On to, 13 loka 2016, Sumit Bose wrote:
On Tue, Sep 06, 2016 at 01:18:14PM +0300, Alexander Bokovoy wrote:
Hi,

Now that FreeIPA 4.4.1 is out, I've pushed to github my prototype for
FleetCommander integration: https://github.com/abbra/freeipa-desktop-profile/

You can read the design page:
https://github.com/abbra/freeipa-desktop-profile/blob/master/plugin/Feature.mediawiki

Hi Alexander,

if I understand it correctly each profile has a priority which is used
by FleetCommander on the client side to order the different profiles if
for a given user and host multiple rules matches.

To make this work smoothly each priority value should be only assigned
once to avoid a tie. Are you planning to use the uniqueness plugin on
the priority value or are there other ways to solve ties reliable in
FleetCommander?
I'm not planning to make priorities unique. Do we really need that?
My idea was to make sure we provide clear sorting logic:
----------------
profilename.json file name is built using profile RDN and is prefixed by
the priority of the profile rule using leading zeros. To ease handling
of the files, SSSD may transform RDN value by removing certain
characters used by the shell for globing purposes and by replacing
spaces with underscores. Since the name of the file is only used to
ensure ordering of the profiles when merging them, a lexicographical
sort of names should be enough.

....

Example: For a profile rule 'Minimal Desktop For Guests' stored as
cn=Minimal desktop for guests,cn=rules,cn=desktop-profile,$SUFFIX with a
priority 100, SSSD would use a file name '000100_Minimal_desktop_for_guests.json'. ----------------

Given that you would not be able to have exact same RDN value in two
different profiles, using lexicographical sort gives you explicit
ordering schema.
--
/ Alexander Bokovoy

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to