[Freeipa-devel] [PATCH 0069] ipa-replica-install support caless install with promotion.

Jan Cholasta jcholast at redhat.com
Thu Dec 3 08:32:57 UTC 2015 

On 2.12.2015 11:10, David Kupka wrote:
> On 02/12/15 07:58, Jan Cholasta wrote:
>> On 1.12.2015 14:27, David Kupka wrote:
>>> On 30/11/15 17:24, Jan Cholasta wrote:
>>>> Hi,
>>>>
>>>> On 27.11.2015 07:57, David Kupka wrote:
>>>>> On 26/11/15 15:22, David Kupka wrote:
>>>>>> On 26/11/15 15:13, David Kupka wrote:
>>>>>>> On 26/11/15 15:01, David Kupka wrote:
>>>>>>>> https://fedorahosted.org/freeipa/ticket/5441
>>>>>>>>
>>>>>>>>
>>>>>>> Replaced accidentally inserted tabs.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> Fixed indentation I screwed up when replacing tabs :-/
>>>>
>>>> 1) The deprecated --*_pkcs12 and --*_pin aliases should not be
>>>> supported
>>>> in ipa-replica-install.
>>
>> In ServerCA, inherit the knobs from BaseServerCA rather than
>> BaseServer.ca. The "#pylint: disable=no-member" will no longer be
>> necessary.
>>
>> In ipa-server-install help, there are 2 "certificate system" option
>> groups. This is a shortcoming in the installer framework, which will be
>> addressed in the future. For now, please inherit *all* knobs of
>> BaseServerCA in ServerCA as a workaround.
>>
>>>>
>>>>
>>>> 2) This check from ipa-replica-prepare should be added to
>>>> Replica.__init__() as well:
>>>>
>>>>          # If any of the PKCS#12 options are selected, all are
>>>> required.
>>>>          cert_file_req = (options.dirsrv_cert_files,
>>>> options.http_cert_files)
>>>>          cert_file_opt = (options.pkinit_cert_files,)
>>>>          if any(cert_file_req + cert_file_opt) and not
>>>> all(cert_file_req):
>>>>              self.option_parser.error(
>>>>                  "--dirsrv-cert-file and --http-cert-file are required
>>>> if any "
>>>>                  "PKCS#12 options are used.")
>>
>> The check is done when replica file is specified in the patch, but it
>> should be done only when replica file is *not* specified.
>>
>>>> 6) Please make the ca_is_enabled argument of install_replica_ds() and
>>>> install_http() mandatory and fill as appropriate when called, it will
>>>> make the code more readable.
>>
>> This bit in install_http() is redundant now:
>>
>> +    if ca_is_configured is None:
>> +        ca_is_configured = ipautil.file_exists(config.dir +
>> "/cacert.p12")
>>
>>>>
>>>>
>>>> 7)
>>>>
>>>> $ git diff -U0 | pep8 --diff
>>>> ./ipaserver/install/server/replicainstall.py:99:80: E501 line too long
>>>> (82 > 79 characters)
>>>> ./ipaserver/install/server/replicainstall.py:161:80: E501 line too long
>>>> (82 > 79 characters)
>>>> ./ipaserver/install/server/replicainstall.py:1289:13: E265 block
>>>> comment
>>>> should start with '# '
>>>> ./ipaserver/install/server/replicainstall.py:1291:17: E125 continuation
>>>> line with same indent as next logical line
>>>> ./ipaserver/install/server/replicainstall.py:1291:17: E128 continuation
>>>> line under-indented for visual indent
>>
>> $ git diff -U0 | pep8 --diff
>> ./ipaserver/install/server/install.py:1142:1: E302 expected 2 blank
>> lines, found 1
>> ./ipaserver/install/server/install.py:1143:5: E265 block comment should
>> start with '# '
>> ./ipaserver/install/server/install.py:1160:17: E222 multiple spaces
>> after operator
>> ./ipaserver/install/server/install.py:1288:9: E265 block comment should
>> start with '# '
>> ./ipaserver/install/server/replicainstall.py:100:80: E501 line too long
>> (82 > 79 characters)
>> ./ipaserver/install/server/replicainstall.py:162:80: E501 line too long
>> (82 > 79 characters)
>> ./ipaserver/install/server/replicainstall.py:697:41: E251 unexpected
>> spaces around keyword / parameter equals
>> ./ipaserver/install/server/replicainstall.py:697:43: E251 unexpected
>> spaces around keyword / parameter equals
>> ./ipaserver/install/server/replicainstall.py:922:9: E129 visually
>> indented line with same indent as next logical line
>> ./ipaserver/install/server/replicainstall.py:925:14: E131 continuation
>> line unaligned for hanging indent
>> ./ipaserver/install/server/replicainstall.py:1345:9: E265 block comment
>> should start with '# '
>> ./ipaserver/install/server/replicainstall.py:1389:21: E128 continuation
>> line under-indented for visual indent
>>
>>
> Thanks, updated patch attached.

Thanks, ACK.

The patch needed a rebase, see attachment.

Pushed to master: 2f51f0dce2e804bc4661441f97c04dc84b84fa21

-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-dkupka-0069.5-ipa-replica-install-support-caless-install-with-prom.patch
Type: text/x-patch
Size: 21255 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20151203/19253ffa/attachment.bin>

More information about the Freeipa-devel mailing list