On 2015-05-27 15:41, Petr Vobornik wrote:
> It would be great to have a privileged daemon which could observed
> replicated configuration and perform such tasks on all servers so we
> would eliminate manual tasks(and errors and misconceptions which are
> caused by forgotten manual tasks) as much as possible.

We don't need a separate daemon, we already have an HTTP interface. A
reload interface can be implemented with an additional route, e.g. GET
/KdcProxy/refresh. It needs a bit of extra work in kdcproxy,
kdcproxyshim.py and an ACL for the route.


Attachment: signature.asc
Description: OpenPGP digital signature

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to