freeipa/install
Christian Heimes 8e165480ac Use GnuPG 2 for backup/restore
ipa-backup and ipa-restore now use GnuPG 2 for asymmetric encryption, too.
The gpg2 command behaves a bit different and requires a gpg2 compatible
config directory. Therefore the --keyring option has been deprecated.

The backup and restore tools now use root's GPG keyring by default.
Custom configuration and keyring can be used by setting GNUPGHOME
environment variables.

Fixes: https://pagure.io/freeipa/issue/7560
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2018-05-27 16:05:50 +02:00
..
certmonger Have all the scripts run in python 3 by default 2018-02-15 18:43:12 +01:00
html Address more 'to login' 2017-12-12 12:53:21 +01:00
migration Add absolute_import future imports 2018-04-20 09:43:37 +02:00
oddjob Have all the scripts run in python 3 by default 2018-02-15 18:43:12 +01:00
restart_scripts Have all the scripts run in python 3 by default 2018-02-15 18:43:12 +01:00
share Enable SPAKE support using krb5.conf.d snippet 2018-04-28 16:35:16 +02:00
tools Use GnuPG 2 for backup/restore 2018-05-27 16:05:50 +02:00
ui Radius proxy multiservers fix 2018-05-17 18:36:33 -04:00
updates ACL: Allow hosts to remove services they manage 2018-04-19 08:59:45 -04:00
wsgi Add absolute_import future imports 2018-04-20 09:43:37 +02:00
Makefile.am Encrypt httpd key stored on disk 2018-03-23 12:48:46 +01:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.