On 10.10.2014 10:39, Alexander Bokovoy wrote:

I'm resending patches 0159 and 0160, and adding two more:

0161 -- support user SSH public keys in ID view user overrides
0162 -- support gidNumber in ID view user override

SSH public keys to work require support from SSSD and that one is
currently missing. At least, one add/remove the keys to/from the
override objects.

Compat tree does not support exporting SSH keys. When accessing the tree
anonymously, the entry will be filtered out by ACIs but for
authenticated users we need to explicitly ignore ipaSshPubKey attribute
in the override, so I'm resending updated slapi-nis patch that only
adds one more attribute to filter out.

I'm going to prepare Web UI for, 160, 161, 162.

Q: ipaUserOverride object class contains also 'gecos' attribute. Will it be handled be CLI and Web UI as well?

Comments for these 3 patches:

1. VERSION was not bumped

Patch 160:
Apart form #1, is OK (not sure if #1 is needed for ACK)

Patch 161:

2. idoverrideuser_show and _find should have post_callback with convert_sshpubkey_post as well - to be consistent.

3. Add blank line before new methods - both post_callbacks

4. I have created a helper method for adding object classes in patch 761 (currently on review) - add_missing_object_class. Would be nice fit, but also I don't want to block this patch with mine.

Patch 162:

Is it good to have different CLI option name in this and user plugin for the same attribute: --gid vs --gidnumber ? That said, it's sad that --gid was not used in user plugin since the beginning.

Petr Vobornik

Freeipa-devel mailing list

Reply via email to