On 04/17/2014 04:10 PM, Rob Crittenden wrote: > Misnyovszki Adam wrote: >> Hi, >> this patch modifies ipa-server-install to warn the user, if there is >> a lack of entropy, also runs generate-rndc-key.sh before named restart, >> to ensure, that it can start before systemd timeouts. > > I think the exception should be logged in check_entropy() in case this every > does fail (the file name changes, the format changes, etc). > > There should be a try/except around the run() call. > > I noticed that /etc/rndc.key isn't removed on uninstall, which I guess means > the same key will be re-used. Should we be removing that? > > rob
Also, bare exceptions are bad! + except: + service.print_msg("Could not determine entropy, possible long delays") Next, you do all the checks in ipa-server-install, while they should be in service files, like krbinstance.py so that it is also checked in other installers, like ipa-replica-install. Same for DNS, it should be a separate step in bindinstance.py so that when the installation is hanging, you can see [X/Y] Generating rndc key file and know that it is hanging on that part. I would not misuse "service.print_msg" for regular messages, I would only do the service.print_msg("WARNING: Your system is running out of entropy, expect long delays!") others can be either turn into separate installation step or debug log message. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel