There may already be a record in /etc/hosts for chosen IP address
which may not be detected under some circumstances. Make sure
that /etc/hosts is checked properly.
https://fedorahosted.org/freeipa/ticket/1923
Make sure that the hostname IPA uses is a system hostname. If user
passes a non-system hostname, update the network settings and
system hostname in the same way that ipa-client-install does.
This step should prevent various services failures which may not
be ready to talk to IPA with non-system hostname.
https://fedorahosted.org/freeipa/ticket/1931
Always check (even with --setup-dns or --no-host-dns) that if the
host name or ip address resolves, it resolves to sane value. Otherwise
report an error. Misconfigured /etc/hosts causing these errors could
harm the installation later.
https://fedorahosted.org/freeipa/ticket/1923
Fixes the webui for the case wherea user is not admin but has a role. In
that case, the UI should show the full administrative tabset, but was
instead limited to the selfservice tabset.
The problem was rolegroup had been renamed to role but the UI hadn't
been updated to reflect this.
Addresses
https://bugzilla.redhat.com/show_bug.cgi?id=745957https://fedorahosted.org/freeipa/ticket/1970
There were quite errors in es.po, it was difficult or impossible to
track down where they came from, Transifex does not have good revision
history.
I fixed about 20% of the msgstr's in the file that had obvious
problems which could be spotted by a non-Spanish speaking person.
Spurious backslashes and backslash-newlines had been introduced. I
tracked this particular problem down to a bug in polib. polib is a
Python library which can read/write po/mo files. In Fedora it's
packaged as python-polib. polib is used by the Transifex instance to
read/write po files. We don't currently use polib in IPA (that will
change soon though) but I wrote utilities using polib to help fix the
bad po file and analyze what had gone wrong. I discovered that if one
simply uses polib to read a po file into memory and they write that po
file back out from memory you don't end up with the same contents if
there are backslashed escapes in the file. I tracked this down to the
escape() and unescape() functions in polib. This caused me to look to
see if upstream polib had been fixed. It had. Therefore I think the
spurious backslashes were introduced when Transifex was using an older
broken version of polib. I filed this Fedora bug
https://bugzilla.redhat.com/show_bug.cgi?id=744419 to get the fixes
into python-polib. I manually corrected all the backslash errors.
I compared all 1329 translations from a known good version of es.po
with the current version and generated a new es.po by taking the
translation (e.g. msgstr) from the two po files which was obviously
correct. In those instances where neither msgstr was obviosuly correct
the deleted the translation entirely.
I also wrote utilities to validate any "substitution" variables
appearing in the text. I discovered a number of instances where the
substitution variable had been malformed by the translator such that
it was syntactically invalid. This is how we originally discovered
problems with the translation, it was throwing Python exceptions. I
fixed all those errors.
I also found approximately 80 translations where the leading
whitespace had been altered by the translator. Those also were fixed.
I cannot verify that the remaining translations are a correct Spanish
translation of the original text (in fact a number of them I looked at
seemed dubious to me, for example it omitted recongnizable
keywords). But I do believe that the obvious errors are fixed and we
shouldn't be throwing any more Python exceptions because of malformed
substitution variables.
In checking to see if the dogtag proxy configuration needed to be updated
we didn't handle the case where dogtag isn't installed at all.
https://fedorahosted.org/freeipa/ticket/1951
This resolves two issues:
1. The DNS acis lacked a prefix so weren't tied to permissions
2. The permissions were added before the privileges so the member
values weren't calculated properly
For updates we need to add in the members and recalculate memberof via
a DS task.
https://fedorahosted.org/freeipa/ticket/1898
https://fedorahosted.org/freeipa/ticket/1933
Web UI init method was modified to get initialization data in 3 calls.
First call remains the same as before except that the json_metadata command
was removed.
JSON metadata are requested after successful response of the first batch command.
This approach should preserve functionality in IE (where request is missing after
authentication). Getting JSON metadata is split to two commands - this should prevent
the error in linked ticket. These two commands are paralelly executed by new
concurent_command object.
Concurrent command waits for all responses then it calls each command's success
handler.
https://fedorahosted.org/freeipa/ticket/1932
Description of problem:
Title is missing while configuring browser for the first time.
Actual results:
There is no title on this screen. I noticed it only on step 8 and later so I am not sure if title is also missing earlier at step 6 or not.
Expected results:
Title "Identity Management" is always present.
Fixed:
* modified paths to images
* fixed padding in ssbrowser.html
* moved browser icons to ui folder
* deleted unused images in html and migration folders (they are already in ui folder, and weren't deployed)
whitespaces
https://fedorahosted.org/freeipa/ticket/1922
gidNumber is not an allowed attribute for a non-posix group. When adding a non-posix group from the UI, unchecking the "Is this a POSIX group?:" box should disable the "GID:" field.
Currently, verify_fqdn() function raises RuntimeError for every
problem with the hostname. This makes it difficult for tools
like ipa-replica-prepare to behave differently for a subset of
raised errors (for example to be able to create a DNS record for
new replica when verify_fqdn() reports a lookup error).
Implement own exceptions for verify_fqdn() that they can be safely
used to distinguish the error type.
https://fedorahosted.org/freeipa/ticket/1899
When getpass.getpass() function is interrupted via CTRL+D, EOFError
exception is thrown. Most of the install tools are not prepared for
this event and crash with this exception. Make sure that it is
handled properly and nice error message is printed.
https://fedorahosted.org/freeipa/ticket/1916
The radio buttons in association facet and radio widget are now
linked to their labels so that they can be selected by clicking
the labels.
Ticket #1782
Installing IPA server --selfsign option is currently a one-way ticket
to server with limited certificate capabilities. Make sure that user
really want to install it by implementing the following steps:
- moving the option to the bottom of certificate options section
- adding a warning to ipa-server-install man page
- adding a warning to ipa-server-install help
- adding a warning to ipa-server-install configuration summary
when one runs ipa-server-install
https://fedorahosted.org/freeipa/ticket/1908
https://fedorahosted.org/freeipa/ticket/1454
The following widgets should call create_error_link() to create a space to show validation error messages:
IPA.checkbox_widget
IPA.checkboxes_widget
IPA.radio_widget
IPA.select_widget
IPA.table_widget
IPA.attributes_widget
IPA.rights_widget
IPA.target_section (it's a widget)
Solution:
* added call to checkbox, checkboxes, radio, select, table, attributes widget
* rights_widget inherits it from checkboxes_widget.
* target_section IS NOT a widget as it doesn't inherit from widget. It's still a section, which shows different widgets based on its state.
* table_widget displays error_link between pagination and summary.
Additional:
* added padding and unified font-weight for error message
A new IPA.dialog_button class has been added to encapsulate the
buttons in the dialog box so they can be managed more easily.
The adder dialog has been modified to disable the enroll button if
there is no entries selected.
Ticket #1856
The width of the 1st level tab has been modified to expand according
to the size of the tab label.
The width of the adder dialogs have been increased to allow longer
button labels.
Ticket #1825
https://fedorahosted.org/freeipa/ticket/1883
It's a regression introduced by patch for #1797
Reproduce:
* show user group foo
* click on user groups tab
* click on enroll button
Result:
User group 'foo' is listed in available list.
Expected result:
User group 'foo' is not listed in available list.
The DNS zone details page has been modified to use radio buttons for
active zone and dynamic update fields, and text area for BIND update
policy field.
Ticket #1781, #1785
https://fedorahosted.org/freeipa/ticket/1841
The column header for the attributes table (IPA.attributes_widget) does not cover the entire width of the table. This problem appears in the adder dialog and details page for permissions, self-service permissions, and delegations.
Some jQuery objects in various locations have been modified to use
text() to show values obtained from the server (except messages).
The text() will automatically encode special characters.
Ticket #1798
The IPA.combobox_widget has been modified such that if the drop-down
list doesn't contain the stored value (due to search limit) it will
not select anything from the list.
The widget has also been modified not to select the value that matches
the filter automatically because that might not be the user's intention.
Ticket #1819
The IPA.dialog has been modified to store sections instead of fields.
If there is no sections specified, it will create a default section.
The adder dialog for automount map has been modified such that the
fields related to indirect map are stored in a section which will
only be visible when the map type is set to indirect.
The adder dialog for host has been modified such that it uses a
custom section for hostname and DNS zone and standard section for
the other fields.
Ticket #1394
The IPA.association_adder_dialog has been modified to use an exclusion
list to hide entries that are already enrolled.
The IPA.adder_dialog has been modified to store the columns directly
in the available & selected tables.
Ticket #1797
