[Freeipa-devel] [PATCH 0329] ipa-replica-manage: Do not allow topology altering commands
Martin Kosek
mkosek at redhat.com
Tue Jun 2 12:23:08 UTC 2015
On 06/02/2015 02:19 PM, Martin Babinsky wrote:
> On 06/02/2015 02:10 PM, Tomas Babej wrote:
>> Hi,
>>
>> With Domain Level 1 and above, the usage of ipa-replica-manage commands
>> that alter the replica topology is deprecated. Following commands
>> are prohibited:
>>
>> * connect
>> * disconnect
>> * del
>>
>> Upon executing any of these commands, users are pointed out to the
>> ipa topologysegment-* replacements.
>>
>> Part of: https://fedorahosted.org/freeipa/ticket/4302
>>
>>
>>
> Works for me, ACK.
>
Not that fast... connect and disconnect is clear. However, "del" does more
actions than just removing the agreement. It may need to
- check domain level
- if 0, continue doing what it always did
- if 1, call the topology API command
- continue with the cleanup (CLEANALLRUV and friends)
Martin
More information about the Freeipa-devel
mailing list