[Freeipa-devel] [PATCH] 786 Configure Managed Entries on replicas.
Martin Kosek
mkosek at redhat.com
Wed May 25 20:24:52 UTC 2011
On Wed, 2011-05-25 at 15:51 -0400, Dmitri Pal wrote:
> On 05/25/2011 03:30 PM, Martin Kosek wrote:
> > On Wed, 2011-05-25 at 19:50 +0200, Martin Kosek wrote:
> >> On Wed, 2011-05-25 at 17:22 +0000, JR Aquino wrote:
> >>> On May 20, 2011, at 7:14 AM, Rob Crittenden wrote:
> >>>
> >>>> JR Aquino wrote:
> >>>>> On May 18, 2011, at 2:52 PM, Rob Crittenden wrote:
> >>>>>
> >>>>>> Rob Crittenden wrote:
> >>>>>>> The Managed Entries plugin configurations weren't being created on
> >>>>>>> replica installs. The templates were there but the cn=config portions
> >>>>>>> were not.
> >>>>>>>
> >>>>>>> This patch adds them as updates. The template portion will be added in
> >>>>>>> the initial replication.
> >>>>>>>
> >>>>>>> ticket 1222
> >>>>>>>
> >>>>>>> To test:
> >>>>>>>
> >>>>>>> Install a master
> >>>>>>> Install a replica
> >>>>>>> On replica: kinit
> >>>>>>> On replica: ipa user-add --first=timmy --last=test ttest
> >>>>>>> On replica: ipa group-show ttest
> >>>>>>> On master: ipa group-show ttest
> >>>>>>>
> >>>>>>> rob
> >>>>>> Updated patch attached. This requires jraquino patch 28 to work as expected.
> >>>>>>
> >>>>>> rob
> >>>>>> <freeipa-rcrit-786-2-replica.patch>
> >>>>> NACK
> >>>>>
> >>>>> This patch is not applying to Master?
> >>>>>
> >>>>> error: patch failed: install/updates/Makefile.am:8
> >>>>> error: install/updates/Makefile.am: patch does not apply
> >>>>>
> >>>> Rebased, it depended on my patch 769.
> >>> ACK
> >> Please keep in mind that the configuration for UPG plugin needs to be
> >> updated. My patch 67 with new --noprivate option for suppressing UPG
> >> creation for new user changed the originFilter configuration:
> >>
> >> originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
> >>
> >> This patch is not in ipa-2-0 branch, so the originFilter for this branch
> >> is the same as in this patch.
> >>
> >> Martin
> >>
> > Second ACK from me. I tested upgrading replica and it worked. Still, my
> > statement above is valid - this should be fixed before pushing.
> >
> > As we spoke with Rob today, I wonder if we would want --noprivate option
> > also for ipa-2-0 branch. It may be useful.
> >
> > Martin
> >
> > _______________________________________________
> > Freeipa-devel mailing list
> > Freeipa-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/freeipa-devel
>
> I just checked with Jenny.
> She is Ok with pulling your patch in.
> I think this is ticket https://fedorahosted.org/freeipa/ticket/1131
> But it is already marked as fixed in 2.1.
> I am confused.
>
Yes, it was fixed and I pushed it to master branch. Since this patch
implements a new option and thus changes an API (in term of addition) I
was cautious pushing this to branch ipa-2-0. We should decide if we want
this feature in our IPA 2.0 stable branch.
Martin
More information about the Freeipa-devel
mailing list