On Thu, 2011-10-13 at 15:09 -0400, Rob Crittenden wrote: > Rob Crittenden wrote: > > Martin Kosek wrote: > >> On Thu, 2011-10-13 at 11:01 -0400, Rob Crittenden wrote: > >>> Martin Kosek wrote: > >>>> On Wed, 2011-10-12 at 23:54 -0400, Rob Crittenden wrote: > >>>>> The has_upg() check was created during a transition period for 389-ds. > >>>>> It is no longer needed and is actually breaking things. The > >>>>> location of > >>>>> UPG template moved so it thinks the feature is not available. This is > >>>>> making the primary user's group ipausers instead of the UPG. > >>>>> > >>>>> rob > >>>> > >>>> Shouldn't we remove has_managed_entries() and its use too? After > >>>> all, we > >>>> claim that this patch fixes #1242 which asks for has_managed_entries() > >>>> removal. > >>>> > >>>> Martin > >>>> > >>> > >>> Updated patch attached. It removes has_managed_entries(). > >>> > >>> rob > >> > >> Looks good - there is just some leftover in the bottom of commit > >> message, probably from patch squashing. > >> > >> However, I was thinking about has_upg() removal. Shouldn't we check if > >> the UPG plugin is enabled (the same way we do in ipa-managed-entries)? > >> Otherwise if the plugin is disabled and we would run user-add command > >> without --noprivate option, we would set nonexistent GID for the user as > >> the UPG wouldn't be created. > >> > >> Martin > >> > > > > Ok, good point. > > > > I decided to just fix has_upg() for now. > > > > I'm caching the value so we don't have to do an extra search every > > single time we add a user. I don't think this is the kind of thing that > > is going to be turned on/off a lot (e.g. you'll turn it off and be done > > with it). > > > > rob > > Updated patch to remove caching. Since the config is now replicated if > an admin disables it they would quickly have to restart all Apache > servers on all replicas which is bad. > > rob >
ipaserver/plugins/ldap2.py:723: [E0001] invalid syntax return = False? Really? :-) Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel