Rob Crittenden wrote:
Pavel Zuna wrote:
Alright, here's my first shot at the Kerberos Ticket Policy management plugin.

It is also a "new type" of plugin. What I mean by that is that it takes an optional primary key (username) as its first argument. If used, policy for a specific user is being managed. If not, the global policy is being managed. If there's no value defined for a specific user, the global value is displayed instead. This pattern could also be applied to the pwpolicy plugin.

The pwpolicy plugin currently doesn't even use the baseldap classes and is a bit buggy*. So, if nobody minds, I'd like to rewrite it to use this pattern. It should only take a few hours.

* minor bugs in pwpolicy plugin:
- it says that higher number in cosPriority means higher priority, this isn't true - it is impossible to modify cosPriority using pwpolicy-mod, it throws an exception, because it tries to set it in the wrong entry


I'm having a problem getting this to apply to the tip. Does this depend on some other patches?

patching file ipalib/plugins/
Hunk #5 succeeded at 346 (offset 152 lines).
Hunk #6 FAILED at 363.
Hunk #7 FAILED at 422.
Hunk #8 FAILED at 506.
Hunk #9 succeeded at 208 (offset -163 lines).
Hunk #10 succeeded at 566 (offset 152 lines).
Hunk #11 succeeded at 267 (offset -163 lines).
Hunk #12 succeeded at 873 (offset 150 lines).
3 out of 12 hunks FAILED -- saving rejects to file ipalib/plugins/
patching file ipalib/plugins/

There was a forgotten patch adding --all to LDAPCreate, I reposted it on freeipa devel just now. I also generated a new version of the Kerberos Ticket Policy plugin patch (attached), just in case.


Attachment: 0002-Add-Kerberos-Ticket-Policy-management-plugin.patch
Description: application/mbox

Freeipa-devel mailing list

Reply via email to