On 04/11/2011 11:27 AM, Nathan Kinder wrote: > On 04/08/2011 09:07 AM, Dmitri Pal wrote: >> On 04/08/2011 11:49 AM, JR Aquino wrote: >>> Is there any way to capture a description associated with the regex >>> -> group mapping? >>> >>> I was thinking that after time, it would be important to look back >>> on rules and know why they were put there. >>> >>> Particularly in the case of regex, since it may not be completely >>> obvious by looking back at alphabet soup. >>> >>> _______________________________________________ >>> Freeipa-users mailing list >>> Freeipa-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/freeipa-users >>> >>> >> The more I think about current design the more I want to normalize >> things. >> I would rather instead of: >> >> dn: cn=Hostgroups,cn=Auto Membership Plugin,cn=plugins,cn=config >> objectclass: autoMemberDefinition >> autoMemberScope: dc=example,dc=com >> autoMemberFilter: objectclass=ipaHost >> autoMemberExclusiveRegex: >> cn=webservers,cn=hostgroups,dc=example,dc=com:fqdn=^www5\.example\.com >> autoMemberInclusiveRegex: >> cn=webservers,cn=hostgroups,dc=example,dc=com:fqdn=^www[1-9]+\.example\.com >> autoMemberInclusiveRegex: >> cn=webservers,cn=hostgroups,dc=example,dc=com:fqdn=^web[1-9]+\.example\.com >> autoMemberInclusiveRegex: >> cn=mailservers,cn=hostgroups,dc=example,dc=com:fqdn=^mail[1-9]+\.example\.com >> autoMemberDefaultGroup: cn=orphans,cn=hostgroups,dc=example,dc=com >> autoMemberGroupingAttr: member:dn >> >> >> Have something like: >> >> dn: cn=Hostgroups,cn=Auto Membership Plugin,cn=plugins,cn=config >> objectclass: autoMemberDefinition >> objectclass: cnContainer >> autoMemberScope: dc=example,dc=com >> autoMemberFilter: objectclass=ipaHost >> autoMemberRegexRule: cn=Webserver Inclusion >> Rule,cn=Hostgroups,cn=Auto Membership Plugin,cn=plugins,cn=config >> autoMemberRegexRule: cn=Mailserver Inclusion >> Rule,cn=Hostgroups,cn=Auto Membership Plugin,cn=plugins,cn=config >> autoMemberRegexRule: cn=Desktop exclusion Rule,cn=Hostgroups,cn=Auto >> Membership Plugin,cn=plugins,cn=config >> autoMemberDefaultGroup: cn=orphans,cn=hostgroups,dc=example,dc=com >> autoMemberGroupingAttr: member:dn >> >> >> dn: cn=Webserver Inclusion Rule,cn=Hostgroups,cn=Auto Membership >> Plugin,cn=plugins,cn=config >> objectclass: autoMemberDefinitionRegexRule >> cn: Webserver Inclusion Rule >> description: Rule contains regular expression to include webserver >> hosts into the webserver group. >> include: yes<- include or exclude >> memberGroup: cn=webservers,cn=hostgroups,dc=example,dc=com >> arrtibuteToMath: fgdn >> expressionToMatch: ^www[1-9]+\.example\.com >> >> >> Or something along those lines... > It's a nice logical layout, but it would be hard for an administrator > to figure out what exactly would happen if they were to add a host > with a specific hostname. Since the config is spread over so many > entries, one would have to look at the top level config entry to find > each rule DN, fetch each rule DN to look at the regexes. All of the > information is so spread out that you can't just look in one place to > see the rules that will be used. This could make things difficult > from a troubleshooting perspective.
This should not be viewed in raw. THe UI and CLi should come to the rescue. I am not sure that this is a right approach to mix readability and normalization. To follow this logic no-one would ever normalize data in any DB due to the claim that it would be hard to join tables. > > The description issue is a tough one to deal with if we have the > config in the form that is currently described in the design doc. > Since we want a description per regex rule, we should need to make the > description be a part of the regex rule value instead of a separate > description attribute. I don't necessarily like this approach, as the > readability of the config will not be nice. > I think this tips the scale towards the approach I proposed. > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > -- Thank you, Dmitri Pal Sr. Engineering Manager IPA project, Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/ _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users