freeipa/plugins at a22e8734805cc897ef59840dac932cb9d7c52a25 - freeipa - Git Repository of IntenseWebs.com, IF.Finance, IWeb.City, NuKVM.org, OilfieldTools Network, Spartan International Drilling, Green Polymer Products & more

IntenseWebs/freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

History

Alexander Bokovoy 2ed5eca762 Reset per-indicator Kerberos policy

When 'ipa krbtpolicy-reset' is called, we need to reset all policy
settings, including per-indicator ones. Per-indicator policy uses
subtyped attributes (foo;bar), the current krbtpolicy-reset code does
not deal with those.

Add support for per-indicator policy reset. It is a bit tricky, as we
need to drop the values to defaults but avoid adding non-per-indicator
variants of the same attributes.

Add test to check that policy has been resetted by observing a new
Kerberos TGT for the user after its policy reset.

Fixes: https://pagure.io/freeipa/issue/8153

Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>

2019-12-18 14:16:33 +01:00

..

__init__.py

Change FreeIPA license to GPLv3+

2010-12-20 17:19:53 -05:00

aci.py

Fix pylint 2.0 return-related violations

2018-07-11 10:11:38 +02:00

automember.py

Fixes pylint errors introduced by version 2.4.0.

2019-09-27 09:38:32 +02:00

automount.py

Reworked the renaming mechanism

2017-03-27 19:08:26 +02:00

baseldap.py

Allow presence of LDAP attribute options

2019-11-21 11:13:12 -05:00

baseuser.py

Extend the list of supported pre-auth mechanisms in IPA server API

2019-09-10 12:33:21 +03:00

batch.py

CVE-2019-10195: Don't log passwords embedded in commands in calls using batch

2019-11-26 15:24:20 +02:00

ca.py

Handle missing LWCA certificate or chain

2019-06-18 10:36:24 +10:00

caacl.py

LGTM: raise handle_not_found()

2018-01-09 07:53:28 +01:00

cert.py

Adapt cert-find performance workaround for users

2019-04-09 09:13:27 +02:00

certmap.py

certmap rules: altSecurityIdentities should only be used for trusted domains

2019-07-17 17:50:07 +03:00

certprofile.py

Sprinkle raw strings across the code base

2018-09-27 10:23:03 +02:00

config.py

Fix errors found by Pylint-2.4.3

2019-10-21 18:01:32 +11:00

delegation.py

Fix errors found by Pylint-2.4.3

2019-10-21 18:01:32 +11:00

dns.py

DNS install check: allow overlapping zone to be from the master itself

2019-12-12 18:24:44 +01:00

dnsserver.py

dnsserver.py: dnsserver-find no longer returns internal server error

2017-06-15 13:51:06 +02:00

dogtag.py

CRL generation master: new utility to enable|disable

2019-03-14 09:39:55 +01:00

domainlevel.py

Use api.env.container_masters

2019-03-28 00:21:00 +01:00

group.py

Show group-add/remove-member-manager failures

2019-11-20 17:08:40 +01:00

hbac.py

ipalib: move server-side plugins to ipaserver

2016-06-03 09:00:34 +02:00

hbacrule.py

Fix pylint 2.0 return-related violations

2018-07-11 10:11:38 +02:00

hbacsvc.py

remove trailing newlines form python modules

2016-10-12 10:38:52 +02:00

hbacsvcgroup.py

remove trailing newlines form python modules

2016-10-12 10:38:52 +02:00

hbactest.py

Removes several pylint warnings.

2019-09-27 09:38:32 +02:00

host.py

Removes several pylint warnings.

2019-09-27 09:38:32 +02:00

hostgroup.py

Show group-add/remove-member-manager failures

2019-11-20 17:08:40 +01:00

idrange.py

Show a notification that sssd needs restarting after idrange-mod

2019-03-29 14:04:04 +01:00

idviews.py

Resolve user/group names in idoverride*-find

2018-12-07 11:39:23 +01:00

internal.py

Add group membership management

2019-11-11 09:31:14 +01:00

join.py

Fix some untranslatable commands in Web UI API Browser

2018-06-21 18:42:05 +02:00

krbtpolicy.py

Reset per-indicator Kerberos policy

2019-12-18 14:16:33 +01:00

ldap2.py

Optimize user-add by caching ldap2.has_upg()

2019-12-05 15:07:57 +01:00

location.py

DNS Location: add list of roles and DNS servers to location-show

2016-06-17 18:05:03 +02:00

migration.py

Allow insecure binds for migration

2019-08-13 18:43:58 +02:00

misc.py

Make env and plugins commands local again

2016-12-02 13:00:06 +01:00

netgroup.py

LGTM: raise handle_not_found()

2018-01-09 07:53:28 +01:00

otp.py

ipalib: move server-side plugins to ipaserver

2016-06-03 09:00:34 +02:00

otpconfig.py

ipalib: move server-side plugins to ipaserver

2016-06-03 09:00:34 +02:00

otptoken.py

Py3: Replace six.moves imports

2018-10-05 12:06:19 +02:00

passwd.py

logging: remove object-specific loggers

2017-07-14 15:55:59 +02:00

permission.py

Removes several pylint warnings.

2019-09-27 09:38:32 +02:00

ping.py

ipalib: move server-side plugins to ipaserver

2016-06-03 09:00:34 +02:00

pkinit.py

Don't fail if config-show does not return servers

2019-03-28 17:57:58 +01:00

privilege.py

Fix Pylint 2.0 violations

2018-07-14 12:04:19 +02:00

pwpolicy.py

Fix translation of commands description in API Browser

2018-06-12 08:38:56 +02:00

rabase.py

CRL generation master: new utility to enable|disable

2019-03-14 09:39:55 +01:00

radiusproxy.py

radiusproxy: add permission for reading radius proxy servers

2018-11-13 12:40:44 +01:00

realmdomains.py

Fix pylint 2.0 return-related violations

2018-07-11 10:11:38 +02:00

role.py

Fix Pylint 2.0 violations

2018-07-14 12:04:19 +02:00

schema.py

Fix translation of commands description in API Browser

2018-06-12 08:38:56 +02:00

selfservice.py

Fix errors found by Pylint-2.4.3

2019-10-21 18:01:32 +11:00

selinuxusermap.py

Make use of single configuration point for SELinux

2019-07-01 14:44:57 +03:00

server.py

Don't fail if config-show does not return servers

2019-03-28 17:57:58 +01:00

serverrole.py

Add hidden replica feature

2019-03-28 17:57:58 +01:00

serverroles.py

Improve config-show to show hidden servers

2019-03-28 17:57:58 +01:00

service.py

Extend the list of supported pre-auth mechanisms in IPA server API

2019-09-10 12:33:21 +03:00

servicedelegation.py

Reworked the renaming mechanism

2017-03-27 19:08:26 +02:00

session.py

Fix some untranslatable commands in Web UI API Browser

2018-06-21 18:42:05 +02:00

stageuser.py

stageuser-find: fix search with non-posix user

2019-06-25 11:02:59 -04:00

sudo.py

ipalib: move server-side plugins to ipaserver

2016-06-03 09:00:34 +02:00

sudocmd.py

sudocmd: fix unsupported assignment

2017-09-08 15:42:07 +02:00

sudocmdgroup.py

remove trailing newlines form python modules

2016-10-12 10:38:52 +02:00

sudorule.py

Convert members into types in sudorule-*-option

2018-08-15 12:52:52 +02:00

topology.py

domainlevel-get: fix various issues when running as non-admin

2019-03-25 09:48:31 +01:00

trust.py

Fix errors found by Pylint-2.4.3

2019-10-21 18:01:32 +11:00

user.py

ipa user_add: do not check group if UPG is disabled

2019-09-27 15:33:15 +02:00

vault.py

Consolidate container_masters queries

2019-03-28 00:21:00 +01:00

virtual.py

logging: remove object-specific loggers

2017-07-14 15:55:59 +02:00

whoami.py

whoami.py: Type error when running tests

2017-07-07 14:44:42 +02:00

xmlserver.py

Add endpoint for serving i18n requests

2018-07-17 15:32:28 -04:00