[Ovirt-devel] [PATCH] make ovirtadmin also an IPA admin
Perry N. Myers
pmyers at redhat.com
Thu Jul 3 11:59:00 UTC 2008
Alan Pevec wrote:
> Signed-off-by: Alan Pevec <apevec at redhat.com>
> ---
> wui-appliance/wui-devel.ks | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/wui-appliance/wui-devel.ks b/wui-appliance/wui-devel.ks
> index c50b3a8..2903a19 100644
> --- a/wui-appliance/wui-devel.ks
> +++ b/wui-appliance/wui-devel.ks
> @@ -158,6 +158,8 @@ replace: ipaMaxUsernameLength
> ipaMaxUsernameLength: 12
> LDAP
> ipa-adduser -f Ovirt -l Admin -p @password@ @principal@
> + # make ovitadmin also an IPA admin
> + ipa-modgroup -a ovirtadmin admins
> ipa-moduser --setattr krbPasswordExpiration=19700101000000Z @principal@
> ipa-getkeytab -s management.priv.ovirt.org -p @principal@ -k @ktab_file@
> @cron_file@
This is a good temporary solution for those using the appliance to be able
to use both IPA and oVirt with the same principal.
We probably should give some more thought to how we want to structure the
users though. In the long run having ovirtadmin be an IPA admin might not
be the best idea.
But ACK for now
Perry
--
|=- Red Hat, Engineering, Emerging Technologies, Boston -=|
|=- Email: pmyers at redhat.com -=|
|=- Office: +1 412 474 3552 Mobile: +1 703 362 9622 -=|
|=- GnuPG: E65E4F3D 88F9 F1C9 C2F3 1303 01FE 817C C5D2 8B91 E65E 4F3D -=|
More information about the ovirt-devel
mailing list