IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00
Code Issues Packages Projects Releases Wiki Activity
13,443 Commits 11 Branches 59 Tags 60 MiB
df6a89be51
Commit Graph

62 Commits

Author SHA1 Message Date
Petr Spacek
fd2340649f DNSSEC: ipa-ods-exporter: move zone synchronization into separate function 
https://fedorahosted.org/freeipa/ticket/4657

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-06-29 14:32:26 +02:00
Petr Spacek
68d0f641ba DNSSEC: Accept ipa-ods-exporter commands from command line. 
Previously only systemd socket activation was supported.
Ability to call the command directly is handy in special cases,
e.g. for debugging or moving key master role from one server to another.

https://fedorahosted.org/freeipa/ticket/4657

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-06-29 14:32:26 +02:00
Petr Spacek
c37e83f4b3 DNSSEC: Detect invalid master keys in LDAP. 
This should never happen ...

https://fedorahosted.org/freeipa/ticket/4657

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-06-29 14:32:26 +02:00
Petr Spacek
33bc9e7fac Hide traceback in ipa-dnskeysyncd if kinit failed. 
https://fedorahosted.org/freeipa/ticket/4657

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
 2015-06-24 14:25:40 +02:00
Martin Basti
f763b137ee DNSSEC: fix traceback during shutdown phase 
ipa-dnskeysyncd causes traceback when receive SIGTERM, SIGINT

Ticket: https://fedorahosted.org/freeipa/ticket/4657
Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-06-15 09:43:51 +02:00
Martin Babinsky
528e9503ed use separate ccache filename for each IPA DNSSEC daemon 
ipa-dnskeysyncd, ipa-dnskeysync-replica, and ipa-ods-exporter use a generic
'ccache' filename for credential storage, making debugging Kerberos-related
errors unnecessarily complicated. This patch renames the ccache files so that
each of these daemons now has its own credenital cache.

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-04-24 15:56:12 +02:00
Martin Babinsky
3d2feac0e4 Adopted kinit_keytab and kinit_password for kerberos auth 
Calls to ipautil.run using kinit were replaced with calls
kinit_keytab/kinit_password functions implemented in the PATCH 0015.

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Simo Sorce <ssorce@redhat.com>
Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-04-20 08:27:35 +00:00
Martin Basti
1216da8b9f DNSSEC: Do not log into files 
We want to log DNSSEC daemons only into console (journald)

https://fedorahosted.org/freeipa/ticket/4657

Reviewed-By: Petr Spacek <pspacek@redhat.com>
 2015-04-02 08:45:08 +00:00
Tomas Babej
f30865c5f0 ipapython: Fix incorrect python shebangs 
Make sure shebangs explicitly reference python2.

Reviewed-By: Martin Basti <mbasti@redhat.com>
 2015-01-26 13:03:24 +01:00
Martin Basti
0758cf9de6 DNSSEC catch ldap exceptions in ipa-dnskeysyncd 
Server down exception causes lot of false positive abrt reports.

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
 2015-01-23 09:26:55 +00:00
Jan Cholasta
2a4ba3d3cc DNSSEC: remove container_dnssec_keys 
Reviewed-By: Martin Basti <mbasti@redhat.com>
 2014-10-21 12:23:39 +02:00
Petr Spacek
276e69de87 DNSSEC: add ipa dnssec daemons 
Tickets:
https://fedorahosted.org/freeipa/ticket/3801
https://fedorahosted.org/freeipa/ticket/4417

Design:
https://fedorahosted.org/bind-dyndb-ldap/wiki/BIND9/Design/DNSSEC

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: David Kupka <dkupka@redhat.com>
 2014-10-21 12:23:03 +02:00