[Freeipa-devel] [PATCH 0073] Remove support for IPA deployments with no persistent search

Mon Jul 15 14:15:12 UTC 2013

On Mon, 2013-07-15 at 15:57 +0200, Martin Kosek wrote:
> On 07/15/2013 03:44 PM, Petr Spacek wrote:
> > On 15.7.2013 15:31, Martin Kosek wrote:
> >> On 07/11/2013 05:10 PM, Tomas Babej wrote:
> >>> On Thursday 11 of July 2013 16:10:33 Ana Krivokapic wrote:
> >>>
> >>>> On 07/11/2013 11:20 AM, Tomas Babej wrote:
> >>>
> >>>>> boolean_var = {}
> >>>
> >>>>> - for var in ('persistent_search', 'serial_autoincrement'):
> >>>
> >>>>> + for var in ('serial_autoincrement'):
> >>>
> >>>> This won't work - a one element tuple needs a comma at the end:
> >>>
> >>>> ('serial_autoincrement', )
> >>>
> >>>>> boolean_var[var] = "yes" if getattr(self, var, False) else "no"
> >>>
> >>>>>
> >>>
> >>>>> self.sub_dict = dict(FQDN=self.fqdn,
> >>>
> >>>>> @@ -607,9 +604,8 @@ class BindInstance(service.Service):
> >>>
> >>>>> SUFFIX=self.suffix,
> >>>
> >>>>> OPTIONAL_NTP=optional_ntp,
> >>>
> >>>>> ZONEMGR=self.zonemgr,
> >>>
> >>>>> - ZONE_REFRESH=self.zone_refresh,
> >>>
> >>>>> IPA_CA_RECORD=ipa_ca,
> >>>
> >>>>> - PERSISTENT_SEARCH=boolean_var['persistent_search'],
> >>>
> >>>>> + PERSISTENT_SEARCH="yes",
> >>>
> >>>>> SERIAL_AUTOINCREMENT=boolean_var['serial_autoincrement'],)
> >>>
> >>>>
> >>>
> >>>> But anyway, I think this piece of code is unnecessarily complicated, I
> >>>> don't see
> >>>
> >>>> a need for the 'boolean_var' dict here. I would suggest replacing it with
> >>>
> >>>> something like:
> >>>
> >>>>
> >>>
> >>>> serial_autoincrement = "yes" if self.serial_autoincrement else "no"
> >>>
> >>>>
> >>>
> >>>> and then pass serial_autoincrement to self.sub_dict = dict(...)
> >>>
> >>>>
> >>>
> >>>>
> >>>
> >>>
> >>>
> >>> Attached patch refactored the relevant part of the code.
> >>>
> >>>
> >>>
> >>> Tomas
> >>>
> >>
> >> Thanks for patches! I am just thinking, should we also hide the respective
> >> option from ipa global DNS configuration? That's idnszonerefresh attribute.
> >>
> >> We may want to mark the attribute as invisible in CLI + remove it from Web UI.
> >> Petr - what is your take on this? Do you plan to remove idnszonerefresh
> >> attribute support in the future (Fedora 20) as persistent search will be
> >> mandatory in that time?
> > 
> > Yes, you are right. We completely forgot to web UI. And yes - please remove the
> > option from web UI.
> 
> Ok, Tomas please do the changes as proposed above.
> 
> > 
> > The latest development shows that persistent search will be replaced by RFC
> > 4533 (known as 'syncrepl'), but from user's point of view it doesn't matter.
> > All options related to persistent search and zone_refresh will simply
> > disappear. Syncrepl itself doesn't require explicit configuration.
> 
> Ah, so this means that "psearch" option will be also removed from
> bind-dyndb-ldap? In Fedora 19 we just plan to hard-code it to "yes", will that
> cause issues with Fedora 20? Should we already avoid using the "psearch" option
> and assume that bind-dyndb-ldap in Fedora 19 is using persistent search by default?

Won't the new bind-dyndb-ldap simply ignore the psearch option when it
moves to syncrepl ?

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York