On 11/18/2010 05:05 PM, Rob Crittenden wrote:
Rob Crittenden wrote:
Simo Sorce wrote:
On Tue, 09 Nov 2010 14:00:00 -0500
Rob Crittenden<rcrit...@redhat.com> wrote:

+
+ Add a host that can manage this host's keytab and certificate:
+ ipa host-add-host --hosts=test2 test
"""


I do not want to nack, but looking at this command in isolation I am
quite confused at what it is supposed to do (think ab out seeing it in
a log file and wondering what it means w/o further context).

What does it mean to add a host into a host (host-add-host) ?
And which one is added to the other one ? test in test2 or test2 in
test?

I do not know if we can change names/syntax to make this more
immediately understandable, but if we can I'd like to do that.
Obscure/confusing syntaxes generally makes it easier to do mistakes,
which are bad in a tool used to manage security.

Simo.


Switched to host-add-managedby and host-remove-managedby.


Re-based against tip.

rob


_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Just tried to apply to master. am failed, and patch -p provided the following rej:

--- ipalib/plugins/host.py
+++ ipalib/plugins/host.py
@@ -101,6 +104,9 @@
     Flag('has_keytab',
         label=_('Keytab'),
     ),
+    Str('managedby_host',
+        label='Managed by',
+    ),
     Str('subject',
         label=_('Subject'),
     ),
@@ -453,6 +463,7 @@
     Display information about a host.
     """
has_output_params = LDAPRetrieve.has_output_params + host_output_params
+    member_attributes = ['managedby']

     def post_callback(self, ldap, dn, entry_attrs, *keys, **options):
         if 'krblastpwdchange' in entry_attrs:




As well as

--- tests/test_xmlrpc/test_host_plugin.py
+++ tests/test_xmlrpc/test_host_plugin.py
@@ -221,6 +228,7 @@
                     fqdn=[fqdn1],
                     l=[u'Undisclosed location 1'],
krbprincipalname=[u'host/%...@%s' % (fqdn1, api.env.realm)],
+                    managedby_host=[u'%s' % fqdn1],
                     usercertificate=[base64.b64decode(servercert)],
                     valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',
                     valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',
@@ -247,6 +255,7 @@
                     l=[u'Undisclosed location 1'],
krbprincipalname=[u'host/%...@%s' % (fqdn1, api.env.realm)],
                     has_keytab=False,
+                    managedby_host=[u'%s' % fqdn1],
                     usercertificate=[base64.b64decode(servercert)],
                     valid_not_before=u'Mon Aug 09 15:02:27 2010 UTC',
                     valid_not_after=u'Sun Aug 09 15:02:27 2020 UTC',
tests/test_xmlrpc/test_host_plugin.py.rej (END)







_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to