On 2015-05-27 15:41, Petr Vobornik wrote: > It would be great to have a privileged daemon which could observed > replicated configuration and perform such tasks on all servers so we > would eliminate manual tasks(and errors and misconceptions which are > caused by forgotten manual tasks) as much as possible.
We don't need a separate daemon, we already have an HTTP interface. A reload interface can be implemented with an additional route, e.g. GET /KdcProxy/refresh. It needs a bit of extra work in kdcproxy, kdcproxyshim.py and an ACL for the route. Christian
Description: OpenPGP digital signature
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code