[Freeipa-devel] [PATCH] trust CLI: add ID range for new trusted domain
Rob Crittenden
rcritten at redhat.com
Thu Aug 16 20:58:19 UTC 2012
Alexander Bokovoy wrote:
> On Tue, 14 Aug 2012, Sumit Bose wrote:
>> Hi,
>>
>> currently only a default ID range was used for users from trusted
>> domains. With these two patches an individual range is created during
>> ipa trust-add and it will be used by the extdom plugin to calculate the
>> Poisx UID for the users from the trusted domain.
>>
>> 'ipa trust-add' is getting two new options, --base-id and --range-size
>> to specify the first Posix ID of the range and the size of the range
>> respectively. If --range-size is not given the default will be 200000
>> and if --base-id is not given it will be calculated with the help of a
>> hash of the domain SID. To be compatible with the AD provider of SSSD
>> murmurhash3 is used here. The python binding for the hash will be
>> provided by SSSD, the patch is currently under review. But since it is
>> not required to have murmurhash3, an error message will be send if it is
>> not installed on the server, I think this patch can be pushed
>> independently of the SSSD patch.
>
> ACK with one fix (attached): ignore missing murmurhash python module and
> samba4/server code. This will be required if building client-side
> only since ipalib/plugins/trust.py will be included into the client
> tarball.
Pushed all three to master
rob
More information about the Freeipa-devel
mailing list