mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-26 16:16:31 -06:00

Go to file

Fraser Tweedale 854d3053e2 Handle missing LWCA certificate or chain If lightweight CA key replication has not completed, requests for the certificate or chain will return 404. This can occur in normal operation, and should be a temporary condition. Detect this case and handle it by simply omitting the 'certificate' and/or 'certificate_out' fields in the response, and add a warning message to the response. Also update the client-side plugin that handles the --certificate-out option. Because the CLI will automatically print the warning message, if the expected field is missing from the response, just ignore it and continue processing. after the Dogtag NullPointerException gets fixed! Part of: https://pagure.io/freeipa/issue/7964 Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>		2019-06-18 10:36:24 +10:00
asn1	fix minor spelling mistakes	2017-05-19 09:52:46 +02:00
client	ipa-client-automount: add knob to configure NFSv4 Domain (idmapd.conf)	2019-05-06 17:46:19 +02:00
contrib	Update mod_nss cipher list so there is overlap with a 4.x master	2019-02-04 09:12:29 +01:00
daemons	ipa-pwd-extop: do not remove MagicRegen mod, replace it	2019-05-28 09:55:51 +03:00
doc	Hidden replica documentation: fix typo	2019-06-13 23:13:43 +02:00
init	Move ipa's systemd tmpfiles from /var/run to /run	2018-10-15 10:04:33 +02:00
install	ipa-cert-fix: add man page	2019-05-29 12:49:27 +10:00
ipaclient	Handle missing LWCA certificate or chain	2019-06-18 10:36:24 +10:00
ipalib	Handle missing LWCA certificate or chain	2019-06-18 10:36:24 +10:00
ipaplatform	Stop using 389-ds legacy backup and restoration utilities	2019-06-05 13:18:45 -04:00
ipapython	admintool: don't display log file on errors unless logging is setup	2019-06-11 19:42:50 +02:00
ipaserver	Handle missing LWCA certificate or chain	2019-06-18 10:36:24 +10:00
ipatests	ipatests: fix TestUserPermissions::test_selinux_user_optimized	2019-06-13 23:24:01 +02:00
po	Update translations from Zanata	2019-04-24 09:47:31 +02:00
pypi	Cleanup shebang and executable bit	2018-07-05 19:46:42 +02:00
util	Compile IPA modules with C11 extensions	2019-02-07 12:33:45 +01:00
.freeipa-pr-ci.yaml	Making nigthly test definition editable by FreeIPA's contributors	2018-07-27 09:50:06 +02:00
.git-commit-template	git-commit-template: update ticket url to use pagure.io instead of fedorahosted.org	2017-03-28 13:10:08 +02:00
.gitignore	.gitignore: add ipa-cert-fix program	2019-06-11 15:52:06 +10:00
.lgtm.yml	Improve Python configuration for LGTM	2018-10-26 18:04:23 +02:00
.mailmap	Update mailmap	2019-04-24 09:47:31 +02:00
.test_runner_config.yaml	Enable firewall in the tests for PR CI	2019-01-11 20:01:54 +01:00
.tox-install.sh	Resolve tox substitutions to absolute paths	2019-06-16 20:32:31 +03:00
.travis_run_task.sh	Make `pycodestyle` results identical	2019-05-28 10:01:23 +03:00
.travis.yml	Remove Python 2 support and packages	2018-09-06 17:39:00 +02:00
.wheelconstraints.in	Use pylint 1.7.5 with fix for bad python3 import	2017-12-19 13:28:06 +01:00
ACI.txt	Add knob to limit hostname length	2019-05-16 14:38:43 -04:00
API.txt	Add knob to limit hostname length	2019-05-16 14:38:43 -04:00
autogen.sh	build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches	2010-11-29 11:39:55 -05:00
BUILD.txt	Update builddep command in BUILD.txt	2018-07-17 16:52:31 +02:00
CODE_OF_CONDUCT.md	Changing Django's CoC to reflect FreeIPA CoC	2018-03-26 09:51:25 +02:00
configure.ac	Move Custodia secrets handler to scripts	2019-04-26 12:09:22 +02:00
Contributors.txt	Update list of contributors and sort them alphabetically	2019-04-24 09:47:31 +02:00
COPYING	Change FreeIPA license to GPLv3+	2010-12-20 17:19:53 -05:00
COPYING.openssl	Add a clear OpenSSL exception.	2015-02-23 16:25:54 +01:00
freeipa.doap.rdf	Adding modified DOAP file	2018-06-22 11:02:40 -04:00
freeipa.spec.in	require Dogtag 10.7.0-1	2019-05-29 12:49:27 +10:00
ipa.in	Rename Python scripts and add dynamic shebang	2018-08-23 14:49:06 +02:00
ipasetup.py.in	Address inconsistent-return-statements	2018-11-13 13:37:58 +01:00
make-doc	Make an ipa-tests package	2013-06-17 19:22:50 +02:00
make-test	Use pytest conftest.py and drop pytest.ini	2017-01-05 17:37:02 +01:00
makeaci.in	Add constructors to ldap client	2019-02-05 08:39:13 -05:00
makeapi.in	Remove Python 2 support and packages	2018-09-06 17:39:00 +02:00
Makefile.am	Add missing deps for `make pylint`	2019-04-24 08:10:45 +02:00
Makefile.python.am	Add PYTHON_INSTALL_EXTRA_OPTIONS and --install-layout=deb	2017-03-15 13:48:23 +01:00
Makefile.pythonscripts.am	Add missing deps for `make pylint`	2019-04-24 08:10:45 +02:00
makerpms.sh	Fix unnecessary usrmerge assumptions	2019-04-17 13:56:05 +02:00
pylint_plugins.py	constants: add ca_renewal container	2019-05-29 12:49:27 +10:00
pylintrc	Forbid imports of ipaserver and install packages	2019-05-16 13:20:38 +02:00
README.md	README: Update link to freeipa-devel archive	2019-03-20 17:32:43 +01:00
server.m4	Correcting detect typo in server.m4	2018-04-05 11:25:01 +02:00
tox.ini	Make python-ldap optional for PyPI packages	2019-04-26 12:53:23 +02:00
VERSION.m4	Bump release number to 4.7.91	2019-06-17 14:31:12 +10:00
zanata.xml	Zanata: exlude testing ipa.pot file	2016-11-21 14:47:47 +01:00

README.md

FreeIPA Server

FreeIPA allows Linux administrators to centrally manage identity, authentication and access control aspects of Linux and UNIX systems by providing simple to install and use command line and web based management tools.

FreeIPA is built on top of well known Open Source components and standard protocols with a very strong focus on ease of management and automation of installation and configuration tasks.

FreeIPA can seamlessly integrate into an Active Directory environment via cross-realm Kerberos trust or user synchronization.

Benefits

FreeIPA:

Allows all your users to access all the machines with the same credentials and security settings
Allows users to access personal files transparently from any machine in an authenticated and secure way
Uses an advanced grouping mechanism to restrict network access to services and files only to specific users
Allows central management of security mechanisms like passwords, SSH Public Keys, SUDO rules, Keytabs, Access Control Rules
Enables delegation of selected administrative tasks to other power users
Integrates into Active Directory environments

Components

The FreeIPA project provides unified installation and management tools for the following components:

LDAP Server - based on the 389 project
KDC - based on MIT Kerberos implementation
PKI based on Dogtag project
Samba libraries for Active Directory integration
DNS Server based on BIND and the Bind-DynDB-LDAP plugin

Project Website

Releases, announcements and other information can be found on the IPA server project page at http://www.freeipa.org/ .

Documentation

The most up-to-date documentation can be found at http://freeipa.org/page/Documentation .

Quick Start

To get started quickly, start here: http://www.freeipa.org/page/Quick_Start_Guide

For developers

Building FreeIPA from source
- http://www.freeipa.org/page/Build
- See the BUILD.txt file in the source root directory

Licensing

Please see the file called COPYING.

Contacts

If you want to be informed about new code releases, bug fixes, security fixes, general news and information about the IPA server subscribe to the freeipa-announce mailing list at https://www.redhat.com/mailman/listinfo/freeipa-interest/ .
If you have a bug report please submit it at: https://pagure.io/freeipa/issues
If you want to participate in actively developing IPA please subscribe to the freeipa-devel mailing list at https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/ or join us in IRC at irc://irc.freenode.net/freeipa