[Freeipa-devel] [PATCH 0069] ipa-replica-install support caless install with promotion.

David Kupka dkupka at redhat.com
Wed Dec 2 10:10:24 UTC 2015 

On 02/12/15 07:58, Jan Cholasta wrote:
> On 1.12.2015 14:27, David Kupka wrote:
>> On 30/11/15 17:24, Jan Cholasta wrote:
>>> Hi,
>>>
>>> On 27.11.2015 07:57, David Kupka wrote:
>>>> On 26/11/15 15:22, David Kupka wrote:
>>>>> On 26/11/15 15:13, David Kupka wrote:
>>>>>> On 26/11/15 15:01, David Kupka wrote:
>>>>>>> https://fedorahosted.org/freeipa/ticket/5441
>>>>>>>
>>>>>>>
>>>>>> Replaced accidentally inserted tabs.
>>>>>>
>>>>>>
>>>>>>
>>>>> Fixed indentation I screwed up when replacing tabs :-/
>>>
>>> 1) The deprecated --*_pkcs12 and --*_pin aliases should not be supported
>>> in ipa-replica-install.
>
> In ServerCA, inherit the knobs from BaseServerCA rather than
> BaseServer.ca. The "#pylint: disable=no-member" will no longer be
> necessary.
>
> In ipa-server-install help, there are 2 "certificate system" option
> groups. This is a shortcoming in the installer framework, which will be
> addressed in the future. For now, please inherit *all* knobs of
> BaseServerCA in ServerCA as a workaround.
>
>>>
>>>
>>> 2) This check from ipa-replica-prepare should be added to
>>> Replica.__init__() as well:
>>>
>>>          # If any of the PKCS#12 options are selected, all are required.
>>>          cert_file_req = (options.dirsrv_cert_files,
>>> options.http_cert_files)
>>>          cert_file_opt = (options.pkinit_cert_files,)
>>>          if any(cert_file_req + cert_file_opt) and not
>>> all(cert_file_req):
>>>              self.option_parser.error(
>>>                  "--dirsrv-cert-file and --http-cert-file are required
>>> if any "
>>>                  "PKCS#12 options are used.")
>
> The check is done when replica file is specified in the patch, but it
> should be done only when replica file is *not* specified.
>
>>> 6) Please make the ca_is_enabled argument of install_replica_ds() and
>>> install_http() mandatory and fill as appropriate when called, it will
>>> make the code more readable.
>
> This bit in install_http() is redundant now:
>
> +    if ca_is_configured is None:
> +        ca_is_configured = ipautil.file_exists(config.dir + "/cacert.p12")
>
>>>
>>>
>>> 7)
>>>
>>> $ git diff -U0 | pep8 --diff
>>> ./ipaserver/install/server/replicainstall.py:99:80: E501 line too long
>>> (82 > 79 characters)
>>> ./ipaserver/install/server/replicainstall.py:161:80: E501 line too long
>>> (82 > 79 characters)
>>> ./ipaserver/install/server/replicainstall.py:1289:13: E265 block comment
>>> should start with '# '
>>> ./ipaserver/install/server/replicainstall.py:1291:17: E125 continuation
>>> line with same indent as next logical line
>>> ./ipaserver/install/server/replicainstall.py:1291:17: E128 continuation
>>> line under-indented for visual indent
>
> $ git diff -U0 | pep8 --diff
> ./ipaserver/install/server/install.py:1142:1: E302 expected 2 blank
> lines, found 1
> ./ipaserver/install/server/install.py:1143:5: E265 block comment should
> start with '# '
> ./ipaserver/install/server/install.py:1160:17: E222 multiple spaces
> after operator
> ./ipaserver/install/server/install.py:1288:9: E265 block comment should
> start with '# '
> ./ipaserver/install/server/replicainstall.py:100:80: E501 line too long
> (82 > 79 characters)
> ./ipaserver/install/server/replicainstall.py:162:80: E501 line too long
> (82 > 79 characters)
> ./ipaserver/install/server/replicainstall.py:697:41: E251 unexpected
> spaces around keyword / parameter equals
> ./ipaserver/install/server/replicainstall.py:697:43: E251 unexpected
> spaces around keyword / parameter equals
> ./ipaserver/install/server/replicainstall.py:922:9: E129 visually
> indented line with same indent as next logical line
> ./ipaserver/install/server/replicainstall.py:925:14: E131 continuation
> line unaligned for hanging indent
> ./ipaserver/install/server/replicainstall.py:1345:9: E265 block comment
> should start with '# '
> ./ipaserver/install/server/replicainstall.py:1389:21: E128 continuation
> line under-indented for visual indent
>
>
Thanks, updated patch attached.

-- 
David Kupka
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-dkupka-0069.4-ipa-replica-install-support-caless-install-with-prom.patch
Type: text/x-patch
Size: 21379 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151202/323e2d94/attachment.bin>

More information about the Freeipa-devel mailing list