IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 17:01:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
4,882 Commits 11 Branches 59 Tags 60 MiB
Python 75.7%
JavaScript 10.9%
C 10.8%
Roff 1.1%
Makefile 0.4%
Other 1.1%
af0ac845ff
Go to file
John Dennis af0ac845ff improve handling of ds instances during uninstall 
Ticket #2502

* remove the "running" flag from backup_state in cainstance.py and
  dsinstance.py because it does not provide the correct
  information. In cainstance the running flag was never referenced
  because restarting dirsrv instances occurs later in dsinstance. In
  dsinstance when the running flag is set it incorrectly identifed the
  PKI ds instance configured earlier by cainstance. The intent was to
  determine if there were any ds instances other than those owned by
  IPA which will need to be restarted upon uninstall. Clearly the PKI
  ds instance does not qualify. We were generating a traceback when at
  the conclusion of dsinstance.uninstall we tried to start the
  remaining ds instances as indicated by the running flag, but there
  were none to restart (because the running flag had been set as a
  consequence of the PKI ds instance).

* We only want to restart ds instances if there are other ds instances
  besides those owned by IPA. We shouldn't be stopping all ds
  instances either, but that's going to be covered by another
  ticket. The fix for restarting other ds instances at the end of
  uninstall is to check and see if there are other ds instances
  remaining after we've removed ours, if so we restart them. Also it's
  irrelevant if those ds instances were not present when we installed,
  it only matters if they exist after we restore things during
  uninstall. If they are present we have to start them back up because
  we shut them down during uninstall.

* Add new function get_ds_instances() which returns a list of existing
  ds instances.

* fixed error messages that incorrectly stated it "failed to restart"
  a ds instance when it should be "failed to create".
2012-04-04 22:47:08 -04:00
.tx Add Transifex tx client configuration file 2011-03-07 16:05:33 -05:00
checks Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
contrib ticket 2022 - modify codebase to utilize IPALogManager, obsoletes logging 2011-11-23 09:36:18 +01:00
daemons Fix MS-PAC checks when using s4u2proxy 2012-04-03 09:28:50 -04:00
doc Replace float with Decimal 2012-01-20 08:13:44 +01:00
init Disable false pylint error in freeipa-systemd-upgrade 2012-02-15 00:26:18 -05:00
install Configure SELinux for httpd during upgrades 2012-04-03 18:20:51 -04:00
ipa-client Fix memleak and silence Coverity defects 2012-03-22 17:33:13 +01:00
ipalib Check whether the default user group is POSIX when adding new user with --noprivate. 2012-04-05 15:04:45 +02:00
ipapython Parse zone indices in IPv6 addresses in CheckedIPAddress. 2012-03-27 12:03:16 +02:00
ipaserver improve handling of ds instances during uninstall 2012-04-04 22:47:08 -04:00
selinux daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
tests Check whether the default user group is POSIX when adding new user with --noprivate. 2012-04-05 15:04:45 +02:00
util ipa-kdb: add AS auditing support 2012-02-14 18:03:45 -05:00
.bzrignore Added top-level tests/ package that will contain all unit tests 2008-10-07 20:36:44 -06:00
.gitignore Replace broken i18n shell test with Python test 2012-03-26 20:29:26 -04:00
API.txt Check whether the default user group is POSIX when adding new user with --noprivate. 2012-04-05 15:04:45 +02:00
autogen.sh build tweaks - use automake's foreign mode, avoid creating empty files to satisfy gnu mode - run autoreconf -f to ensure that everything matches 2010-11-29 11:39:55 -05:00
BUILD.txt Rename ipa.spec.in to freeipa.spec.in in BUILD.txt. 2011-02-10 17:52:43 -05:00
Contributors.txt Add Petr Viktorín to Contributors.txt 2012-02-10 11:57:53 +01:00
COPYING Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
freeipa.spec.in Add requires on python-krbV to client subpackage 2012-03-28 08:53:01 +02:00
ipa Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
ipa-compliance.cron Add support for tracking and counting entitlements 2011-02-02 10:00:38 -05:00
ipa.1 Don't set delegation flag in client, we're using S4U2Proxy now 2012-02-15 17:08:33 +01:00
lite-server.py Tweak the session auth to reflect developer consensus. 2012-02-27 05:54:29 -05:00
make-doc This patch removes the existing UI functionality, as a prep for adding the Javascript based ui. 2010-07-29 10:44:56 -04:00
make-lint Change parameters to use only default_from for dynamic default values. 2012-03-28 14:04:31 +02:00
make-test Execute /usr/bin/python directly instead of /usr/bin/env python 2011-01-14 16:27:48 -05:00
make-testcert Fix uses of O=REALM instead of the configured certificate subject base. 2012-03-26 20:29:26 -04:00
makeapi Change parameters to use only default_from for dynamic default values. 2012-03-28 14:04:31 +02:00
Makefile Remove old RPMROOT contents before it is used for rpmbuild 2011-12-09 10:03:41 +01:00
MANIFEST.in Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
README Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup-client.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
setup.py Add plugin framework to LDAP updates. 2011-11-22 23:57:10 -05:00
TODO Parse comma-separated lists of values in all parameter types. This can be enabled for a specific parameter by setting the "csv" option to True. 2011-11-30 17:08:35 +01:00
VERSION Make revocation_reason required when revoking a certificate. 2012-04-05 08:51:30 +02:00
version.m4.in Mass tree reorganization for IPAv2. To view previous history of files use: 2009-02-03 15:27:14 -05:00

README 

                               IPA Server

  What is it?
  -----------

  For efficiency, compliance and risk mitigation, organizations need to
  centrally manage and correlate vital security information including:

    * Identity (machine, user, virtual machines, groups, authentication
      credentials)
    * Policy (configuration settings, access control information)
    * Audit (events, logs, analysis thereof) 

  Since these are not new problems. there exist many approaches and
  products focused on addressing them. However, these tend to have the
  following weaknesses:

    * Focus on solving identity management across the enterprise has meant
      less focus on policy and audit.
    * Vendor focus on Web identity management problems has meant less well
      developed solutions for central management of the Linux and Unix
      world's vital security info. Organizations are forced to maintain
      a hodgepodge of internal and proprietary solutions at high TCO.
    * Proprietary security products don't easily provide access to the
      vital security information they collect or manage. This makes it
      difficult to synchronize and analyze effectively. 

  The Latest Version
  ------------------

  Details of the latest version can be found on the IPA server project
  page under <http://www.freeipa.org/>.

  Documentation
  -------------

  The most up-to-date documentation can be found at
  <http://freeipa.org/page/Documentation/>.

  Quick Start
  -----------

  To get started quickly, start here:
  <https://fedorahosted.org/freeipa/wiki/QuickStartGuide>

  Licensing
  ---------

  Please see the file called COPYING.

  Contacts
  --------

     * If you want to be informed about new code releases, bug fixes,
       security fixes, general news and information about the IPA server
       subscribe to the freeipa-announce mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-interest/>.

     * If you have a bug report please submit it at:
       <https://bugzilla.redhat.com>

     * If you want to participate in actively developing IPA please
       subscribe to the freeipa-devel mailing list at
       <https://www.redhat.com/mailman/listinfo/freeipa-devel/> or join
       us in IRC at irc://irc.freenode.net/freeipa