[Freeipa-devel] [PATCH 0329] ipa-replica-manage: Do not allow topology altering commands
Ludwig Krispenz
lkrispen at redhat.com
Wed Jun 10 14:57:52 UTC 2015
On 06/10/2015 04:39 PM, Petr Vobornik wrote:
> On 06/10/2015 04:06 PM, Petr Vobornik wrote:
>> On 06/02/2015 02:24 PM, Ludwig Krispenz wrote:
>>> hi,
>>>
>>> is there a real replacement for "del", it is not in the scope of the
>>> topology commands, the removal of teh agreement is rejected and later
>>> done by the plugin, but what about removal of the host, services,
>>> cleanruv ?
>>>
>>> Ludwig
>>> On 06/02/2015 02:10 PM, Tomas Babej wrote:
>>>> Hi,
>>>>
>>>> With Domain Level 1 and above, the usage of ipa-replica-manage
>>>> commands
>>>> that alter the replica topology is deprecated. Following commands
>>>> are prohibited:
>>>>
>>>> * connect
>>>> * disconnect
>>>> * del
>>>>
>>>> Upon executing any of these commands, users are pointed out to the
>>>> ipa topologysegment-* replacements.
>>>>
>>>> Part of: https://fedorahosted.org/freeipa/ticket/4302
>>>>
>>
>>
>> Tomas is on vacation. I've removed 'del' from his patch and will create
>> a new one for handling of 'del'.
>>
>> If that's OK, we can push this one.
>>
>>
>
> NACK
>
> 'connect' and 'disconnect' serve also for setting up/removing of
> winsync replication agreements. This patch forbids it.
>
> I've not tested if topology plugin ignores winsync agreements. Does it?
yes. it only manages "normal" agreements
More information about the Freeipa-devel
mailing list