freeipa/install at 4414d50d2a5452477eea40bec58266b19f43065e - freeipa - Git Repository of IntenseWebs.com, IF.Finance, IWeb.City, NuKVM.org, OilfieldTools Network, Spartan International Drilling, Green Polymer Products & more

IntenseWebs/freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

History

Rob Crittenden 4414d50d2a Catch and log errors when adding CA profiles

Rather than stopping the installer entirely, catch and report
errors adding new certificate profiles, and remove the
broken profile entry from LDAP so it may be re-added later.

It was discovered that installing a newer IPA that has the
ACME profile which requires sanToCNDefault will fail when
installing a new server against a very old one that lacks
this class.

Running ipa-server-upgrade post-install will add the profile
and generate the missing ipa-ca SAN record so that ACME
can work.

https://pagure.io/freeipa/issue/8974

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>

2021-09-02 12:56:18 -04:00

..

Redesign subid feature

2021-07-09 09:47:30 -04:00

Only call add_agent_to_security_domain_admins() when CA is installed

2021-08-17 14:05:49 -04:00

__init__.py

Remove __all__ specifications in ipaclient and ipaserver.install

2013-09-06 15:42:33 +02:00

adtrust.py

Use api.env.container_sysaccounts

2020-04-28 11:28:29 +02:00

adtrustinstance.py

Add basic support for subordinate user/group ids

2021-07-09 09:47:30 -04:00

bindinstance.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

ca.py

Add SHA384withRSA as a certificate signing algorithm

2021-07-09 13:21:00 -04:00

cainstance.py

Catch and log errors when adding CA profiles

2021-09-02 12:56:18 -04:00

certs.py

CA-less install: non-ASCII chars in CA cert subject

2021-06-16 11:25:08 -04:00

conncheck.py

install: introduce installer class hierarchy

2016-11-11 12:17:25 +01:00

custodiainstance.py

Add user and group wrappers

2020-09-22 09:23:18 -04:00

dns.py

Change FreeIPA references to IPA and Identity Management

2021-01-21 13:51:45 +01:00

dnskeysyncinstance.py

dnskeysyncinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

dogtag.py

Verify pki ini override early

2019-04-10 13:43:23 +02:00

dogtaginstance.py

Specify PKI installation log paths

2021-08-26 14:07:29 +02:00

dsinstance.py

Add basic support for subordinate user/group ids

2021-07-09 09:47:30 -04:00

httpinstance.py

cleanup: Drop never used path for httpd's ccache

2021-03-04 14:17:01 +02:00

installutils.py

Server install: do not use unchecked ip addr for ipa-ca record

2021-07-08 13:40:04 +02:00

ipa_acme_manage.py

ipa-acme-manage: user a cookie created for the communication with dogtag REST endpoints

2020-11-17 18:48:24 +02:00

ipa_backup.py

BIND: Setup logging

2021-05-25 10:45:49 +03:00

ipa_cacert_manage.py

ipa-cacert-manage: add prune option

2021-02-12 14:08:11 -05:00

ipa_cert_fix.py

ipa-cert-fix man page: add note about certmonger renewal

2021-06-10 20:59:27 +02:00

ipa_crlgen_manage.py

CRL generation master: new utility to enable|disable

2019-03-14 09:39:55 +01:00

ipa_kra_install.py

Change FreeIPA references to IPA and Identity Management

2021-01-21 13:51:45 +01:00

ipa_ldap_updater.py

Remove -s option from ipa-ldap-updater usage

2021-05-20 14:45:27 -04:00

ipa_otptoken_import.py

Py3: Remove subclassing from object

2018-09-27 11:49:04 +02:00

ipa_pkinit_manage.py

Allow PKINIT to be enabled when updating from a pre-PKINIT IPA CA server

2021-06-17 17:28:48 -04:00

ipa_replica_install.py

Enable replica install info logging to match ipa-server-install

2018-11-01 13:08:58 +01:00

ipa_restore.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

ipa_server_certinstall.py

Require an ipa-ca SAN on 3rd party certs if ACME is enabled

2020-11-02 14:01:05 -05:00

ipa_server_install.py

Improve console logging for ipa-server-install

2018-06-20 08:38:03 +02:00

ipa_server_upgrade.py

ipa commands: print 'IPA is not configured' when ipa is not setup

2018-08-23 12:08:45 +02:00

ipa_subids.py

Redesign subid feature

2021-07-09 09:47:30 -04:00

ipa_trust_enable_agent.py

ipa-adtrust-install: run remote configuration for new agents

2020-03-05 14:40:58 +01:00

ipa_winsync_migrate.py

ipa commands: print 'IPA is not configured' when ipa is not setup

2018-08-23 12:08:45 +02:00

ipactl.py

Ensure IPA is running (ideally) before uninstalling the KRA

2021-02-04 01:29:53 +01:00

kra.py

ipa-kra-install: exit if ca_host is overriden

2021-07-27 13:27:36 +02:00

krainstance.py

ipatests: test_installation: move tracking_reqs dependency to ipalib constants ipaserver: krainstance: utilize moved tracking_reqs dependency

2021-07-13 16:52:57 +02:00

krbinstance.py

Ensure that KDC cert has SAN DNS entry

2021-01-29 13:36:41 -05:00

ldapupdate.py

Fix ldapupdate.get_sub_dict() for missing named user

2021-07-30 08:58:25 -04:00

odsexporterinstance.py

odsexporterinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

opendnssecinstance.py

opendnssecinstance: use late binding for UID/GID resolution

2020-12-22 14:05:13 +02:00

otpdinstance.py

Enable pylint missing-final-newline check

2015-12-23 07:59:22 +01:00

replication.py

Use get_replication_plugin_name in LDAP updater

2021-06-21 10:58:02 +02:00

schemaupdate.py

Unify access to FQDN

2020-10-26 17:11:19 +11:00

service.py

LDAP autobind authenticateAsDN for BIND named

2021-06-15 14:13:16 +03:00

sysupgrade.py

Add absolute_import future imports

2018-04-20 09:43:37 +02:00

upgradeinstance.py

Use get_replication_plugin_name in LDAP updater

2021-06-21 10:58:02 +02:00