|
Packit |
d0e2d1 |
# Turn off automatic python byte compilation because these are Ansible
|
|
Packit |
d0e2d1 |
# roles and the files are transferred to the node and compiled there with
|
|
Packit |
d0e2d1 |
# the python verison used in the node
|
|
Packit |
d0e2d1 |
%define __brp_python_bytecompile %{nil}
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Summary: Roles and playbooks to deploy FreeIPA servers, replicas and clients
|
|
Packit |
d0e2d1 |
Name: ansible-freeipa
|
|
Packit Service |
f62a22 |
Version: 0.1.12
|
|
Packit Service |
f62a22 |
Release: 6%{?dist}
|
|
Packit |
d0e2d1 |
URL: https://github.com/freeipa/ansible-freeipa
|
|
Packit |
d0e2d1 |
License: GPLv3+
|
|
Packit |
d0e2d1 |
Source: https://github.com/freeipa/ansible-freeipa/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
|
Packit Service |
f62a22 |
Patch1: ansible-freeipa-0.1.12-Fixes-service-disable-when-service-has-no-certificates-attached_rhbz#1836294.patch
|
|
Packit Service |
f62a22 |
Patch2: ansible-freeipa-0.1.12-Add-suppport-for-changing-password-of-symmetric-vaults_rhbz#1839197.patch
|
|
Packit Service |
f62a22 |
Patch3: ansible-freeipa-0.1.12-Fix-forwardzone-issues_rhbz#1843826,1843828,1843829,1843830,1843831.patch
|
|
Packit Service |
f62a22 |
Patch4: ansible-freeipa-0.1.12-ipa-host-group-Fix-membermanager-unknow-user-issue_rhbz#1848426.patch
|
|
Packit Service |
f62a22 |
Patch5: ansible-freeipa-0.1.12-ipa-user,host-Fail-on-duplucate-names-in-the-users-and-hosts-lists_rhbz#1822683.patch
|
|
Packit Service |
f62a22 |
Patch6: ansible-freeipa-0.1.12-action_plugins-ipaclient_get_otp-Discovered-python-n_rhbz#1852714.patch
|
|
Packit Service |
f62a22 |
Patch7: ansible-freeipa-0.1.12-ipa-server-replica-Fix-pkcs12-info-regressions-intro_rhbz#1853284.patch
|
|
Packit Service |
f62a22 |
Patch8: ansible-freeipa-0.1.12-ipareplica-Fix-missing-parameters-for-several-module_hbz#1855299.patch
|
|
Packit Service |
f62a22 |
Patch9: ansible-freeipa-0.1.12-Allow-multiple-dns-zones-to-be-absent_rhbz#1845058.patch
|
|
Packit Service |
f62a22 |
Patch10: ansible-freeipa-0.1.12-Fixed-error-msgs-on-FreeIPABaseModule-subclasses_rhbz#1845051.patch
|
|
Packit Service |
f62a22 |
Patch11: ansible-freeipa-0.1.12-Fix-allow_retrieve_keytab_host-in-service-module_rhbz#1868020.patch
|
|
Packit Service |
f62a22 |
Patch12: ansible-freeipa-0.1.12-Modified-return-value-for-ipavault-module_rhbz#1867909.patch
|
|
Packit Service |
f62a22 |
Patch13: ansible-freeipa-0.1.12-Add-support-for-option-name_from_ip-in-ipadnszone-mo_rhbz#1845056.patch
|
|
Packit Service |
f62a22 |
Patch14: ansible-freeipa-0.1.12-Fixes-password-behavior-on-Vault-module_rhbz#1839200.patch
|
|
Packit |
d0e2d1 |
BuildArch: noarch
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
#Requires: ansible
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%description
|
|
Packit |
d0e2d1 |
ansible-freeipa provides Ansible roles and playbooks to install and uninstall
|
|
Packit Service |
f62a22 |
FreeIPA servers, replicas and clients. Also modules for group, host, topology
|
|
Packit Service |
f62a22 |
and user management.
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Note: The ansible playbooks and roles require a configured ansible environment
|
|
Packit |
d0e2d1 |
where the ansible nodes are reachable and are properly set up to have an IP
|
|
Packit |
d0e2d1 |
address and a working package manager.
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Features
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
- Server, replica and client deployment
|
|
Packit |
d0e2d1 |
- Cluster deployments: Server, replicas and clients in one playbook
|
|
Packit |
d0e2d1 |
- One-time-password (OTP) support for client installation
|
|
Packit |
d0e2d1 |
- Repair mode for clients
|
|
Packit Service |
f62a22 |
- Modules for dns forwarder management
|
|
Packit Service |
f62a22 |
- Modules for dns record management
|
|
Packit Service |
f62a22 |
- Modules for dns zone management
|
|
Packit |
d0e2d1 |
- Modules for group management
|
|
Packit |
d0e2d1 |
- Modules for hbacrule management
|
|
Packit |
d0e2d1 |
- Modules for hbacsvc management
|
|
Packit |
d0e2d1 |
- Modules for hbacsvcgroup management
|
|
Packit |
d0e2d1 |
- Modules for host management
|
|
Packit |
d0e2d1 |
- Modules for hostgroup management
|
|
Packit |
d0e2d1 |
- Modules for pwpolicy management
|
|
Packit Service |
f62a22 |
- Modules for service management
|
|
Packit |
d0e2d1 |
- Modules for sudocmd management
|
|
Packit |
d0e2d1 |
- Modules for sudocmdgroup management
|
|
Packit |
d0e2d1 |
- Modules for sudorule management
|
|
Packit |
d0e2d1 |
- Modules for topology management
|
|
Packit |
d0e2d1 |
- Modules for user management
|
|
Packit Service |
f62a22 |
- Modules for vault management
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Supported FreeIPA Versions
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
FreeIPA versions 4.6 and up are supported by all roles.
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
The client role supports versions 4.4 and up, the server role is working with
|
|
Packit |
d0e2d1 |
versions 4.5 and up, the replica role is currently only working with versions
|
|
Packit |
d0e2d1 |
4.6 and up.
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Supported Distributions
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
- RHEL/CentOS 7.4+
|
|
Packit |
d0e2d1 |
- Fedora 26+
|
|
Packit |
d0e2d1 |
- Ubuntu
|
|
Packit |
d0e2d1 |
- Debian 10+ (ipaclient only, no server or replica!)
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Requirements
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Controller
|
|
Packit Service |
f62a22 |
|
|
Packit |
d0e2d1 |
- Ansible version: 2.8+ (ansible-freeipa is an Ansible Collection)
|
|
Packit Service |
f62a22 |
/usr/bin/kinit is required on the controller if a one time password (OTP)
|
|
Packit |
d0e2d1 |
is used
|
|
Packit |
d0e2d1 |
- python3-gssapi is required on the controller if a one time password (OTP)
|
|
Packit |
d0e2d1 |
is used with keytab to install the client.
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Node
|
|
Packit Service |
f62a22 |
|
|
Packit |
d0e2d1 |
- Supported FreeIPA version (see above)
|
|
Packit |
d0e2d1 |
- Supported distribution (needed for package installation only, see above)
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
Limitations
|
|
Packit |
d0e2d1 |
|
|
Packit Service |
f62a22 |
External signed CA is now supported. But the currently needed two step process
|
|
Packit Service |
f62a22 |
is an issue for the processing in a simple playbook.
|
|
Packit Service |
f62a22 |
Work is planned to have a new method to handle CSR for external signed CAs in
|
|
Packit Service |
f62a22 |
a separate step before starting the server installation.
|
|
Packit Service |
f62a22 |
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%prep
|
|
Packit |
d0e2d1 |
%setup -q
|
|
Packit |
d0e2d1 |
# Do not create backup files with patches
|
|
Packit |
d0e2d1 |
%patch1 -p1
|
|
Packit |
d0e2d1 |
%patch2 -p1
|
|
Packit |
d0e2d1 |
%patch3 -p1
|
|
Packit |
d0e2d1 |
%patch4 -p1
|
|
Packit |
d0e2d1 |
%patch5 -p1
|
|
Packit |
d0e2d1 |
%patch6 -p1
|
|
Packit |
d0e2d1 |
%patch7 -p1
|
|
Packit |
d0e2d1 |
%patch8 -p1
|
|
Packit |
d0e2d1 |
%patch9 -p1
|
|
Packit |
d0e2d1 |
%patch10 -p1
|
|
Packit Service |
f62a22 |
%patch11 -p1
|
|
Packit Service |
f62a22 |
%patch12 -p1
|
|
Packit Service |
f62a22 |
%patch13 -p1
|
|
Packit Service |
f62a22 |
%patch14 -p1
|
|
Packit |
d0e2d1 |
# Fix python modules and module utils:
|
|
Packit |
d0e2d1 |
# - Remove shebang
|
|
Packit |
d0e2d1 |
# - Remove execute flag
|
|
Packit |
d0e2d1 |
for i in roles/ipa*/library/*.py roles/ipa*/module_utils/*.py plugins/*/*.py; do
|
|
Packit |
d0e2d1 |
sed -i '/\/usr\/bin\/python*/d' $i
|
|
Packit |
d0e2d1 |
chmod a-x $i
|
|
Packit |
d0e2d1 |
done
|
|
Packit |
d0e2d1 |
# Add execute flag to py3test.py scripts
|
|
Packit |
d0e2d1 |
chmod a+x roles/ipa*/files/py3test.py
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%build
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%install
|
|
Packit |
d0e2d1 |
install -m 755 -d %{buildroot}%{_datadir}/ansible/roles/
|
|
Packit |
d0e2d1 |
cp -rp roles/ipaserver %{buildroot}%{_datadir}/ansible/roles/
|
|
Packit |
d0e2d1 |
cp -rp roles/ipaserver/README.md README-server.md
|
|
Packit |
d0e2d1 |
cp -rp roles/ipareplica %{buildroot}%{_datadir}/ansible/roles/
|
|
Packit |
d0e2d1 |
cp -rp roles/ipareplica/README.md README-replica.md
|
|
Packit |
d0e2d1 |
cp -rp roles/ipaclient %{buildroot}%{_datadir}/ansible/roles/
|
|
Packit |
d0e2d1 |
cp -rp roles/ipaclient/README.md README-client.md
|
|
Packit |
d0e2d1 |
install -m 755 -d %{buildroot}%{_datadir}/ansible/plugins/
|
|
Packit |
d0e2d1 |
cp -rp plugins/* %{buildroot}%{_datadir}/ansible/plugins/
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%files
|
|
Packit |
d0e2d1 |
%license COPYING
|
|
Packit |
d0e2d1 |
%{_datadir}/ansible/roles/ipaserver
|
|
Packit |
d0e2d1 |
%{_datadir}/ansible/roles/ipareplica
|
|
Packit |
d0e2d1 |
%{_datadir}/ansible/roles/ipaclient
|
|
Packit |
d0e2d1 |
%{_datadir}/ansible/plugins/module_utils
|
|
Packit |
d0e2d1 |
%{_datadir}/ansible/plugins/modules
|
|
Packit Service |
f62a22 |
%doc README*.md
|
|
Packit |
d0e2d1 |
%doc playbooks
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
%changelog
|
|
Packit Service |
f62a22 |
* Tue Aug 18 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-6
|
|
Packit Service |
f62a22 |
- Allow to manage multiple dnszone entries
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1845058
|
|
Packit Service |
f62a22 |
- Fixed error msgs on FreeIPABaseModule subclasses
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1845051
|
|
Packit Service |
f62a22 |
- Fix `allow_create_keytab_host` in service module
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1868020
|
|
Packit Service |
f62a22 |
- Modified return value for ipavault module
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1867909
|
|
Packit Service |
f62a22 |
- Add support for option `name_from_ip` in ipadnszone module
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1845056
|
|
Packit Service |
f62a22 |
- Fixe password behavior on Vault module
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1839200
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Tue Jul 14 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-5
|
|
Packit Service |
f62a22 |
- ipareplica: Fix failure while deploying KRA
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1855299
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Thu Jul 02 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-4
|
|
Packit Service |
f62a22 |
- ipa[server,replica]: Fix pkcs12 info regressions introduced with CA-less
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1853284
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Wed Jul 01 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-3
|
|
Packit Service |
f62a22 |
- action_plugins/ipaclient_get_otp: Discovered python needed in task_vars
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1852714
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Mon Jun 29 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-2
|
|
Packit Service |
f62a22 |
- Fixes service disable when service has no certificates attached
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1836294
|
|
Packit Service |
f62a22 |
- Add suppport for changing password of symmetric vaults
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1839197
|
|
Packit Service |
f62a22 |
- Fix forwardzone issues
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1843826
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1843828
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1843829
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1843830
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1843831
|
|
Packit Service |
f62a22 |
- ipa[host]group: Fix membermanager unknow user issue
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1848426
|
|
Packit Service |
f62a22 |
- ipa[user,host]: Fail on duplucate names in the users and hosts lists
|
|
Packit Service |
f62a22 |
Resolves: RHBZ#1822683
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Mon Jun 15 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.12-1
|
|
Packit Service |
f62a22 |
- Update to version 0.1.12 bug fix only release
|
|
Packit Service |
f62a22 |
Related: RHBZ#1818768
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Thu Jun 11 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.11-1
|
|
Packit Service |
f62a22 |
- Update to version 0.1.11
|
|
Packit Service |
f62a22 |
Related: RHBZ#1818768
|
|
Packit Service |
f62a22 |
|
|
Packit Service |
f62a22 |
* Mon Apr 27 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.10-1
|
|
Packit Service |
f62a22 |
- Update to version 0.1.10:
|
|
Packit Service |
f62a22 |
- ipaclient: Not delete keytab when ipaclient_on_master is true
|
|
Packit Service |
f62a22 |
- New module to manage dns forwarder zones in ipa
|
|
Packit Service |
f62a22 |
- Enhancements of sudorule module tests
|
|
Packit Service |
f62a22 |
- Gracefully handle RuntimeError raised during parameter validation in
|
|
Packit Service |
f62a22 |
fail_jso
|
|
Packit Service |
f62a22 |
- ipareplica_prepare: Fix module DOCUMENTATION
|
|
Packit Service |
f62a22 |
- ipa[server,replica,client]: setup_logging wrapper for
|
|
Packit Service |
f62a22 |
standard_logging_setup
|
|
Packit Service |
f62a22 |
- Created FreeIPABaseModule class to facilitate creation of new modules
|
|
Packit Service |
f62a22 |
- New IPADNSZone module
|
|
Packit Service |
f62a22 |
- Add admin password to the ipadnsconfig module tests
|
|
Packit Service |
f62a22 |
- Added alias module arguments in dnszone module
|
|
Packit Service |
f62a22 |
- Fixed a bug in AnsibleFreeIPAParams
|
|
Packit Service |
f62a22 |
- utils/build-galaxy-release: Do not add release tag to version for galaxy
|
|
Packit Service |
f62a22 |
- ipaserver docs: Calm down module linter
|
|
Packit Service |
f62a22 |
- galaxy.yml: Add system tag
|
|
Packit Service |
f62a22 |
- ipareplica_setup_kra: Remove unused ccache parameter
|
|
Packit Service |
f62a22 |
- ipareplica_setup_krb: krb is assigned to but never used
|
|
Packit Service |
f62a22 |
- utils/galaxy: Make galaxy scripts more generic
|
|
Packit Service |
f62a22 |
- galaxyfy-playbook.py: Fixed script name
|
|
Packit Service |
f62a22 |
Related: RHBZ#1818768
|
|
Packit Service |
f62a22 |
|
|
Packit |
d0e2d1 |
* Thu Feb 20 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.8-3
|
|
Packit |
d0e2d1 |
- ipahost: Do not fail on missing DNS or zone when no IP address given
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1804838
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Fri Feb 14 2020 Thomas Woerner <twoerner@redhat.com> - 0.1.8-2
|
|
Packit |
d0e2d1 |
- Updated RPM description for ansible-freeipa 0.1.8
|
|
Packit |
d0e2d1 |
Related: RHBZ#1748986
|
|
Packit |
d0e2d1 |
- ipahost: Fix choices of auth_ind parameter, allow to reset parameter
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1783992
|
|
Packit |
d0e2d1 |
- ipauser: Allow reset of userauthtype, do not depend on first,last for mod
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1784474
|
|
Packit |
d0e2d1 |
- ipahost: Enhanced failure msg for member params used without member action
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1783948
|
|
Packit |
d0e2d1 |
- Add missing attributes to ipasudorule
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1788168
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1788035
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1788024
|
|
Packit |
d0e2d1 |
- ipapwpolicy: Use global_policy if name is not set
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1797532
|
|
Packit |
d0e2d1 |
- ipahbacrule: Fix handing of members with action hbacrule
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1787996
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Fix comparison of bool parameters in compare_args_isa
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1784514
|
|
Packit |
d0e2d1 |
- ipahost: Add support for several IP addresses and also to change them
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1783979
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1783976
|
|
Packit |
d0e2d1 |
- ipahost: Fail on action member for new hosts, fix dnsrecord_add reverse flag
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1803026
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Sat Dec 14 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.8-1
|
|
Packit |
d0e2d1 |
- Update to version 0.1.8 (bug fix release)
|
|
Packit |
d0e2d1 |
- roles/ipaclient/README.md: Add information about ipaclient_otp
|
|
Packit |
d0e2d1 |
- Install and enable firewalld if it is configured for ipaserver and
|
|
Packit |
d0e2d1 |
ipareplica roles
|
|
Packit |
d0e2d1 |
- ipaserver_test: Do not use zone_overlap_check for domain name validation
|
|
Packit |
d0e2d1 |
- Allow execution of API commands that do not require a name
|
|
Packit |
d0e2d1 |
- Update README-host: Drop options from allow_*keytab parameters docs
|
|
Packit |
d0e2d1 |
- ipauser: Extend email addresses with default email domain if no domain is
|
|
Packit |
d0e2d1 |
given
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1747413
|
|
Packit |
d0e2d1 |
Related: RHBZ#1748986
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Mon Dec 2 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.7-1
|
|
Packit |
d0e2d1 |
- Update to version 0.1.7
|
|
Packit |
d0e2d1 |
- Add debian support for ipaclient
|
|
Packit |
d0e2d1 |
- Added support for predefining client OTP using ipaclient_otp
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Store suffix for commands in command list
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Fail for missing entry with reinitialized
|
|
Packit |
d0e2d1 |
- Utils scripts: ansible-ipa-[server,replica,client]-install
|
|
Packit |
d0e2d1 |
- ipaserver_test,ipareplica_prepare: Do not return _pkcs12_file settings
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Add support for GSSAPI
|
|
Packit |
d0e2d1 |
- ansible_ipa_client: Drop import of configure_nsswitch_database
|
|
Packit |
d0e2d1 |
- New host management module
|
|
Packit |
d0e2d1 |
- New hostgroup management module
|
|
Packit |
d0e2d1 |
- ipagroup: Remove unused member_[present,absent] states
|
|
Packit |
d0e2d1 |
- external-ca tests: Fix typo in inventory files
|
|
Packit |
d0e2d1 |
- tests/external-signed-ca tests: Fix external-ca.sh to use proper serials
|
|
Packit |
d0e2d1 |
- ipagroup: Rework to use same mechanisms as ipahostgroup module
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: api_command should not have extra try clause
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: compare_args_ipa needs to compare lists orderless
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: New function api_check_param
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: New functions module_params_get and _afm_convert
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Add missing to_text import for _afm_convert
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Convert tuple to list in compare_args_ipa
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: New function api_get_realm
|
|
Packit |
d0e2d1 |
- ipauser: User module extension
|
|
Packit |
d0e2d1 |
- New sudocmd management module
|
|
Packit |
d0e2d1 |
- New sudocmdgroup management module
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Convert int to string in compare_args_ipa
|
|
Packit |
d0e2d1 |
- New pwpolicy management module
|
|
Packit |
d0e2d1 |
- New hbacsvc (HBAC Service) management module
|
|
Packit |
d0e2d1 |
- New hbacsvcgroup (HBAC Service Group) management module
|
|
Packit |
d0e2d1 |
- ipagroup: Properly support IPA versions 4.6 and RHEL-7
|
|
Packit |
d0e2d1 |
- ipagroup: Fix changed flag, new test cases
|
|
Packit |
d0e2d1 |
- ipauser: Add info about version limitation of passwordexpiration
|
|
Packit |
d0e2d1 |
- New hbacrule (HBAC Rule) management module
|
|
Packit |
d0e2d1 |
- ipahostgroup: Fix changed flag, support IPA 4.6 on RHEL-7, new test cases
|
|
Packit |
d0e2d1 |
- New sudorule (Sudo Rule) management module
|
|
Packit |
d0e2d1 |
- ipauser: Support 'sn' alias of 'last' for surname
|
|
Packit |
d0e2d1 |
- Update galaxy.yml: Update description, drop empty dependencies
|
|
Packit |
d0e2d1 |
- Update ipauser.py: Fix typo in users.name description
|
|
Packit |
d0e2d1 |
- ipaclient: Fix misspelled sssd options
|
|
Packit |
d0e2d1 |
- ipauser: Return generated random password
|
|
Packit |
d0e2d1 |
- ipahost: Return generated random password
|
|
Packit |
d0e2d1 |
- Added context configuration to api_connect
|
|
Packit |
d0e2d1 |
- ansible_freeipa_module: Better support for KRB5CCNAME environment variable
|
|
Packit |
d0e2d1 |
- ipa[server,replica,client]: Add support for CentOS-8
|
|
Packit |
d0e2d1 |
- ipahost: Extension to be able handle several hosts and all settings
|
|
Packit |
d0e2d1 |
- Flake8 fixes
|
|
Packit |
d0e2d1 |
- Documentation updates
|
|
Packit |
d0e2d1 |
- Cleanup
|
|
Packit |
d0e2d1 |
Resolves: RHBZ#1748986
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Fri Sep 6 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.6-4
|
|
Packit |
d0e2d1 |
- ansible_ipa_client: Drop import of configure_nsswitch_database
|
|
Packit |
d0e2d1 |
(RHBZ#1748905)
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Wed Jul 31 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.6-3
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Store suffix for commands in command list (RHBZ#1733547)
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Fail for missing entry with reinitialized (RHBZ#1733559)
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Tue Jul 23 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.6-2
|
|
Packit |
d0e2d1 |
- Drop dirserv_cert_files key from utils/gen_module_docs.py for covscan
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Tue Jul 23 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.6-1
|
|
Packit |
d0e2d1 |
- update to version 0.1.6
|
|
Packit |
d0e2d1 |
- Lots of documentation updates in READMEs and modules
|
|
Packit |
d0e2d1 |
- library/ipaclient_get_otp: Enable force mode for host_add call (fixes #74)
|
|
Packit |
d0e2d1 |
- Flake8 and pylint reated fixes
|
|
Packit |
d0e2d1 |
- Fixed wrong path to CheckedIPAddress class in ipareplica_test
|
|
Packit |
d0e2d1 |
- Remove unused ipaserver/library/ipaserver.py
|
|
Packit |
d0e2d1 |
- No not use wildcard imports for modules
|
|
Packit |
d0e2d1 |
- ipareplica: Add support for pki_config_override
|
|
Packit |
d0e2d1 |
- ipareplica: Initialize dns.ip_addresses and dns.reverse_zones for dns setup
|
|
Packit |
d0e2d1 |
- ipareplica_prepare: Properly initialize pin and cert_name variables
|
|
Packit |
d0e2d1 |
- ipareplica: Fail with proper error messages
|
|
Packit |
d0e2d1 |
- ipaserver: Properly set settings related to pkcs12 files
|
|
Packit |
d0e2d1 |
- ipaclient: RawConfigParser is not always provided by six.moves.configparser
|
|
Packit |
d0e2d1 |
- ipaclient_setup_nss: paths.GETENT is not available before
|
|
Packit |
d0e2d1 |
freeipa-4.6.90.pre1
|
|
Packit |
d0e2d1 |
- ipaserver_test: Initialize value from options.zonemgr
|
|
Packit |
d0e2d1 |
- ipareplica_setup_custodia: create_replica only available in newer releases
|
|
Packit |
d0e2d1 |
- ipaclient: Fix typo in dnsok assignment for ipaclient_setup_nss
|
|
Packit |
d0e2d1 |
- ipa[server,replica]: Set _packages_adtrust for Ubuntu
|
|
Packit |
d0e2d1 |
- New build script for galaxy release
|
|
Packit |
d0e2d1 |
- New utils script to update module docs
|
|
Packit |
d0e2d1 |
- Changes from ansible-freeipa-0.1.5
|
|
Packit |
d0e2d1 |
- Support for IPA 4.8.0
|
|
Packit |
d0e2d1 |
- New user management module
|
|
Packit |
d0e2d1 |
- New group management module
|
|
Packit |
d0e2d1 |
- ipaserver: Support external signed CA
|
|
Packit |
d0e2d1 |
- RHEL-8 specific vars files to be able to install needed modules
|
|
Packit |
d0e2d1 |
automatically
|
|
Packit |
d0e2d1 |
- ipareplica: Fixes for certmonger and kra setup
|
|
Packit |
d0e2d1 |
- New tests folder
|
|
Packit |
d0e2d1 |
- OTP related updates to README files
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Thu Jul 4 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.4-2
|
|
Packit |
d0e2d1 |
- ansible_ipa_client: Always set options.unattended (RHBZ#1726645)
|
|
Packit |
d0e2d1 |
- ipaserver_prepare: Properly report error, do show trace back (RHBZ#1726668)
|
|
Packit |
d0e2d1 |
- ipa[server,replica,client]: RHEL-8 specific vars files (RHBZ#1727095)
|
|
Packit |
d0e2d1 |
- ipatopology modules: Use ipaadmin_ prefix for principal and password
|
|
Packit |
d0e2d1 |
(RHBZ#1727101)
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Mon Jun 17 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.4-1
|
|
Packit |
d0e2d1 |
- update to version 0.1.4
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Use commands, not command
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Mon Jun 17 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.3-1
|
|
Packit |
d0e2d1 |
- update to version 0.1.3
|
|
Packit |
d0e2d1 |
- ipaclient_test: Fix Python2 decode use with Python3
|
|
Packit |
d0e2d1 |
- Fixed: #86 (AttributeError: 'str' object has no attribute 'decode')
|
|
Packit |
d0e2d1 |
- ipaclient_get_otp: Remove ansible_python_interpreter handling
|
|
Packit |
d0e2d1 |
- ipaclient: Use omit (None) for password, keytab, no string length checks
|
|
Packit |
d0e2d1 |
- ipaclient_join: Support to use ipaadmin_keytab without ipaclient_use_otp
|
|
Packit |
d0e2d1 |
- ipaclient: Report error message if ipaclient_get_otp failed
|
|
Packit |
d0e2d1 |
- Fixes #17 Improve how tasks manage package installation
|
|
Packit |
d0e2d1 |
- ipareplica: The dm password is not needed for ipareplica_master_password
|
|
Packit |
d0e2d1 |
- ipareplica: Use ipareplica_server if set
|
|
Packit |
d0e2d1 |
- ipatopologysegment: Allow domain+ca suffix, new state: checked
|
|
Packit |
d0e2d1 |
- Documentation updates
|
|
Packit |
d0e2d1 |
- Cleanups
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Tue Jun 11 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.2-3
|
|
Packit |
d0e2d1 |
- bump release for functional test
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Tue Jun 11 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.2-2
|
|
Packit |
d0e2d1 |
- bump release for functional test
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Fri Jun 7 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.2-1
|
|
Packit |
d0e2d1 |
- update to version 0.1.2
|
|
Packit |
d0e2d1 |
- Now a new Ansible Collection
|
|
Packit |
d0e2d1 |
- Fix gssapi requirement for OTP: It is only needed if keytab is used with
|
|
Packit |
d0e2d1 |
OTP now.
|
|
Packit |
d0e2d1 |
- Fix wrong ansible argument types
|
|
Packit |
d0e2d1 |
- Do not fail on textwrap for replica deployments with CA
|
|
Packit |
d0e2d1 |
- Ansible lint and galaxy fixes
|
|
Packit |
d0e2d1 |
- Disable automatic removal of replication agreements in uninstall
|
|
Packit |
d0e2d1 |
- Enable freeipa-trust service if adtrust is enabled
|
|
Packit |
d0e2d1 |
- Add support for hidden replica
|
|
Packit |
d0e2d1 |
- New topology managament modules
|
|
Packit |
d0e2d1 |
- Add support for pki_config_override
|
|
Packit |
d0e2d1 |
- Fix host name setup in server deployment
|
|
Packit |
d0e2d1 |
- Fix errors when ipaservers variable is not set
|
|
Packit |
d0e2d1 |
- Fix ipaclient install role length typo
|
|
Packit |
d0e2d1 |
- Cleanups
|
|
Packit |
d0e2d1 |
|
|
Packit |
d0e2d1 |
* Mon May 6 2019 Thomas Woerner <twoerner@redhat.com> - 0.1.1-1
|
|
Packit |
d0e2d1 |
- Initial package
|