ACK on all patches. Thanks for the explanations.
Question on the selinux patch. I can see based on the following bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=988304
https://bugzilla.redhat.com/show_bug.cgi?id=1194577#c4
that sepolgen will only be in F23+. I guess this is fine considering
that the default python will not be Python 3 until F23.
That still raises the question of how we should handle the case where
someone tries to run pkispawn/pkidestroy on Python 3 in F22. Your
patch will allow the pkispawn python code to complete, but will fail
later when the tomcat server starts up if selinux is enabled and non
-standard (not previously selinux defined) ports are defined.
As you mentioned on IRC, it takes some work to try to run pkispawn on
f22 with python 3. But it might make sense to warn folks to disable
selinux in this case.
At the very least, it would be nice to have a specific error message
that indicates that the selinux setup is being skipped because sepolgen
is unavailable on py3, rather than lumping it into the "selinux
disabled" message.
Additionally, it would be nice to do some check ahead of time to
confirm that selinux is disabled if (1) python 3 (2) sepolgen
unavailable (3) non-standard ports/ non-standard file locations.
But given that it will be IPA folks who will be testing this (and they
use standard locations), the additional test is probably not needed.
Ade
On Mon, 2015-08-17 at 08:21 +0200, Christian Heimes wrote:
Hello,
this patch set replaces patch 22 and 23.
The patches 24 to 31 are the same as the patches from my git fork
https://github.com/tiran/pki/commits/modernize. I just have squashed
some related patches into one patch and added long descriptions.
Patch 32 is the same as patch 23
Patch 33 also fixes a second occurrence of 'import seobject'.
Patch 34 addresses Ade's request to use six.moves and fixes Endi's
pylint warnings.
Christian