Martin Kosek wrote:
On Sat, 2011-05-28 at 10:13 +0200, Martin Kosek wrote:
On Sat, 2011-05-28 at 00:10 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
On Mon, 2011-05-23 at 16:41 -0400, Rob Crittenden wrote:
Martin Kosek wrote:
This is a first version of connection checking program for replica
installation. See patch for program purpose description. Currently,
there is no man pages for the program.
Note to Simo and Rob: I use password for logging as admin. Btw would it
be safe to have an admin keytab in the replica file? Replica file
contents are lying freely in /tmp after the replica installation.
Martin
nack, you aren't including the new binary in the spec.
Oh, thanks for this one.
You should also:
- set KRB5CCNAME to a temporary ccache and remove that when the install
exists (successful or not)
Done.
- remove the temporary krb5.conf you create
Done.
- be a bit more explicit what we are doing, at least more than "Run
connection check to master".
Actually, I am if you run the new script separately. I removed "--quiet"
parameter passed to the script in ipa-replica-install so that it is more
verbose. Plus, I improved texts sent to the user.
- yes, we should remove the replica file contents
I enhanced ipa-replica-install to do that.
Martin
Works great until the very end:
...
...
Execute check on remote master
Check connection from master to remote replica 'slinky.greyoak.com':
Directory Service: unsecure port (389): FAILED
Directory Service: secure port (636): FAILED
Kerberos (88): OK
Remote master check failed with following error message(s):
Could not chdir to home directory /home/admin: No such file or directory
Port check failed! Unaccessible port(s): 389, 636
Connection check failed with following error: None
rob
Right, I introduced this wrong error message in the last patch. I fixed
this one and also one typo. Updated patch attached.
Martin
I created a man page for the new program. Please feel free to
fix/propose a fix for any language errors that may be there.
Missing records in Makefile.am for both man page and the new program
have been added.
Martin
ack
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel