freeipa

mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00

Files

Alexander Bokovoy d85e0550ca ipapython.ipautil.run: allow skipping stdout/stderr logging

There are cases when output from a utility run contains sensitive
content that is better to avoid logging. For example, klist can be told
to show actual encryption keys with -K option. Redacting them out with
nolog option to ipapython.ipautil.run() is not possible because
replacement routine expects exact matches.

Introduce two boolean options that allow to skip printing output from
the utility being run:
  -- nolog_output: skip printing captured stdout
  -- nolog_error: skip printing captured stderr

These options default to False (thus, stdout/stderr content will
continue to be printed). In case they were set to True, corresponding
line will contain

   stdout=<REDACTED>

or

   stderr=<REDACTED>

Fixes: https://pagure.io/freeipa/issue/3999
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>

2019-06-29 11:00:28 +03:00

install

Drop list of return values to be ignored in AdminTool

2019-06-07 11:24:45 +02:00

__init__.py

Rename ipa-python directory to ipapython so it is a real python library

2009-02-09 14:35:15 -05:00

admintool.py

admintool: don't display log file on errors unless logging is setup

2019-06-11 19:42:50 +02:00

certdb.py

NSSDatabase: fix get_trust_chain

2019-05-24 17:18:56 -04:00

config.py

Py3: Replace six.moves imports

2018-10-05 12:06:19 +02:00

cookie.py

Py3: Replace six.moves imports

2018-10-05 12:06:19 +02:00

directivesetter.py

Py3: Replace six.text_type with str

2018-09-27 16:11:18 +02:00

dn_ctypes.py

Load libldap_r-*.so.2

2019-05-14 12:27:55 +02:00

dn.py

dn: sort AVAs when converting from x509.Name

2019-06-11 16:14:44 +10:00

dnsutil.py

Py3: Replace six.string_types with str

2018-09-27 16:11:18 +02:00

dogtag.py

Send only the path and not the full URI to httplib.request

2019-03-19 11:00:43 -04:00

errors.py

Replace StandardError with Exception

2015-09-30 10:51:36 +02:00

graph.py

Py3: Remove subclassing from object

2018-09-27 11:49:04 +02:00

ipa_log_manager.py

Remove deprecated object logger

2019-04-23 12:55:35 +02:00

ipaldap.py

Revert "Require a minimum SASL security factor of 56"

2019-05-02 11:39:23 +02:00

ipautil.py

ipapython.ipautil.run: allow skipping stdout/stderr logging

2019-06-29 11:00:28 +03:00

ipavalidate.py

Change FreeIPA license to GPLv3+

2010-12-20 17:19:53 -05:00

kerberos.py

Py3: Replace six.bytes_type with bytes

2018-09-27 16:11:18 +02:00

kernel_keyring.py

Don't configure KEYRING ccache in containers

2019-01-18 11:33:11 +01:00

Makefile.am

ipapython: fix DEFAULT_PLUGINS in version.py

2017-03-09 18:39:48 +01:00

nsslib.py

Remove ipapython.nsslib as it is not used anymore

2017-03-01 09:43:41 +00:00

README

Replace DNS client based on acutil with python-dns

2012-05-24 13:55:56 +02:00

session_storage.py

Fix pylint warnings inconsistent-return-statements

2017-12-18 11:51:14 +01:00

setup.cfg

Port all setup.py to setuptools

2016-10-20 18:43:37 +02:00

setup.py

Make python-ldap optional for PyPI packages

2019-04-26 12:53:23 +02:00

ssh.py

Py3: Remove subclassing from object

2018-09-27 11:49:04 +02:00

version.py.in

ipapython: fix DEFAULT_PLUGINS in version.py

2017-03-09 18:39:48 +01:00

README

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines