[Freeipa-devel] [PATCH 0329] ipa-replica-manage: Do not allow topology altering commands
Petr Vobornik
pvoborni at redhat.com
Wed Jun 10 17:23:08 UTC 2015
On 06/10/2015 04:39 PM, Petr Vobornik wrote:
> On 06/10/2015 04:06 PM, Petr Vobornik wrote:
>> On 06/02/2015 02:24 PM, Ludwig Krispenz wrote:
>>> hi,
>>>
>>> is there a real replacement for "del", it is not in the scope of the
>>> topology commands, the removal of teh agreement is rejected and later
>>> done by the plugin, but what about removal of the host, services,
>>> cleanruv ?
>>>
>>> Ludwig
>>> On 06/02/2015 02:10 PM, Tomas Babej wrote:
>>>> Hi,
>>>>
>>>> With Domain Level 1 and above, the usage of ipa-replica-manage commands
>>>> that alter the replica topology is deprecated. Following commands
>>>> are prohibited:
>>>>
>>>> * connect
>>>> * disconnect
>>>> * del
>>>>
>>>> Upon executing any of these commands, users are pointed out to the
>>>> ipa topologysegment-* replacements.
>>>>
>>>> Part of: https://fedorahosted.org/freeipa/ticket/4302
>>>>
>>
>>
>> Tomas is on vacation. I've removed 'del' from his patch and will create
>> a new one for handling of 'del'.
>>
>> If that's OK, we can push this one.
>>
>>
>
> NACK
>
> 'connect' and 'disconnect' serve also for setting up/removing of winsync
> replication agreements. This patch forbids it.
attaching patch which addresses this issue and replaces Tomas'
patch(which was used as a basis). Patch for 'del' will follow.
>
> I've not tested if topology plugin ignores winsync agreements. Does it?
--
Petr Vobornik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0872-ipa-replica-manage-Do-not-allow-topology-altering-co.patch
Type: text/x-patch
Size: 5222 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150610/fad93ca6/attachment.bin>
More information about the Freeipa-devel
mailing list