[Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation
Jan Cholasta
jcholast at redhat.com
Fri Sep 5 12:44:55 UTC 2014
Dne 5.9.2014 v 09:25 David Kupka napsal(a):
> On 09/04/2014 01:22 PM, Jan Cholasta wrote:
>> Dne 4.9.2014 v 12:42 David Kupka napsal(a):
>>> On 09/03/2014 05:09 PM, Jan Cholasta wrote:
>>>> Hi,
>>>>
>>>> Dne 27.8.2014 v 13:56 David Kupka napsal(a):
>>>>> Usually it isn't wise to allow something like this. But in environment
>>>>> with broken DNS (described in ticket) there is probably not many
>>>>> alternatives.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/4444
>>>>
>>>> 1) I think you can log realm in search() as part of the "Starting IPA
>>>> discovery ..." message instead of a separate message.
>>>>
>>>>
>>>> 2) Also, no need to log the realm twice in search().
>>> I forget to remove some redundant debug prints.
>>>>
>>>>
>>>> 3) It looks like you forgot to un-indent some code in
>>>> ipadnssearchkrbkdc().
>>>>
>>> Fixed, thanks.
>>
>> What I meant is that this:
>>
>> def ipadnssearchkrbkdc(self, domain=None):
>> kdc = None
>>
>> if not domain:
>> domain = self.domain
>>
>> kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>> break_on_first=False)
>>
>> if kdc:
>> kdc = ','.join(kdc)
>> else:
>> root_logger.debug("SRV record for KDC not found!
>> Domain: %s" % domain)
>> kdc = None
>>
>> return kdc
>>
>> should be this:
>>
>> def ipadnssearchkrbkdc(self, domain=None):
>> if not domain:
>> domain = self.domain
>>
>> kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>> break_on_first=False)
>> if kdc:
>> kdc = ','.join(kdc)
>> else:
>> root_logger.debug("SRV record for KDC not found! Domain:
>> %s" % domain)
>> kdc = None
>>
>> return kdc
>>
>> Isn't that right?
>>
>
> Oh, you're right, again :) Thanks.
>>>>
>>>> Honza
>>>>
>>>
>>
>>
>
ACK.
--
Jan Cholasta
More information about the Freeipa-devel
mailing list