On Mon, 2011-05-23 at 14:38 -0400, Rob Crittenden wrote:
> In an attempt to support multiple direct maps we always included the 
> automountinformation in the key dn. This makes showing keys impossible a 
> bit of a catch-22. You want to get the mount info but to get it you need 
> the mount info.
> This patch drops requiring automountinfo but if provided it'll use it to 
> make the dn. This way we can have backwards compatibility for any 
> existing maps but going forward only direct maps will have the info in it.
> --key is still required when dealing with keys, no way around that 
> without doing a major API change, migrating data, etc.
> ticket 1229
> rob

I tested this patch and from CLI perspective, it makes things better. I
think it is our best bet if we want to avoid major API changes and
migration nightmares.

I have only few minor issues regarding the patch:
1) API minor version has been bumped since this patch was out, it needs
a rebase
2) check_key_uniqueness function needs to be fixed so that it doesn't
search only for key/info DNs. Otherwise, it doesn't detect some
duplicates which leads to inconvenient errors. For example when a
duplicate indirect map is added:

# ipa automountkey-find default auto.master
  Key: /-
  Mount information: auto.direct

  Key: /usr/share
  Mount information: auto.share
# ipa automountkey-add default auto.master --key=/usr/share --info=auto.share2
ipa: ERROR: key named auto.master already exists


