freeipa/install
Simo Sorce b6741d81e1 Use Anonymous user to obtain FAST armor ccache
The anonymous user allows the framework to obtain an armor ccache without
relying on usable credentials, either via a keytab or a pkinit and
public certificates. This will be needed once the HTTP keytab is moved away
for privilege separation.

https://fedorahosted.org/freeipa/ticket/5959

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
2017-02-15 07:13:37 +01:00
..
certmonger renew agent: handle non-replicated certificates 2017-01-16 14:37:25 +01:00
conf Generate tmpfiles config at install time 2017-02-15 07:13:37 +01:00
html Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
migration Set explicit confdir option for global contexts 2016-12-02 09:14:35 +01:00
oddjob Set explicit confdir option for global contexts 2016-12-02 09:14:35 +01:00
restart_scripts Set explicit confdir option for global contexts 2016-12-02 09:14:35 +01:00
share Use Anonymous user to obtain FAST armor ccache 2017-02-15 07:13:37 +01:00
tools Remove is_fips_enabled checks in installers and ipactl 2017-02-13 18:10:55 +01:00
ui Coverity: removed useless semicolon which ends statement earlier 2017-01-18 09:15:54 +01:00
updates Use Anonymous user to obtain FAST armor ccache 2017-02-15 07:13:37 +01:00
wsgi Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
Makefile.am Build: remove incorrect use of MAINTAINERCLEANFILES 2016-11-16 09:12:07 +01:00
README.schema Add some basic rules for adding new schema 2010-08-27 13:40:37 -04:00

Ground rules on adding new schema

Brand new schema, particularly when written specifically for IPA, should be
added in share/*.ldif. Any new files need to be explicitly loaded in
ipaserver/install/dsinstance.py. These simply get copied directly into
the new instance schema directory.

Existing schema (e.g. in an LDAP draft) may either be added as a separate
ldif in share or as an update in the updates directory. The advantage of
adding the schema as an update is if 389-ds ever adds the schema then the
installation won't fail due to existing schema failing to load during
bootstrap.

If the new schema requires a new container then this should be added
to install/bootstrap-template.ldif.