IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-16 03:11:57 -06:00
Code Issues Packages Projects Releases Wiki Activity
923 Commits 11 Branches 59 Tags 60 MiB
fbc74a0cb4
Commit Graph

217 Commits

Author SHA1 Message Date
Martin Nagy
fbc74a0cb4 Fix few syntax errors. 2008-08-06 19:17:13 +02:00
Rob Crittenden
df2b40303f Fix python syntax error: missing colon. 2008-08-06 11:27:30 -04:00
Rob Crittenden
cf06dd9f84 Don't assume that the Firefox autoconfig files exist. 
These are created by an object-signing cert and needs to be done
after the fact if a server is created with user-supplied PKCS#12 files.

452402
 2008-07-28 09:54:16 -04:00
Rob Crittenden
a19d27717a Move the self-signed CA serialno file to /var/lib/ipa to adhere to the FHS 
455064
 2008-07-25 09:05:14 -04:00
Martin Nagy
f7ca405716 Wrap up the raw_input() to user_input() for convenience and uniformity. 2008-07-23 10:05:06 -04:00
Rob Crittenden
6980b07303 Rework the way SSL certificates are imported from PKCS#12 files. 
Add the ability to provide PKCS#12 files during initial installation
Add the ability to provide PKCS#12 files when preparing a replica
Correct some issues with ipa-server-certinstall

452402
 2008-07-14 09:06:52 -04:00
Simo Sorce
f86c8420b1 Admin must be able to add/delete too 2008-07-09 16:50:54 -04:00
Rob Crittenden
fb9f92c9f3 Merge branch 'master' of ssh://rcritten@git.fedorahosted.org/git/freeipa 2008-07-03 15:20:36 -04:00
Rob Crittenden
1bd0a868a2 NSS_DIR is already fetched into a variable, use that instead. 
451098
 2008-07-03 15:20:19 -04:00
Simo Sorce
675df04806 Make sure we listen only on the krb5 port and therefore disable krb4 support 2008-07-02 15:24:36 -04:00
Rob Crittenden
e9196e2d93 Properly convert the realm to a DS instance name 
451014
 2008-07-01 15:07:00 -04:00
Rob Crittenden
ec597b0ef1 Ensure correct permissions and file ownership of Apache NSS database 
451098
 2008-07-01 15:06:59 -04:00
Simo Sorce
d2bd1b29a0 Must index uidnumber and gidnumber and any attribute that dna plugin is going 
to generate or that we need to search on.
 2008-06-12 19:06:38 -04:00
Simo Sorce
9c34dde165 Change default. 
By default increment by one  but set the maximum value to one million.

when installing a replica change values to start from 1 million +1 and
cap it to 2 million and so on for any other replica.
 2008-06-12 19:05:45 -04:00
Rob Crittenden
4665700fef Index the memberof attribute 
450951
 2008-06-11 17:26:45 -04:00
Rob Crittenden
d1322c6517 Ensure that the realm name is upper-case. 
449182
 2008-06-09 22:18:00 -04:00
Rob Crittenden
77483ac808 Make it clear which packages are being configured and which aren't. 
450175
 2008-06-09 22:09:19 -04:00
Rob Crittenden
d600f9bb09 Fix typo 
450077
 2008-06-05 09:00:20 -04:00
Rob Crittenden
b26fc32d9d Fix import for version 2008-06-04 17:32:51 -04:00
Rob Crittenden
68e14ed8ba Add -p/--password option so the DM password can be passed on the command-line. 
The import for version moved from ipaserver to ipa, fix that as well.

449858
 2008-06-04 17:32:47 -04:00
Rob Crittenden
c58b7a3d7c Move version.py to the common ipa directory instead of being server-based so it can be used by the client tool. 
Fix the client tool imports to fail more gracefully.
 2008-06-03 22:39:11 -04:00
Rob Crittenden
f87dc9123b Don't prompt regarding previous DS installations in unattended mode. 
449150
 2008-05-30 16:14:51 -04:00
Rob Crittenden
165d26ce2b Make check_inst() a standalone function in bindinstance. 
When an install instance is created that contains a pointer to a sysrestore
point it loads in the current configuration when instantiated. If an
instance is instantiated but not used then changes may occur to the
system state that it is unaware of. So one needs to take care in the order
that things are done to avoid losing information.

When bind was setup it was overwriting all data in sysrestore.state and
leaving just a [named] section. This caused problems at uninstall.

448173
 2008-05-30 11:21:11 -04:00
Simo Sorce
53afb67537 Fix the case where domain != lower(REALM) 
add the domain to the ipa.conf file for apps that need to know
This should fix a bug in the replica setup
 2008-05-29 09:43:00 -04:00
Simo Sorce
3931d1d753 Move admin into cn=users,cn=accounts 
After some deep thinking I think the advantages of keeping all
posix enabled user accounts under cn=users,cn=accounts overweight a
perceived better protection of the admin account by keeping it in a
separate tree.
 2008-05-23 15:07:37 -04:00
Rob Crittenden
927447b144 Fix up function return values so we can return 1 on an installation error. 
447973
 2008-05-22 16:37:33 -04:00
Martin Nagy
1069324eba Only ask the user to install bind. 2008-05-22 11:40:31 -04:00
Rob Crittenden
fcd3260955 Ensure hostnames are lower during installation and when adding service princs 
447381
 2008-05-20 15:07:24 -04:00
Simo Sorce
6119f83799 Use split instead of find as split does not fail to provide a complete 
component if no '.' is found.
 2008-05-15 14:26:25 -04:00
Martin Nagy
2d608a8354 Don't ask the user again if he wants to replace bind configuration files if he specified --setup-bind. 
430090
 2008-05-14 16:25:10 -04:00
Rob Crittenden
41457f0e81 Display information on how to uninstall a partially installed server. 
This may have failed either because the user pressed ^C or something
failed during installation.

442454
 2008-05-09 14:05:47 -04:00
Rob Crittenden
6538c150b1 Detect existing DS instances and prompt for removal during replica install. 
442454
 2008-05-08 15:56:10 -04:00
Rob Crittenden
318c6adfae Add missing colon to function definition that broke the build 2008-05-08 15:17:59 -04:00
Rob Crittenden
bd9dea888d Add a version API to the server so it knows what version it is. 
435019
 2008-05-08 13:01:27 -04:00
Rob Crittenden
2bb64e404c Don't prompt for confirmation of DM password when installing a replica. 
It implies that you are setting a new password and you really aren't.

Also added a catch for KeyboardInterrupt with instructions on how to
recover from a partial install.

441607
 2008-05-08 12:01:38 -04:00
Simo Sorce
1e3276cec1 Make sure recent ldapmodify tool (as in F9) do not complain by splitting the 
operation into 2 modify operations
 2008-04-25 14:18:39 -04:00
Rob Crittenden
2427e7c130 Don't allow a replica to prepare a replica for itself. 
442756
 2008-04-23 15:36:13 -04:00
Rob Crittenden
27691b9e1c Use the same kpasswd.keytab on all replicas. 
If we generate a new keytab for each replica then effectively password
changes can only occur on the last replica created.

439905
 2008-04-09 16:57:41 -04:00
Simo Sorce
dc861888ad Add _ntp SRV record 2008-04-07 15:27:42 -04:00
Rob Crittenden
a761093a30 Create /etc/ipa/ipa.conf earlier in the installation process. 
Because the ipa.config() object raises an error if there is no configuration
file and auto-detection fails, ipa_webgui may fail to start at install time.

440475
 2008-04-03 15:49:07 -04:00
Rob Crittenden
98f8a31320 No need to use a regular expression to find the replication host 
430015
 2008-03-31 18:27:42 -04:00
Simo Sorce
af50f341ad Call client uninstall from server uninstall so that uninstall reverses also 
client bits.
 2008-03-31 17:35:45 -04:00
Rob Crittenden
767acbee06 Put replica info file into /var/lib/ipa instead of the current directory 
439120
 2008-03-28 15:56:07 -04:00
Simo Sorce
aac086582a Move sysrestore to ipa-python so it can be used by client scripts too. 
Change backup format so files are all in a single directory (no dir
hierarchies) and use an index file so we can save also ownership and
permission info for the restore (and eventually other data later on).
 2008-03-27 19:01:38 -04:00
Rob Crittenden
382ff1d29e Put the replica hostname back together properly 
439057
 2008-03-27 10:20:15 -04:00
Rob Crittenden
fd92652ace Make the memberof task a public function. 
This is used when a new replica is created as well as whenever a replica
is re-initialized from another master.

In order for this to work when not creating an instance the __init__
function needs to be able to determine the suffix and the dm_password
is needed.

I've also added the time to the RDN of the member task to ensure
uniqueness.

438222
 2008-03-27 09:33:01 -04:00
Simo Sorce
402187c838 Make Install and Uninstall have different log files 2008-03-24 12:22:34 -04:00
Rob Crittenden
79db4c3aa2 Fix file permissions on ca.crt when it is installed. 
438220
 2008-03-26 12:11:58 -04:00
Rob Crittenden
6464c40424 Start ntpd after FDS so that the ntp user can be found. 
Start httpd after ipa_webgui becuse otherwise mod_proxy may not like it if it
can't connect to the UI listening port

438090
 2008-03-24 11:02:49 -04:00
Rob Crittenden
5547ed320a Remove ACI that was causing RDN changes to fail 
Fix for session code so RDN change can succeed

433523
 2008-03-10 10:04:15 -04:00