IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-10 23:46:06 -06:00
Code Issues Packages Projects Releases Wiki Activity
3,612 Commits 11 Branches 60 Tags 60 MiB
d37bb6f925
Commit Graph

3612 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Endi S. Dewata
d37bb6f925 Fixed attribute for SUDO command group membership. 
The correct attribute name for SUDO command group membership is
memberof_sudocmdgroup and it contains the group name instead of dn.
 2011-03-02 12:04:19 -05:00
Simo Sorce
54b2627018 Store list of non-master replicas in DIT and provide way to list them 
Fixes: https://fedorahosted.org/freeipa/ticket/1007
 2011-03-02 09:46:46 -05:00
Simo Sorce
998dd701a7 Fix kinit invocation in ipa-client-install 2011-03-01 17:49:45 -05:00
Adam Young
3f88bc1484 Revert "Set hard limit on number of commands in batch request to 256." 
This reverts commit 79d22f8341.
 2011-03-01 17:35:56 -05:00
Endi S. Dewata
510eb79ff4 Replaced SUDO with Sudo in UI test data. 
Ticket 1005
 2011-03-01 16:54:57 -05:00
Rob Crittenden
07ba40f33e Use Sudo rather than SUDO as a label. 
ticket 1005
 2011-03-01 16:48:35 -05:00
Endi S. Dewata
2dd0fb9200 Removed association facets based on memberofindirect. 
Association facets based on memberofindirect attribute have been
removed because the attribute is non-assignable.

Ticket 1027
 2011-03-01 15:43:35 -05:00
Simo Sorce
b6ca0f210c Fix replica setup using replication admin kerberos credentials 
Fixes: https://fedorahosted.org/freeipa/ticket/1022
 2011-03-01 11:02:55 -05:00
Simo Sorce
2028695d88 Use wrapper for sasl gssapi binds so it behaves like other binds 
By calling directly sasl_interactive_bind_s() we were not calling __lateinit()
This in turn resulted in some variables like dbdir not to be set on the
IPAadmin object.
Keep all bind types in the same place so the same common sbind steps can be
performed in each case.

Related to: https://fedorahosted.org/freeipa/ticket/1022
 2011-03-01 11:02:55 -05:00
Simo Sorce
09dd05b49a Make activated/inactivated groups optional 
directly change nsAccountLock on the entry if they are not used

Fixes: https://fedorahosted.org/freeipa/ticket/1021
 2011-03-01 11:02:55 -05:00
Simo Sorce
83549087b5 Fix user synchronization. 
We need to set uidNumber and gidNumber to the magic values so that DNA can
assign appropriate Ids, otherwise the synchronization of users from AD will
fail with an error about posixAccount requiring a missing (uidNumber)
attribute.

Fixes: https://fedorahosted.org/freeipa/ticket/1020
 2011-03-01 11:02:55 -05:00
Simo Sorce
1d01ea53f1 Unbreak the ipa winsync plugin. 
Fix RDN construction.

Fixes: https://fedorahosted.org/freeipa/ticket/1015
 2011-03-01 11:02:55 -05:00
Simo Sorce
c335eb96e7 Fix winsync agreements setup 
Fixes: https://fedorahosted.org/freeipa/ticket/1006
 2011-03-01 11:02:55 -05:00
Simo Sorce
b3e9cac972 Set the loginShell attribute on winsynced entries if configured 
Fixes: https://fedorahosted.org/freeipa/ticket/266
 2011-03-01 11:02:55 -05:00
Pavel Zuna
1eb3033311 Final i18n unit test fixes. 2011-03-01 10:31:43 -05:00
Pavel Zuna
fc842e3650 Use pygettext to generate translatable strings from plugin files. 
This patch replaces xgettext with a custom pygettext to generate
translatable strings from plugin files in ipalib/plugins. pygettext
was modified to handle plural forms (credit goes to Jan Hendrik Goellner)
and had some bugs fixed by myself. We only use it for plugins, because
it's the only place where we need to extract docstrings for the built-in
help system.

I also had to make some changes to the way the built-in documentation
systems gets docstrings from modules for this to work.
 2011-03-01 10:31:42 -05:00
Pavel Zuna
18dda28c56 Fix i18n related failures in unit tests. 2011-03-01 10:31:41 -05:00
Pavel Zuna
f3de95ce99 Fix translatable strings in ipalib plugins. 
Needed for xgettext/pygettext processing.
 2011-03-01 10:31:40 -05:00
Pavel Zuna
8145952752 Translate docstrings. 2011-03-01 10:31:39 -05:00
Pavel Zuna
bbc94034b0 Fallback to default locale (en_US) if env. setting is corrupt. 2011-03-01 10:31:37 -05:00
Pavel Zuna
bfca99b420 Send Accept-Language header over XML-RPC and translate on server. 
Fix #904
Fix #917
 2011-03-01 10:31:37 -05:00
Pavel Zuna
6eb70ea8e2 Remove deprecated i18n code from ipalib/request and all references to it. 
Ticket #903
 2011-03-01 10:31:36 -05:00
Rob Crittenden
99d6e0883a Set SuiteSpotGroup when setting up our 389-ds instances. 
The group is now required because 389-ds has tightened the permissions
on /var/run/dirsrv. We use the same group for both our LDAP instances
and /var/run/dirsrv ends up as root:dirsrv mode 0770.

ticket 1010
 2011-02-24 15:23:16 -05:00
Rob Crittenden
22a503785e Become IPA v2 RC 2 (2.0.0.rc2) 2011-02-23 22:14:42 -05:00
Rob Crittenden
d57dfc4e98 Sudo command groups are not supposed to allow nesting. 
It was a design decision to not allow nesting sudo command groups,
remove it.

ticket 1004
 2011-02-23 18:44:28 -05:00
Rob Crittenden
af9f905239 Collect memberof information for sudo commands. 
We weren't searching the cn=sudo container so all members of a
sudocmdgroup looked indirect.

Add a label for sudo command groups.

Update the tests to include verifying that membership is done
properly.

ticket 1003
 2011-02-23 18:44:23 -05:00
Jr Aquino
1770750b8a Create default disabled sudo bind user 
Read access is denied to the sudo container for unauthenticated users.
This shared user can be used to provide authenticated access to the
sudo information.

https://fedorahosted.org/freeipa/ticket/998
 2011-02-23 15:32:24 -05:00
Rob Crittenden
523eaa9749 Fix typo, add example for when user krbtpolicy takes effect. 
ticket 594
 2011-02-23 14:57:58 -05:00
Rob Crittenden
b5e43bb866 Make permission and privilege help text clearer 
ticket 996
 2011-02-23 11:57:10 -05:00
Rob Crittenden
388c9a1705 Add man page for the IPA configuration file 
ticket 969
 2011-02-23 11:56:31 -05:00
Adam Young
49b2c0bb62 splitting banner requires new file in Makefile.am 2011-02-23 11:23:16 -05:00
Endi S. Dewata
f520829480 Fixed buttons for DNS records. 
The order of the Add and Delete buttons has been reversed to be
consistent with those in other facets.
 2011-02-23 11:18:00 -05:00
Adam Young
e5cda47447 split logo This allows for more flexilibity in customizing the site, as an end user can replace the logo, the banner or both 2011-02-22 17:12:24 -05:00
Adam Young
17a8aea15c Space above line in table footer 2011-02-22 14:58:47 -05:00
Adam Young
4e5cc379d5 move expand and collpase all to the right hand side 2011-02-22 14:58:42 -05:00
Adam Young
848daee92a reorder user search columns UXD found in testing that not having the clikcable link as the left most column confused users. 2011-02-22 14:58:38 -05:00
Adam Young
d9ea7f077f adder dialogs with external made the styles for the internal and external classes match the styles for available. 2011-02-22 14:58:32 -05:00
Adam Young
5eca488d6a Net group to Netgroup 2011-02-22 14:58:25 -05:00
Endi S. Dewata
39a00b496c I18n update for dialog box buttons. 
https://fedorahosted.org/freeipa/ticket/899
 2011-02-22 13:26:09 -05:00
Endi S. Dewata
397da3f781 Fixed error dialog box. 
The IPA.cmd() has been modified to set the error dialog box's title
properly.
 2011-02-22 13:25:06 -05:00
Martin Kosek
744eb8ea74 Entitlements ACIs not visible to Permission plugin 
This patch fixes Entitlements privileges and ACIs. There were
missing descriptions or the ACIs could not be processed by
Permissino plugin because of missing prefix.

https://fedorahosted.org/freeipa/ticket/997
 2011-02-22 10:04:19 -05:00
Rob Crittenden
ac68ea3c6c Add default roles and permissions for HBAC, SUDO and pw policy 
Created some default roles as examples. In doing so I realized that
we were completely missing default rules for HBAC, SUDO and password
policy so I added those as well.

I ran into a problem when the updater has a default record and an add
at the same time, it should handle it better now.

ticket 585
 2011-02-22 10:02:24 -05:00
Rob Crittenden
79d22f8341 Set hard limit on number of commands in batch request to 256. 
ticket 984
 2011-02-22 09:09:46 -05:00
Jakub Hrozek
6e7815a30e Validate NAPTR records 
https://fedorahosted.org/freeipa/ticket/840
 2011-02-22 09:08:11 -05:00
Rob Crittenden
e7ed4035b5 Set krb5_realm in sssd.conf in the ipa provider. 
ticket 925
 2011-02-22 09:06:58 -05:00
Rob Crittenden
854c740065 Move some BuildRequires so building with ONLY_CLIENT works. 
ticket 978
 2011-02-22 09:05:57 -05:00
Adam Young
f0577622a9 search filter focus afdter a search loads, focus moved to the search filter text box, tyhe most likely thing that the user will want to change on the page. 
https://fedorahosted.org/freeipa/ticket/983
 2011-02-21 18:32:29 -05:00
Jr Aquino
32e4914584 18 Use TLS for ipadiscovery during ipa-client-install https://fedorahosted.org/freeipa/ticket/974 2011-02-21 16:09:37 -05:00
Endi S. Dewata
88870b1abe Fixed error message for invalid Kerberos ticket. 
https://fedorahosted.org/freeipa/ticket/490
 2011-02-21 15:53:00 -05:00
Endi S. Dewata
6ff8590699 Updated test data files. 2011-02-21 15:36:37 -05:00