I agree with the points made, each are valid. The changes should be committed and a RC2 made. Aaron P.
On Thu, May 31, 2012 at 11:51 AM, Josh Thompson <josh_thomp...@ncsu.edu> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Aaron, > > You're not being a stick in the mud. I think it's great that you tested it > well enough to find a few things that need to be corrected - that's the whole > point of having a community vote to do a release. I definitely consider the > Shibboleth issue big enough to cut a new RC (even though that requires a new > vote). > > All, > > Aaron has some good points. I think we should fix the issues he mentioned and > cut RC2 for 2.3. This isn't an official vote process, but please share any > thoughts you have. > > Josh > > On Wednesday, May 30, 2012 9:41:12 PM Aaron Coburn wrote: >> -1 >> >> Sorry to a stick in the mud, guys, since I'd certainly like to see 2.3 >> released soon, but I encountered a few issues that I think should be fixed >> before cutting the release. >> >> I installed the release candidate using a fresh database, testing against a >> vCenter provisioning engine and Shibboleth authentication. I was using a >> 64-bit Windows 7 image. >> >> The first issue I encountered was that each time the management node calls >> 'get_file_contents', the contents of the target file are printed to the >> log. This is generally not an issue, but when a slice of the registry is >> retrieved, that amounted to ~30,000 lines in my logfile. And that happens >> each time an image is reloaded. (Somehow I hadn't noticed this with the >> code from about two weeks ago). I can certainly see the usefulness of this >> during development, but I don't like the fact that this is the default >> behavior for a release. For now, I would suggest modifying line 1789 of >> OS.pm: >> >> - my ($exit_status, $output) = $self->execute($command); >> + my ($exit_status, $output) = $self->execute($command, 0); # do not >> print the cmd output to the log >> >> Later, it could be nice to make this somewhat more configurable. >> >> >> Second, if the system is using Shibboleth it is not possible to handle users >> who have not previously logged in (i.e. adding someone to a group). There >> are two bugs preventing this from working properly. First, if someone >> enables ALLOWADDSHIBUSERS in conf.php but doesn't define a value in >> $addUserFuncArgs (I would anticipate this to be what most people using Shib >> would do, since there is no documentation about what that array is for), >> the initGlobals() function does not properly populate the addUserFuncArgs >> array. This can be fixed by adding $addUserFuncArgs to the list of 'global' >> values on line 68 in utils.php -- the current code is just modifying a >> local value, not the global one: >> >> - global $affilValFunc, $addUserFunc, $updateUserFunc; >> + global $affilValFunc, $addUserFunc, $updateUserFunc, $addUserFuncArgs; >> >> Once that change is made, though, there is also a SQL query expecting a >> 'validated' field in the users table. This field, however, does not exist. >> It is in neither update-vcl.sql nor in vcl.sql: >> >> vcl.sql, line 1079: >> >> + `validated` tinyint(1) unsigned NOT NULL default '1', >> >> and update-vcl.sql, lines 827- >> >> + -- -------------------------------------------------------- >> + >> + -- >> + -- Table structure for table `user` >> + -- >> + >> + CALL AddColumnIfNotExists('user', 'validated', "tinyint(1) unsigned NOT >> NULL default '1'"); + >> >> Once these two changes are made, however, I am able to add shib users >> exactly as the documentation suggests. >> >> Otherwise, everything else looks good. >> >> >> Aaron > - -- > - ------------------------------- > Josh Thompson > VCL Developer > North Carolina State University > > my GPG/PGP key can be found at pgp.mit.edu > > All electronic mail messages in connection with State business which > are sent to or received by this account are subject to the NC Public > Records Law and may be disclosed to third parties. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.17 (GNU/Linux) > > iEYEARECAAYFAk/Hk28ACgkQV/LQcNdtPQMnNACfayx6uWW+d3oQcM0Dn7NVuquQ > aU0AnRBy8AXa+AA5riiVJEOdamd1UHhK > =w8Kn > -----END PGP SIGNATURE----- > -- Aaron Peeler Program Manager Virtual Computing Lab NC State University All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties.