[Freeipa-devel] [PATCH] 607 add managedby to hosts
Adam Young
ayoung at redhat.com
Fri Nov 19 16:07:50 UTC 2010
On 11/18/2010 10:06 PM, Rob Crittenden wrote:
> Adam Young wrote:
>> On 11/18/2010 05:05 PM, Rob Crittenden wrote:
>>> Rob Crittenden wrote:
>>>> Simo Sorce wrote:
>>>>> On Tue, 09 Nov 2010 14:00:00 -0500
>>>>> Rob Crittenden<rcritten at redhat.com> wrote:
>>>>>
>>>>>> +
>>>>>> + Add a host that can manage this host's keytab and certificate:
>>>>>> + ipa host-add-host --hosts=test2 test
>>>>>> """
>>>>>>
>>>>>
>>>>> I do not want to nack, but looking at this command in isolation I am
>>>>> quite confused at what it is supposed to do (think ab out seeing
>>>>> it in
>>>>> a log file and wondering what it means w/o further context).
>>>>>
>>>>> What does it mean to add a host into a host (host-add-host) ?
>>>>> And which one is added to the other one ? test in test2 or test2 in
>>>>> test?
>>>>>
>>>>> I do not know if we can change names/syntax to make this more
>>>>> immediately understandable, but if we can I'd like to do that.
>>>>> Obscure/confusing syntaxes generally makes it easier to do mistakes,
>>>>> which are bad in a tool used to manage security.
>>>>>
>>>>> Simo.
>>>>>
>>>>
>>>> Switched to host-add-managedby and host-remove-managedby.
>>>>
>>>
>>> Re-based against tip.
>>>
>>> rob
>>>
>>>
>>> _______________________________________________
>>> Freeipa-devel mailing list
>>> Freeipa-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>> Just tried to apply to master. am failed, and patch -p provided the
>> following rej:
>>
>> --- ipalib/plugins/host.py
>> +++ ipalib/plugins/host.py
>> @@ -101,6 +104,9 @@
>> Flag('has_keytab',
>> label=_('Keytab'),
>> ),
>> + Str('managedby_host',
>> + label='Managed by',
>> + ),
>> Str('subject',
>> label=_('Subject'),
>> ),
>> @@ -453,6 +463,7 @@
>> Display information about a host.
>> """
>> has_output_params = LDAPRetrieve.has_output_params + host_output_params
>> + member_attributes = ['managedby']
>>
>> def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
>> if 'krblastpwdchange' in entry_attrs:
>>
>>
>>
>>
>> As well as
>>
>> --- tests/test_xmlrpc/test_host_plugin.py
>> +++ tests/test_xmlrpc/test_host_plugin.py
>> @@ -221,6 +228,7 @@
>> fqdn=[fqdn1],
>> l=[u'Undisclosed location 1'],
>> krbprincipalname=[u'host/%s@%s' % (fqdn1, api.env.realm)],
>> + managedby_host=[u'%s' % fqdn1],
>> usercertificate=[base64.b64decode(servercert)],
>> valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',
>> valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',
>> @@ -247,6 +255,7 @@
>> l=[u'Undisclosed location 1'],
>> krbprincipalname=[u'host/%s@%s' % (fqdn1, api.env.realm)],
>> has_keytab=False,
>> + managedby_host=[u'%s' % fqdn1],
>> usercertificate=[base64.b64decode(servercert)],
>> valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',
>> valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',
>> tests/test_xmlrpc/test_host_plugin.py.rej (END)
>>
>
> Can you try with patch 604 applied?
>
> rob
ACK pushed to master
More information about the Freeipa-devel
mailing list