<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
On 11/18/2010 05:05 PM, Rob Crittenden wrote:
<blockquote cite="mid:4CE5A30D.5050602@redhat.com" type="cite">Rob
Crittenden wrote:
<br>
<blockquote type="cite">Simo Sorce wrote:
<br>
<blockquote type="cite">On Tue, 09 Nov 2010 14:00:00 -0500
<br>
Rob Crittenden<a class="moz-txt-link-rfc2396E" href="mailto:rcritten@redhat.com"><rcritten@redhat.com></a> wrote:
<br>
<br>
<blockquote type="cite">+
<br>
+ Add a host that can manage this host's keytab and certificate:
<br>
+ ipa host-add-host --hosts=test2 test
<br>
"""
<br>
<br>
</blockquote>
<br>
I do not want to nack, but looking at this command in isolation I am
<br>
quite confused at what it is supposed to do (think ab out seeing it in
<br>
a log file and wondering what it means w/o further context).
<br>
<br>
What does it mean to add a host into a host (host-add-host) ?
<br>
And which one is added to the other one ? test in test2 or test2 in
<br>
test?
<br>
<br>
I do not know if we can change names/syntax to make this more
<br>
immediately understandable, but if we can I'd like to do that.
<br>
Obscure/confusing syntaxes generally makes it easier to do mistakes,
<br>
which are bad in a tool used to manage security.
<br>
<br>
Simo.
<br>
<br>
</blockquote>
<br>
Switched to host-add-managedby and host-remove-managedby.
<br>
<br>
</blockquote>
<br>
Re-based against tip.
<br>
<br>
rob
<br>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
Freeipa-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre>
</blockquote>
Just tried to apply to master. am failed, and patch -p provided the
following rej:<br>
<br>
--- ipalib/plugins/host.py<br>
+++ ipalib/plugins/host.py<br>
@@ -101,6 +104,9 @@<br>
Flag('has_keytab',<br>
label=_('Keytab'),<br>
),<br>
+ Str('managedby_host',<br>
+ label='Managed by',<br>
+ ),<br>
Str('subject',<br>
label=_('Subject'),<br>
),<br>
@@ -453,6 +463,7 @@<br>
Display information about a host.<br>
"""<br>
has_output_params = LDAPRetrieve.has_output_params +
host_output_params<br>
+ member_attributes = ['managedby']<br>
<br>
def post_callback(self, ldap, dn, entry_attrs, *keys, **options):<br>
if 'krblastpwdchange' in entry_attrs:<br>
<br>
<br>
<br>
<br>
As well as <br>
<br>
--- tests/test_xmlrpc/test_host_plugin.py<br>
+++ tests/test_xmlrpc/test_host_plugin.py<br>
@@ -221,6 +228,7 @@<br>
fqdn=[fqdn1],<br>
l=[u'Undisclosed location 1'],<br>
krbprincipalname=[u'host/%s@%s' % (fqdn1,
api.env.realm)],<br>
+ managedby_host=[u'%s' % fqdn1],<br>
usercertificate=[base64.b64decode(servercert)],<br>
valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',<br>
valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',<br>
@@ -247,6 +255,7 @@<br>
l=[u'Undisclosed location 1'],<br>
krbprincipalname=[u'host/%s@%s' % (fqdn1,
api.env.realm)],<br>
has_keytab=False,<br>
+ managedby_host=[u'%s' % fqdn1],<br>
usercertificate=[base64.b64decode(servercert)],<br>
valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',<br>
valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',<br>
tests/test_xmlrpc/test_host_plugin.py.rej (END) <br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
</body>
</html>