Skip to content
Commits on Source (887)
787 additional commits have been omitted to prevent performance issues.
Show whitespace changes
Inline Side-by-side
.freeipa-pr-ci.yaml deleted 100644 → 0
View file @ 530da69e
topologies:
build: &build
name: build
cpu: 2
memory: 3800
master_1repl: &master_1repl
name: master_1repl
cpu: 4
memory: 5750
master_1repl_1client: &master_1repl_1client
name: master_1repl_1client
cpu: 4
memory: 6700
jobs:
fedora-28/build:
requires: []
priority: 100
job:
class: Build
args:
git_repo: '{git_repo}'
git_refspec: '{git_refspec}'
template: &ci-master-f28
name: freeipa/ci-master-f28
version: 0.1.5
timeout: 1800
topology: *build
fedora-28/simple_replication:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_simple_replication.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/caless:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_caless.py::TestServerReplicaCALessToCAFull
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/external_ca_1:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_external_ca.py::TestExternalCA
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/external_ca_2:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_external_ca.py::TestSelfExternalSelf test_integration/test_external_ca.py::TestExternalCAInstall
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_topologies:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_topologies.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_sudo:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_sudo.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/test_commands:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_commands.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_kerberos_flags:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_kerberos_flags.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/test_http_kdc_proxy:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_http_kdc_proxy.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/test_forced_client_enrolment:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_forced_client_reenrollment.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/test_advise:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_advise.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_testconfig:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_testconfig.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_service_permissions:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_service_permissions.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_netgroup:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_netgroup.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/test_vault:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_vault.py
template: *ci-master-f28
timeout: 4500
topology: *master_1repl
fedora-28/test_authconfig:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_authselect.py
template: *ci-master-f28
timeout: 3600
topology: *master_1repl_1client
fedora-28/replica_promotion:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_replica_promotion.py::TestSubCAkeyReplication
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
fedora-28/dnssec:
requires: [fedora-28/build]
priority: 50
job:
class: RunPytest
args:
build_url: '{fedora-28/build_url}'
test_suite: test_integration/test_dnssec.py::TestInstallDNSSECFirst
template: *ci-master-f28
timeout: 3600
topology: *master_1repl
.freeipa-pr-ci.yaml 0 → 120000
View file @ 828fdc0e
ipatests/prci_definitions/gating.yaml
\ No newline at end of file
.gitignore
View file @ 828fdc0e
......@@ -119,3 +119,66 @@ freeipa2-dev-doc
/ipapython/.DEFAULT_PLUGINS
/ipatests/.cache/
# Python scripts with auto-generated shebang
ipa
makeaci
makeapi
client/ipa-certupdate
client/ipa-client-automount
client/ipa-client-install
client/ipa-client-samba
daemons/dnssec/ipa-dnskeysyncd
daemons/dnssec/ipa-dnskeysync-replica
daemons/dnssec/ipa-ods-exporter
install/certmonger/dogtag-ipa-ca-renew-agent-submit
install/certmonger/ipa-server-guard
install/custodia/ipa-custodia-dmldap
install/custodia/ipa-custodia-pki-tomcat
install/custodia/ipa-custodia-pki-tomcat-wrapped
install/custodia/ipa-custodia-ra-agent
install/oddjob/com.redhat.idm.trust-fetch-domains
install/oddjob/etc/oddjobd.conf.d/ipa-server.conf
install/oddjob/etc/oddjobd.conf.d/oddjobd-ipa-trust.conf
install/restart_scripts/renew_ca_cert
install/restart_scripts/renew_kdc_cert
install/restart_scripts/renew_ra_cert
install/restart_scripts/renew_ra_cert_pre
install/restart_scripts/restart_dirsrv
install/restart_scripts/restart_httpd
install/restart_scripts/stop_pkicad
install/tools/ipa-adtrust-install
install/tools/ipa-advise
install/tools/ipa-backup
install/tools/ipa-cacert-manage
install/tools/ipa-ca-install
install/tools/ipa-cert-fix
install/tools/ipa-compat-manage
install/tools/ipa-csreplica-manage
install/tools/ipactl
install/tools/ipa-crlgen-manage
install/tools/ipa-custodia
install/tools/ipa-custodia-check
install/tools/ipa-dns-install
install/tools/ipa-httpd-kdcproxy
install/tools/ipa-kra-install
install/tools/ipa-ldap-updater
install/tools/ipa-managed-entries
install/tools/ipa-nis-manage
install/tools/ipa-otptoken-import
install/tools/ipa-pkinit-manage
install/tools/ipa-pki-retrieve-key
install/tools/ipa-pki-wait-running
install/tools/ipa-replica-conncheck
install/tools/ipa-replica-install
install/tools/ipa-replica-manage
install/tools/ipa-replica-prepare
install/tools/ipa-restore
install/tools/ipa-server-certinstall
install/tools/ipa-server-install
install/tools/ipa-server-upgrade
install/tools/ipa-winsync-migrate
ipatests/i18n.py
ipatests/ipa-run-tests
ipatests/ipa-test-config
ipatests/ipa-test-task
.lgtm.yml 0 → 100644
View file @ 828fdc0e
---
# See https://lgtm.com/help/lgtm/customizing-file-classification
path_classifiers:
asn1:
- "asn1/.*"
asn1-autogenerated:
- "asn1/asn1c/.*"
ipaclient:
- client
- ipalcient
- util
ipalib:
- ipalib
- ipaplatform
- ipapython
ipaserver:
- ipaserver
ipatets:
- ipatests
daemons:
- daemons
install:
- install
extraction:
# https://lgtm.com/help/lgtm/cpp-extraction
cpp:
prepare:
packages:
- build-essential
- autoconf
- automake
- autopoint
- libtool
- gettext
- git
- python3-dev
- python3-distutils
- python3-lesscpy
- python3-setuptools
- python3-wheel
- nodejs
- uglifyjs
- systemd
- 389-ds-base-dev
- libssl-dev
- libsasl2-dev
- libldap2-dev
- libkrb5-dev
- libkrad-dev
- libini-config-dev
- libnss3-dev
- libsss-certmap-dev
- libsss-idmap-dev
- libsss-nss-idmap-dev
- libunistring-dev
- libxmlrpc-core-c3-dev
- samba-dev
- uuid-dev
configure:
command:
- ./autogen.sh --with-ipaplatform=debian
index:
build_command:
- make -j2 -s
# https://lgtm.com/help/lgtm/python-extraction
python:
prepare:
packages:
- build-essential
- autoconf
- automake
- autopoint
- libtool
- gettext
- git
- python3-dev
- python3-distutils
- python3-lesscpy
- python3-setuptools
- python3-wheel
- nodejs
- uglifyjs
- systemd
- 389-ds-base-dev
- libssl-dev
- libsasl2-dev
- libldap2-dev
- libkrb5-dev
- libkrad-dev
- libini-config-dev
- libnss3-dev
- libsss-certmap-dev
- libsss-idmap-dev
- libsss-nss-idmap-dev
- libunistring-dev
- libxmlrpc-core-c3-dev
- samba-dev
- uuid-dev
# extra dependencies for Python packages
- libaugeas-dev
- augeas-lenses
- libdbus-1-dev
- libffi-dev
- libxslt1-dev
- python3-libsss-nss-idmap
- python3-sss
after_prepare:
- ./autogen.sh --with-ipaplatform=debian
python_setup:
version: 3
setup_py: false
requirements:
- cffi
- cryptography
- custodia
- dbus-python
- dnspython
- jinja2
- jwcrypto
- lxml
- gssapi
- netaddr
- netifaces
- polib
- requests
- python-augeas
- pyasn1
- pyasn1-modules
- pytest
- pytest_multihost
- python-ldap
- python-yubico
- pyusb
- pyyaml
- qrcode
- six
before_index:
# Let LGTM pick up our packages
- export PYTHONPATH=$LGTM_SRC
index:
exclude:
# auto-generated files
- ipaclient/remote_plugins/2_114
- ipaclient/remote_plugins/2_156
- ipaclient/remote_plugins/2_164
- ipaclient/remote_plugins/2_49
# packaging helpers
- pypi
.mailmap
View file @ 828fdc0e
Ana Krivokapić <akrivoka@redhat.com> Ana Krivokapic <akrivoka@redhat.com>
Adam Misnyovszki <amisnyov@redhat.com> <amisnyov@redhat.com>
Amit Kumar <amitkuma@redhat.com> <amitkuma@redhat.com> <amitkuma@redhat.com>
Endi Sukma Dewata <edewata@redhat.com> System Administrator <root@dhcp-100-3-211.bos.redhat.com>
Endi Sukma Dewata <edewata@redhat.com>
Felipe Volpone <felipevolpone@gmail.com> Felipe Barreto <fbarreto@redhat.com>
Felipe Volpone <felipevolpone@gmail.com> felipe <fbarreto@localhost.localdomain>
Felipe Volpone <felipevolpone@gmail.com> Felipe Volpone <fbarreto@redhat.com>
Felipe Volpone <fbarreto@redhat.com>
Gabe Alford <redhatrises@gmail.com>
Ganna Kaihorodova <gkaihoro@redhat.com> <gkaihoro@example.com>
Jan Zelený <jzeleny@redhat.com>
......@@ -49,6 +54,7 @@ Rob Crittenden <rcritten@redhat.com> <rcrit@rhel1.greyoak.com>
Rob Crittenden <rcritten@redhat.com> rcritten <devnull@localhost>
Rob Crittenden <rcritten@redhat.com> <rcrit@thor.greyoak.com>
Rob Crittenden <rcritten@redhat.com> <rcrit@tove.greyoak.com>
Serhii Tsymbaliuk <stsymbal@redhat.com> <stsymbal@localhost.localdomain>
Simo Sorce <ssorce@redhat.com> <simo@redhat.com>
Sumit Bose <sbose@redhat.com> <sbose@ipa17-devel.ipa17.devel>
Sumit Bose <sbose@redhat.com> <sbose@ipa18-devel.ipa18.devel>
......
.test_runner_config.yaml
View file @ 828fdc0e
......@@ -28,8 +28,10 @@ steps:
builddep:
- rm -rf /var/cache/dnf/*
- "dnf makecache || :"
- dnf -y module enable nodejs:12
- dnf builddep -y ${builddep_opts} -D "with_wheels 1" --spec freeipa.spec.in --best --allowerasing --setopt=install_weak_deps=False
- dnf install -y gdb
- dnf update -y annobin
cleanup:
- chown -R ${uid}:${gid} ${container_working_dir}
- journalctl -b --no-pager > systemd_journal.log
......@@ -49,14 +51,16 @@ steps:
install_packages:
- sed -i 's/%_install_langs \(.*\)/\0:fr/g' /etc/rpm/macros.image-language-conf
- dnf install -y ${container_working_dir}/dist/rpms/*.rpm --best --allowerasing
- dnf install -y firewalld
- systemctl --now enable firewalld
install_server:
- ipa-server-install -U --domain ${server_domain} --realm ${server_realm} -p ${server_password}
-a ${server_password} --setup-dns --setup-kra --auto-forwarders
- sed -ri "s/mode = production/mode = development/" /etc/ipa/default.conf
- systemctl restart httpd.service
- firewall-cmd --add-service={freeipa-ldap,freeipa-ldaps,dns}
lint:
- make PYTHON=/usr/bin/python2 V=0 lint
- make PYTHON=/usr/bin/python3 V=0 pylint
- make V=0 lint
webui_unit:
- dnf install -y npm
- cd ${container_working_dir}/install/ui/js/libs && make
......@@ -64,7 +68,7 @@ steps:
- cd ${container_working_dir}/install/ui && node_modules/grunt/bin/grunt --verbose test
tox:
# just run one pylint and one Python 3 target (time/coverage trade-off)
- tox -e py27,py36,pypi,pylint3
- tox -e py36,pypi,pylint3
prepare_tests:
- echo ${server_password} | kinit admin && ipa ping
- cp -r /etc/ipa/* ~/.ipa/
......@@ -78,6 +82,7 @@ steps:
- ipa-server-install --uninstall -U
# second uninstall to verify that --uninstall without installation works
- ipa-server-install --uninstall -U
- firewall-cmd --remove-service={freeipa-ldap,freeipa-ldaps,dns}
tests:
ignore:
- test_integration
......
.test_runner_config_py3_temp.yaml deleted 100644 → 0
View file @ 530da69e
#
# Copyright (C) 2017 FreeIPA Contributors see COPYING for license
#
# Configuration file for the test runner used in Travis CI
# This config file is temporal and will be used only for migration period
# from py2 to fully supported py3
container:
detach: true
hostname: master.ipa.test
working_dir: /freeipa
host:
binds:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /dev/urandom:/dev/random:ro
privileged: true
security_opt:
- label:disable
tmpfs:
- /tmp
- /run
server:
domain: ipa.test
password: Secret123
realm: IPA.TEST
steps:
build:
- make V=0 ${make_target} LOG_COMPILE='gdb -return-child-result -ex run -ex "thread apply all bt" -ex "quit" --args'
builddep:
- rm -rf /var/cache/dnf/*
- "dnf makecache || :"
- dnf builddep -y ${builddep_opts} --spec freeipa.spec.in --best --allowerasing --setopt=install_weak_deps=False
- dnf install -y gdb
cleanup:
- chown -R ${uid}:${gid} ${container_working_dir}
- >
tar --ignore-failed-read -cvf ${container_working_dir}/var_log.tar
/var/log/dirsrv
/var/log/httpd
/var/log/ipa*
/var/log/krb5kdc.log
/var/log/pki
systemd_journal.log
`find daemons -name '*.log' -print`
- chown ${uid}:${gid} ${container_working_dir}/var_log.tar
configure:
- ./autogen.sh
install_packages:
- sed -i 's/%_install_langs \(.*\)/\0:fr/g' /etc/rpm/macros.image-language-conf
- dnf install -y ${container_working_dir}/dist/rpms/*.rpm --best --allowerasing
- dnf install -y python3-mod_wsgi --best --allowerasing # Py3 temporary
install_server:
- ipa-server-install -U --domain ${server_domain} --realm ${server_realm} -p ${server_password}
-a ${server_password} --setup-dns --auto-forwarders
- ipa-kra-install -p ${server_password}
lint:
- make PYTHON=/usr/bin/python2 V=0 lint
- make PYTHON=/usr/bin/python3 V=0 pylint
prepare_tests:
- echo ${server_password} | kinit admin && ipa ping
- cp -r /etc/ipa/* ~/.ipa/
- echo ${server_password} > ~/.ipa/.dmpw
- echo 'wait_for_dns=5' >> ~/.ipa/default.conf
run_tests:
- ipa-run-tests-3 ${tests_ignore} -k-test_dns_soa ${tests_verbose} ${path}
- '! grep -n -C5 BytesWarning /var/log/httpd/error_log'
tests:
verbose: true
ignore:
- test_integration
- test_webui
- test_ipapython/test_keyring.py
.tox-install.sh
View file @ 828fdc0e
......@@ -2,10 +2,11 @@
set -ex
FLAVOR="$1"
ENVPYTHON="$2"
ENVSITEPACKAGESDIR="$3"
# 3...end are package requirements
shift 3
ENVPYTHON="$(realpath "$2")"
ENVSITEPACKAGESDIR="$(realpath "$3")"
ENVDIR="$4"
# 4...end are package requirements
shift 4
TOXINIDIR="$(cd "$(dirname "$0")" && pwd)"
......@@ -25,10 +26,21 @@ if [ ! -f "${TOXINIDIR}/tox.ini" ]; then
exit 3
fi
if [ ! -d "${ENVDIR}" ]; then
echo "${ENVDIR}: no such directory"
exit 4
fi
# https://pip.pypa.io/en/stable/user_guide/#environment-variables
export PIP_CACHE_DIR="${TOXINIDIR}/.tox/cache"
mkdir -p "${PIP_CACHE_DIR}"
# /tmp could be mounted with noexec option.
# pip checks if path is executable and if not then doesn't set such
# permission bits
export PIP_BUILD="${ENVDIR}/pip_build"
rm -rf "${PIP_BUILD}"
DISTBUNDLE="${TOXINIDIR}/dist/bundle"
mkdir -p "${DISTBUNDLE}"
......
.travis.yml
View file @ 828fdc0e
......@@ -13,7 +13,7 @@ python:
cache: pip
env:
global:
- TEST_RUNNER_IMAGE="freeipa/freeipa-test-runner:master-latest"
- TEST_RUNNER_IMAGE="freeipa/freeipa-test-runner:ipa-4-8_f30"
PEP8_ERROR_LOG="pycodestyle_errors.log"
CI_RESULTS_LOG="ci_results_${TRAVIS_BRANCH}.log"
CI_BACKLOG_SIZE=5000
......@@ -24,28 +24,13 @@ env:
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
- TASK_TO_RUN="webui-unit"
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
- TASK_TO_RUN="run-tests"
PYTHON=/usr/bin/python2
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
TESTS_TO_RUN="test_xmlrpc/test_[a-k]*.py"
- TASK_TO_RUN="run-tests"
PYTHON=/usr/bin/python2
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
TESTS_TO_RUN="test_cmdline
test_install
test_ipaclient
test_ipalib
test_ipaplatform
test_ipapython
test_ipaserver
test_xmlrpc/test_[l-z]*.py"
- TASK_TO_RUN="run-tests"
PYTHON=/usr/bin/python3
TEST_RUNNER_CONFIG=".test_runner_config_py3_temp.yaml"
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
TESTS_TO_RUN="test_xmlrpc/test_[a-k]*.py"
- TASK_TO_RUN="run-tests"
PYTHON=/usr/bin/python3
TEST_RUNNER_CONFIG=".test_runner_config_py3_temp.yaml"
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
TESTS_TO_RUN="test_cmdline
test_install
test_ipaclient
......@@ -53,6 +38,7 @@ env:
test_ipaplatform
test_ipapython
test_ipaserver
test_ipatests_plugins
test_xmlrpc/test_[l-z]*.py"
- TASK_TO_RUN="tox"
TEST_RUNNER_CONFIG=".test_runner_config.yaml"
......
.travis_run_task.sh
View file @ 828fdc0e
......@@ -6,12 +6,7 @@
test_set=""
if [[ $PYTHON == "/usr/bin/python2" ]]
then
env_opt="--define 'with_python3 0'"
else
env_opt=""
fi
case "$TASK_TO_RUN" in
lint|tox)
......@@ -39,7 +34,7 @@ then
if [[ "$TRAVIS_EVENT_TYPE" == "pull_request" ]]
then
git diff origin/$TRAVIS_BRANCH -U0 | \
pycodestyle --ignore=W504 --diff &> $PEP8_ERROR_LOG ||:
pycodestyle --diff &> $PEP8_ERROR_LOG ||:
fi
fi
......@@ -55,7 +50,6 @@ docker pull $TEST_RUNNER_IMAGE
ipa-docker-test-runner -l $CI_RESULTS_LOG \
-c $TEST_RUNNER_CONFIG \
$developer_mode_opt \
--container-environment "PYTHON=$PYTHON" \
--container-environment "RPMBUILD_OPTS=$env_opt" \
--container-image $TEST_RUNNER_IMAGE \
--git-repo $TRAVIS_BUILD_DIR \
......
ACI.txt
View file @ 828fdc0e
......@@ -61,7 +61,7 @@ aci: (targetattr = "cn || description || ipacertprofilestoreissued")(targetfilte
dn: cn=certprofiles,cn=ca,dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || description || entryusn || ipacertprofilestoreissued || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipacertprofile)")(version 3.0;acl "permission:System: Read Certificate Profiles";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=ipaconfig,cn=etc,dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || entryusn || ipacertificatesubjectbase || ipaconfigstring || ipacustomfields || ipadefaultemaildomain || ipadefaultloginshell || ipadefaultprimarygroup || ipadomainresolutionorder || ipagroupobjectclasses || ipagroupsearchfields || ipahomesrootdir || ipakrbauthzdata || ipamaxusernamelength || ipamigrationenabled || ipapwdexpadvnotify || ipasearchrecordslimit || ipasearchtimelimit || ipaselinuxusermapdefault || ipaselinuxusermaporder || ipauserauthtype || ipauserobjectclasses || ipausersearchfields || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaguiconfig)")(version 3.0;acl "permission:System: Read Global Configuration";allow (compare,read,search) userdn = "ldap:///all";)
aci: (targetattr = "cn || createtimestamp || entryusn || ipacertificatesubjectbase || ipaconfigstring || ipacustomfields || ipadefaultemaildomain || ipadefaultloginshell || ipadefaultprimarygroup || ipadomainresolutionorder || ipagroupobjectclasses || ipagroupsearchfields || ipahomesrootdir || ipakrbauthzdata || ipamaxhostnamelength || ipamaxusernamelength || ipamigrationenabled || ipapwdexpadvnotify || ipasearchrecordslimit || ipasearchtimelimit || ipaselinuxusermapdefault || ipaselinuxusermaporder || ipauserauthtype || ipauserobjectclasses || ipausersearchfields || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipaguiconfig)")(version 3.0;acl "permission:System: Read Global Configuration";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=costemplates,cn=accounts,dc=ipa,dc=example
aci: (targetfilter = "(objectclass=costemplate)")(version 3.0;acl "permission:System: Add Group Password Policy costemplate";allow (add) groupdn = "ldap:///cn=System: Add Group Password Policy costemplate,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=costemplates,cn=accounts,dc=ipa,dc=example
......@@ -234,6 +234,8 @@ dn: cn=IPA.EXAMPLE,cn=kerberos,dc=ipa,dc=example
aci: (targetattr = "krbmaxpwdlife || krbminpwdlife || krbpwdfailurecountinterval || krbpwdhistorylength || krbpwdlockoutduration || krbpwdmaxfailure || krbpwdmindiffchars || krbpwdminlength")(targetfilter = "(objectclass=krbpwdpolicy)")(version 3.0;acl "permission:System: Modify Group Password Policy";allow (write) groupdn = "ldap:///cn=System: Modify Group Password Policy,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=IPA.EXAMPLE,cn=kerberos,dc=ipa,dc=example
aci: (targetattr = "cn || cospriority || createtimestamp || entryusn || krbmaxpwdlife || krbminpwdlife || krbpwdfailurecountinterval || krbpwdhistorylength || krbpwdlockoutduration || krbpwdmaxfailure || krbpwdmindiffchars || krbpwdminlength || modifytimestamp || objectclass")(targetfilter = "(objectclass=krbpwdpolicy)")(version 3.0;acl "permission:System: Read Group Password Policy";allow (compare,read,search) groupdn = "ldap:///cn=System: Read Group Password Policy,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=radiusproxy,dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || description || entryusn || ipatokenradiusretries || ipatokenradiusserver || ipatokenradiustimeout || ipatokenusermapattribute || modifytimestamp || objectclass")(targetfilter = "(objectclass=ipatokenradiusconfiguration)")(version 3.0;acl "permission:System: Read Radius Servers";allow (compare,read,search) groupdn = "ldap:///cn=System: Read Radius Servers,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=Realm Domains,cn=ipa,cn=etc,dc=ipa,dc=example
aci: (targetattr = "associateddomain")(targetfilter = "(objectclass=domainrelatedobject)")(version 3.0;acl "permission:System: Modify Realm Domains";allow (write) groupdn = "ldap:///cn=System: Modify Realm Domains,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=Realm Domains,cn=ipa,cn=etc,dc=ipa,dc=example
......@@ -271,6 +273,8 @@ aci: (targetattr = "krbcanonicalname || krbprincipalname")(targetfilter = "(obje
dn: cn=services,cn=accounts,dc=ipa,dc=example
aci: (targetattr = "krbprincipalauthind || usercertificate")(targetfilter = "(objectclass=ipaservice)")(version 3.0;acl "permission:System: Modify Services";allow (write) groupdn = "ldap:///cn=System: Modify Services,cn=permissions,cn=pbac,dc=ipa,dc=example";)
dn: cn=services,cn=accounts,dc=ipa,dc=example
aci: (targetattr = "cn || createtimestamp || entryusn || gecos || gidnumber || homedirectory || ipantsecurityidentifier || loginshell || modifytimestamp || objectclass || uid || uidnumber")(targetfilter = "(objectclass=ipaservice)")(version 3.0;acl "permission:System: Read POSIX details of SMB services";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=services,cn=accounts,dc=ipa,dc=example
aci: (targetattr = "createtimestamp || entryusn || ipakrbauthzdata || ipakrbprincipalalias || ipauniqueid || krbcanonicalname || krblastpwdchange || krbobjectreferences || krbpasswordexpiration || krbprincipalaliases || krbprincipalauthind || krbprincipalexpiration || krbprincipalname || managedby || memberof || modifytimestamp || objectclass || usercertificate")(targetfilter = "(objectclass=ipaservice)")(version 3.0;acl "permission:System: Read Services";allow (compare,read,search) userdn = "ldap:///all";)
dn: cn=services,cn=accounts,dc=ipa,dc=example
aci: (targetfilter = "(objectclass=ipaservice)")(version 3.0;acl "permission:System: Remove Services";allow (delete) groupdn = "ldap:///cn=System: Remove Services,cn=permissions,cn=pbac,dc=ipa,dc=example";)
......
API.txt
View file @ 828fdc0e
......@@ -186,6 +186,20 @@ output: Output('count', type=[<type 'int'>])
output: ListOfEntries('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: Output('truncated', type=[<type 'bool'>])
command: automember_find_orphans/1
args: 1,7,4
arg: Str('criteria?')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Str('description?', autofill=False, cli_name='desc')
option: Flag('pkey_only?', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Flag('remove?', autofill=True, default=False)
option: StrEnum('type', values=[u'group', u'hostgroup'])
option: Str('version?')
output: Output('count', type=[<type 'int'>])
output: ListOfEntries('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: Output('truncated', type=[<type 'bool'>])
command: automember_mod/1
args: 1,9,3
arg: Str('cn', cli_name='automember_rule')
......@@ -1061,7 +1075,7 @@ args: 0,1,1
option: Str('version?')
output: Output('result')
command: config_mod/1
args: 0,27,3
args: 0,28,3
option: Str('addattr*', cli_name='addattr')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Str('ca_renewal_master_server?', autofill=False)
......@@ -1075,6 +1089,7 @@ option: Str('ipagroupobjectclasses*', autofill=False, cli_name='groupobjectclass
option: IA5Str('ipagroupsearchfields?', autofill=False, cli_name='groupsearch')
option: IA5Str('ipahomesrootdir?', autofill=False, cli_name='homedirectory')
option: StrEnum('ipakrbauthzdata*', autofill=False, cli_name='pac_type', values=[u'MS-PAC', u'PAD', u'nfs:NONE'])
option: Int('ipamaxhostnamelength?', autofill=False, cli_name='maxhostname')
option: Int('ipamaxusernamelength?', autofill=False, cli_name='maxusername')
option: Bool('ipamigrationenabled?', autofill=False, cli_name='enable_migration')
option: Int('ipapwdexpadvnotify?', autofill=False, cli_name='pwdexpnotify')
......@@ -4433,7 +4448,7 @@ option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Str('role_servrole?', autofill=False, cli_name='role')
option: Str('server_server?', autofill=False, cli_name='server')
option: Int('sizelimit?', autofill=False)
option: StrEnum('status?', autofill=False, cli_name='status', default=u'enabled', values=[u'enabled', u'configured', u'absent'])
option: StrEnum('status?', autofill=False, cli_name='status', default=u'enabled', values=[u'enabled', u'configured', u'hidden', u'absent'])
option: Int('timelimit?', autofill=False)
option: Str('version?')
output: Output('count', type=[<type 'int'>])
......@@ -4461,6 +4476,14 @@ option: Str('version?')
output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: server_state/1
args: 1,2,3
arg: Str('cn', cli_name='name')
option: StrEnum('state', values=[u'enabled', u'hidden'])
option: Str('version?')
output: Output('result', type=[<type 'bool'>])
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: service_add/1
args: 1,14,3
arg: Principal('krbcanonicalname', cli_name='canonical_principal')
......@@ -4514,6 +4537,22 @@ option: Str('version?')
output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: service_add_smb/1
args: 2,9,3
arg: Str('fqdn', cli_name='hostname')
arg: Str('ipantflatname?', cli_name='netbiosname')
option: Str('addattr*', cli_name='addattr')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Bool('ipakrbokasdelegate?', cli_name='ok_as_delegate')
option: Bool('ipakrboktoauthasdelegate?', cli_name='ok_to_auth_as_delegate')
option: Flag('no_members', autofill=True, default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Str('setattr*', cli_name='setattr')
option: Certificate('usercertificate*', cli_name='certificate')
option: Str('version?')
output: Entry('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: service_allow_create_keytab/1
args: 1,8,3
arg: Principal('krbcanonicalname', cli_name='canonical_principal')
......@@ -4949,7 +4988,7 @@ output: Output('result', type=[<type 'dict'>])
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: ListOfPrimaryKeys('value')
command: stageuser_find/1
args: 1,54,4
args: 1,58,4
arg: Str('criteria?')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Str('carlicense*', autofill=False)
......@@ -4969,6 +5008,10 @@ option: Str('in_netgroup*', cli_name='in_netgroups')
option: Str('in_role*', cli_name='in_roles')
option: Str('in_sudorule*', cli_name='in_sudorules')
option: Str('initials?', autofill=False)
option: Str('ipanthomedirectory?', autofill=False, cli_name='smb_home_dir')
option: StrEnum('ipanthomedirectoryrive?', autofill=False, cli_name='smb_home_drive', values=[u'A:', u'B:', u'C:', u'D:', u'E:', u'F:', u'G:', u'H:', u'I:', u'J:', u'K:', u'L:', u'M:', u'N:', u'O:', u'P:', u'Q:', u'R:', u'S:', u'T:', u'U:', u'V:', u'W:', u'X:', u'Y:', u'Z:'])
option: Str('ipantlogonscript?', autofill=False, cli_name='smb_logon_script')
option: Str('ipantprofilepath?', autofill=False, cli_name='smb_profile_path')
option: Str('ipatokenradiusconfiglink?', autofill=False, cli_name='radius')
option: Str('ipatokenradiususername?', autofill=False, cli_name='radius_username')
option: StrEnum('ipauserauthtype*', autofill=False, cli_name='user_auth_type', values=[u'password', u'radius', u'otp'])
......@@ -5010,7 +5053,7 @@ output: ListOfEntries('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: Output('truncated', type=[<type 'bool'>])
command: stageuser_mod/1
args: 1,47,3
args: 1,51,3
arg: Str('uid', cli_name='login')
option: Str('addattr*', cli_name='addattr')
option: Flag('all', autofill=True, cli_name='all', default=False)
......@@ -5027,6 +5070,10 @@ option: Int('gidnumber?', autofill=False)
option: Str('givenname?', autofill=False, cli_name='first')
option: Str('homedirectory?', autofill=False, cli_name='homedir')
option: Str('initials?', autofill=False)
option: Str('ipanthomedirectory?', autofill=False, cli_name='smb_home_dir')
option: StrEnum('ipanthomedirectoryrive?', autofill=False, cli_name='smb_home_drive', values=[u'A:', u'B:', u'C:', u'D:', u'E:', u'F:', u'G:', u'H:', u'I:', u'J:', u'K:', u'L:', u'M:', u'N:', u'O:', u'P:', u'Q:', u'R:', u'S:', u'T:', u'U:', u'V:', u'W:', u'X:', u'Y:', u'Z:'])
option: Str('ipantlogonscript?', autofill=False, cli_name='smb_logon_script')
option: Str('ipantprofilepath?', autofill=False, cli_name='smb_profile_path')
option: Str('ipasshpubkey*', autofill=False, cli_name='sshpubkey')
option: Str('ipatokenradiusconfiglink?', autofill=False, cli_name='radius')
option: Str('ipatokenradiususername?', autofill=False, cli_name='radius_username')
......@@ -5748,10 +5795,12 @@ output: Output('result', type=[<type 'dict'>])
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: ListOfPrimaryKeys('value')
command: trust_fetch_domains/1
args: 1,5,4
args: 1,7,4
arg: Str('cn', cli_name='realm')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Flag('raw', autofill=True, cli_name='raw', default=False)
option: Str('realm_admin?', cli_name='admin')
option: Password('realm_passwd?', cli_name='password', confirm=False)
option: Str('realm_server?', cli_name='server')
option: Flag('rights', autofill=True, default=False)
option: Str('version?')
......@@ -6031,7 +6080,7 @@ output: Output('result', type=[<type 'bool'>])
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: PrimaryKey('value')
command: user_find/1
args: 1,57,4
args: 1,61,4
arg: Str('criteria?')
option: Flag('all', autofill=True, cli_name='all', default=False)
option: Str('carlicense*', autofill=False)
......@@ -6051,6 +6100,10 @@ option: Str('in_netgroup*', cli_name='in_netgroups')
option: Str('in_role*', cli_name='in_roles')
option: Str('in_sudorule*', cli_name='in_sudorules')
option: Str('initials?', autofill=False)
option: Str('ipanthomedirectory?', autofill=False, cli_name='smb_home_dir')
option: StrEnum('ipanthomedirectoryrive?', autofill=False, cli_name='smb_home_drive', values=[u'A:', u'B:', u'C:', u'D:', u'E:', u'F:', u'G:', u'H:', u'I:', u'J:', u'K:', u'L:', u'M:', u'N:', u'O:', u'P:', u'Q:', u'R:', u'S:', u'T:', u'U:', u'V:', u'W:', u'X:', u'Y:', u'Z:'])
option: Str('ipantlogonscript?', autofill=False, cli_name='smb_logon_script')
option: Str('ipantprofilepath?', autofill=False, cli_name='smb_profile_path')
option: Str('ipatokenradiusconfiglink?', autofill=False, cli_name='radius')
option: Str('ipatokenradiususername?', autofill=False, cli_name='radius_username')
option: StrEnum('ipauserauthtype*', autofill=False, cli_name='user_auth_type', values=[u'password', u'radius', u'otp'])
......@@ -6095,7 +6148,7 @@ output: ListOfEntries('result')
output: Output('summary', type=[<type 'unicode'>, <type 'NoneType'>])
output: Output('truncated', type=[<type 'bool'>])
command: user_mod/1
args: 1,48,3
args: 1,52,3
arg: Str('uid', cli_name='login')
option: Str('addattr*', cli_name='addattr')
option: Flag('all', autofill=True, cli_name='all', default=False)
......@@ -6112,6 +6165,10 @@ option: Int('gidnumber?', autofill=False)
option: Str('givenname?', autofill=False, cli_name='first')
option: Str('homedirectory?', autofill=False, cli_name='homedir')
option: Str('initials?', autofill=False)
option: Str('ipanthomedirectory?', autofill=False, cli_name='smb_home_dir')
option: StrEnum('ipanthomedirectoryrive?', autofill=False, cli_name='smb_home_drive', values=[u'A:', u'B:', u'C:', u'D:', u'E:', u'F:', u'G:', u'H:', u'I:', u'J:', u'K:', u'L:', u'M:', u'N:', u'O:', u'P:', u'Q:', u'R:', u'S:', u'T:', u'U:', u'V:', u'W:', u'X:', u'Y:', u'Z:'])
option: Str('ipantlogonscript?', autofill=False, cli_name='smb_logon_script')
option: Str('ipantprofilepath?', autofill=False, cli_name='smb_profile_path')
option: Str('ipasshpubkey*', autofill=False, cli_name='sshpubkey')
option: Str('ipatokenradiusconfiglink?', autofill=False, cli_name='radius')
option: Str('ipatokenradiususername?', autofill=False, cli_name='radius_username')
......@@ -6503,6 +6560,7 @@ default: automember_default_group_set/1
default: automember_default_group_show/1
default: automember_del/1
default: automember_find/1
default: automember_find_orphans/1
default: automember_mod/1
default: automember_rebuild/1
default: automember_remove_condition/1
......@@ -6890,11 +6948,13 @@ default: server_role/1
default: server_role_find/1
default: server_role_show/1
default: server_show/1
default: server_state/1
default: service/1
default: service_add/1
default: service_add_cert/1
default: service_add_host/1
default: service_add_principal/1
default: service_add_smb/1
default: service_allow_create_keytab/1
default: service_allow_retrieve_keytab/1
default: service_del/1
......
Contributors.txt
View file @ 828fdc0e
......@@ -4,136 +4,153 @@ The following people have contributed to the FreeIPA project.
(Listed in alphabetical order within category)
Developers:
Timo Aaltonen
Gabe Alford
Jr Aquino
Tomáš Babej
Martin Babinsky
Kyle Baker
Felipe Barreto
Jan Barta
Martin Bašti
Sylvain Baubeau
Florence Blanc-Renaud
Abhijeet Kasurde
Adam Misnyovszki
Adam Williamson
Adam Young
Ade Lee
Aleksei Slaikovskii
Ales 'alich' Marecek
Alex Zeleznikov
Alexander Bokovoy
Thierry Bordaz
Sumit Bose
François Cami
Petr Čech
Xiao-Long Chen
Jan Cholasta
Yuri Chornoivan
Alexander Koksharov
Alexander Scheel
Alexey Slaykovsky
Amit Kumar
Ana Krivokapić
Andrew Wnuk
Anuja More
Armando Neto
Ben Lipton
Benjamin Drung
Brian Cook
Rob Crittenden
Frank Cusack
Nalin Dahyabhai
Rishabh Dave
Brian J. Murrell
Christian Heimes
Christian Hermann
David Kreitschmann
David Kupka
David O'Brien
David Spångberg
Diane Trout
Diogo Nunes
Dmitri Pal
Don Davis
Nikhil Dehadrai
John Dennis
Jason Gerard DeRose
Günther Deschner
Endi Sukma Dewata
Lenka Doudova
Benjamin Drung
Patrice Duc-Jacquet
Tibor Dudlák
Lewis Eason
Drew Erny
Oleg Fayans
Jérôme Fenal
Endi Sukma Dewata
Fabiano Fidêncio
Stephen Gallagher
René Genz
James Groffen
Oliver Gutierrez
Ondřej Hamada
Robbie Harwood
Nick Hatch
Christian Heimes
Jakub Hrozek
Felipe Volpone
Filip Skola
Florence Blanc-Renaud
Francesco Marella
Francisco Trivino
François Cami
Frank Cusack
Fraser Tweedale
Gabe Alford
Ganna Kaihorodova
Abhijeet Kasurde
Nathan Kinder
Krzysztof Klimonda
Alexander Koksharov
Nikolai Kondrashov
Martin Košek
David Kreitschmann
Ludwig Krispenz
Ana Krivokapić
Tomáš Křížek
Milan Kubík
Amit Kumar
German Parente
Gowrishankar Rajaiyan
Günther Deschner
Ian Kumlien
David Kupka
Robert Kuska
Ian Pilcher
Jakub Hrozek
James Groffen
Jan Barta
Jan Cholasta
Jan Pazdziora
Jan Zelený
Jason Gerard DeRose
Jason Woods
Jérôme Fenal
Jim Meyering
John Dennis
John L
Peter Lacko
Stanislav Laznicka
Ade Lee
Stanislav Levin
Ben Lipton
John Morris
Jr Aquino
Justin Stephenson
Kaleemullah Siddiqui
Karl MacMillan
Niranjan Mallapadi
Ales 'alich' Marecek
Francesco Marella
Nathaniel McCallum
William Jon McCann
Kevin McCarthy
Krzysztof Klimonda
Kyle Baker
Lars Sjostrom
Lenka Doudova
Lenka Ryznarova
Lewis Eason
Lubomír Rintel
Ludwig Krispenz
Lukáš Slebodník
Lynn Root
Mark McLoughlin
Rich Megginson
Sudhir Menon
Jim Meyering
Adam Misnyovszki
Takeshi MIZUTA
Anuja More
John Morris
Niranjan MR
Brian J. Murrell
Varun Mylaraiah
Marko Myllynen
Martin Babinsky
Martin Bašti
Martin Košek
Martin Nagy
Armando Neto
David O'Brien
Dmitri Pal
Jan Pazdziora
W. Michael Petullo
Pavel Picka
Gowrishankar Rajaiyan
realsobek
Michal Reznik
Lubomír Rintel
Matt Rogers
Lynn Root
Pete Rowley
Lenka Ryznarova
Thorsten Scherf
shanyin
Kaleemullah Siddiqui
Michael Simacek
Lars Sjostrom
Filip Skola
Aleksei Slaikovskii
Lukáš Slebodník
Simo Sorce
Michal Reznik
Michal Židek
Milan Kubík
Mohammad Rizwan Yusuf
Nalin Dahyabhai
Nathan Kinder
Nathaniel McCallum
Nick Hatch
Nikhil Dehadrai
Nikolai Kondrashov
Niranjan Mallapadi
Niranjan MR
Oleg Fayans
Oleg Kozlov
Oliver Gutierrez
Ondřej Hamada
Orion Poplawski
Patrice Duc-Jacquet
Pavel Picka
Pavel Vomáčka
Pavel Zůna
Pete Rowley
Peter Keresztes Schmidt
Peter Lacko
Petr Čech
Petr Špaček
David Spångberg
Justin Stephenson
Diane Trout
Fraser Tweedale
Petr Viktorin
Petr Voborník
Felipe Volpone
Pavel Vomáčka
Andrew Wnuk
Jason Woods
Adam Young
Mohammad Rizwan Yusuf
Jan Zelený
Alex Zeleznikov
Michal Židek
Pavel Zůna
realsobek
René Genz
Rich Megginson
Rishabh Dave
Rob Crittenden
Robbie Harwood
Robert Kuska
Sergey Orlov
Serhii Tsymbaliuk
shanyin
Simo Sorce
Stanislav Laznicka
Stanislav Levin
Stephen Gallagher
sudharsanomprakash
Sudhir Menon
Sumedh Sidhaye
Sumit Bose
Sylvain Baubeau
Takeshi MIZUTA
Theodor van Nahl
Thierry Bordaz
Thomas Woerner
Thorsten Scherf
Tibor Dudlák
Timo Aaltonen
Tomáš Babej
Tomáš Křížek
Varun Mylaraiah
W. Michael Petullo
William Brown
William Jon McCann
Xiao-Long Chen
Yuri Chornoivan
Documentation:
Gabe Alford
......@@ -157,15 +174,38 @@ Testing:
Yi Zhang
Translators:
Héctor Daniel Cabrera
Yuri Chornoivan
Teguh DC
Piotr Drąg
Jérôme Fenal
A S Alam
Abhijeet Kasurde
Alex
Alexander Bokovoy
Andi Chandler
Andrew Martynov
Brian Curtich
David Kreitschmann
dominique
Emilio Herrera
Gundachandru
Héctor Daniel Cabrera
Jake Li
Andrew Martynov
Jérôme Fenal
Josef Hruška
Marco Aurélio Krause
Martin Bašti
Martin Kosek
Martin Liu
Olesya Gerasimenko
Omar Berroterán S.
Paul Ritter
Pavel Borecki
Pavel Vomacka
Piotr Drąg
Robert Antoni Buj Gelonch
Sankarshan Mukhopadhyay
Teguh DC
Tomas Babej
Yuri Chornoivan
Zdenek
zhenglei
Wiki, Solution and Idea Contributors:
James Hogarth
......
Makefile.am
View file @ 828fdc0e
NULL =
ACLOCAL_AMFLAGS = -I m4
if ENABLE_SERVER
......@@ -11,25 +13,50 @@ endif
IPACLIENT_SUBDIRS = ipaclient ipalib ipaplatform ipapython
PYTHON_SUBDIRS = $(IPACLIENT_SUBDIRS) $(IPATESTS_SUBDIRS) $(IPASERVER_SUBDIRS)
PYTHON_SCRIPT_SUBDIRS = \
$(top_builddir) \
$(top_builddir)/client \
$(top_builddir)/daemons/dnssec \
$(top_builddir)/install/certmonger \
$(top_builddir)/install/oddjob \
$(top_builddir)/install/restart_scripts \
$(top_builddir)/install/tools \
$(NULL)
IPA_PLACEHOLDERS = freeipa ipa ipaserver ipatests
SUBDIRS = asn1 util client contrib po pypi $(PYTHON_SUBDIRS) $(SERVER_SUBDIRS)
GENERATED_PYTHON_FILES = \
$(top_builddir)/ipaplatform/override.py \
$(top_builddir)/ipapython/version.py
$(top_builddir)/ipapython/version.py \
$(top_builddir)/makeaci \
$(top_builddir)/makeapi \
$(NULL)
MOSTLYCLEANFILES = ipasetup.pyc ipasetup.pyo \
pylint_plugins.pyc pylint_plugins.pyo
# user-facing scripts
dist_bin_SCRIPTS = ipa
nodist_bin_SCRIPTS = ipa
# files required for build but not installed
dist_noinst_SCRIPTS = makeapi \
nodist_noinst_SCRIPTS = \
makeapi \
makeaci \
$(NULL)
dist_noinst_SCRIPTS = \
make-doc \
make-test \
pylint_plugins.py
pylint_plugins.py \
$(NULL)
# templates
dist_noinst_DATA = \
ipa.in \
makeaci.in \
makeapi.in \
$(NULL)
ipasetup.py: ipasetup.py.in $(CONFIG_STATUS)
$(AM_V_GEN)sed \
......@@ -62,7 +89,8 @@ clean-local:
rm -rf "$(top_builddir)/.tox"
rm -rf "$(top_srcdir)/__pycache__"
rm -f "$(top_builddir)"/$(PACKAGE)-*.tar.gz
rm -rf "$(top_srcdir)/cov-int"
rm -f "$(top_srcdir)/freeipa.tgz"
# convenience targets for RPM build
.PHONY: rpmroot rpmdistdir version-update _dist-version-bakein _rpms-prep \
......@@ -153,7 +181,7 @@ endif WITH_PYLINT
if WITH_JSLINT
JSLINT_TARGET = jslint
endif WITH_JSLINT
lint: acilint apilint $(POLINT_TARGET) $(PYLINT_TARGET) $(JSLINT_TARGET)
lint: acilint apilint $(POLINT_TARGET) $(PYLINT_TARGET) $(JSLINT_TARGET) rpmlint yamllint
.PHONY: devcheck
devcheck: all
......@@ -166,39 +194,21 @@ endif
if ! WITH_JSLINT
@echo "ERROR: jslint not available"; exit 1
endif
if ! WITH_PYTHON2
@echo "ERROR: python2 not available"; exit 1
endif
@ # run all linters, tests, and check with Python 2
PYTHONPATH=$(abspath $(top_srcdir)) $(PYTHON2) ipatests/ipa-run-tests \
--ipaclient-unittests
$(MAKE) $(AM_MAKEFLAGS) acilint apilint polint jslint check
$(MAKE) $(AM_MAKEFLAGS) PYTHON=$(PYTHON2) pylint
if WITH_PYTHON3
@ # just tests, aci, api and pylint on Python 3
PYTHONPATH=$(abspath $(top_srcdir)) $(PYTHON3) ipatests/ipa-run-tests \
PYTHONPATH=$(abspath $(top_srcdir)) $(PYTHON) ipatests/ipa-run-tests \
--ipaclient-unittests
$(MAKE) $(AM_MAKEFLAGS) PYTHON=$(PYTHON3) acilint apilint polint pylint
else
@echo "WARNING: python3 not available"
endif
$(MAKE) $(AM_MAKEFLAGS) acilint apilint polint pylint jslint rpmlint yamllint check
@echo "All tests passed."
.PHONY: fastcheck fasttest fastlint
fastcheck:
if WITH_PYTHON2
@$(MAKE) -j1 $(AM_MAKEFLAGS) PYTHON=$(PYTHON2) \
fastlint fasttest apilint acilint
endif
if WITH_PYTHON3
@$(MAKE) -j1 $(AM_MAKEFLAGS) PYTHON=$(PYTHON3) \
fastlint fasttest apilint acilint
endif
@$(MAKE) -j1 $(AM_MAKEFLAGS) fastlint rpmlint yamllint fasttest apilint acilint
fasttest: $(GENERATED_PYTHON_FILES) ipasetup.py
@ # --ignore doubles speed of total test run compared to pytest.skip()
@ # on module.
PYTHONPATH=$(abspath $(top_srcdir)) $(PYTHON3) ipatests/ipa-run-tests \
PATH=$(abspath ipatests):$$PATH PYTHONPATH=$(abspath $(top_srcdir)) \
$(PYTHON) ipatests/ipa-run-tests \
--skip-ipaapi \
--ignore $(abspath $(top_srcdir))/ipatests/test_integration \
--ignore $(abspath $(top_srcdir))/ipatests/test_xmlrpc
......@@ -210,8 +220,19 @@ endif
@echo "Fast linting with $(PYTHON) from branch '$(GIT_BRANCH)'"
@MERGEBASE=$$(git merge-base --fork-point $(GIT_BRANCH)); \
FILES=$$(git diff --name-only --diff-filter=d $${MERGEBASE} \
PYFILES=$$(git diff --name-only --diff-filter=d $${MERGEBASE} \
| grep -E '\.py$$' ); \
INFILES=$$(git diff --name-only --diff-filter=d $${MERGEBASE} \
| grep -E '\.in$$' \
| xargs -n1 file 2>/dev/null | grep Python \
| cut -d':' -f1; ); \
if [ -n "$${PYFILES}" ] && [ -n "$${INFILES}" ]; then \
FILES="$$( printf $${PYFILES}\\n$${INFILES} )" ; \
elif [ -n "$${PYFILES}" ]; then \
FILES="$${PYFILES}" ; \
else \
FILES="$${INFILES}" ; \
fi ; \
if [ -n "$${FILES}" ]; then \
echo -e "Fast linting files:\n$${FILES}\n"; \
echo "pycodestyle"; \
......@@ -250,6 +271,22 @@ polint:
$(MAKE) -C $(srcdir)/po PYTHON=$(PYTHON) \
validate-src-strings validate-po test-gettext
.PHONY: rpmlint
rpmlint: freeipa.spec
rpmlint ./$<
YAML_FILES = \
$(top_srcdir)/.travis.yml \
$(top_srcdir)/.lgtm.yml \
$(wildcard $(top_srcdir)/.*.yaml) \
$(wildcard $(top_srcdir)/ipatests/prci_definitions/*.yaml)
.PHONY: yamllint
yamllint: $(YAML_FILES)
@for YAML in $^; do \
$(PYTHON) -c "import yaml; f = open('$${YAML}'); yaml.safe_load(f); f.close()" || exit 1; \
done
# Run pylint for all python files. Finds all python files/packages, skips
# folders rpmbuild, freeipa-* and dist. Skip (match, but don't print) .*,
# *.in, *~. Finally print all python files, including scripts that do not
......@@ -258,7 +295,7 @@ polint:
.PHONY: pylint
if WITH_PYLINT
pylint: $(GENERATED_PYTHON_FILES) ipasetup.py
pylint: $(GENERATED_PYTHON_FILES) ipasetup.py python_scripts
FILES=`find $(top_srcdir) \
-type d -exec test -e '{}/__init__.py' \; -print -prune -o \
-path './rpmbuild' -prune -o \
......@@ -365,6 +402,47 @@ python_install:
$(MAKE) $(AM_MAKEFLAGS) -C $${dir} install || exit 1; \
done
.PHONY: python_scripts
python_scripts:
for dir in $(PYTHON_SCRIPT_SUBDIRS); do \
$(MAKE) $(AM_MAKEFLAGS) -C $${dir} python_scripts_sub || exit 1; \
done
.PHONY:
strip-po:
$(MAKE) -C po strip-po
.PHONY: cov-scan
cov-scan:
$(MAKE) clean
@# analyse C code with workaround for missing _Float types
@# https://stackoverflow.com/questions/50434236/coverity-scan-fails-to-build-stdlib-h-with-gnu-source-defined
cov-build --dir cov-int $(MAKE) all \
CFLAGS="-D_Float32=float -D_Float32x=double -D_Float64=double -D_Float64x='long double' -D_Float128='long double'"
@# remove build directories and analyse Python
rm -rf ipa*/build
cov-build --dir cov-int --no-command \
$(foreach d,$(PYTHON_SUBDIRS),--fs-capture-search $(d))
@# analyze JS files
cov-build --dir cov-int --no-command --fs-capture-search install/ui
@# compress and upload
tar czvf freeipa.tgz cov-int
if [ -n "$${COVERITY_SCAN_TOKEN}" ]; then \
curl --progress-bar --output /dev/null \
--form token=$${COVERITY_SCAN_TOKEN} \
--form email=scan@mg.freeipa.org \
--form file=@freeipa.tgz \
--form version="$(VERSION)" \
--form description="FreeIPA" \
"https://scan.coverity.com/builds?project=freeipa%2Ffreeipa"; \
fi
PYTHON_SHEBANG = \
ipa \
makeaci \
makeapi \
$(NULL)
CLEANFILES = $(PYTHON_SHEBANG)
include $(top_srcdir)/Makefile.pythonscripts.am
Makefile.pythonscripts.am 0 → 100644
View file @ 828fdc0e
# special handling of Python scripts with auto-generated shebang line
$(PYTHON_SHEBANG):%: %.in Makefile
$(AM_V_GEN)sed -e 's|^#!/usr/bin/python3.*|#!$(PYTHON) -E|g' $< > $@
$(AM_V_GEN)chmod +x $@
.PHONY: python_scripts_sub
python_scripts_sub: $(PYTHON_SHEBANG)
README.md
View file @ 828fdc0e
......@@ -75,5 +75,5 @@ Please see the file called COPYING.
https://pagure.io/freeipa/issues
* If you want to participate in actively developing IPA please
subscribe to the freeipa-devel mailing list at
https://www.redhat.com/mailman/listinfo/freeipa-devel/ or join
https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/ or join
us in IRC at <irc://irc.freenode.net/freeipa>
VERSION.m4
View file @ 828fdc0e
......@@ -20,18 +20,21 @@
# -> "1.0.0" #
########################################################
define(IPA_VERSION_MAJOR, 4)
define(IPA_VERSION_MINOR, 6)
define(IPA_VERSION_RELEASE, 90)
define(IPA_VERSION_MINOR, 8)
define(IPA_VERSION_RELEASE, 1)
########################################################
# For 'pre' releases the version will be #
# #
# <MAJOR>.<MINOR>.<RELEASE><PRE_RELEASE> #
# #
# pre releases start with RELEASE 90. After pre1 has #
# been released, RELEASE is bumpled to 91, and so on #
# #
# e.g. define(IPA_VERSION_PRE_RELEASE, rc1) #
# -> "1.0.0rc1" #
########################################################
define(IPA_VERSION_PRE_RELEASE, .pre2)
define(IPA_VERSION_PRE_RELEASE, )
########################################################
# To mark GIT snapshots this should be set to 'yes' #
......@@ -46,7 +49,7 @@ define(IPA_VERSION_PRE_RELEASE, .pre2)
# This option works only with GNU m4: #
# it requires esyscmd m4 macro. #
########################################################
define(IPA_VERSION_IS_GIT_SNAPSHOT, yes)
define(IPA_VERSION_IS_GIT_SNAPSHOT, no)
########################################################
# git development branch: #
......@@ -55,8 +58,8 @@ define(IPA_VERSION_IS_GIT_SNAPSHOT, yes)
# - ipa-X-X: define(IPA_GIT_BRANCH, #
# ipa-IPA_VERSION_MAJOR-IPA_VERSION_MINOR) #
########################################################
define(IPA_GIT_BRANCH, master)
dnl define(IPA_GIT_BRANCH, ipa-IPA_VERSION_MAJOR-IPA_VERSION_MINOR)
dnl define(IPA_GIT_BRANCH, master)
define(IPA_GIT_BRANCH, ipa-IPA_VERSION_MAJOR-IPA_VERSION_MINOR)
########################################################
# The version of IPA data. This is used to identify #
......@@ -83,8 +86,8 @@ define(IPA_DATA_VERSION, 20100614120000)
# #
########################################################
define(IPA_API_VERSION_MAJOR, 2)
define(IPA_API_VERSION_MINOR, 229)
# Last change: Added the Certificate parameter
define(IPA_API_VERSION_MINOR, 233)
# Last change: Added service_add_smb command
########################################################
......
client/Makefile.am
View file @ 828fdc0e
......@@ -40,9 +40,10 @@ sbin_PROGRAMS = \
$(NULL)
sbin_SCRIPTS = \
ipa-client-install \
ipa-client-automount \
ipa-certupdate \
ipa-client-automount \
ipa-client-install \
ipa-client-samba \
$(NULL)
ipa_getkeytab_SOURCES = \
......@@ -92,16 +93,25 @@ ipa_join_LDADD = \
SUBDIRS = \
share \
man \
sysconfig \
$(NULL)
noinst_HEADERS = \
ipa-client-common.h
EXTRA_DIST = \
$(sbin_SCRIPTS) \
ipa-certupdate.in \
ipa-client-automount.in \
ipa-client-install.in \
ipa-client-samba.in \
$(NULL)
install-data-hook:
$(INSTALL) -d -m 755 $(DESTDIR)$(IPA_SYSCONF_DIR)/nssdb
$(INSTALL) -d -m 755 $(DESTDIR)$(localstatedir)/lib/ipa-client/pki
$(INSTALL) -d -m 755 $(DESTDIR)$(localstatedir)/lib/ipa-client/sysrestore
PYTHON_SHEBANG = $(sbin_SCRIPTS)
include $(top_srcdir)/Makefile.pythonscripts.am
client/config.c
View file @ 828fdc0e
......@@ -123,17 +123,18 @@ get_config_entry(char * in_data, const char *section, const char *key)
line++;
p = strchr(line, ']');
if (p) {
tmp = strndup(line, p - line);
if (in_section) {
/* We exited the matching section without a match */
free(data);
return NULL;
}
tmp = strndup(line, p - line);
if (strcmp(section, tmp) == 0) {
free(tmp);
in_section = 1;
continue;
}
free(tmp);
}
} /* [ */
......
client/ipa-certupdate client/ipa-certupdate.in 100755 → 100644
View file @ 828fdc0e
#!/usr/bin/python3 -E
#!/usr/bin/python3
# Authors: Jan Cholasta <jcholast@redhat.com>
#
# Copyright (C) 2014 Red Hat
......