On Thu, 2012-06-14 at 16:35 -0400, Rob Crittenden wrote: > Ondrej Hamada wrote: > > Improved options checking so that host-mod operation is not changing > > password for enrolled host when '--random' option is used. > > > > https://fedorahosted.org/freeipa/ticket/2799 > > > > Updated set of characters that is used for generating random passwords > > for ipa hosts. Following characters were removed from the set: '"`\$<> > > > > https://fedorahosted.org/freeipa/ticket/2800 > > This works ok but it would be nice to have a test for both setting a > password and random on an enrolled host to prevent regressions. We have > some ipa-getkeytab tests already and these can be extended to test this > I think. > > Might be nice to mention in the inline comment the set of characters > excluded and why. > > rob >
We already generate passwords for users with this character set: user_pwdchars = string.digits + string.ascii_letters + '_,.@+-=' Why would we want to generate passwords for host enrolling with a different set? Additionally, I think the set of characters you chose is too wide, try entering a passwords with ' ', !, (, ), &, or ; without careful escaping or quoting... Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel