On Mon, Sep 21, 2020 at 11:30:19AM -0400, Rob Crittenden via FreeIPA-users wrote: > Dominik Vogt via FreeIPA-users wrote: > > On Mon, Sep 21, 2020 at 09:46:07AM -0400, Rob Crittenden via FreeIPA-users > > wrote: > >> What's the problem? Can you provide some examples? > > > > Sure. > > > > $ ipa group-add foo > > # OK > > $ ipa group-add foo > > ipa: ERROR: group with name "foo" already exists > > > > > > $ ipa selinuxusermap-add some_map --selinuxuser=staff_u:s0-s0:c0.c0123 > > # OK > > $ ipa selinuxusermap-add some_map --selinuxuser=staff_u:s0-s0:c0.c0123 > > ipa: ERROR: ... already exists > > > > > > $ ipa selinuxusermap-add-user --user=foo some_map; echo $? > > 0 > > $ ipa selinuxusermap-add-user --user=foo some_map; echo $? > > 1 > > # (no real error message) > > > > Same with other commands that don't have an option to suppress > > "nothing to be done" errors. That's all fine for manual work, but > > it makes scripting more tedious. > > > > Returning a separate error coded for each type of possible exception > isn't scalable. > > For the case of adding/removing members it only returns 1 if the command > failed. It is independent of whether any members were added or removed > since there can be a mix of success and failure. > > There have been inquiries in the past to see if we could return the raw > json output but there was no issue filed that I can find.
For my purpose the best implementation would be to have a general ipa option that suppresses non-fatal errors. Then, if you want to suppress errors you can, but the default is still to complain. Ciao Dominik ^_^ ^_^ -- Dominik Vogt _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
