On Fri, 02 Nov 2012, Martin Kosek wrote:
On 11/02/2012 01:19 PM, Alexander Bokovoy wrote:
On Wed, 17 Oct 2012, Martin Kosek wrote:
On 10/17/2012 12:52 PM, Sumit Bose wrote:
On Wed, Oct 10, 2012 at 06:05:02PM +0300, Alexander Bokovoy wrote:

this patch originated from off-list discussion regarding multiple runs
of ipa trust-add against the same domain.

Since trust-add re-establishes the trust every time it is run and all
the other information fetched from the remote domain controller stays
the same, it can be run multiple times. The only change would occur is
update of trust relationship credentials -- they are supposed to be
updated periodically by underlying infrastructure anyway.

So the patch adds some clarity to the help and changes summary message
when trust was re-established instead of created.
/ Alexander Bokovoy


Btw, another useful feature of allowing to run trust-add multiple times
is to re-established the trust if it was deleted only on one side, AD or
IPA. Having a separate command for this would make no sense because it
would be basically be an alias to trust-add.


I am still a bit worried about our consistency with IPA command help
indentation. You have it indented with trust-add command:

# ipa help trust-add
Purpose: Add new trust to use.

   This command establishes trust relationship to another domain
   which becomes 'trusted'. As result, users of the trusted domain
   may access resources of this domain.
A fix is attached.

ACK. Pushed to master, ipa-3-0.

Btw. I did not see any ticket linked to this patch. If there is any, please
feel free to close it.

It was https://fedorahosted.org/freeipa/ticket/3172.

/ Alexander Bokovoy

Freeipa-devel mailing list

Reply via email to