[Freeipa-devel] [PATCH] 903 normalize paths in certmonger
Martin Kosek
mkosek at redhat.com
Thu Dec 8 08:33:21 UTC 2011
On Wed, 2011-12-07 at 15:04 -0500, Rob Crittenden wrote:
> Martin Kosek wrote:
> > On Tue, 2011-11-08 at 18:33 -0500, Rob Crittenden wrote:
> >> There are times we need to hunt through the certmonger request files
> >> trying (such as trying to stop tracking a cert). One criteria is the
> >> cert database and they need to match exactly. We weren't normalizing
> >> this so something as simple as a trailing slash would cause a match to fail.
> >>
> >> Normalize both values to address this.
> >>
> >> rob
> >
> > Looks good.
> >
> > I just found few nitpicks that may be fixed before push:
> >
> > 1) I didn't like constructs like this one:
> > '%s' % os.path.abspath(secdir)
>
> OK
>
> >
> > Simple "os.path.abspath(secdir)" would be enough
> >
> > 2) I think get_request_id() function documentation should contain
> > recognized value types:
> > None: Any type
> > 1: File path
>
> Not sure what you mean. The function takes a tuple and seems fairly well
> documented to me.
I meant documenting the tuple parts. But I think it is OK as it is.
>
> > 3) We may want also to normalize path to PW file. This is what we use
> > now in ipa-server-install:
> >
> > 2011-12-07T10:11:25Z DEBUG args=/usr/bin/ipa-getcert start-tracking
> > -d /etc/dirsrv/slapd-PKI-IPA -n Server-Cert
> > -p /etc/dirsrv/slapd-PKI-IPA//pwdfile.txt
> > This shoud be enough:
> > - args.append(passwd_fname)
> > + args.append(os.path.abspath(passwd_fname))
>
> done
>
> rob
>
Hmm, a DIY patch? :-)
Rebased, squashed, ACKed and pushed to master, ipa-2-1.
Martin
More information about the Freeipa-devel
mailing list