IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-26 00:41:25 -06:00
Code Issues Packages Projects Releases Wiki Activity
e62eb0007b
freeipa/ipaclient/install
History
Christian Heimes 917d81b832 Allow HTTPd user to access SSSD IFP 
For smart card and certificate authentication, Apache's
mod_lookup_identity module must be able to acess SSSD IFP. The module
accesses IFP as Apache user, not as ipaapi user.

Apache is not allowed to use IFP by default. The update code uses the
service's ok-to-auth-as-delegate flag to detect smart card / cert auth.

See: https://pagure.io/freeipa/issue/7751
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2018-12-11 13:46:52 +01:00
..
__init__.py ipa-client-install: move client install to module 2016-11-11 12:13:56 +01:00
automount.py install: re-introduce option groups 2017-03-13 10:12:40 +01:00
client.py Allow HTTPd user to access SSSD IFP 2018-12-11 13:46:52 +01:00
ipa_certupdate.py certupdate: add commentary about certmonger behaviour 2018-12-03 10:32:36 +01:00
ipa_client_install.py Improve console logging for ipa-server-install 2018-06-20 08:38:03 +02:00
ipachangeconf.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
ipadiscovery.py Py3: Remove subclassing from object 2018-09-27 11:49:04 +02:00
sssd.py ipaclient: Remove --no-sssd and --no-ac options 2018-08-13 12:23:53 +02:00
timeconf.py Add absolute_import future imports 2018-04-20 09:43:37 +02:00