On 23.7.2014 10:12, Martin Kosek wrote:
On 07/23/2014 09:56 AM, David Kupka wrote:
While solving ticket #4280 I noticed that we are messing with certmonger's
files right under its hands. That can lead to some unpleasant race condition
issues.
Is there any reason why not to call certmonger via DBus and ask it to stop
tracking the requests?
+1 for using the dbus API. When I saw the hacky way of parsing certmonger
internal configuration files in ipapython/certmonger.py, I suggested the dbus
way as IMO it would not be difficult to implement, it would make us more future
proof and it would remove intermittent problems like #4280.
I have already started using the API, e.g. for adding/removing of the CA
helper in cainstance. Word of warning, the API apparently does not
exercised much and there might be bugs (I found one causing certmonger
to segfault which Nalin promptly fixed).
Certmonger API looked complete enough to pull this off:
https://git.fedorahosted.org/cgit/certmonger.git/tree/doc/api.txt
If I am wrong, please tell me.
IIRC some of the properties in requests might not be accessible using
the API. But I'm not sure if this is true or if it affects us.
Thanks,
Martin
--
Jan Cholasta
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
