On Wed, 2012-01-25 at 14:13 -0500, Rob Crittenden wrote: > Martin Kosek wrote: > > On Mon, 2012-01-23 at 11:14 +0100, Jan Cholasta wrote: > >> Dne 20.1.2012 21:15, Rob Crittenden napsal(a): > >>> macaddress is a multi-valued attribute and we allow multiple entries. > >>> This is from the objectclass ieee802device. This is added manually when > >>> doing a mod or add and not as a default to support existing host entries > >>> that do not have this objectclass. If this were added to the defaults > >>> then existing hosts missing this objectclass would not be found by > >>> host-find. > >>> > >>> It is possible to get ethers data out of nss by configuring > >>> nsswitch.conf to use ldap for ethers and running getent ethers<hostname> > >>> > >>> I tested nslcd and it only returned one macaddress value. I don't know > >>> if this is a deficiency in nslcd or expected behavior. > >>> > >>> https://fedorahosted.org/freeipa/ticket/1132 > >>> > >>> rob > >>> > >> > >> @@ -442,6 +448,7 @@ class host_add(LDAPCreate): > >> x509.verify_cert_subject(ldap, keys[-1], cert) > >> entry_attrs['usercertificate'] = cert > >> entry_attrs['managedby'] = dn > >> + entry_attrs['objectclass'].append('ieee802device') > >> return dn > >> > >> def post_callback(self, ldap, dn, entry_attrs, *keys, **options): > >> > >> Why do you add the objectclass here instead of adding it to host > >> plugin's object_class attribute? > >> > >> Honza > >> > > > > As Rob pointed out, old host records without ieee802device objectclass > > wouldn't then be matched in host-find command. > > > > I checked the patch and it looks ok. I have just 3 minor issues: > > > > 1) As you didn't specify the param with csv=True its values cannot be > > entered in a comma-separated list. I think we can enable this feature > > for MAC Address > > > > 2) I would fix capitalization of label of macaddress. A second word in a > > label is lowercase in other params. > > > > 3) I think we may want to implement a normalizer for MAC address which > > would make it either lowercase or uppercase so that we provide results > > with consistent case. > > Good ideas all. Updated patch attached. > > rob
ACK. Pushed to master, ipa-2-2. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel