[Freeipa-devel] [PATCH] Changes to use a single database for dogtag and IPA
Petr Viktorin
pviktori at redhat.com
Thu Sep 27 08:26:51 UTC 2012
On 09/20/2012 05:58 AM, Ade Lee wrote:
> Changes to use a single database for dogtag and IPA
>
> New servers that are installed with dogtag 10 instances will use
> a single database instance for dogtag and IPA, albeit with different
> suffixes. Dogtag will communicate with the instance through a
> database user with permissions to modify the dogtag suffix only.
> This user will authenticate using client auth using the subsystem cert
> for the instance.
>
> This patch includes changes to allow the creation of masters and clones
> with single ds instances.
>
> I have tested being able to create a master and a clone using f17 and
> dogtag 10. Note that you will need to use the latest builds on the
> dogtag repo to get some changes that were checked in today. We'll kick
> off another official f18 dogtag build in a day or so.
>
> This is a pretty big change - so I expect many issues to come up as
> things get tested. But as this will take awhile to get resolved, its
> better to get this out for review as fast as possible.
>
> Happy reviewing.
>
> Ade
>
>
Attaching a rebased patch with a couple of style issues fixed.
- PEP8 compliance (remove trailing whitespace, use parentheses rather
than \ for line continuation, wrap touched lines at 80 characters)
- for files, use the with statement instead of the "open/close sandwich"
- don't mix tabs and spaces in install/share/certmap.conf.template
I've also adjusted the spec file, as we need dogtag 10.0 and pki-server
now obsoletes pki-setup.
I still need selinux in permissive mode to install on f17, and I still
need to exclude *.i686 packages when updating.
--
Petr³
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-alee-0001-01-Changes-to-use-a-single-database-for-dogtag-and-IPA.patch
Type: text/x-patch
Size: 35382 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120927/625d8128/attachment.bin>
More information about the Freeipa-devel
mailing list