freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Author	SHA1	Message	Date
Jan Cholasta	308d2dd406	Split off generic Red Hat-like platform code from Fedora platform code https://fedorahosted.org/freeipa/ticket/4562 Reviewed-By: Martin Kosek <mkosek@redhat.com>	2014-10-09 15:37:24 +02:00
Francesco Marella	f5b302be47	Refactor selinuxenabled check Ticket: https://fedorahosted.org/freeipa/ticket/4571 Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>	2014-09-30 19:03:40 +02:00
Jan Cholasta	734afdf936	Remove ipa-ca.crt from systemwide CA store on client uninstall and cert update The file was used by previous versions of IPA to provide the IPA CA certificate to p11-kit and has since been obsoleted by ipa.p11-kit, a file which contains all the CA certificates and associated trust policy from the LDAP certificate store. Since p11-kit is hooked into /etc/httpd/alias, ipa-ca.crt must be removed to prevent certificate import failures in installer code. Also add ipa.p11-kit to the files owned by the freeipa-python package. https://fedorahosted.org/freeipa/ticket/3259 Reviewed-By: Rob Crittenden <rcritten@redhat.com>	2014-09-30 10:01:38 +02:00
Petr Viktorin	c7d6fea06f	Move setting SELinux booleans to platform code Create a platform task for setting SELinux booleans. Use an exception for the case when the booleans could not be set (since this is an error if not handled). Since ipaplatform should not depend on ipalib, create a new errors module in ipapython for SetseboolError. Handle uninstallation with the same task, which means the booleans are now restored with a single call to setsebool. Preparation for: https://fedorahosted.org/freeipa/ticket/4157 Fixes: https://fedorahosted.org/freeipa/ticket/2934 Fixes: https://fedorahosted.org/freeipa/ticket/2519 Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>	2014-09-26 12:12:59 +02:00
Jan Cholasta	55d3bab57b	Get CA certs for system-wide store from cert store in ipa-client-install. All of the certificates and associated key policy are now stored in /etc/pki/ca-trust/source/ipa.p11-kit. Part of https://fedorahosted.org/freeipa/ticket/3259 Part of https://fedorahosted.org/freeipa/ticket/3520 Reviewed-By: Rob Crittenden <rcritten@redhat.com>	2014-07-30 16:04:21 +02:00
Tomas Babej	e099ad4583	ipaplatform: Document the platform tasks API Part of: https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-25 21:07:06 +02:00
Petr Viktorin	d868fc5566	Fix self argument in tasks Reviewed-By: Tomáš Babej <tbabej@redhat.com>	2014-06-16 19:48:21 +02:00
Tomas Babej	3b4ab8b4f2	ipaplatform: Move hardcoded paths from Fedora platform files to path namespace Part of: https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:21 +02:00
Tomas Babej	8a5e2a8166	ipaplatform: Contain all the tasks in the TaskNamespace https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:21 +02:00
Tomas Babej	a7c2327a36	ipaplatform: Move Fedora-specific implementations of tasks to fedora base platform file https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:18 +02:00
Tomas Babej	5f31f2d35f	ipaplatform: Do not require custom Authconfig implementations from platform modules https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:18 +02:00
Tomas Babej	6a4cd8a4e3	ipaplatform: Move restore_context and check_selinux_status implementations to base fedora platform tasks https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:18 +02:00
Tomas Babej	c368aae048	ipaplatform: Add base fedora platform module https://fedorahosted.org/freeipa/ticket/4052 Reviewed-By: Petr Viktorin <pviktori@redhat.com>	2014-06-16 19:48:17 +02:00

13 Commits