[Freeipa-devel] [PATCH] 0025 Restructure startup code for IPA servers
Jakub Hrozek
jhrozek at redhat.com
Fri Dec 10 11:43:59 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/09/2010 03:54 PM, Simo Sorce wrote:
> On Thu, 09 Dec 2010 15:00:21 +0100
> Jakub Hrozek <jhrozek at redhat.com> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 12/07/2010 05:53 PM, Simo Sorce wrote:
>>>
>>> With this patch we stop relying on the system to init single ipa
>>> components and instead introduce a "ipa" init script that takes
>>> care of properly starting/stopping all relevant components.
>>>
>>> Components are listed with a generic label in LDAP, per server.
>>> At startup the ipa init script will always start drisrv, then use
>>> the local socket to query it anonymously[*] and get the list of
>>> service to start with a ordering paramater.
>>>
>>> And it will then proceed to start each single service.
>>> On failure it will shut them all down.
>>>
>>> On stoppping ti shuts them down in inverse order.
>>>
>>> Only the ipa service is enabled with chkconfig, all other handled
>>> services are off in chkconfig and started by the ipa service
>>> instead.
>>>
>>> [*] We can create an account if we think this is not good enough,
>>> but I would ask to have a separate ticket and handle this change as
>>> an additional patch if we feel the need to do that.
>>>
>>> Simo.
>>
>> The patch seems to work fine, I just have one question: the script
>> uses #!/usr/bin/env python as the interpreter. While this is
>> generally used in python scripts to allow multiple interpreters, I
>> recall it was discouraged in Fedora (and I'm pretty sure[1] it is
>> discouraged in RHEL, although that could be solved by a RHEL-specific
>> patch)
>>
>> So do we prefer /usr/bin/python or /usr/bin/env python ?
>>
>> Jakub
>>
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=521940
>
> I just copied that part from another of our scripts.
> If you think we should change this, I would open a generic ticket and
> go through all the python script and make a consistent change to all of
> them.
OK:
https://fedorahosted.org/freeipa/ticket/608
I think we should at least discuss it -- we would need to change the
interpreter for RHEL anyway..in Fedora/upstream, I don't have a strong
opinion.
Other comments:
Since the ipactl script is written in Python and /sbin/service ipa
$action is called in %preun and %postun we also need to add
Requires(preun): python and Requires(postun): python.
Also, I noticed (unrelated to this patch) that we are missing the
pre/post Requires on chkconfig and initscripts.
Why do we still use chkconfig --add and --del for ipa_kpasswd instead of
using enabling it in KrbInstance.__enable()?
What are the second elements in the SERVICE_LIST[service_name] tuples?
Otherwise looks good and works fine.
Jakub
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk0CEn8ACgkQHsardTLnvCWazwCeKzq2mtTJq1GKGGjOLeeVevod
WtoAoK2ShwMhOO5c5YAmdSuHw+2f72Ws
=V9Tp
-----END PGP SIGNATURE-----
More information about the Freeipa-devel
mailing list