[Freeipa-devel] [PATCH] 208 tighten integration of hosts and services
Rob Crittenden
rcritten at redhat.com
Fri May 8 21:45:11 UTC 2009
Rob Crittenden wrote:
> Simo Sorce wrote:
>> On Fri, 2009-05-08 at 15:49 -0400, Rob Crittenden wrote:
>>> Simo Sorce wrote:
>>>> On Fri, 2009-05-08 at 14:17 -0400, Rob Crittenden wrote:
>>>>> This patch more tightly couples services and hosts:
>>>>>
>>>>> - A host is required in order to create a service.
>>>> nack, assuming I understand what this mean :)
>>>> I think we need to be able to give out service keytabs and certificates
>>>> to non-enrolled hosts for a long time.
>>>> I am not sure it is a good idea to force someone to create a fake host
>>>> just to get a keytab/certificate.
>>> Define fake host. This doesn't force them to do an enrollment, just
>>> to create a host entry ala: ipa host-add foo.example.com.
>>
>> Yes this is what I mean by fake host, and the problem is that you will
>> have host entries that are not enrolled.
>> It is a problem for reporting, it is also a problem for running things
>> like finding dead hosts.
>> I'd prefer not to have fake hosts if at all possible, it causes problems
>> in other areas.
>>
>> Simo.
>
> Ok, but I think fake is the wrong word to use for them. Unenrolled is
> more precise.
Attached is a revised patch. Simo already acked these pieces so I'll
push this to master.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-208-2-host.patch
Type: application/mbox
Size: 4448 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090508/6b1c07fc/attachment.mbox>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090508/6b1c07fc/attachment.bin>
More information about the Freeipa-devel
mailing list