[Freeipa-devel] [PATCH 0078-0081] ipa-client-install autodiscovery code improvements
Petr Spacek
pspacek at redhat.com
Fri Oct 9 07:14:36 UTC 2015
On 8.10.2015 19:09, Martin Babinsky wrote:
> These patches fix https://fedorahosted.org/freeipa/ticket/4305
>
> Actually only the last patch does the work itself (suppress autodiscovery when
> installing client on master), but when I saw the state of autodiscovery code I
> have taken the liberty to clean it up a bit.
>
> Patch #78 has separate versions for master and 4-2 branch, other patches
> should apply on top of it in both branches.
Uh, I have to say that I'm not big fan of this patch. This will simply hide
fact that your DNS is terribly misconfigured and other things will fail later on.
Also, even if we decide that it is what we want, I'm not sure what are
implications for the master. Will it configure to use SSSD for auto-discovery
as a fallback (when services on local master are not running)?
If not, what will happen when IPA is not running on that particular master?
Will the admin be able to log-in with IPA credentials?
Nitpicks:
> + if options.on_master:
> + set_ipa_domain_params(ds, options.server, options.domain,
> + options.realm_name, CACERT)
It seems that set_ipa_domain_params should be class method of "ds" because it
touches only instance variables and nothing else:
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list