On Mon, 2012-01-23 at 11:14 +0100, Jan Cholasta wrote:
> Dne 20.1.2012 21:15, Rob Crittenden napsal(a):
> > macaddress is a multi-valued attribute and we allow multiple entries.
> > This is from the objectclass ieee802device. This is added manually when
> > doing a mod or add and not as a default to support existing host entries
> > that do not have this objectclass. If this were added to the defaults
> > then existing hosts missing this objectclass would not be found by
> > host-find.
> >
> > It is possible to get ethers data out of nss by configuring
> > nsswitch.conf to use ldap for ethers and running getent ethers <hostname>
> >
> > I tested nslcd and it only returned one macaddress value. I don't know
> > if this is a deficiency in nslcd or expected behavior.
> >
> > https://fedorahosted.org/freeipa/ticket/1132
> >
> > rob
> >
> 
> @@ -442,6 +448,7 @@ class host_add(LDAPCreate):
>               x509.verify_cert_subject(ldap, keys[-1], cert)
>               entry_attrs['usercertificate'] = cert
>           entry_attrs['managedby'] = dn
> +        entry_attrs['objectclass'].append('ieee802device')
>           return dn
> 
>       def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
> 
> Why do you add the objectclass here instead of adding it to host 
> plugin's object_class attribute?
> 
> Honza
> 

As Rob pointed out, old host records without ieee802device objectclass
wouldn't then be matched in host-find command.

I checked the patch and it looks ok. I have just 3 minor issues:

1) As you didn't specify the param with csv=True its values cannot be
entered in a comma-separated list. I think we can enable this feature
for MAC Address

2) I would fix capitalization of label of macaddress. A second word in a
label is lowercase in other params.

3) I think we may want to implement a normalizer for MAC address which
would make it either lowercase or uppercase so that we provide results
with consistent case.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to