[Freeipa-devel] [PATCH] 371 Added support for changing vault encryption.
Martin Basti
mbasti at redhat.com
Tue Aug 25 14:51:39 UTC 2015
On 08/20/2015 08:59 AM, Endi Sukma Dewata wrote:
> On 8/19/2015 4:58 AM, Martin Basti wrote:
>> On 08/13/2015 07:11 PM, Endi Sukma Dewata wrote:
>>> On 8/13/2015 8:06 AM, Martin Basti wrote:
>>>>> The vault-mod command has been modified to support changing vault
>>>>> encryption attributes (i.e. type, password, public/private keys)
>>>>> in addition to normal attributes (i.e. description). Changing the
>>>>> encryption requires retrieving the stored secret with the old
>>>>> attributes and rearchieving it with the new attributes.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/5176
>>>>>
>>>> Hello, does this patch require any additional patches?
>>>>
>>>> I have current master branch and I cannot apply it.
>>>>
>>>> git am
>>>> freeipa-edewata-0371-Added-support-for-changing-vault-encryption.patch
>>>> -3
>>>>
>>>> Applying: Added support for changing vault encryption.
>>>> error: invalid object 100644 3b62822366a62c90f843a6293589c28383e782ef
>>>> for 'ipalib/plugins/vault.py'
>>>> fatal: git-write-tree: error building trees
>>>> Repository lacks necessary blobs to fall back on 3-way merge.
>>>>
>>>>
>>>> Martin^2
>>>
>>> New patch attached. It requires patch #0369-3.
>>>
>> I cannot apply patch (and 369-3 was pushed)
>>
>> git am
>> freeipa-edewata-0371-1-Added-support-for-changing-vault-encryption.patch
>> -3
>> Applying: Added support for changing vault encryption.
>> error: invalid object 100644 5d367b376ef41427ed983f3eafe120ed477018d2
>> for 'ipalib/plugins/vault.py'
>> fatal: git-write-tree: error building trees
>> Repository lacks necessary blobs to fall back on 3-way merge.
>> Cannot fall back to three-way merge.
>
> Rebased.
>
ACK works as expected.
This is optional nitpick, we can fix it later:
1)
This should be asymmetric vault not symmetric
+ Modify symmetric vault keys:
+ ipa vault-mod <name>
+ [--user <user>|--service <service>|--shared]
+ --private-key-file <old private key file>
+ --public-key-file <new public key file>
More information about the Freeipa-devel
mailing list