On 29.06.2016 13:04, Martin Basti wrote:
On 28.06.2016 16:57, Florence Blanc-Renaud wrote:
On 06/28/2016 11:05 AM, Martin Basti wrote:
On 28.06.2016 10:51, Florence Blanc-Renaud wrote:
On 06/27/2016 10:18 PM, Rob Crittenden wrote:
Florence Blanc-Renaud wrote:
Hi all,
thanks for your suggestions. Updated patch attached.
Flo.
The invocation in ipactl should say server, not client.
Otherwise LGTM (untested).
rob
Hi all,
thanks to Rob for catching the typo.
Patch with updated message is attached,
Flo.
Thank you for the patch I have two comments:
1)
+ except Exception:
+ # Consider that the host is not fips-enabled if the file does
not exist
+ pass
exceptions should be as much specific as possible, otherwise it may
mask
real issues
please use 'except IOError' if you want catch the case that file does
not exist
2)
in replicainstall.py and install.py please raise exception
(RuntimeError) instead of sys.exit() to keep proper logging,
cleanup, etc.
Sys.exit() should not be used in modules, it is hard to debug etc. It
can be used only in scripts (ipa-client-install, ipa-replica-manage,
etc..)
Martin^2
Hi,
hopefully converging with this updated patch :)
Thanks for all the comments, I'm learning tips with each iteration.
Flo.
I propose following changes (in attached patch). If you agree I can
squash patches and push it.
Martin^2
ACK
pushed to
master:
* 3c40d3aa9e3d431be1e625aa91cdcbeffd0d1271 Do not allow installation in
FIPS mode
ipa-4-3:
* 4ce0ff61a8e46de4a2f2dfca41610323f9569d8a Do not allow installation in
FIPS mode
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
