On 04/25/2013 08:27 PM, Jakub Hrozek wrote:
On Thu, Apr 25, 2013 at 01:29:49PM +0200, Lukas Slebodnik wrote:
> ehlo,
>
> I am attaching two patches.
> First patch make retrieving host information more reusable. It is a preparation
> for easily reusing existing ldap code in SUDO IPA provider in second patch.
>
> I am attaching two patches.
> First patch make retrieving host information much more reusable. It is
> a preparation for easily reusing existing ldap code in SUDO IPA provider
> in the second patch.
>
> LS
Patch 0001: Ack
Hi,
patch 0001: nack
Please, don't use sudo_ctx and sudo functions outside its namespace. So
either keep using sudo namespace or move it away from sudo completely.
Please rename sdap_retrieve_host_information() to sdap_sudo_retrieve...
Patch 0002: Could we reduce the code duplication between
ipa_sudo_init()
and ldap_sudo_init()? Maybe create a function like ldap_sudo_common_init
or sdap_sudo_init that would do the common initialization work.
+1
The only thing that differs is the sudo map (which may be shared as well
because they are currently identical, but I'm fine with it) and default
search base. You can pass those in parameters.
The sssd-sudo manpage must be amended to include an IPA example
according to this new provider.
The ldap_sudo options must be added to the configAPI to the file
src/config/etc/sssd.api.d/sssd-ipa.conf - there should be a section
called [provider/ipa/sudo] that lists all the ldap_sudo_* options.
I haven't tested the patches at all yet. Does the sudo_provider inherit
its value from the id_provider? I think it should so that the
configuration is as minimal as possible
_______________________________________________
sssd-devel mailing list
sssd-devel(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel