On 03/06/2015 03:13 PM, Alexander Bokovoy wrote:
On Fri, 06 Mar 2015, Lukas Slebodnik wrote:
On (05/03/15 16:20), Petr Vobornik wrote:
On 03/05/2015 11:23 AM, Lukas Slebodnik wrote:
On (05/03/15 08:54), Petr Vobornik wrote:
On 02/27/2015 09:50 PM, Lukas Slebodnik wrote:

Please review attached patches and fix freeipa in fedora 22 ASAP.

I think the most critical is 1st patch

sh$ git grep "SSSDConfig"  | grep import
install/tools/ipa-upgradeconfig:import SSSDConfig
ipa-client/ipa-install/ipa-client-automount:import SSSDConfig
ipa-client/ipa-install/ipa-client-install:    import SSSDConfig

BTW package python-sssdconfig is provides since sssd-1.10.0alpha1
but it was not explicitely required.

The latest python3 changes in sssd (fedora 22) is just a result of
packaging of freeipa.


Fedora 22 was amended.

Patch 1: ACK

Patch 2: ACK

the package name is libsss_nss_idmap-python not
which already is required in adtrust package
In sssd upstream we decided to rename package
libsss_nss_idmap-python to
python-libsss_nss_idmap according to new rpm python guidelines.
The python3 version has alredy correct name.

We will rename package in downstream with next major release (1.13).
Of course it we will add "Provides: libsss_nss_idmap-python".

We can push 3rd patch later or I can update 3rd patch.
What do you prefer?

Than you very much for review.


Patch 3 should be updated to not forget the remaining change in

It then should be updated downstream and master when 1.13 is released in
Fedora, or in master sooner if SSSD 1.13 becomes the minimal version
by master.


BTW Why ther is a pylint comment for some sssd modules
I did not kave any pylint problems after removing comment.

ipalib/plugins/trust.py:32:    import pysss_murmur #pylint: disable=F0401
ipalib/plugins/trust.py:38:    import pysss_nss_idmap #pylint:

And why are these modules optional (try except)
Because they are needed to properly load in the case trust subpackages
are not installed, to generate proper messages to users who will try
these commands, like 'ipa trust-add' while the infrastructure is not in

pylint is dumb for such cases.

Alexander, the point was not to require python_nss_idmap and python-sss-murmur on ipa clients?

If so python-sss-murmur should be required only by trust-ad package and not python package (patch2). And patch 3 (adding libsss_nss_idmap-python to python package) should not be used.

Petr Vobornik

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to