On 10.06.2016 11:01, Martin Kosek wrote:
On 06/10/2016 10:01 AM, Martin Basti wrote:

On 09.06.2016 21:45, Alexander Bokovoy wrote:
On Thu, 09 Jun 2016, Martin Basti wrote:

On 09.06.2016 17:56, Martin Babinsky wrote:
On 06/06/2016 01:37 PM, Alexander Bokovoy wrote:
On Mon, 06 Jun 2016, Jan Cholasta wrote:
On 6.6.2016 13:22, Martin Basti wrote:

On 06.06.2016 13:14, Alexander Bokovoy wrote:
On Mon, 06 Jun 2016, Martin Basti wrote:

On 06.06.2016 12:36, Alexander Bokovoy wrote:

MS-ADTS spec requires that TrustPartner field should be equal to the
commonName (cn) of the trust. We used it a bit wrongly to express
trust relationship between parent and child domains. In fact, we
have parent-child relationship recorded in the DN (child domains
are part of the parent domain's container).

Remove the argument that was never used externally but only
supplied by
trust-specific code inside the IPA framework.

Part of https://fedorahosted.org/freeipa/ticket/5354

Hello, how is handled backward compatibility here, you just removes
the option from API, without any additional logic for older clients.
This is not used by the external clients at all. It is part of internal
logic of the code in trust.py+com.redhat.trust.fetch-domains which
always talk to the same server they are running on.

class trustdomain_add(LDAPCreate):
  __doc__ = _('Allow access from the trusted domain')
  NO_CLI = True

Yes sorry, not old IPA clients, but it was part of API, shown in API
browser, and since this was in API, it is set to stone. So If you think
that it is safe to be removed and nobody can hit this, I'm okay for
removing that option. Maybe we should at least wrote it to release notes
(I'll let Honza to express his feelings as API versioning/compatibility
IMHO it is safe to remove.

And you forgot to increment api version in VERSION file
Updated patch attached, with a VERSION change.


Is there any ticket for this?
As I wrote in the commit message and in the email,
it is part of https://fedorahosted.org/freeipa/ticket/5354

Sorry I misread that ticket in the commit message, because ipatool was unable
to parse it from commit message

Pushed to master: 185806432d6dfccc5cdd73815471ce60a575b073
I see no link to this ticket in the commit message in
Did you push old version of this patch?

In general, I would suggest using the patch format from
It makes automation easier...


Oh well, yes, my bad

I will revert the wrong commit and push the right one


Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to