[Freeipa-devel] Re: [PATCH] Add --all to LDAPCreate and make LDAP commands always display default attributes.

Pavel Zuna pzuna at redhat.com
Mon Nov 16 16:48:05 UTC 2009 

Rob Crittenden wrote:
> Pavel Zuna wrote:
>> And here's the actual patch. :)
>>
>> Pavel Zuna wrote:
>>> This should fix the issue:
>>>
>>> Rob Crittenden wrote:
>>>> Michael Gregg wrote:
>>>>>
>>>>> Rob, did the support for posix groups change?
>>>>>
>>>>> If I create a group specifying "--posix" the cli does create the 
>>>>> group.
>>>>> Then, using ipa group-find, I do not see any way to determine if 
>>>>> that group is a posixgroup or not.
>>>>> group-find -all used to reveal a PosixGroup field.
>>>>>
>>>>> How do I determine if a group is a posix group or not?
>>>>>
>>>>> Michael-
>>>>
>>>> Ok, I suppose I could have looked at this before firing off an 
>>>> e-mail :-)
>>>>
>>>> I do see the group number when showing a group:
>>>>
>>>> $ ./ipa group-show g9
>>>> -----------
>>>> group-show:
>>>> -----------
>>>> Group: g9
>>>>   name: g9
>>>>   description: test posix group
>>>>   group id: 1117
>>>>
>>>> But when adding it this doesn't appear. Oddly enough we show the 
>>>> ipquniqueid when adding a group but not when showing it!
>>>>
>>>> Pavel, do you have time to investigate this inconsistency?
>>>>
>>>> rob
>>>
>>> Pavel
>>>
> 
> I'm not sure how this addresses the issue that when adding a group 
> different values are returned than when you show one.
When an entry is created, we show the default attributes and all attributes that 
were created explicitly. Before this patch, it was just all attributes, that 
were created explicitly, so for example gid didn't show up on groups, because it 
was created by the DNA plugin.

When showing an entry, we return the default attributes.

Should I change LDAPCreate to only return default attributes?

> This also causes a whole ton of tests to fail. I think in baseldap.oy 
> instead of:
> 
> if options['all']:
> 
> You want:
> 
> if options.get('all', False):
Some of the tests were failing before this patch. I submitted a fix for most of 
them.

if options['all'] is fine, because --all is a Flag parameters and is required.

> rob

Pavel

More information about the Freeipa-devel mailing list