[Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation

Petr Viktorin pviktori at redhat.com
Fri Sep 5 12:51:08 UTC 2014 

On 09/05/2014 02:44 PM, Jan Cholasta wrote:
> Dne 5.9.2014 v 09:25 David Kupka napsal(a):
>> On 09/04/2014 01:22 PM, Jan Cholasta wrote:
>>> Dne 4.9.2014 v 12:42 David Kupka napsal(a):
>>>> On 09/03/2014 05:09 PM, Jan Cholasta wrote:
>>>>> Hi,
>>>>>
>>>>> Dne 27.8.2014 v 13:56 David Kupka napsal(a):
>>>>>> Usually it isn't wise to allow something like this. But in
>>>>>> environment
>>>>>> with broken DNS (described in ticket) there is probably not many
>>>>>> alternatives.
>>>>>>
>>>>>> https://fedorahosted.org/freeipa/ticket/4444
>>>>>
>>>>> 1) I think you can log realm in search() as part of the "Starting IPA
>>>>> discovery ..." message instead of a separate message.
>>>>>
>>>>>
>>>>> 2) Also, no need to log the realm twice in search().
>>>> I forget to remove some redundant debug prints.
>>>>>
>>>>>
>>>>> 3) It looks like you forgot to un-indent some code in
>>>>> ipadnssearchkrbkdc().
>>>>>
>>>> Fixed, thanks.
>>>
>>> What I meant is that this:
>>>
>>>      def ipadnssearchkrbkdc(self, domain=None):
>>>          kdc = None
>>>
>>>          if not domain:
>>>              domain = self.domain
>>>
>>>              kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>>>                                           break_on_first=False)
>>>
>>>              if kdc:
>>>                  kdc = ','.join(kdc)
>>>              else:
>>>                  root_logger.debug("SRV record for KDC not found!
>>> Domain: %s" % domain)
>>>                  kdc = None
>>>
>>>          return kdc
>>>
>>> should be this:
>>>
>>>      def ipadnssearchkrbkdc(self, domain=None):
>>>          if not domain:
>>>              domain = self.domain
>>>
>>>          kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
>>>                                       break_on_first=False)
>>>          if kdc:
>>>              kdc = ','.join(kdc)
>>>          else:
>>>              root_logger.debug("SRV record for KDC not found! Domain:
>>> %s" % domain)
>>>              kdc = None
>>>
>>>          return kdc
>>>
>>> Isn't that right?
>>>
>>
>> Oh, you're right, again :) Thanks.
>>>>>
>>>>> Honza
>>>>>
>>>>
>>>
>>>
>>
>
> ACK.
>

Pushed to:
master: dc4bdd327ffffa639877b7d4553810b69943d996
ipa-4-1: a28d9b8f0a87633ac298676f47eadf0d7dc31cfb
ipa-4-0: 0e077319046b8f8089b7b8590fafb824df4b8077


-- 
Petr³

More information about the Freeipa-devel mailing list