[Freeipa-devel] [PATCH] 138 Prevent collisions of hostgroup and netgroup
Martin Kosek
mkosek at redhat.com
Thu Oct 6 08:22:06 UTC 2011
On Wed, 2011-10-05 at 16:43 -0400, Rob Crittenden wrote:
> Martin Kosek wrote:
> > For every hostgroup a managed netgroup is created (if this is allowed).
> > Make sure that if a stand-alone netgroup exists, a hostgroup with the
> > same name cannot be created to prevent collisions.
> >
> > https://fedorahosted.org/freeipa/ticket/1914
>
> You need to check to see if the managed entries configuration is enabled
> before doing this. If it is disabled then having duplicate names is fine
> (though re-enabling it later would have undefined consequences).
>
> rob
Are you sure about this? If somebody disables the netgroup managed entry
plugin for some reason and later would want to enable it again he could
run into trouble with duplicate entries (as you mentioned). Personally I
would leave the patch as is.
If you are sure this needs to be done, I can make the check using the
same LDAP query for NGP Defition that ipa-managed-entries does.
Martin
More information about the Freeipa-devel
mailing list