freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-11 08:41:55 -06:00

Go to file

Nalin Dahyabhai a094dfa91c Add code to handle stash files using keytab format In krb5 1.7 and later, the stash file (/var/kerberos/krb5kdc/.k5.$REALM on Fedora) is created in the regular keytab format instead of the older less-portable one. Based from comments and code in kt_file.c, here's a change to try to recognize that case (the file starts with a magic number) and read the master key from Python. The KDC will still read either format, so I left the bits that set things up on replicas alone (advice appreciated). The patch works as expected on my 64-bit box, both on RHEL5 (krb5 1.6.1 with a traditional stash file) and on Raw Hide (krb5 1.7 with a keytab).		2009-11-24 12:07:27 -05:00
checks	Added a sys.path hack to get checks/check-ra.py working again	2009-02-17 16:03:10 -05:00
contrib/RHEL4	Now that admin is in the common users tree make the nss_ldap	2008-05-29 09:43:08 -04:00
daemons	No longer use the IPA-specific memberof plugin. Use the DS-supplied one.	2009-10-12 09:37:38 -04:00
doc/examples	Fleshed out krb plugin and added example of scripting against Python API	2009-08-31 15:47:14 -06:00
install	respect debug arg during server install	2009-11-19 14:46:18 -05:00
ipa-client	Clean up some return values	2009-11-19 03:07:52 -07:00
ipa-radius-admintools	Rework config.py and change cli tools. Maintain order of IPA servers from command line, config and DNS. Parse options before detecting IPA configuration. Don't ignore rest of the options if one is missing in ipa.conf. Drop the --usage options, we will rely on --help. Fixes: 458869, 459070, 458980, 459234	2008-09-11 23:34:01 +02:00
ipa-radius-server	Fix versioning for configure.ac and ipa-python/setup.py	2008-08-11 18:31:05 -04:00
ipalib	Reading INT parameter class should respect radix prefix	2009-11-23 16:53:43 -05:00
ipapython	Require current versions of python-nss & python-lxml	2009-11-23 16:52:06 -05:00
ipaserver	Add code to handle stash files using keytab format	2009-11-24 12:07:27 -05:00
ipawebui	Add mod_python adapter and some UI tuning	2009-10-27 21:38:13 -06:00
selinux	Add SELinux policy for UI assets	2009-11-04 04:07:38 -07:00
tests	Reading INT parameter class should respect radix prefix	2009-11-23 16:53:43 -05:00
.bzrignore	Added top-level tests/ package that will contain all unit tests	2008-10-07 20:36:44 -06:00
.gitignore	Add build to .gitignore	2008-10-23 10:37:16 -04:00
autogen.sh	Complete consolidation into a single autogen.sh	2009-02-04 09:04:26 -05:00
ipa	Started reworking CLI class into cli plugin	2009-02-03 15:29:03 -05:00
ipa.spec.in	Require current versions of python-nss & python-lxml	2009-11-23 16:52:06 -05:00
LICENSE	Added GPL v2 in LICENSE file	2008-10-14 16:51:04 -06:00
lite-server.py	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
make-doc	Renamed all references to 'ipa_webui' to 'ipawebui'	2009-01-04 19:45:53 -07:00
make-test	Let the updater delete entries and add small test harness	2009-10-05 13:25:42 -06:00
Makefile	Add a separate client-only target	2009-10-17 22:56:47 -06:00
MANIFEST.in	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
README	Add a copy of the LICENSE and populate some README's	2008-01-23 10:30:18 -05:00
setup-client.py	Add a separate client-only target	2009-10-17 22:56:47 -06:00
setup.py	Giant webui patch take 2	2009-10-13 11:28:00 -06:00
TODO	Updated TODO based on discussion between Rob, Pavel, and Jason; put TODO in reStructuredText style formatting	2009-05-19 09:55:34 -04:00
VERSION	Back down to version 1.9.0 in preparation for release of first alpha.	2009-10-26 13:55:01 -04:00
version.m4.in	Mass tree reorganization for IPAv2. To view previous history of files use:	2009-02-03 15:27:14 -05:00

README

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Licensing
  ---------

  Please see the file called LICENSE.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa