[Freeipa-users] dns stops working after upgrade
Rob Crittenden
rcritten at redhat.com
Wed Nov 5 15:20:36 UTC 2014
Stephen Benjamin wrote:
> On Wed, Nov 05, 2014 at 09:41:59AM -0500, Rob Crittenden wrote:
>>>> Also when I look at the permissions in ipa there are no longer any
>>>> permissions that have the 'System: ' prefix.
>>>
>>> AFAIK the foreman proxy is not necessary (and not supported) with IPA
>>> 4.x because it was obsoleted by 'native' proxy delivered by Foreman
>>> upstream.
>>>
>>> Am I right, Rob (Crittenden)? :-)
>>
>> I believe he's referring to the native smart proxy here. It includes a
>> script to setup permissions. I guess it hasn't been tested against a 4.x
>> IPA master.
>
> The permissions have changed names in FreeIPA 4.0, which means the
> script won't work. I've tested this one against 4.1 on F21 and it
> works:
>
> https://raw.githubusercontent.com/stbenjam/smart-proxy/8278/sbin/foreman-prepare-realm
>
> There's an open pull request against foreman's Smart Proxy to include
> that in the next release:
>
> https://github.com/theforeman/smart-proxy/pull/231
Great news! As an upstream we should probably try to avoid breaking
other packages in the future. Do you have any suggestions on how we
might avoid this in the future (stable permission names would be one)?
rob
More information about the Freeipa-users
mailing list