Go to file
Alexander Bokovoy 8badce286f Refactor backup_and_replace_hostname() into a flexible config modification tool
backup_and_replace_hostname() was doing three things:
    1. Given config file in 'key=value' style, replace value for a
       specified key (HOSTNAME)
    2. Backup original file and install a replacement
    3. Restore original security context after editing

We have several more places where parts of the functionality are needed,
thus making two tools in ipapython.ipautil:

    1. config_replace_variables(filepath, replacevars=dict(),
                                appendvars=dict())
       Replaces or appends values to specified keys, adding new key=value
       pairs if key was absent

    2. backup_config_and_replace_variables(fstore, filepath,
                                           replacevars=dict(),
                                           appendvars=dict())
       Backups config file and calls config_replace_variables()

A caller must handle security context after using these two tools.

In addition, as before, there is
ipapython.services.backup_and_replace_hostname() that uses
these common tools and restores security context after editing.

The code will be used extensively for systemd integration for Fedora 16.

Fixes:
    https://fedorahosted.org/freeipa/ticket/1871
2011-10-11 18:21:41 -04:00
.tx Add Transifex tx client configuration file 2011-03-07 16:05:33 -05:00
checks Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
contrib Fix lint false positives. 2011-04-13 15:58:45 +02:00
daemons ipa-kdb: Fix legacy password hashes generation 2011-10-06 12:15:05 -04:00
doc/examples Minor typos in the examples 2011-06-27 23:04:18 -04:00
install Fix upgrades of selfsign server 2011-10-11 17:08:17 -04:00
ipa-client Increase number of 'getent passwd attempts' to 10 2011-10-11 10:36:45 +02:00
ipalib Disallow deletion of global password policy. 2011-10-12 10:12:49 +02:00
ipapython Refactor backup_and_replace_hostname() into a flexible config modification tool 2011-10-11 18:21:41 -04:00
ipaserver Fix dnszone-add name_from_ip server validation 2011-10-11 15:15:15 +02:00
selinux daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
tests Disallow deletion of global password policy. 2011-10-12 10:12:49 +02:00
util util: add password policy manipulation functions 2011-08-26 08:24:49 -04:00
.bzrignore Added top-level tests/ package that will contain all unit tests 2008-10-07 20:36:44 -06:00
.gitignore daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
API.txt Require current password when using passwd to change your own password. 2011-10-04 15:16:15 +02:00
autogen.sh build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches 2010-11-29 11:39:55 -05:00
BUILD.txt Rename ipa.spec.in to freeipa.spec.in in BUILD.txt. 2011-02-10 17:52:43 -05:00
Contributors.txt Add Alexander Bokovoy and Jan Cholasta to contributors file 2011-07-19 20:43:21 -04:00
COPYING Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
freeipa.spec.in Force the upgrade of pki-setup when upgrading the RPMS 2011-10-09 23:36:36 -04:00
ipa Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
ipa-compliance.cron Add support for tracking and counting entitlements 2011-02-02 10:00:38 -05:00
ipa.1 daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
ipa.init Temporary workaround for systemd brokeness on fedora 15 2011-02-15 17:55:14 -05:00
lite-server.py rename static to ui 2011-01-20 14:12:47 +00:00
make-doc This patch removes the existing UI functionality, as a prep for adding the Javascript based ui. 2010-07-29 10:44:56 -04:00
make-lint Several improvements of the lint script. 2011-05-05 11:54:07 +02:00
make-test Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
make-testcert Make data type of certificates more obvious/predictable internally. 2011-06-21 19:09:50 -04:00
makeapi ticket 1707 - add documentation validation to makeapi tool 2011-08-24 23:03:48 -04:00
Makefile Introduce platform-specific adaptation for services used by FreeIPA. 2011-09-13 11:25:58 +02:00
MANIFEST.in Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
README Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup-client.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
TODO Updated TODO based on discussion between Rob, Pavel, and Jason; put TODO in reStructuredText style formatting 2009-05-19 09:55:34 -04:00
VERSION Require current password when using passwd to change your own password. 2011-10-04 15:16:15 +02:00
version.m4.in Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Quick Start
  -----------

  To get started quickly, start here:
  <https://fedorahosted.org/freeipa/wiki/QuickStartGuide>

  Licensing
  ---------

  Please see the file called COPYING.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa