Running at the end ensures that /etc/ipa/ipa.conf is created and generally
makes it more likely to succeed.
Added a new argument to ipa-server-installl, -y <password_file>, so we
don't have to pass it on the command-line.
The updates directory is currently hardcoded to /usr/share/ipa/updates.
All of the files are read into memory and then sorted by the length of the DN.
This is so we can be sure that parent entries are added before children.
Also add a man page.
Also handle syntax errors a bit more gracefully and allow the updater to
work on more than one file at a time.
Adjust to new config.py and use a custom exception class for syntax errors.
Also fix a error in parsing the separate files
Include slapi-nis in Requires
Includes work provided by Martin Nagy
460055
This tool takes as input a file which contains basically an LDIF, prefixed
with a command: default, add, remove or only. These define the operations
to perform such as adding new entries, adding new sub-entries to an existing
entry, adding or modifying attributes in a record.
If an index entry is modified a task is created to re-create the index.
Schema may be added using this tool.
454031
but will allow for changing configurations without having to restart DS.
Password operations are slow and rare enough this is an acceptable compromise.
- wrong import in certs.py makes ipa-replica-manage fail
- close the fs after the stash file is written so that the file is updated
immediately and not when the fd is garbage collected
ldap add and modify operation performed on the userPassword attribute.
Add helper functions to reduce code duplication.
Do not enforce encrypted connections on ldap add/ldap mod for compatibility
reasons. (We cannot enforce people not to send the password in the clear
anyway, we can only refuse to accept it at the most which does not gain
you much if someone then re-send you the same password previously exposed)
Fix make maintainer-clean
Also make RPM naming consistent by using a temp RELEASE file.
This one helps when testing builds using rpms.
Just 'echo X > RELEASE' to build a new rpms (X, X+1, X+2 ...)
Version 1.1.0 was released some times ago, bump up to 1.1.1
information. This way we do not risk to leave around sensitive data.
Set the destination host in the replica file too and do checks against
in ipa-replica-install
We used to manually load the template files for the edit pages using
turbogears.meta.load_kid_template(). Unfortunately this went through
the one code path where encoding was completely ignored. It ended up
defaulting to sys.getdefaultencoding() which is 'ascii'. So even though
most of the templates are loaded as 'utf-8' the few that really mattered
weren't.
The fix is to call kid.load_template() ourselves and set the encoding of
the class we just loaded to either the setting in the app.cfg file or
to the normal default value of 'utf-8'.
454076
