[Freeipa-devel] [PATCH] 948 handle ipa_kpasswd on upgrades
Martin Kosek
mkosek at redhat.com
Wed Feb 15 14:23:50 UTC 2012
On Wed, 2012-02-15 at 08:45 -0500, Rob Crittenden wrote:
> Rob Crittenden wrote:
> > Martin Kosek wrote:
> >> On Mon, 2012-02-13 at 11:46 -0500, Rob Crittenden wrote:
> >>> When upgrading from 2.1 to 2.2 we need to kill any ipa_kpasswd processes
> >>> and uninstall it.
> >>>
> >>> We also need to update the dbmodules section in /etc/krb5.conf to
> >>> reflect the new kdb.
> >>>
> >>> rob
> >>
> >> The patch works fine, I just have few comments.
> >>
> >> This line seems a bit confusing (at least for me):
> >> + if not enabled is None and not enabled:
> >> + ipa_kpasswd.remove()
> >>
> >> I would prefer
> >> + if enabled is not None and not enabled:
> >> + ipa_kpasswd.remove()
> >>
> >> I know, its just a nitpick.
> >
> > I saw that too and was tempted to change it but this is the way it is
> > done currently in services, didn't want to mess with success :-)
> >
> > I'm not opposed.
> >
> >>
> >> I checked update_dbmodules() function. It works but as we discussed,
> >> there is a lot of hard-coding and a success of this function depends on
> >> proper indentation etc. I would accept this fix as a short-term
> >> solution, in the future we may want to use some better means to update
> >> our configs like augeas that was already discussed before.
> >
> > Yes, ideally we'll switch to using the ipaChangeConf module but it
> > doesn't support searching within subsections yet.
>
> Updated patch moving position of not.
>
> rob
Thanks for the update. Now, my nitpick mastery is complete...
ACK. Pushed to master, ipa-2-2.
Martin
More information about the Freeipa-devel
mailing list