[Freeipa-devel] [PATCH] 375 Added mechanism to copy vault secrets.
Endi Sukma Dewata
edewata at redhat.com
Mon Nov 2 14:39:18 UTC 2015
On 11/2/2015 6:38 AM, Martin Basti wrote:
>>>>>>> The vault-add and vault-archive commands have been modified to
>>>>>>> optionally retrieve a secret from a source vault, then re-archive
>>>>>>> the secret into the new/existing target vault.
>>>>>>>
>>>>>>> https://fedorahosted.org/freeipa/ticket/5223
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> I cannot apply this patch.
>>>>>
>>>>> Rebased. It depends on patch #371-2.
>>>>
>>>> Rebased due to other changes in vault.
>>>>
>>>
>>> Code works for me, but wouldn't be better to create a new command,
>>> Endi what do you think?
>>> something like vault-copy, instead of adding new options to existing
>>> command?
>>
>> +1
>>
> Endi, what do you think about the proposed change?
Sorry, I'm still handling an IPA customer issue. The vault-copy is fine.
I think ideally a copy command should look like this:
$ ipa vault-copy <source> <destination>
But since generally the IPA command arguments are used to specify an
object hierarchy (e.g. <IPA command> <parent ID...> <object ID>), I'm
not sure if the above format would be consistent with other IPA commands.
--
Endi S. Dewata
More information about the Freeipa-devel
mailing list