[Freeipa-devel] [PATCH] 375 Added mechanism to copy vault secrets.
Alexander Bokovoy
abokovoy at redhat.com
Mon Nov 2 14:46:32 UTC 2015
On Mon, 02 Nov 2015, Endi Sukma Dewata wrote:
>On 11/2/2015 6:38 AM, Martin Basti wrote:
>>>>>>>>The vault-add and vault-archive commands have been modified to
>>>>>>>>optionally retrieve a secret from a source vault, then re-archive
>>>>>>>>the secret into the new/existing target vault.
>>>>>>>>
>>>>>>>>https://fedorahosted.org/freeipa/ticket/5223
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>I cannot apply this patch.
>>>>>>
>>>>>>Rebased. It depends on patch #371-2.
>>>>>
>>>>>Rebased due to other changes in vault.
>>>>>
>>>>
>>>>Code works for me, but wouldn't be better to create a new command,
>>>>Endi what do you think?
>>>>something like vault-copy, instead of adding new options to existing
>>>>command?
>>>
>>>+1
>>>
>>Endi, what do you think about the proposed change?
>
>Sorry, I'm still handling an IPA customer issue. The vault-copy is
>fine. I think ideally a copy command should look like this:
>
> $ ipa vault-copy <source> <destination>
>
>But since generally the IPA command arguments are used to specify an
>object hierarchy (e.g. <IPA command> <parent ID...> <object ID>), I'm
>not sure if the above format would be consistent with other IPA
>commands.
It is not really enforced and 'ipa vault-copy source destination' is
reasonable and logical, so it makes sense to implement the command this
way.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list