[Freeipa-devel] [PATCH] 208 tighten integration of hosts and services
Simo Sorce
ssorce at redhat.com
Fri May 8 19:39:34 UTC 2009
On Fri, 2009-05-08 at 14:17 -0400, Rob Crittenden wrote:
> This patch more tightly couples services and hosts:
>
> - A host is required in order to create a service.
nack, assuming I understand what this mean :)
I think we need to be able to give out service keytabs and certificates
to non-enrolled hosts for a long time.
I am not sure it is a good idea to force someone to create a fake host
just to get a keytab/certificate.
> - When removing a host all services are removed.
ack
> - When a service is removed its certificate is revoked.
ack
> This makes removing a host a pretty destructive, irreversible act. I'm
> working on a way to prompt the command-line user before executing the
> command. That will come as a later patch.
Yeah that would be nice.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list