[Freeipa-devel] [PATCH] 068 Connection check program for replica installation

Thu Jun 2 13:23:07 UTC 2011

On Sat, 2011-05-28 at 10:13 +0200, Martin Kosek wrote:
> On Sat, 2011-05-28 at 00:10 -0400, Rob Crittenden wrote:
> > Martin Kosek wrote:
> > > On Mon, 2011-05-23 at 16:41 -0400, Rob Crittenden wrote:
> > >> Martin Kosek wrote:
> > >>> This is a first version of connection checking program for replica
> > >>> installation. See patch for program purpose description. Currently,
> > >>> there is no man pages for the program.
> > >>>
> > >>> Note to Simo and Rob: I use password for logging as admin. Btw would it
> > >>> be safe to have an admin keytab in the replica file? Replica file
> > >>> contents are lying freely in /tmp after the replica installation.
> > >>>
> > >>> Martin
> > >>
> > >> nack, you aren't including the new binary in the spec.
> > >
> > > Oh, thanks for this one.
> > >
> > >>
> > >> You should also:
> > >>
> > >> - set KRB5CCNAME to a temporary ccache and remove that when the install
> > >> exists (successful or not)
> > >
> > > Done.
> > >
> > >> - remove the temporary krb5.conf you create
> > >
> > > Done.
> > >
> > >> - be a bit more explicit what we are doing, at least more than "Run
> > >> connection check to master".
> > >
> > > Actually, I am if you run the new script separately. I removed "--quiet"
> > > parameter passed to the script in ipa-replica-install so that it is more
> > > verbose. Plus, I improved texts sent to the user.
> > >
> > >> - yes, we should remove the replica file contents
> > >
> > > I enhanced ipa-replica-install to do that.
> > >
> > > Martin
> > >
> > 
> > Works great until the very end:
> > ...
> > ...
> > 
> > Execute check on remote master
> > Check connection from master to remote replica 'slinky.greyoak.com':
> >     Directory Service: unsecure port (389): FAILED
> >     Directory Service: secure port (636): FAILED
> >     Kerberos (88): OK
> > 
> > Remote master check failed with following error message(s):
> > Could not chdir to home directory /home/admin: No such file or directory
> > Port check failed! Unaccessible port(s): 389, 636
> > 
> > Connection check failed with following error: None
> > 
> > rob
> 
> Right, I introduced this wrong error message in the last patch. I fixed
> this one and also one typo. Updated patch attached.
> 
> Martin

I created a man page for the new program. Please feel free to
fix/propose a fix for any language errors that may be there.

Missing records in Makefile.am for both man page and the new program
have been added.

Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mkosek-068-4-connection-check-program-for-replica-installation.patch
Type: text/x-patch
Size: 31299 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110602/7de56aac/attachment.bin>