[Freeipa-devel] [PATCH] 961 don't allow masters or their services to be deleted
Martin Kosek
mkosek at redhat.com
Thu Feb 23 12:41:27 UTC 2012
On Wed, 2012-02-22 at 17:47 -0500, Rob Crittenden wrote:
> Don't allow a host that is a master or its IPA services to be deleted.
>
> I'm taking a pretty limited view of services, preventing deletion of
> just the IPA services I could think of. I don't want to prevent someone
> from deleting an nfs service they set up, for example.
>
> I'm raising a ValidationError here. I don't know what value it would add
> to have a custom exception but I can add one if desired.
>
> rob
Generally it looks OK. At first I was concerned if we don't blow up
during ipa-replica-manage del, but it worked fine.
I have just 2 minor issues:
1) There is wrong attribute name in new service-del ValidationError,
which is confusing:
# ipa service-del
ldap/vm-068.idm.lab.bos.redhat.com at IDM.LAB.BOS.REDHAT.COM
ipa: ERROR: invalid 'hostname': This service cannot be removed from an
IPA master
2) I would move function host_is_master rather to ipalib/util.py as its
not really related with base classes in baseldap.py
Martin
More information about the Freeipa-devel
mailing list