[Freeipa-devel] [PATCH] 269 permission-find missed some results with --pkey-only option
Martin Kosek
mkosek at redhat.com
Fri Jun 1 05:53:14 UTC 2012
On Thu, 2012-05-31 at 17:43 +0200, Ondrej Hamada wrote:
> On 05/31/2012 12:42 PM, Martin Kosek wrote:
> > On Wed, 2012-05-30 at 14:43 +0200, Ondrej Hamada wrote:
> >> On 05/30/2012 07:45 AM, Martin Kosek wrote:
> >>> When permission-find post callback detected a --pkey-only option,
> >>> it just terminated. However, this way the results that could have
> >>> been added from aci_find matches were not included.
> >>>
> >>> Fix the post callback to go through the entire matching process.
> >>> Also make sure that DNS permissions have a correct objectclass
> >>> (ipapermission), otherwise such objects are not matched by the
> >>> permission LDAP search.
> >>>
> >>> https://fedorahosted.org/freeipa/ticket/2658
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Freeipa-devel mailing list
> >>> Freeipa-devel at redhat.com
> >>> https://www.redhat.com/mailman/listinfo/freeipa-devel
> >> Patch needs rebase
> >>
> >> It does not apply because of changes made to
> >> ipalib/plugins/permission.py (by Rob's patch #1018)
> >>
> > Rebased version attached.
> >
> > Martin
> ACK
>
Thanks. I just had to fix indentation of this block:
+ if truncated:
+ # size/time limit met, no need to search acis
+ return truncated
It should be executed always, regardless to the pkey_only option value.
Pushed to master.
Martin
More information about the Freeipa-devel
mailing list