[Freeipa-devel] [PATCHES 509-514] replica promotion: use host credentials when setting up replication

Jan Cholasta jcholast at redhat.com
Fri Dec 11 06:12:23 UTC 2015 

On 10.12.2015 15:01, Martin Babinsky wrote:
> On 12/10/2015 07:57 AM, Jan Cholasta wrote:
>> On 9.12.2015 16:39, Jan Cholasta wrote:
>>> On 7.12.2015 08:14, Jan Cholasta wrote:
>>>> On 6.12.2015 21:32, Martin Basti wrote:
>>>>>
>>>>>
>>>>> On 04.12.2015 16:58, Simo Sorce wrote:
>>>>>> On Fri, 2015-12-04 at 15:39 +0100, Jan Cholasta wrote:
>>>>>>> On 4.12.2015 15:16, Jan Cholasta wrote:
>>>>>>>> On 4.12.2015 15:12, Jan Cholasta wrote:
>>>>>>>>> On 4.12.2015 11:15, Petr Vobornik wrote:
>>>>>>>>>> On 12/03/2015 03:11 PM, Martin Basti wrote:
>>>>>>>>>>>
>>>>>>>>>>> On 01.12.2015 12:19, Jan Cholasta wrote:
>>>>>>>>>>>> On 23.11.2015 15:47, Simo Sorce wrote:
>>>>>>>>>>>>> On Mon, 2015-11-23 at 15:37 +0100, Jan Cholasta wrote:
>>>>>>>>>>>>>> Ad alternative is to add the host to ipaservers before the
>>>>>>>>>>>>>> checks
>>>>>>>>>>>>>> are
>>>>>>>>>>>>>> done and remove it again if any of them fail.
>>>>>>>>>>>>> Too error prone, I am ok with the current way in your patches
>>>>>>>>>>>>> until/unless I can think of a fail safe way. :-)
>>>>>>>>>>>> Updated patches attached. Note that 520 should be applied
>>>>>>>>>>>> between 509
>>>>>>>>>>>> and 510.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> Functional ACK
>>>>>>>>>>>
>>>>>>>>>> Simo, do you want to review the ACIs or other things it the
>>>>>>>>>> patches? Or
>>>>>>>>>> can the patches be pushed?
>>>>>>>>> There were no changes in the ACIs since last time.
>>>>>>>> Actually, memberPrincipal was removed from the "IPA server hosts
>>>>>>>> can
>>>>>>>> manage own Custodia secrets" ACI, as per Simo's request.
>>>>>>>>
>>>>>>>>> Rebased patches attached.
>>>>>>> Note that 520 should still be applied between 509 and 510.
>>>>>>>
>>>>>> LGTM
>>>>>>
>>>>> ACK
>>>>
>>>> Thanks.
>>>>
>>>> Pushed to master: 01ddf51df76f3298499973355c5461727e46ab5b
>>>
>>> Martin Babinsky found out that ipaservers is not created early enough
>>> when installing a replica of a 4.2 or older server which causes a crash.
>>>
>>> The attached patch fixes that.
>>
>> Actually I don't like how I fixed that, here's an updated patch.
>>
>> Also, I noticed that replica promotion fails too late in domain level 0.
>> Fixed as well.
>>
>>
>>
>
> ACK to both patches.

Thanks.

Pushed to master: b4a78db4e7d06237a715f088d1b914b47eccf32f

-- 
Jan Cholasta

More information about the Freeipa-devel mailing list