On 03/14/2013 10:48 AM, Tomas Babej wrote:
> On 03/13/2013 05:23 PM, Martin Kosek wrote:
>> On 03/13/2013 09:50 AM, Tomas Babej wrote:
>>> On Wed 13 Mar 2013 09:47:09 AM CET, Tomas Babej wrote:
>>>> Hi,
>>>>
>>>> SID validation in idrange.py now enforces exact match on SIDs, thus
>>>> one can no longer use SID of an object in a trusted domain as a
>>>> trusted domain SID.
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/3432
>>>>
>>>> Tomas
>>>>
>>>>
>>>> _______________________________________________
>>>> Freeipa-devel mailing list
>>>> Freeipa-devel@redhat.com
>>>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>>> Just renamed the patch filename to follow the convention.
>>>
>>> Tomas
>>>
>> I do not think that the debug message is needed:
>>
>> +            root_logger.error('No trusted domain with given SID found, '
>> +                              'listing SIDS for all the trusted domains:')
>> +            for domain in self._domains:
>> +                root_logger.error('SID: %s' % self._domains[domain][1])
>>
>> User will not see it anyway and he can easily get list of SIDs/domains with
>> "ipa trust-find".
>>
>> Otherwise the patch looks and works fine. I would just consider renaming the
>> method from is_trusted_sid_valid_domain to is_trusted_domain_sid_valid. 
>> Sounds
>> better to me, but I have no strong feelings about that.
>>
>> Martin
> Both fixed.
> 
> Tomas
> 

ACK. Pushed to master, ipa-3-1.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to