[Freeipa-devel] [PATCH] 361 ipa-adtrust-install should ask for SID generation
Alexander Bokovoy
abokovoy at redhat.com
Thu Jan 31 18:06:11 UTC 2013
On Thu, 31 Jan 2013, Martin Kosek wrote:
>On 01/31/2013 04:29 PM, Alexander Bokovoy wrote:
>> On Thu, 31 Jan 2013, Martin Kosek wrote:
>>> When ipa-adtrust-install is run, check if there are any objects
>>> that need to have SID generated. If yes, interactively ask the user
>>> if the sidgen task should be run.
>>>
>>> https://fedorahosted.org/freeipa/ticket/3195
>>
>...
>> I would still run this check in options.unattended mode and reported
>> warning, for accounting purposes.
>>
>> Could you please make so?
>>
>
>Sure! Updated patch attached.
Thanks! I have only small addition:
>+ object_count = len(entries)
>+ if object_count > 0:
>+ print ""
>+ print "WARNING: %d existing users or groups do not have a SID identifier assigned." \
>+ % len(entries)
>+ print "Installer can run a task to have ipa-sidgen Directory Server plugin generate"
>+ print "the SID identifier for all these users. Please note, the in case of a high"
>+ print "number of users and groups, the operation might lead to high replication"
>+ print "traffic and performance degradation. Refer to ipa-adtrust-install(1) man page"
>+ print "for details."
>+ print ""
>+ if not options.unattended:
>+ if ipautil.user_input("Do you want to run the ipa-sidgen task?", default=False,
>+ allow_empty=False):
>+ options.add_sids = True
... to make the text of warning consistent it would be good to add
+ else:
+ print "Unattended mode was selected, installer will *not* run ipa-sidgen task!"
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list