[Fedora-directory-devel] Please review: Bug 237356: Move DS Admin Code into Admin Server - support cacert for configds, fix permissions
Richard Megginson
rmeggins at redhat.com
Wed Jun 20 15:14:16 UTC 2007
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=237356
Resolves: bug 237356
Bug Description: Move DS Admin Code into Admin Server - support cacert
for configds, fix permissions.
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: If the Config DS is set up to use TLS/SSL, we should
allow the admin to setup a new admin server to use TLS/SSL with the
Config DS. The user may supply either a cacert file in ascii/pem
format, or just set the CACertificate param in the .inf file to the
actual ascii value. This latter option allows you to have a single .inf
file that you can carry around to all of your servers that you want to
set up, instead of having to have an additional file for the cacert.
However, it only works for the initial setup. It should probably detect
if the cacert already exists and just use it if so.
File permissions need to be set correctly. The code that deals with
file and directory creation should ensure that permissions are set
properly. This mostly applies to the configdir, so that the config
files needed to be read and written by the admin server have the correct
permissions and ownership.
Also fixed a minor bug about changing the admin server port, and with
detecting if there is an existing config ds to use or not.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=157471&action=diff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20070620/46d0a02b/attachment.bin>
More information about the Fedora-directory-devel
mailing list