document: modulemd
version: 2
data:
  stream: DL1
  summary: The Red Hat Enterprise Linux Identity Management system module
  description: RHEL IdM is an integrated solution to provide centrally managed Identity
    (users, hosts, services), Authentication (SSO, 2FA), and Authorization (host access
    control, SELinux user roles, services). The solution provides features for further
    integration with Linux based clients (SUDO, automount) and integration with Active
    Directory based infrastructures (Trusts).
  license:
    module:
    - MIT
  dependencies:
  - buildrequires:
      389-ds:
      - "1.4"
      httpd:
      - "2.4"
      pki-core:
      - "10.6"
      platform:
      - el8
    requires:
      389-ds:
      - "1.4"
      httpd:
      - "2.4"
      pki-core:
      - "10.6"
      platform:
      - el8
  references:
    community: https://www.freeipa.org/
    documentation: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/index
    tracker: https://pagure.io/freeipa/issues
  profiles:
    adtrust:
      description: RHEL IdM Server Integration with Active Directory
      rpms:
      - ipa-healthcheck
      - ipa-healthcheck-core
      - ipa-server-trust-ad
    client:
      description: RHEL IdM Client
      rpms:
      - ipa-client
    common:
      description: A default profile for RHEL IdM client
      rpms:
      - ipa-client
    dns:
      description: RHEL IdM with integrated DNS server and integrated CA
      rpms:
      - ipa-healthcheck
      - ipa-healthcheck-core
      - ipa-server
      - ipa-server-dns
    server:
      description: Base RHEL IdM Server with integrated CA and no integrated DNS
      rpms:
      - ipa-healthcheck
      - ipa-healthcheck-core
      - ipa-server
  components:
    rpms:
      bind-dyndb-ldap:
        rationale: Driver for BIND to store DNS information in LDAP
        ref: e55b316fa367c8df2dd657f5c4daa0420cc0c818
      custodia:
        rationale: Remote access to secrets and credentials in IdM topology
        ref: ffe3fe8f2dbc7bf11488ab25e17ac04b2de56a45
        buildorder: 2
      ipa:
        rationale: Module API
        ref: 734e7f05134cb57fa0ed167aa0412042e3e63fe1
      ipa-healthcheck:
        rationale: A tool to detect issues in IdM clusters
        ref: 8b129a6093d26f80e29e297792a44464c457ba84
        buildorder: 3
      opendnssec:
        rationale: An implementation of DNSSEC support for IdM integrated DNS server
        ref: 9b2d4af15b5e7a6e590d994e38bc9f27d26c3ba7
      python-jwcrypto:
        rationale: JSON Web Cryptographic Tokens used by Custodia
        ref: 81aaec4eec1a4c3ad08546c882ce5e7bc44442e4
        buildorder: 1
      python-kdcproxy:
        rationale: MS-KKDCP (kerberos proxy) WSGI module
        ref: a644a46fef2e0655e0257b3bbbf522ef4170453e
      python-qrcode:
        rationale: QR code generator for IdM two-factor authentication
        ref: 582fca7ad0680c66af5a0ea32002b985abb6cf3d
      python-yubico:
        rationale: Support for Yubikey-based tokens for IdM two-factor authentication
        ref: ec9b4fa8ec9ee644c359866178519c79d1ef573e
        buildorder: 2
      pyusb:
        rationale: Python USB support to access USB tokens for IdM two-factor authentication
        ref: 038eac8427157d18e36c054418b4608ba8f37979
        buildorder: 1
      slapi-nis:
        rationale: Compatibility plugin to serve legacy clients
        ref: f2b0dfcfceeae59c5e048c97a86d16acb0d5c013
        arches:
        - aarch64
        - ppc64le
        - s390x
        - x86_64
      softhsm:
        rationale: Software version of a PKCS#11 Hardware Security Module
        ref: 8b11abdcaeee96c09b3553eab5fe0cc1f089cdee