mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-19 12:42:58 -06:00
aad73fad60
python-krbV library is deprecated and doesn't work with python 3. Replacing all it's usages with python-gssapi. - Removed Backend.krb and KRB5_CCache classes They were wrappers around krbV classes that cannot really work without them - Added few utility functions for querying GSSAPI credentials in krb_utils module. They provide replacements for KRB5_CCache. - Merged two kinit_keytab functions - Changed ldap plugin connection defaults to match ipaldap - Unified getting default realm Using api.env.realm instead of krbV call Reviewed-By: Jan Cholasta <jcholast@redhat.com> Reviewed-By: Robbie Harwood <rharwood@redhat.com> Reviewed-By: Simo Sorce <ssorce@redhat.com>
112 lines
4.0 KiB
Plaintext
112 lines
4.0 KiB
Plaintext
Here is a quickie guide to get you started in IPA development.
|
|
|
|
Dependencies
|
|
------------
|
|
|
|
For more information, see http://www.freeipa.org/page/Build
|
|
|
|
The quickest way to get the dependencies needed for building is:
|
|
|
|
# dnf builddep -b freeipa.spec.in
|
|
|
|
or
|
|
|
|
# yum install rpm-build `grep "^BuildRequires" freeipa.spec.in | awk '{ print $2 }' | grep -v "^/"`
|
|
|
|
This is currently (2015-05-07):
|
|
|
|
yum install rpm-build 389-ds-base-devel svrcore-devel policycoreutils \
|
|
systemd-units samba-devel samba-python libwbclient-devel libtalloc-devel \
|
|
libtevent-devel nspr-devel nss-devel openssl-devel openldap-devel krb5-devel \
|
|
krb5-workstation libuuid-devel libcurl-devel xmlrpc-c-devel popt-devel \
|
|
autoconf automake m4 libtool gettext python-devel python-ldap \
|
|
python-setuptools python-nss python-netaddr python-gssapi \
|
|
python-rhsm pyOpenSSL pylint python-polib libipa_hbac-python python-memcached \
|
|
sssd python-lxml python-pyasn1 python-qrcode-core python-dns m2crypto \
|
|
check libsss_idmap-devel libsss_nss_idmap-devel java-headless rhino \
|
|
libverto-devel systemd libunistring-devel python-lesscpy python-yubico \
|
|
python-backports-ssl_match_hostname softhsm-devel openssl-devel \
|
|
p11-kit-devel pki-base python-pytest-multihost python-pytest-sourceorder
|
|
|
|
Building
|
|
--------
|
|
|
|
From the root of the source tree run:
|
|
$ make rpms
|
|
|
|
The resulting rpm packages are in dist/rpms:
|
|
|
|
# yum --nogpgcheck localinstall dist/rpms/*
|
|
# ipa-server-install
|
|
|
|
It may be possible to do a simple make all install but this has not been
|
|
well-tested. Additional work is done in pre/post install scripts in the ipa
|
|
spec file.
|
|
|
|
Developing plugins
|
|
------------------
|
|
|
|
It is possible to do management plugin development within the source tree.
|
|
|
|
To start with, you need a full IPA install on the current system. Build and
|
|
install the rpms and then configure IPA using ipa-server-install.
|
|
|
|
Get a TGT for the admin user with: kinit admin
|
|
|
|
Next you'll need 2 sessions in the source tree. In the first session run
|
|
python lite-server.py. In the second session copy /etc/ipa/default.conf into
|
|
~/.ipa/default.conf and replace xmlrpc_uri with http://127.0.0.1:8888/ipa/xml.
|
|
Finally run the ./ipa tool and it will make requests to the lite-server
|
|
listening on 127.0.0.1:8888.
|
|
|
|
This makes developing plugins much faster and you can also make use of the
|
|
Python pdb debugger on the server side.
|
|
|
|
You'll find you may need to refresh the underlying build if schema or other
|
|
changes are required.
|
|
|
|
Testing
|
|
-------
|
|
|
|
For more information, see http://www.freeipa.org/page/Testing
|
|
|
|
We use python nosetests to test for regressions in the management framework
|
|
and plugins. All test dependencies are required by the freeipa-tests package.
|
|
|
|
To run all of the tests you will need 2 sessions, one to run the lite-server
|
|
and the other to execute the tests. You'll also need a TGT before starting
|
|
the lite-server:
|
|
|
|
% kinit admin
|
|
% make test
|
|
|
|
Some tests may be skipped. For example, all the XML-RPC tests will be skipped
|
|
if you haven't started the lite-server. The DNS tests will be skipped if
|
|
the underlying IPA installation doesn't configure DNS, etc.
|
|
|
|
API.txt
|
|
-------
|
|
The purpose of the file API.txt is to prevent accidental API changes. The
|
|
program ./makeapi creates file and also validates it (with the --validate
|
|
option). This validation is part of the build process.
|
|
|
|
There are three solutions to changes to the API:
|
|
|
|
1. Changes to existing API require a change to the MAJOR version.
|
|
2. Addition of new API requires a change to the MINOR version.
|
|
3. Or just back out your changes and don't make an API change.
|
|
|
|
If the API changes you'll need to run ./makeapi to update API.txt and
|
|
commit it along with VERSION with your API change.
|
|
|
|
If a module is optionally loaded then you will need to be able to
|
|
conditionally load it for API validation. The environment variable
|
|
api.env.validate_api is True during validation.
|
|
|
|
General Notes
|
|
-------------
|
|
IPA is not relocatable.
|
|
|
|
When building rpms the version contains the GIT id in the version. To prevent
|
|
this pass the argument IPA_VERSION_IS_GIT_SNAPSHOT=yes to make.
|