[Freeipa-devel] [PATCH 0023 Do not display ports to open when password is incorrect during ipa-client-install
Petr Viktorin
pviktori at redhat.com
Tue Apr 30 08:42:06 UTC 2013
On 04/23/2013 12:17 PM, Ana Krivokapic wrote:
> On 04/23/2013 12:06 AM, Rob Crittenden wrote:
>> Ana Krivokapic wrote:
>>> Do not display ports to open when password is incorrect during
>>> ipa-client-install
>>>
>>> https://fedorahosted.org/freeipa/ticket/3573
>>>
>>
>> What happens if port 88 is not open so it can't connect to the KDC?
>> I'm not sure how the best way to determine one vs the other, I don't
>> think there are distinct return values.
>>
>> We could use the fact that Kerberos isn't translated to look for
>> specific strings maybe, but that is hackish and could break.
>>
>> rob
>
> The return value from kinit is always 1 in case of failure. So the only
> way to determine the reason for failure would be to look into the
> message string. I agree this is hackish as Rob pointed out. Personally,
> I am for leaving everything as it is now. In the case of incorrect
> password, the user _does_ get the message that the password was
> incorrect (kinit: Password incorrect while getting initial credentials).
> So I don't think that displaying the message about ports, in addition to
> this message, is confusing/misleading.
I think displaying the error messages after the port information would
make it clearer that this is the reason for failed installation.
--
Petr³
More information about the Freeipa-devel
mailing list