[Freeipa-devel] [PATCH] 138 Prevent collisions of hostgroup and netgroup
Rob Crittenden
rcritten at redhat.com
Fri Oct 7 02:40:22 UTC 2011
Martin Kosek wrote:
> On Wed, 2011-10-05 at 16:43 -0400, Rob Crittenden wrote:
>> Martin Kosek wrote:
>>> For every hostgroup a managed netgroup is created (if this is allowed).
>>> Make sure that if a stand-alone netgroup exists, a hostgroup with the
>>> same name cannot be created to prevent collisions.
>>>
>>> https://fedorahosted.org/freeipa/ticket/1914
>>
>> You need to check to see if the managed entries configuration is enabled
>> before doing this. If it is disabled then having duplicate names is fine
>> (though re-enabling it later would have undefined consequences).
>>
>> rob
>
> Are you sure about this? If somebody disables the netgroup managed entry
> plugin for some reason and later would want to enable it again he could
> run into trouble with duplicate entries (as you mentioned). Personally I
> would leave the patch as is.
>
> If you are sure this needs to be done, I can make the check using the
> same LDAP query for NGP Defition that ipa-managed-entries does.
>
> Martin
>
ack, pushed to master and ipa-2-1
More information about the Freeipa-devel
mailing list