freeipa/install
Endi S. Dewata 33c2740d82 Remove default values for pki_ca_signing_*_path
In the future pkispawn will validate all path params so the
default values for pki_ca_signing_csr_path and
pki_ca_signing_cert_path need to be removed since they point
to non-existent files. When the params are actually used for
installing an external CA, CAInstance.__spawn_instance()
will initialize them with the correct paths.

Signed-off-by: Endi Sukma Dewata <edewata@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2023-08-15 12:00:09 -04:00
..
certmonger pylint: Fix useless-suppression 2022-03-11 13:37:08 -05:00
custodia Replace PYTHONSHEBANG with valid shebang 2019-06-24 09:35:57 +02:00
html Change FreeIPA references to IPA and Identity Management 2021-01-21 13:51:45 +01:00
migration pylint: Replace deprecated cgi module 2023-01-10 08:30:58 +01:00
oddjob ipa config: add --enable-sid option 2021-11-02 10:11:28 +01:00
restart_scripts Remove unused subsystem.count 2023-08-11 09:56:33 +02:00
share Remove default values for pki_ca_signing_*_path 2023-08-15 12:00:09 -04:00
tools Replace usage of #!/usr/bin/env python3 with #!/usr/bin/python3 2023-05-31 09:21:48 +02:00
ui Webui tests: fix test failure 2023-06-01 08:20:37 +02:00
updates passkeyconfig: require-user-verification is a boolean 2023-06-01 08:20:37 +02:00
wsgi wgi/plugins.py: ignore empty plugin directories 2020-11-06 16:38:37 -05:00
Makefile.am Move Custodia secrets handler to scripts 2019-04-26 12:09:22 +02:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.