[Freeipa-devel] [PATCH] Allow ipa-getkeytab to find server name from config file
Fraser Tweedale
ftweedal at redhat.com
Thu Nov 26 01:11:56 UTC 2015
On Wed, Nov 25, 2015 at 09:44:09AM -0500, Simo Sorce wrote:
> On Wed, 2015-11-25 at 14:34 +1000, Fraser Tweedale wrote:
> > On Tue, Nov 24, 2015 at 02:36:17PM -0500, Simo Sorce wrote:
> > > On Tue, 2015-11-24 at 17:34 +0100, Jan Cholasta wrote:
> > > > On 24.11.2015 17:30, Simo Sorce wrote:
> > > > > On Tue, 2015-11-24 at 09:14 +0100, Jan Cholasta wrote:
> > > > >> On 24.11.2015 09:06, Petr Spacek wrote:
> > > > >>> On 24.11.2015 07:32, Jan Cholasta wrote:
> > > > >>>> On 23.11.2015 21:18, Simo Sorce wrote:
> > > > >>>>> Fixes #2203 by reading the server name from /etc/ipa/default.conf if not
> > > > >>>>> provided on the command line.
> > > > >>>>>
> > > > >>>>> Simo.
> > > > >>>>
> > > > >>>> Just a thought: it would be nice if we had libipaconfig and used it everywhere
> > > > >>>> (the framework, ipa-getkeytab, certmonger, ...). I don't like that there are
> > > > >>>> at least 3 ipa config parser implementations now, each with its own quirks.
> > > > >>>
> > > > >>> Yeah, define a Augeas grammar for IPA config and call it. There is C and
> > > > >>> Python binding in RHEL 7.2 already.
> > > > >>
> > > > >> This won't be sufficient, as it should go beyond just parsing the config
> > > > >> file - there are dynamic defaults and backward compatiblity support
> > > > >> which should be the same everywhere too.
> > > > >
> > > > > This is a much bigger task, that someone keen on big refactoring may
> > > > > undertake, but I do not think we should delay this useful feature for
> > > > > that. It will be really easy to change this code to use whatever other
> > > > > ipa library when it materializes.
> > > > >
> > > > > For now this patch stands IMHO.
> > > >
> > > > Sure, I'm not suggesting otherwise.
> > >
> > > Rebased patch that includes proper spec file buildrequires.
> > >
> > > Simo.
> > >
> > Tested and works as expected (great usability win IMO).
> >
> > Man page should be updated accordingly.
> >
> > Cheers,
> > Fraser
>
> Attached new patch that includes manpage changes.
>
> Simo.
>
ACK
More information about the Freeipa-devel
mailing list