freeipa/ipapython
Christian Heimes d9ab0097e1 Secure permissions of Custodia server.keys
Custodia's server.keys file contain the private RSA keys for encrypting
and signing Custodia messages. The file was created with permission 644
and is only secured by permission 700 of the directory
/etc/ipa/custodia. The installer and upgrader ensure that the file
has 600.

https://bugzilla.redhat.com/show_bug.cgi?id=1353936
https://fedorahosted.org/freeipa/ticket/6056

Reviewed-By: Martin Basti <mbasti@redhat.com>
2016-08-24 16:59:43 +02:00
..
dnssec Fix minor typos 2016-06-20 13:49:32 +02:00
install installer: index() raises ValueError 2016-06-13 18:04:40 +02:00
secrets Secure permissions of Custodia server.keys 2016-08-24 16:59:43 +02:00
__init__.py Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
admintool.py admintool: Add error message with path to log on failure. 2015-10-15 13:32:13 +02:00
certdb.py certdb: never use the -r option of certutil 2016-03-16 09:35:44 +01:00
certmonger.py Create server and host certs with DNS altname 2016-07-19 14:18:04 +02:00
config.py Fix: catch Exception instead of more specific exception types 2016-03-22 17:33:02 +01:00
cookie.py cookie parser: do not fail on cookie with empty value 2016-03-01 14:16:08 +01:00
dn.py Remove forgotten print from DN.__str__ implementation 2016-08-19 13:04:52 +02:00
dnsutil.py Fix internal errors in host-add and other commands caused by DNS resolution 2016-07-01 10:35:39 +02:00
dogtag.py Remove workaround for CA running check 2016-01-21 14:09:44 +01:00
errors.py Replace StandardError with Exception 2015-09-30 10:51:36 +02:00
graph.py Use Python3-compatible dict method names 2015-09-01 11:42:01 +02:00
ipa_log_manager.py Use absolute imports 2015-08-12 18:17:23 +02:00
ipa.conf Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
ipaldap.py ipalib: introduce Principal parameter 2016-07-01 09:37:25 +02:00
ipautil.py Increase default length of auto generated passwords 2016-08-03 15:32:41 +02:00
ipavalidate.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
kerberos.py ipapython module for Kerberos principal manipulation and parsing 2016-07-01 09:37:25 +02:00
kernel_keyring.py Fix session cookies 2016-07-22 16:30:32 +02:00
log_manager.py Fix minor typos 2016-06-16 08:47:20 +02:00
Makefile ipapython: port p11helper C code to Python 2016-01-21 10:21:32 +01:00
MANIFEST.in Rename ipa-python directory to ipapython so it is a real python library 2009-02-09 14:35:15 -05:00
nsslib.py Pylint: remove unnecessary-semicolon 2016-03-22 10:20:51 +01:00
p11helper.py p11helper: Port to Python 3 2016-02-17 10:41:29 +01:00
README Replace DNS client based on acutil with python-dns 2012-05-24 13:55:56 +02:00
setup.py.in pylint: fix: multiple-statements 2016-06-21 13:51:28 +02:00
ssh.py Remove unused imports 2015-12-23 07:59:22 +01:00
sysrestore.py sysrestore: Iterate over a list of dict keys 2016-04-28 16:22:07 +02:00
version.py.in plugable: support plugin versioning 2016-06-28 13:30:49 +02:00

This is a set of libraries common to IPA clients and servers though mostly
geared currently towards command-line tools.

A brief overview:

config.py - identify the IPA server domain and realm. It uses python-dns to
            try to detect this information first and will fall back to
            /etc/ipa/default.conf if that fails.

ipautil.py - helper functions

entity.py - entity is the main data type. User and Group extend this class
            (but don't add anything currently).

ipavalidate.py - basic data validation routines