[Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation

David Kupka dkupka at redhat.com
Fri Sep 5 07:25:18 UTC 2014 

On 09/04/2014 01:22 PM, Jan Cholasta wrote:
> Dne 4.9.2014 v 12:42 David Kupka napsal(a):
>> On 09/03/2014 05:09 PM, Jan Cholasta wrote:
>>> Hi,
>>>
>>> Dne 27.8.2014 v 13:56 David Kupka napsal(a):
>>>> Usually it isn't wise to allow something like this. But in environment
>>>> with broken DNS (described in ticket) there is probably not many
>>>> alternatives.
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/4444
>>>
>>> 1) I think you can log realm in search() as part of the "Starting IPA
>>> discovery ..." message instead of a separate message.
>>>
>>>
>>> 2) Also, no need to log the realm twice in search().
>> I forget to remove some redundant debug prints.
>>>
>>>
>>> 3) It looks like you forgot to un-indent some code in
>>> ipadnssearchkrbkdc().
>>>
>> Fixed, thanks.
>
> What I meant is that this:
>
>      def ipadnssearchkrbkdc(self, domain=None):
>          kdc = None
>
>          if not domain:
>              domain = self.domain
>
>              kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>                                           break_on_first=False)
>
>              if kdc:
>                  kdc = ','.join(kdc)
>              else:
>                  root_logger.debug("SRV record for KDC not found!
> Domain: %s" % domain)
>                  kdc = None
>
>          return kdc
>
> should be this:
>
>      def ipadnssearchkrbkdc(self, domain=None):
>          if not domain:
>              domain = self.domain
>
>          kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>                                       break_on_first=False)
>          if kdc:
>              kdc = ','.join(kdc)
>          else:
>              root_logger.debug("SRV record for KDC not found! Domain:
> %s" % domain)
>              kdc = None
>
>          return kdc
>
> Isn't that right?
>

Oh, you're right, again :) Thanks.
>>>
>>> Honza
>>>
>>
>
>

-- 
David Kupka
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-dkupka-0011-3-Allow-user-to-force-Kerberos-realm-during-installati.patch
Type: text/x-patch
Size: 4660 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140905/4a131aa9/attachment.bin>

More information about the Freeipa-devel mailing list