[Freeipa-devel] [PATCH 0072] Provide ipa-client-advise tool
Martin Kosek
mkosek at redhat.com
Mon Jul 15 13:08:56 UTC 2013
On 07/11/2013 08:59 AM, Tomas Babej wrote:
> On Wednesday 26 of June 2013 10:12:48 Petr Spacek wrote:
>
>
>
> [snip]
>
>
>
>>
>
>> Appropriate error handling = Return 'Permission denied' if particular
>
>> operation requires higher privileges.
>
>>
>
>> IMHO 'cryptic' error message is bad in any case, so the right way how to fix
>
>> 'cryptic' error messages is to fix the places where errors are thrown.
>
>>
>
>> I don't think that additional checks in 'advisor' to hide 'cryptic' errors are
>
>> the right approach.
>
>>
>
>> --
>
>> Petr^2 Spacek
>
>
>
> To wrap-up, after an offline discussion Petr:
>
>
>
> We came to an conclusion that since 'require_root' attribute is optional (Petr
> was not aware of that, and that fact was what caused his concern), with default
> value False, the attribute should not pose any additional burden for
>
> the plugin developer.
>
>
>
> Tomas
>
Agreed, I think that current approach is fine.
Alexander, are you OK with the ipa-advise tool as is? We can add more bells and
whistles or options/API for plugins when we have actually more ipa-advise
plugins and see the real needs of such plugins.
Martin
More information about the Freeipa-devel
mailing list