Dne 19.9.2014 v 13:32 Martin Basti napsal(a):
On 01/09/14 16:26, Martin Basti wrote:
On 28/08/14 14:01, Jan Cholasta wrote:
Hi,
Dne 27.8.2014 v 15:22 Martin Basti napsal(a):
Patch attached.
1) Please rename object_exists to entry_exists.
2) Use empty attribute list in get_entry() in
object_exists/entry_exists.
3) Please update LDAPObject.get_dn_if_exists() to use
object_exists/entry_exists.
4) I'm not a fan of how do_bind() is laid out, IMHO something like
this would be better (untested):
+ def do_bind(self, dm_password=None, autobind=AUTOBIND_AUTO,
timeout=DEFAULT_TIMEOUT):
+ if dm_password:
+ self.do_simple_bind(bindpw=dm_password, timeout=timeout)
+ return
+
+ if autobind != AUTOBIND_DISABLED and os.getegid() == 0 and
self.ldapi:
+ try:
+ # autobind
+ pw_name = pwd.getpwuid(os.geteuid()).pw_name
+ self.do_external_bind(pw_name, timeout=timeout)
+ return
+ except errors.NotFound:
+ if autobind == AUTOBIND_ENABLED:
+ # autobind was required and failed, raise
+ # exception that it failed
+ raise
+
+ # Fall back
+ self.do_sasl_gssapi_bind(timeout=timeout)
Honza
3) skipped as we discuss on IRC
Updated patch attached
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Please review, this should be in 4.1
1) The patch need a rebase on top of current ipa-4-1.
2) You can remove import pwd from service.py, it is no longer used there.
3) Are named constants for the autobind argument the right thing to do?
It is a tri-state which can be expressed with None/True/False. (I'm just
asking, I don't have a strong opinion on this.)
--
Jan Cholasta
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
