[Freeipa-devel] [PATCH] 0089 Clarify trust-add help regarding multiple runs against the same domain
Martin Kosek
mkosek at redhat.com
Wed Oct 17 10:59:43 UTC 2012
On 10/17/2012 12:52 PM, Sumit Bose wrote:
> On Wed, Oct 10, 2012 at 06:05:02PM +0300, Alexander Bokovoy wrote:
>> Hi,
>>
>> this patch originated from off-list discussion regarding multiple runs
>> of ipa trust-add against the same domain.
>>
>> Since trust-add re-establishes the trust every time it is run and all
>> the other information fetched from the remote domain controller stays
>> the same, it can be run multiple times. The only change would occur is
>> update of trust relationship credentials -- they are supposed to be
>> updated periodically by underlying infrastructure anyway.
>>
>> So the patch adds some clarity to the help and changes summary message
>> when trust was re-established instead of created.
>> --
>> / Alexander Bokovoy
>
> ACK
>
> Btw, another useful feature of allowing to run trust-add multiple times
> is to re-established the trust if it was deleted only on one side, AD or
> IPA. Having a separate command for this would make no sense because it
> would be basically be an alias to trust-add.
>
> bye,
> Sumit
>
I am still a bit worried about our consistency with IPA command help
indentation. You have it indented with trust-add command:
# ipa help trust-add
Purpose: Add new trust to use.
This command establishes trust relationship to another domain
which becomes 'trusted'. As result, users of the trusted domain
may access resources of this domain.
...
But other commands don't, e.g.:
# ipa help passwd
Set a user's password
If someone other than a user changes that user's password (e.g., Helpdesk
resets it) then the p...
# ipa help ping
Ping the remote IPA server to ensure it is running.
The ping command sends an echo request to an IPA server. The server
...
Martin
More information about the Freeipa-devel
mailing list