On 04/27/2010 09:49 PM, Rob Crittenden wrote:
Pavel Zůna wrote:Don't mind the numbering. This is a completely independent patch.It adds a new pwpolicy plugin based on baseldap.py classes. It has the same functionality as the current pwpolicy plugin, but a more clean and consistent interface, fine grained search capabilities, etc. This is actually an updated version of a patch I released some time ago, but it never got fully reviewed. PavelThe original pwpolicy module took group policy via the --group option, yours takes group as the first argument (if any). My thought on this was that at some point someone would want per-user password policy so we could add a --user option. If this isn't forseen as needed then using the first argument for group is probably easier to grok. Had a failure: $ ./ipa pwpolicy2-mod g1 --priority=2 ipa: ERROR: an internal error has occurred File "/home/rcrit/redhat/freeipa-ca/ipalib/plugins/pwpolicy2.py", line 99, in pre_callback del entry_attrs['cn'] KeyError: 'cn' rob
Fixed.I also noticed another minor bug. When only priority is modified by pwpolicy2-mod, the EmptyModlist exception is raised. This is because priority is stored in a different entry that is managed by cosentry_* commands and there's nothing left to be changed for the policy entry. The command does it's job, but reports an error and there is no way to catch it without ugly hacks. I'm going to implement a new callback type for baseldap.py classes for the purpose of error handling/exception catching.
Pavel
pzuna-freeipa-0003-pwpolicy2.patch
Description: application/mbox
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
