[Freeipa-devel] Topology plugin quirks
Ludwig Krispenz
lkrispen at redhat.com
Wed Jun 3 12:30:27 UTC 2015
Hi Petr,
good catch. I didn't check for self referential segments. There is a
check for existing segments, but unfortuantely the entry lookup in the
pblock was incorrect and the test always passed.
For the removal, there is teh assumption that no duplicate segments
exist and so removal of A->B only succeeds if there is another path from
A to B.
I'm building a patch and will sen to the list soon
Ludwig
On 06/03/2015 12:51 PM, Petr Vobornik wrote:
> On 06/03/2015 11:37 AM, Martin Babinsky wrote:
>> Hi everyone,
>>
>> I have been playing with the topology related patches and I have
>> encountered a few issues that I would like to address in this thread:
>>
>
> Additional stuff:
>
> 1. was able to add duplicate segment
> - same left and right node
> - same direction
> - different cn
>
> It did not allow me to remove it:
> """
> Server is unwilling to perform: Removal of Segment disconnects
> topology.Deletion not allowed.
> """
>
> 2. topology plugin allows to create reflexive relation from the
> invalid duplicates(#1):
>
> A -> B
> A -> B
> to
> A -> A
> B -> B
>
> I.E. effective disconnect
>
> it is forbidden in `ipa topologysegment-mod` but I think that even the
> plugin should not allow that
>
> 3. attempt to delete the invalid reflexive or duplicate segment ends
> with:
> """
> Server is unwilling to perform: Removal of Segment disconnects
> topology.Deletion not allowed.""
>
>
More information about the Freeipa-devel
mailing list