On Fri, 2011-07-29 at 13:09 +0300, Alexander Bokovoy wrote:
> Hi,
>
> another attempt to refine error/configuration reporting when configuring
> means to access LDAP on a client. Previous one tried to use rpm to find
> out package name but this approach is avoiding package names. Instead,
> it tries to tell configuration file.
>
> Ticker https://fedorahosted.org/freeipa/ticket/1369
NACK.
1) Return info from LDAP config functions gets overwritten:
if not options.sssd:
(retcode, conf, filename) = configure_ldap_conf(fstore, cli_basedn,
cli_realm, cli_domain, cli_server, dnsok, options)
if retcode:
return 1
(retcode, conf, filename) = configure_nslcd_conf(fstore, cli_basedn,
cli_realm, cli_domain, cli_server, dnsok, options)
if retcode:
return 1
Only one function will do the real configuration, in my case it was the
configure_ldap_conf (nslcd was not installed). Due to the overwrite, my
ipa-client-install reported invalid information:
# ipa-client-install --server=vm-059.idm.lab.bos.redhat.com
--domain=idm.lab.bos.redhat.com --no-sssd
...
LDAP enabled
Kerberos 5 enabled
NSLCD configured using configuration file /etc/nslcd.conf <<<<
Unable to use DNS discovery! Recognized configuration: NSLCD
Changing configuration of /etc/ldap.conf to use hardcoded server name:
vm-059.idm.lab.bos.redhat.com
NTP enabled
Client configuration complete.
We need to indicate in the return triple that the service was not
configured so that we output correct information.
2) Returning tuple instead of triple (will raise exception when used):
- return 1
+ return (1, 'nslcd')
Plus, NSLCD is referred in upper case in other return statements.
Martin
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
