-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/21/2010 08:14 AM, Simo Sorce wrote:
> 
> These commands had a very confusing syntax as well as issues (init was
> running the memberof task on the wrong server).
> 
> The commands has been renamed to make it clearer what they do.
> init -> re-initialize
> synch -> force-sync
> 
> both commands now require a --from <hostname> as the server they get
> their data from and can only be run on the replica that needs to be
> re-initialized or re-synced. This is to make it was confusing to
> understand what server was used so now the server you are operating on
> is the one you are sitting on.
> 
> As a bonus the whole thing now works with just admin credentials (or
> any kerb credentials of a user with the managereplica permission).
> 
> The init command also does not return until the re-initialization is
> done (giving out the status once a second) and properly runs the
> memberof task only once all the entries have been received.
> 
> The only thing that I am a bit unconfortable with is the new aci on the
> cn=tasks,cn=config object. I tried to add the task on the cn=memberof
> task,cn=tasks,cn=config object to restrict pwer only on that task, but
> DS refused to allow me to set an aci on that entry for some reason.
> 
> Fixes: #626
> 
> Simo.
> 


The patch looks good to me, but the hunk in ipaserver/install/service.py
seems to be completely unrelated. Did you run git commit -am by accident?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk0Q7WoACgkQHsardTLnvCX9qwCgoOvWEijDCVR5HdkwTmUy3k1G
10cAoOUf3Ku9jtsVTT1Wt0iTmX5uKuoP
=GMK7
-----END PGP SIGNATURE-----

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to