mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
ed001c97ee
Add new options to ipa config-mod, allowing to enable SID generation on upgraded servers: ipa config-mod --enable-sid --add-sids --netbios-name NAME The new option uses Dbus to launch an oddjob command, org.freeipa.server.config-enable-sid that runs the installation steps related to SID generation. --add-sids is optional and triggers the sid generation task that populates SID for existing users / groups. --netbios-name is optional and allows to specify the NetBIOS Name. When not provided, the NetBIOS name is generated based on the leading component of the DNS domain name. This command can be run multiple times. Fixes: https://pagure.io/freeipa/issue/8995 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
---|---|---|
.. | ||
base | ||
debian | ||
fedora | ||
fedora_container | ||
redhat | ||
rhel | ||
rhel_container | ||
suse | ||
__init__.py | ||
_importhook.py | ||
constants.py | ||
Makefile.am | ||
osinfo.py | ||
override.py.in | ||
paths.py | ||
README.md | ||
services.py | ||
setup.cfg | ||
setup.py | ||
tasks.py |
IPA platform abstraction
The ipaplatform
package provides an abstraction layer for
supported Linux distributions and flavors. The package contains
constants, paths to commands and config files, services, and tasks.
- base abstract base platform
- debian Debian- and Ubuntu-like
- redhat abstract base for Red Hat platforms
- fedora Fedora
- fedora_container freeipa-container on Fedora
- rhel RHEL and CentOS
- rhel_container freeipa-container on RHEL and CentOS
- suse OpenSUSE and SLES
[base]
├─ debian
├─[redhat]
│ ├─ fedora
│ │ └─ fedora_container
│ └─ rhel
│ └─ rhel_container
└─ suse
(Note: Debian and SUSE use some definitions from Red Hat namespace.)
freeipa-container platform
The fedora_container and rhel_container platforms are flavors
of the fedora and rhel platforms. These platform definitions
are specifically designed for
freeipa-container.
The FreeIPA server container implements a read-only container. Paths
like /etc
, /usr
, and /var
are mounted read-only and cannot
be modified. The image uses symlinks to store all variable data like
config files and LDAP database in /data
.
- Some commands don't write through dangling symlinks. The IPA
platforms for containers prefix some paths with
/data
. ipa-server-upgrade
verifies that the platform does not change between versions. To allow upgrades of old containers, sysupgrade maps$distro_container
to$distro
platform.- The container images come with authselect pre-configured with
sssd with-sudo
option. The tasksmodify_nsswitch_pam_stack
andmigrate_auth_configuration
are no-ops.ipa-restore
does not restore authselect settings.ipa-backup
still stores authselect settings in backup data. - The
--mkhomedir
option is not supported.