[Ovirt-devel] [PATCH] fixes for IPA issues
Alan Pevec
apevec at redhat.com
Tue Jun 24 13:16:58 UTC 2008
Chris Lalancette wrote:
> Alan Pevec wrote:
>> - disable krb4 port to avoid rpcbind conflict
>> - change max username policy to allow for 'ovirtadmin'
>> (ipa-adduser started complaining about it in ipa-1.1.0)
>> NB: https://admin.fedoraproject.org/updates/F9/pending/ipa-1.1.0-3.fc9 is required
>> ovirt.org repo will host it until it hits F9 stable updates
>
> The patch is fine, but is there any compelling reason to host ipa-1.1.0 in the
> ovirt repos? I'm fine with putting in fixes to get ahead of the game when it
> does get pushed to updates, but unless there is a feature we need, I don't think
> we need to host it ourselves.
Issue is that F9 updates stable has ipa-1.1.0-2 which is known to be partially broken, from -3 changelog:
- Rebuild against openldap libraries, mozldap ones do not work properly
and to quote FreeIPA guys: "breaks password changes (and keytab retrieveal as it goes through the same ldap interface)"
btw, my patch has an obvious mistake: need to replace EOF->LDAP since it's already inside <<EOF
More information about the ovirt-devel
mailing list