Martin Kosek wrote:
On Wed, 2012-02-22 at 17:47 -0500, Rob Crittenden wrote:
Don't allow a host that is a master or its IPA services to be deleted.

I'm taking a pretty limited view of services, preventing deletion of
just the IPA services I could think of. I don't want to prevent someone
from deleting an nfs service they set up, for example.

I'm raising a ValidationError here. I don't know what value it would add
to have a custom exception but I can add one if desired.

rob

Generally it looks OK. At first I was concerned if we don't blow up
during ipa-replica-manage del, but it worked fine.

I have just 2 minor issues:
1) There is wrong attribute name in new service-del ValidationError,
which is confusing:

# ipa service-del
ldap/vm-068.idm.lab.bos.redhat....@idm.lab.bos.redhat.com
ipa: ERROR: invalid 'hostname': This service cannot be removed from an
IPA master

Yeah, I waffled on that myself. I used hostname since that is what was blowing up. I can change it.

2) I would move function host_is_master rather to ipalib/util.py as its
not really related with base classes in baseldap.py

I added in there because it requires LDAP to execute. You can't call this without an ldpa handle, etc. I think it should remain there to avoid confusion.

rob

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to