[Freeipa-devel] [freeipa PR#314][comment] RFC: privilege separation for ipa framework code
HonzaCholasta
freeipa-github-notification at redhat.com
Mon Jan 30 10:54:26 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/314
Title: #314: RFC: privilege separation for ipa framework code
HonzaCholasta commented:
"""
Both replica install and CA-less install now work, but:
* `ipa-replica-install` creates `/var/lib/ipa/radb` owned by `root` rather than `ipaapi`.
* `/var/lib/ipa/radb` should not be created in CA-less install.
* Upgrade from 4.4 fails in various ways:
* on the first master: https://transfer.sh/JgKTV/ipaupgrade.log
* on a replica: https://transfer.sh/LTMvO/ipaupgrade.log
* Could you please add a command to enable your COPR repositories to `.test_runner_config.yaml` so that CI starts working properly? @martbab can advise.
@MartinBasti: we agreed to document all new functions last week, this PR was first submitted months ago, so IMO the rule does not apply here.
"""
See the full comment at https://github.com/freeipa/freeipa/pull/314#issuecomment-276032900
More information about the Freeipa-devel
mailing list