ec86208a90 Updated passwd plugins module to where it can at least be imported 2009-01-14 22:19:31 -07:00
Jason Gerard DeRose
64c072b7b3 Updated hostgroup plugins module to where it can at least be imported 2009-01-14 22:10:09 -07:00
Jason Gerard DeRose
ec14fbfbc5 Updated host plugins module to where it can at least be imported 2009-01-14 21:55:04 -07:00
Jason Gerard DeRose
29e5a58795 Updated group plugins module to where it can at least be imported 2009-01-14 21:23:20 -07:00
Jason Gerard DeRose
39068ab7ca Fixed automount plugins module to where it can at least be imported 2009-01-14 21:11:14 -07:00
Andrew Wnuk
b3f95b1741 Merged in Andrew's RA plugin 2008-12-21 14:15:53 -07:00
Jason Gerard DeRose
6fdf5d1e7b Merge branch 'master' of git://git.engineering.redhat.com/users/rcritten/freeipa2 2008-12-20 15:00:00 -07:00
Jason Gerard DeRose
285fa3d330 Removed depreciated envtest command from f_user.py 2008-12-17 23:18:14 -07:00
Rob Crittenden
c025ed6404 Remove some debugging statements 2008-12-11 16:06:26 -05:00
Rob Crittenden
e41fcf19fe Raise an error on bad principals instead of printing one when changing passwords 
Fix logic in determining what to do with an incoming principal
 2008-12-11 10:31:27 -05:00
Rob Crittenden
46bd3974af Don't pass along the kw dictionary we were passed by XML-RPC. 
We generally want to just search indexed attributes. We get this list
of attributes from the configuration, use it.
 2008-12-10 16:45:07 -05:00
Rob Crittenden
af7b5645af Convert to new output_for_cli() function 2008-12-10 16:42:45 -05:00
Rob Crittenden
c34d2b8923 Add helper for adding Indirect maps. 
This creates the map and the key pointing to the map. By default the key
is associated with the auto.master map but it can be overriden.
 2008-12-10 14:15:20 -05:00
Rob Crittenden
039ee0fd56 Add a function to show all the maps under a given mapname, def. is auto.master 2008-12-10 14:15:20 -05:00
Rob Crittenden
fc8ac69372 Port plugins to use the new output_for_cli() argument list 
Fix some errors uncovered by the nosetests
 2008-12-10 14:15:19 -05:00
Jason Gerard DeRose
237c16f0fd Started moving xmlrpc-functions from ipalib.util to ipalib.rpc 2008-11-24 12:51:03 -07:00
Jason Gerard DeRose
2db738e899 Some changes to make reading dubugging output easier 2008-11-24 10:09:30 -07:00
Jason Gerard DeRose
4afee15d4b Calling 'passwd' command now prompts for password using textui.prompt_password() 2008-11-18 13:43:43 -07:00
Jason Gerard DeRose
0a60a6bcc4 Added textui.prompt_password() method; added logic in cli for dealing with 'password' flag in param.flags 2008-11-18 11:30:16 -07:00
Jason Gerard DeRose
5c16047092 user-lock and user-unlock commands now use textui, which finishes the user plugins 2008-11-17 18:15:40 -07:00
Jason Gerard DeRose
12dc0a0aa9 user-find now works again, uses textui 2008-11-17 16:40:42 -07:00
Jason Gerard DeRose
42bf555a3a Started updated user_* commands to use textui 2008-11-17 15:27:08 -07:00
Jason Gerard DeRose
e7ec413158 Moved plugins command from ipalib.cli to ipalib.plugins.f_misc 2008-11-16 19:50:17 -07:00
Jason Gerard DeRose
e059591d6b env command now supports * wildcard for searching 2008-11-14 22:21:36 -07:00
Jason Gerard DeRose
9de56d43f0 env plugin now subclasses from RemoteOrLocal 2008-11-14 21:58:39 -07:00
Rob Crittenden
c513743e7c Add autmount-specific location and default entries 2008-11-14 18:05:29 -05:00
Jason Gerard DeRose
f04aaff97c output_for_cli signature is now output_for_cli(textui, result, *args, **options) 2008-11-12 09:55:11 -07:00
Jason Gerard DeRose
09161e399a Command.get_default() will now fill-in None for all missing non-required params 2008-11-12 01:47:37 -07:00
Jason Gerard DeRose
014af24731 Changed calling signature of output_for_cli(); started work on 'textui' backend plugin 2008-11-12 00:46:04 -07:00
Rob Crittenden
e8adb59fd4 Fix some problems uncovered during automation test work 2008-11-04 16:21:10 -05:00
Rob Crittenden
e825bc7ccb Revive the hostgroup_container and include add/remove hosts in hostgroups plugin 2008-11-04 14:03:43 -05:00
Rob Crittenden
4967002359 Add 'all' option to host-find and pull attributes into a global list 2008-11-04 14:02:42 -05:00
Rob Crittenden
f131480643 Move socket errors from the XML-RPC plugin to the client 2008-11-03 17:38:05 -05:00
Rob Crittenden
d53218a932 Handle exceptions in the command-line instead of in the XMLRPC client plugin 2008-11-03 17:19:29 -05:00
Rob Crittenden
dd9206deb6 Uncomment some logging statements ported over from v1. 2008-11-03 13:14:46 -05:00
Rob Crittenden
62876ccee3 Initial implementation of automount support 
Add argument handling to crud.Del
Make get_list handle LDAP scope
 2008-10-30 17:29:22 -04:00
Jason Gerard DeRose
6879140db7 Added ipalib.plugins.f_misc with new 'context' Command; moved 'env' Command from cli to f_misc 2008-10-30 02:20:28 -06:00
Jason Gerard DeRose
9f45cdbe2f Merge branch 'master' of git://git.engineering.redhat.com/users/rcritten/freeipa2 2008-10-29 18:10:38 -06:00
Jason Gerard DeRose
2307d4ddd0 Fixed use of depreciated env.get() in b_xmlrpc.py module 2008-10-27 23:56:22 -06:00
Rob Crittenden
54f37503d2 Implement host groups 2008-10-27 12:24:17 -04:00
Rob Crittenden
201a963930 Fix comment 2008-10-27 12:23:49 -04:00
Rob Crittenden
34520981ee Don't allow service-add to create host/ principals 2008-10-24 14:17:20 -04:00
Rob Crittenden
8788afe184 Use posixAccount instead of person to identify users 
Add output_for_cli to service-find
 2008-10-24 11:41:39 -04:00
Rob Crittenden
6a8026f974 If a password is supplied then this host will be bulk-enrolled 
A bulk-enrolled host does not get a kerberos service principal until
enrollment time.
 2008-10-24 11:41:38 -04:00
Rob Crittenden
d2b46f176e Use common display function for user-show and user-find. 
Add --all option to user-find
Fix command-line help to make sense on searches as well
 2008-10-23 14:36:24 -04:00
Rob Crittenden
1daf319a19 Implement the host commands 
In order for this to work against a v1 database the update host.update needs to
be applied
 2008-10-22 17:54:04 -04:00
Rob Crittenden
245969858d Implement group member add/remove 
Add gidNumber to the group command-line
 2008-10-21 16:33:34 -04:00
Rob Crittenden
3cbb5c6eeb Don't import servercore 2008-10-21 16:32:45 -04:00
Rob Crittenden
8d07faed4d Update the command-line options to more closely match v1 2008-10-21 16:32:30 -04:00
Rob Crittenden
475265ed37 Implement --all option to display all attributes. 
Still need to strip the dn when not doing all.
 2008-10-21 09:32:48 -04:00
Rob Crittenden
8c54f730c0 Framework for doing password changes 
Need mechanism to prompt for new password twice and verify they are the same
 2008-10-20 22:41:53 -04:00
Rob Crittenden
d615e4dafb Port pwpolicy plugin to use b_ldap 
Add basic output_for_cli() function to user-show
 2008-10-20 16:12:19 -04:00
Rob Crittenden
ae8370be44 Port f_service to LDAP backend 
Add new keyword, 'filter', that can be passed to the search function.
This is globbed onto the filter that is auto-created.
 2008-10-17 19:20:23 -04:00
Rob Crittenden
b045f22069 Add mod_python-based XML-RPC server. 
Use -e kerberos on the command-line to use the mod_python server, otherwise
it defaults to use the simple-server URL.
 2008-10-16 23:33:44 -04:00
Rob Crittenden
f777f72de6 Use the search fields from the configuration when searching 
Generalize the attribute -> objectclass search helper
 2008-10-16 15:00:30 -04:00
Rob Crittenden
5748fce84c Remove references to ipa_server.* and port group plugin to ldap backend 2008-10-16 10:59:03 -04:00
Rob Crittenden
12f1e7fdf7 Remove all references to ipa_server.* from user plugin 2008-10-16 10:32:20 -04:00