[Freeipa-users] dns stops working after upgrade
Stephen Benjamin
stephen at redhat.com
Wed Nov 5 15:45:02 UTC 2014
On Wed, Nov 05, 2014 at 10:20:36AM -0500, Rob Crittenden wrote:
> Stephen Benjamin wrote:
> > On Wed, Nov 05, 2014 at 09:41:59AM -0500, Rob Crittenden wrote:
> >>>> Also when I look at the permissions in ipa there are no longer any
> >>>> permissions that have the 'System: ' prefix.
> >>>
> >>> AFAIK the foreman proxy is not necessary (and not supported) with IPA
> >>> 4.x because it was obsoleted by 'native' proxy delivered by Foreman
> >>> upstream.
> >>>
> >>> Am I right, Rob (Crittenden)? :-)
> >>
> >> I believe he's referring to the native smart proxy here. It includes a
> >> script to setup permissions. I guess it hasn't been tested against a 4.x
> >> IPA master.
> >
> > The permissions have changed names in FreeIPA 4.0, which means the
> > script won't work. I've tested this one against 4.1 on F21 and it
> > works:
> >
> > https://raw.githubusercontent.com/stbenjam/smart-proxy/8278/sbin/foreman-prepare-realm
> >
> > There's an open pull request against foreman's Smart Proxy to include
> > that in the next release:
> >
> > https://github.com/theforeman/smart-proxy/pull/231
>
> Great news! As an upstream we should probably try to avoid breaking
> other packages in the future. Do you have any suggestions on how we
> might avoid this in the future (stable permission names would be one)?
That kind of breakage seems fine between major versions. It would be
nice if things would stay consistent -- but they generally do, so I
don't really have any complaints.
I think I should probably try to get to testing the betas of FreeIPA
sooner with foreman.
--
Stephen Benjamin
______________________________________________________
Red Hat GmbH | http://de.redhat.com/ | Sitz: Grasbrunn
Handelsregister: Amtsgericht München, HRB 153243
Geschäftsführer: Charles Cachera, Michael Cunningham,
Michael O'Neill, Charles Peters
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20141105/73ecfcbe/attachment.sig>
More information about the Freeipa-users
mailing list