On 07/11/2013 08:59 AM, Tomas Babej wrote:
> On Wednesday 26 of June 2013 10:12:48 Petr Spacek wrote:
> 
>  
> 
> [snip]
> 
>  
> 
>>
> 
>> Appropriate error handling = Return 'Permission denied' if particular
> 
>> operation requires higher privileges.
> 
>>
> 
>> IMHO 'cryptic' error message is bad in any case, so the right way how to fix
> 
>> 'cryptic' error messages is to fix the places where errors are thrown.
> 
>>
> 
>> I don't think that additional checks in 'advisor' to hide 'cryptic' errors 
>> are
> 
>> the right approach.
> 
>>
> 
>> --
> 
>> Petr^2 Spacek
> 
>  
> 
> To wrap-up, after an offline discussion Petr:
> 
>  
> 
> We came to an conclusion that since 'require_root' attribute is optional (Petr
> was not aware of that, and that fact was what caused his concern), with 
> default
> value False, the attribute should not pose any additional burden for
> 
> the plugin developer.
> 
>  
> 
> Tomas
> 

Agreed, I think that current approach is fine.

Alexander, are you OK with the ipa-advise tool as is? We can add more bells and
whistles or options/API for plugins when we have actually more ipa-advise
plugins and see the real needs of such plugins.

Martin

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to