Martin Kosek wrote:
On Thu, 2012-02-09 at 18:18 +0100, Jan Cholasta wrote:
On 8.2.2012 16:35, Rob Crittenden wrote:
Jan Cholasta wrote:
Patch 62: need a failsafe to remove CCACHE_FILE in case something goes
wrong. I should note too that this won't work on platforms prior to
Python 2.6 (RHEL-5 is one). This is fine, just means host keys won't be
automatically updated.

What exactly won't work on Python 2.6?

Sorry, I wasn't very clear. It isn't something specific to your patch,
it is large portions of the framework in general. Just wanted to alert you.


Updated&  rebased the patches.

There is going to be one additional patch, which will make IPA take
advantage of the new SSH support in SSSD. I have decided not to submit
it now, because it breaks ipa-client-install if SSSD isn't patched with
my "Add missing services to sssd.api.conf" and "Add methods for
activating and deactivating services to SSSDConfig" patches (see
sssd-devel). I'll submit it once the next SSSD beta is released.


Ok, I went through the patches and they works and generally looks ok
(although some minor rebasing is needed before the push).

I just have one concern at the moment. If you update FreeIPA server with
DNS support, it won't update the update policy for current zones. Thus,
only A and AAAA record update is allowed and ipa-client-install always
fail to update SSHFP records in such zones.

But I don't think its crucial, I would be OK with pushing the patches as
they are and create another ticket to either fix or document it.
Otherwise ACK.


Can you open a ticket on that?

ACK, pushed all 11 to master and ipa-2-2.

I updated the commit messages to include a ticket number in each for tracking.


Freeipa-devel mailing list

Reply via email to