Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 297665 - New Ebuild: FreeIPA security information management
Summary: New Ebuild: FreeIPA security information management
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High enhancement
Assignee: Default Assignee for New Packages
URL: http://freeipa.org/page/Main_Page
Whiteboard:
Keywords:
Depends on: 309951 336043 104554 305881 305885 305887 309591 309799 309803 388965 388967 388969
Blocks: 327649 299011
  Show dependency tree
 
Reported: 2009-12-20 16:34 UTC by Mario Fetka (geos_one)
Modified: 2024-02-07 16:42 UTC (History)
15 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
freeipa-1.9.0_pre3.ebuild (freeipa-1.9.0_pre3.ebuild,1.50 KB, text/plain)
2010-07-10 01:16 UTC, Andreis Vinogradovs ( slepnoga )
Details
freeipa-2.1.0.ebuild (freeipa-2.1.0.ebuild,2.45 KB, text/plain)
2011-09-07 22:23 UTC, Andreis Vinogradovs ( slepnoga )
Details
freeipa-2.1.3.ebuild (freeipa-2.1.3.ebuild,2.57 KB, text/plain)
2011-10-30 13:25 UTC, Andreis Vinogradovs ( slepnoga )
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Mario Fetka (geos_one) 2009-12-20 16:34:22 UTC
FreeIPA is an integrated security information management solution combining Linux (Fedora), Fedora Directory Server, MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools. Currently it supports identity management with  plans to support policy and auditing management. 

Reproducible: Always
Comment 1 Mario Fetka (geos_one) 2009-12-20 16:35:51 UTC
FreeIPA requres port389 Directory Server
Comment 2 Mario Fetka (geos_one) 2009-12-20 16:42:07 UTC
ebuild are on the way in my overlay (details in #104554 )
Comment 3 Mario Fetka (geos_one) 2009-12-20 20:46:31 UTC
initial ebuilds are now in my 389 tree

!!! this ebuilds are not for produktion system !!!

they are only there to start the discussion

app-admin/freeipa-admintools
app-admin/freeipa-radius-admintools
dev-python/authconfig
dev-python/python-krbV
dev-python/freeipa-python
net-dialup/freeipa-radius-server
net-misc/freeipa-client
net-nds/freeipa-server

so my tests will start next week
freeIPA is hardcoded to redhat linux
so we have to find the wrong dependencies
and correct them to gentoo
also the package deeps for the configscripts (they are also hardcoded to redhat) in the server/client/radius package are still not there pam_krb mod_auth_krb mod_nss ...

i am not uploading this ebuilds as they are not for testing
Comment 4 Kevin Bowling 2009-12-21 09:38:12 UTC
Firstly, I want to say thanks1  FreeIPA looks like just the kind of wrapper Linux needs to compete with Active Directory.

Second, upstream should be informed about their Redhat assumptions and see if they have advice or if they are receptive to decoupling patches.  It's been by take that at least the 389 devs would like to see it in distros other than Fedora and RHEL.
Comment 5 Mario Fetka (geos_one) 2009-12-21 13:44:05 UTC
(In reply to comment #4)
> Firstly, I want to say thanks1  FreeIPA looks like just the kind of wrapper
> Linux needs to compete with Active Directory.
> 
> Second, upstream should be informed about their Redhat assumptions and see if
> they have advice or if they are receptive to decoupling patches.  It's been by
> take that at least the 389 devs would like to see it in distros other than
> Fedora and RHEL.
> 
yes most of my suggestions for port389 has already been approved and a milestone was set so starting with 1.3 version of the dirsrv most of my suggestions for gentoo where realized.

for freeipa first i have to find the the parts that depends on redhat 
like filepath assumtions /etc/sysconfig and like that hardcoded path to mod_auth_krb conf and so on 
so any help would be appriciated to find this errors
the we can provide patches that are more general 
like specifying the the configfile name in a config file
i hope by the end of the week i will have a new gentoo appilance running to test freeipa


Comment 6 Andreis Vinogradovs ( slepnoga ) 2010-01-26 03:35:37 UTC
IMHO, RH directory stack also contains dogtag-pki system (and more ) - provide CA functionality.I tried to write dogtag-pki ebuild,but I badly writе java ebuild.
Also, free-ipa optional dependent on this package.
Incomplete ebulds for dogtag-pki contained in my private overlay.


P.S Sorry, my english is bad
Comment 7 Andreis Vinogradovs ( slepnoga ) 2010-07-10 01:14:54 UTC
This bag depend on #321875 
Comment 8 Andreis Vinogradovs ( slepnoga ) 2010-07-10 01:16:01 UTC
Created attachment 238187 [details]
freeipa-1.9.0_pre3.ebuild

please, only for testing :)
Comment 9 Ian Kumlien 2011-09-05 12:23:34 UTC
FreeIPA 2.1 has been released, I really hope that someone takes this on.

Personally i would like to run this with all my machines. It also seems like RedHat will be shipping this with their RHEL soonish (as in fully supported)...

It's also the last thing missing wrt propper admin tools for larger networks.
Comment 10 Andreis Vinogradovs ( slepnoga ) 2011-09-06 15:41:24 UTC
This bug is depend on #299011	
2.1 freeipa version have >=1.25.4 xmlrpc-c version.

P.S Mario. please, add block in depend
Comment 11 Andreis Vinogradovs ( slepnoga ) 2011-09-07 22:23:19 UTC
Created attachment 285823 [details]
freeipa-2.1.0.ebuild

This ebuild only for testing ( need more deps). Quality unknown
Comment 12 Andreis Vinogradovs ( slepnoga ) 2011-10-30 13:25:29 UTC
Created attachment 291221 [details]
freeipa-2.1.3.ebuild
Comment 13 Reto Gantenbein (ganto) 2012-12-04 14:09:38 UTC
I started another effort to create a working ebuild for freeipa. So far, I managed to get full IPA client support on a Gentoo box. I won't flood the bugzilla with my ebuilds (yet), as they are likely to change a lot when I try to get the server side up too.

People who are interested can have a look at https://github.com/ganto/freeipa

I also opened (and partially fixed) some bugs which could be added do the "Depends on" list: #445394, #445478