On Wed, 2012-02-22 at 17:47 -0500, Rob Crittenden wrote:
> Don't allow a host that is a master or its IPA services to be deleted.
> 
> I'm taking a pretty limited view of services, preventing deletion of 
> just the IPA services I could think of. I don't want to prevent someone 
> from deleting an nfs service they set up, for example.
> 
> I'm raising a ValidationError here. I don't know what value it would add 
> to have a custom exception but I can add one if desired.
> 
> rob

Generally it looks OK. At first I was concerned if we don't blow up
during ipa-replica-manage del, but it worked fine.

I have just 2 minor issues:
1) There is wrong attribute name in new service-del ValidationError,
which is confusing:

# ipa service-del
ldap/vm-068.idm.lab.bos.redhat....@idm.lab.bos.redhat.com
ipa: ERROR: invalid 'hostname': This service cannot be removed from an
IPA master

2) I would move function host_is_master rather to ipalib/util.py as its
not really related with base classes in baseldap.py

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to