On 09/26/2014 11:23 AM, Martin Kosek wrote:
On 09/25/2014 11:34 AM, thierry bordaz wrote:
On 09/25/2014 10:58 AM, Petr Viktorin wrote:
On 09/24/2014 06:02 PM, thierry bordaz wrote:
On 08/15/2014 10:40 PM, Petr Viktorin wrote:
A fix for https://fedorahosted.org/freeipa/ticket/4157
This depends on my patches 0631-0632 (for backup/restore integration
tests).
Our setsebool code was repeated a few times. Instead of adding
another
copy, I refactored what we have into a platform task.
I fixed two old setsebool tickets while I was at it:
https://fedorahosted.org/freeipa/ticket/2519
https://fedorahosted.org/freeipa/ticket/2934
Since ipaplatform should not depend on ipalib, and I needed a new
exception type, I added a new module, ipapython.errors. This might
not
be the best name, since it could be confused with ipalib.errors.
Opinions welcome.
As for the second patch: ideally, rather than what I do with `if
'ADTRUST' in self.backup_services`, we'd get the list of booleans
directly from the *instance modules, or even tell the individual
services to restore themselves. But, that refactoring looks like too
much to do now.
Filed easyfix: https://fedorahosted.org/freeipa/ticket/4571
The first patch looks good to me. Just a minor comment. The test
and run
of 'paths.SELINUXENABLED' is present several times in tasks.py and
fedora. Does it worth to refactor it ?
About the second patch, something I do not understand.
restore_selinux_booleans resets the selinux boolean to the values that
are taken from SELINUX_BOOLEAN_SETTINGS in the instance (http/ad) .
Does
that mean this dict has been updated with the original values (using
'backup_func' in set_selinux_booleans ?).
This is restoring an IPA installation, not restoring the system to a
pre-IPA
state.
The settings need to be the same as if IPA was being installed.
OK thanks for the explanation.
Is this an ACK?
Martin
Ho sorry, yes for me it is a ACK.
thierry
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
