[Freeipa-devel] [PATCH 0440] Fix broken trust warnings
Martin Basti
mbasti at redhat.com
Wed Mar 16 12:52:13 UTC 2016
On 16.03.2016 13:45, Alexander Bokovoy wrote:
> On Wed, 16 Mar 2016, Martin Basti wrote:
>>
>>
>> On 16.03.2016 13:32, Martin Basti wrote:
>>>
>>>
>>> On 16.03.2016 13:32, Alexander Bokovoy wrote:
>>>> On Wed, 16 Mar 2016, Martin Basti wrote:
>>>>>
>>>>>
>>>>> On 15.03.2016 16:40, Martin Basti wrote:
>>>>>> https://fedorahosted.org/freeipa/ticket/5737
>>>>>>
>>>>>> Patch attached.
>>>>>>
>>>>>>
>>>>> Sekf NACK,
>>>>>
>>>>> fix should be just oneliner, I found out that domain are stored
>>>>> hierarchically so extra finding of parents zone is needed.
>>>> you meant 'not needed', I'd guess.
>>>>
>>> Yes, I meant that, sorry :)
>>>
>>
>> Updated patch attached.
>
>> From 74c55e5048af4b582469b1668a9dd592f868cf4b Mon Sep 17 00:00:00 2001
>> From: Martin Basti <mbasti at redhat.com>
>> Date: Wed, 16 Mar 2016 13:41:51 +0100
>> Subject: [PATCH] Fix broken trust warnings
>>
>> Warning should be shown only for parent entries of trust domain. Sub
>> domains do not contain SIDs at all.
>>
>> https://fedorahosted.org/freeipa/ticket/5737
>> ---
>> ipalib/plugins/trust.py | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
>> index
>> ba0c98e2f3711924dace395b7becf2977ca8e35c..7d815fd6118586a4a75a1eeff7457103fe4c331c
>> 100644
>> --- a/ipalib/plugins/trust.py
>> +++ b/ipalib/plugins/trust.py
>> @@ -597,7 +597,9 @@ class trust(LDAPObject):
>>
>> try:
>> entries, truncated = ldap.find_entries(
>> - base_dn=DN(self.container_dn, self.api.env.basedn),
>> + base_dn=DN(self.api.env.container_adtrusts,
>> + self.api.env.basedn),
>> + scope=ldap.SCOPE_ONELEVEL,
>> attrs_list=['cn'],
>> filter='(&(ipaNTTrustPartner=*)'
>> '(!(ipaNTSecurityIdentifier=*)))',
>
> ACK if you change the commit message to say that subdomains do not
> contain ipaNTSecurityIdentifier attribute.
>
Thanks, changed
Pushed to:
master: de8c6d81fd5d0f759ac0201e2c517bcb8b43d960
ipa-4-3: 1e0208612087e80f673e7ec1f8e050b57b5f1fb7
ipa-4-2: fb11384e65d74b6a027bf8cfe9f93e003bba5236
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-mbasti-0440.3-Fix-broken-trust-warnings.patch
Type: text/x-patch
Size: 1171 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160316/6d3be7c6/attachment.bin>
More information about the Freeipa-devel
mailing list