document: modulemd
version: 2
data:
stream: DL1
summary: The Red Hat Enterprise Linux Identity Management system module
description: >-
RHEL IdM is an integrated solution to provide centrally managed Identity (users, hosts,
services), Authentication (SSO, 2FA), and Authorization (host access control,
SELinux user roles, services). The solution provides features for further integration
with Linux based clients (SUDO, automount) and integration with Active Directory
based infrastructures (Trusts).
license:
module: [MIT]
dependencies:
- buildrequires:
platform: [el8]
pki-core: [10.6]
httpd: [2.4]
389-ds: [1.4]
requires:
platform: [el8]
pki-core: [10.6]
httpd: [2.4]
389-ds: [1.4]
references:
community: https://www.freeipa.org/
documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
tracker: https://pagure.io/freeipa/issues
profiles:
common:
description: A default profile for RHEL IdM client
rpms:
- ipa-client
client:
description: RHEL IdM Client
rpms:
- ipa-client
server:
description: Base RHEL IdM Server with integrated CA and no integrated DNS
rpms:
- ipa-server
- ipa-healthcheck
dns:
description: RHEL IdM with integrated DNS server and integrated CA
rpms:
- ipa-server
- ipa-server-dns
- ipa-healthcheck
adtrust:
description: RHEL IdM Server Integration with Active Directory
rpms:
- ipa-server-trust-ad
- ipa-idoverride-memberof-plugin
- ipa-healthcheck
components:
rpms:
ipa:
rationale: Module API
ref: stream-idm-DL1-rhel-8.1.0
bind-dyndb-ldap:
rationale: Driver for BIND to store DNS information in LDAP
ref: stream-idm-DL1-rhel-8.1.0
slapi-nis:
rationale: Compatibility plugin to serve legacy clients
ref: stream-idm-DL1-rhel-8.1.0
# 389-ds-base is not available on i686
arches: [ aarch64, x86_64, s390x, ppc64le ]
ipa-healthcheck:
rationale: A tool to detect issues in IdM clusters
ref: stream-DL1-rhel-8.1.0
buildorder: 3
ipa-idoverride-memberof:
rationale: Manage IdM with Active Directory users
ref: stream-idm-DL1-rhel-8.1.0
buildorder: 3
custodia:
rationale: Remote access to secrets and credentials in IdM topology
ref: stream-idm-DL1-rhel-8.1.0
buildorder: 2
python-jwcrypto:
rationale: JSON Web Cryptographic Tokens used by Custodia
ref: stream-idm-DL1-rhel-8.1.0
buildorder: 1
python-qrcode:
rationale: QR code generator for IdM two-factor authentication
ref: stream-idm-DL1-rhel-8.1.0
python-yubico:
rationale: Support for Yubikey-based tokens for IdM two-factor authentication
ref: stream-idm-DL1-rhel-8.1.0
buildorder: 2
pyusb:
rationale: Python USB support to access USB tokens for IdM two-factor authentication
ref: stream-idm-DL1-rhel-8.1.0
buildorder: 1
softhsm:
rationale: Software version of a PKCS#11 Hardware Security Module
ref: stream-idm-DL1-rhel-8.1.0
opendnssec:
rationale: An implementation of DNSSEC support for IdM integrated DNS server
ref: stream-idm-DL1-rhel-8.1.0
python-kdcproxy:
rationale: MS-KKDCP (kerberos proxy) WSGI module
ref: stream-idm-DL1-rhel-8.1.0