On 04/18/2014 04:01 PM, Misnyovszki Adam wrote:
> On Thu, 17 Apr 2014 16:21:19 +0200
> Martin Kosek <mko...@redhat.com> wrote:
>> On 04/17/2014 04:10 PM, Rob Crittenden wrote:
>>> Misnyovszki Adam wrote:
>>>> Hi,
>>>> this patch modifies ipa-server-install to warn the user, if there
>>>> is a lack of entropy, also runs generate-rndc-key.sh before named
>>>> restart, to ensure, that it can start before systemd timeouts.
>>> I think the exception should be logged in check_entropy() in case
>>> this every does fail (the file name changes, the format changes,
>>> etc).
>>> There should be a try/except around the run() call.
>>> I noticed that /etc/rndc.key isn't removed on uninstall, which I
>>> guess means the same key will be re-used. Should we be removing
>>> that?
>>> rob
>> Also, bare exceptions are bad!
>> +    except:
>> +        service.print_msg("Could not determine entropy, possible
>> long delays")
>> Next, you do all the checks in ipa-server-install, while they should
>> be in service files, like krbinstance.py so that it is also checked
>> in other installers, like ipa-replica-install.
>> Same for DNS, it should be a separate step in bindinstance.py so that
>> when the installation is hanging, you can see
>>  [X/Y] Generating rndc key file
>> and know that it is hanging on that part.
>> I would not misuse "service.print_msg" for regular messages, I would
>> only do the
>> service.print_msg("WARNING: Your system is running out of entropy,
>> expect long delays!")
>> others can be either turn into separate installation step or debug
>> log message.
>> Martin
> Hi,
> according to personal discussion with Martin, see the corrected patch!
> Thanks
> Adam

ACK. Pushed to master: 71c6d2f1eb9610a0e0a994a6cfd78fdf9bb9d1fa

Given that Adam no longer works in the Adam and cannot update the patch, I did
couple very minor fixes - description is in the commit message.


Freeipa-devel mailing list

Reply via email to