[Freeipa-devel] [PATCH] 792 add --hosts option to allow/retrieve keytab methods
Jan Cholasta
jcholast at redhat.com
Mon Dec 1 13:33:07 UTC 2014
Hi,
Dne 1.12.2014 v 14:17 Petr Vobornik napsal(a):
> `--hosts` option added to:
> * service-allow-create-keytab
> * service-allow-retrieve-keytab
> * service-disallow-create-keytab
> * service-disallow-retrieve-keytab
> * host-allow-create-keytab
> * host-allow-retrieve-keytab
> * host-disallow-create-keytab
> * host-disallow-retrieve-keytab
>
> in order to allow hosts to retrieve keytab of their services or related
> hosts as described on http://www.freeipa.org/page/V4/Keytab_Retrieval
> design page
>
> https://fedorahosted.org/freeipa/ticket/4777
Since groups of users are supported with "group" members, we should
probably also support groups of hosts with "hostgroup" members, for
consistency.
>
>
> I'm pondering how to handle Web UI. I'm not font of adding a third pair
> of tables to host and service details pages because the amount of space
> on the page required for the keytab management is much bigger than its
> importance compared to other fields.
Honza
--
Jan Cholasta
More information about the Freeipa-devel
mailing list