[Freeipa-devel] [PATCH 0069] ipa-replica-install support caless install with promotion.
Jan Cholasta
jcholast at redhat.com
Wed Dec 2 06:58:51 UTC 2015
On 1.12.2015 14:27, David Kupka wrote:
> On 30/11/15 17:24, Jan Cholasta wrote:
>> Hi,
>>
>> On 27.11.2015 07:57, David Kupka wrote:
>>> On 26/11/15 15:22, David Kupka wrote:
>>>> On 26/11/15 15:13, David Kupka wrote:
>>>>> On 26/11/15 15:01, David Kupka wrote:
>>>>>> https://fedorahosted.org/freeipa/ticket/5441
>>>>>>
>>>>>>
>>>>> Replaced accidentally inserted tabs.
>>>>>
>>>>>
>>>>>
>>>> Fixed indentation I screwed up when replacing tabs :-/
>>
>> 1) The deprecated --*_pkcs12 and --*_pin aliases should not be supported
>> in ipa-replica-install.
In ServerCA, inherit the knobs from BaseServerCA rather than
BaseServer.ca. The "#pylint: disable=no-member" will no longer be necessary.
In ipa-server-install help, there are 2 "certificate system" option
groups. This is a shortcoming in the installer framework, which will be
addressed in the future. For now, please inherit *all* knobs of
BaseServerCA in ServerCA as a workaround.
>>
>>
>> 2) This check from ipa-replica-prepare should be added to
>> Replica.__init__() as well:
>>
>> # If any of the PKCS#12 options are selected, all are required.
>> cert_file_req = (options.dirsrv_cert_files,
>> options.http_cert_files)
>> cert_file_opt = (options.pkinit_cert_files,)
>> if any(cert_file_req + cert_file_opt) and not
>> all(cert_file_req):
>> self.option_parser.error(
>> "--dirsrv-cert-file and --http-cert-file are required
>> if any "
>> "PKCS#12 options are used.")
The check is done when replica file is specified in the patch, but it
should be done only when replica file is *not* specified.
>> 6) Please make the ca_is_enabled argument of install_replica_ds() and
>> install_http() mandatory and fill as appropriate when called, it will
>> make the code more readable.
This bit in install_http() is redundant now:
+ if ca_is_configured is None:
+ ca_is_configured = ipautil.file_exists(config.dir + "/cacert.p12")
>>
>>
>> 7)
>>
>> $ git diff -U0 | pep8 --diff
>> ./ipaserver/install/server/replicainstall.py:99:80: E501 line too long
>> (82 > 79 characters)
>> ./ipaserver/install/server/replicainstall.py:161:80: E501 line too long
>> (82 > 79 characters)
>> ./ipaserver/install/server/replicainstall.py:1289:13: E265 block comment
>> should start with '# '
>> ./ipaserver/install/server/replicainstall.py:1291:17: E125 continuation
>> line with same indent as next logical line
>> ./ipaserver/install/server/replicainstall.py:1291:17: E128 continuation
>> line under-indented for visual indent
$ git diff -U0 | pep8 --diff
./ipaserver/install/server/install.py:1142:1: E302 expected 2 blank
lines, found 1
./ipaserver/install/server/install.py:1143:5: E265 block comment should
start with '# '
./ipaserver/install/server/install.py:1160:17: E222 multiple spaces
after operator
./ipaserver/install/server/install.py:1288:9: E265 block comment should
start with '# '
./ipaserver/install/server/replicainstall.py:100:80: E501 line too long
(82 > 79 characters)
./ipaserver/install/server/replicainstall.py:162:80: E501 line too long
(82 > 79 characters)
./ipaserver/install/server/replicainstall.py:697:41: E251 unexpected
spaces around keyword / parameter equals
./ipaserver/install/server/replicainstall.py:697:43: E251 unexpected
spaces around keyword / parameter equals
./ipaserver/install/server/replicainstall.py:922:9: E129 visually
indented line with same indent as next logical line
./ipaserver/install/server/replicainstall.py:925:14: E131 continuation
line unaligned for hanging indent
./ipaserver/install/server/replicainstall.py:1345:9: E265 block comment
should start with '# '
./ipaserver/install/server/replicainstall.py:1389:21: E128 continuation
line under-indented for visual indent
--
Jan Cholasta
More information about the Freeipa-devel
mailing list