Re: [Freeipa-devel] Structured DNS record API proposal
On 09/21/2011 01:58 AM, Adam Tkac wrote: On 09/16/2011 02:25 PM, Martin Kosek wrote: On Fri, 2011-09-16 at 08:12 -0400, Simo Sorce wrote: Whatever you do do not split this operation into a DEL+ADD, we want an atomic modify operation in any case. as you do not want to have a race where named may query the MX records and find them empty. That'd be much worse than returning one of them outdated. This means whatever the API we need to support a way to add all values at the same time. We can also have the more verbose API to make things more understandable, but we need this bulk API for the WebUI IMHO. I agree, the change shouldn't be split to del+add. My proposed API: dnsrecord-mx-mod example.com --dnsrecord=1 mx1.example.com. --preference=0 would do just one write to LDAP. Unfortunately, this is not so pretty for CLI, one would have to copypaste raw DNS value to be able to edit its components, but it should be simple for WebUI. Right now, I don't see some better way. I thought about this CLI proposal and it is definitely a good start. In the future we can consider to improve the CLI this way, for example: $ dnsrecord-mx-mod example.com --preference=0 Which record would you like to change? [1] 1 mx1.example.com. [2] 10 mx2.example.com. $select the record This way will be more convenient for people which use CLI, especially when we start to support DNSSEC and resource record types which store certificates (CERT/SSHFP) get widely used. I doubt that someone likes copyingpasting SHA* hashes and RSA signatures every time when some record is modified. Regards, Adam Interactive mode is useful in some case. But can people still script with this CLI? I hope this CLI can still offer non-interactive mode so it would be more script-friendly. BTW, I am a QA. Yi ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- ~ | Yi Zhang | | QA @ Mountain View, Calinfornia | | Cell: 408-509-6375| ~ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 024 Added missing fields to password policy page
On 10/11/2011 01:30 AM, Petr Vobornik wrote: https://fedorahosted.org/freeipa/ticket/1944 (2.1.3 Release) No editable fields exist for maxfail, failinterval lockouttime and priority in password policy page. Thanks! Yi ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- ~ | Yi Zhang | | QA @ Mountain View, Calinfornia | | Cell: 408-509-6375| ~ ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 1005 fix password history
On 04/09/2012 08:54 PM, Rob Crittenden wrote: Password history wasn't working because the qsort comparison function was comparing pointers, not data. This resulted in a random element being removed from the history on overflow rather than the oldest. We sort in reverse so we don't have to move elements inside the list when removing to make more room. We just pop off the top then shove on the new password. The history includes a time to make comparisons straightforward (and LDAP doesn't guarantee order). I've attached a test script to exercise things. I don't see a way to easily include this into our current framework at the moment. We'd need a way to switch users in the middle of a test. the current QE CLI test already has test case for it. No worried. Thanks for the fix. Yi rob ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel -- yi zhang qa @ mountain view office, 8th floor cell: 408-509-6375 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
Re: [Freeipa-devel] [PATCH] 1055 update audit cert renewal time
On 09/20/2012 02:58 PM, Rob Crittenden wrote: Updated patch. The value of policyset.caLogSigningSet.2.constraint.params.range needs to be bumped to 720 as well. I keep doing my test and let everyone know the test result. Yi -- ~ | Yi Zhang | | QA @ Mountain View, California| | Cell: 408-509-6375| ~ attachment: yzhang.vcf___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel