From: Dominik Csapak <d.csapak@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH access-control/manager v2] fix #3668: improving realm sync
Date: Fri, 4 Feb 2022 15:24:58 +0100 [thread overview]
Message-ID: <20220204142501.1461441-1-d.csapak@proxmox.com> (raw)
this deprecates the 'full' sync option and replaces it with
a 'mode' option, where we add a third one that updates
the current users (while retaining their custom set attributes not
exisiting in the source) and removing users that don't exist anymore
in the source
sorry for the long time between versions, i was distracted by
various different things...
one "weird" thing that happens is when having a cluster and not all
nodes are on the newest version if someone adds this option to the realm
config. then everytime when the config is parsed on the older nodes,
a warning is printed into the journal
though this is the same for all new options in the domains.cfg, so i
don't really see a way around this (besides allowing
additionalProperties, but this would also first work on the next
update)
changes from v1:
* replace the 'remove-vanished' by a new 'mode' selection and adding
an appropriate mode
pve-access-control:
Dominik Csapak (2):
realm-sync: replace 'full' option with 'mode'
fix #3668: realm-sync: add mode 'sync'
src/PVE/API2/Domains.pm | 59 ++++++++++++++++++++++++++++++++++-------
src/PVE/Auth/Plugin.pm | 20 +++++++++++---
2 files changed, 66 insertions(+), 13 deletions(-)
pve-manager:
Dominik Csapak (1):
ui: realm sync: replace 'full' with 'mode'
www/manager6/dc/AuthEditLDAP.js | 11 ++++++-----
www/manager6/dc/SyncWindow.js | 9 +++++----
2 files changed, 11 insertions(+), 9 deletions(-)
--
2.30.2
next reply other threads:[~2022-02-04 14:25 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-04 14:24 Dominik Csapak [this message]
2022-02-04 14:24 ` [pve-devel] [PATCH access-control v2 1/2] realm-sync: replace 'full' option with 'mode' Dominik Csapak
2022-02-04 14:25 ` [pve-devel] [PATCH access-control v2 2/2] fix #3668: realm-sync: add mode 'sync' Dominik Csapak
2022-02-04 14:25 ` [pve-devel] [PATCH manager v2 1/1] ui: realm sync: replace 'full' with 'mode' Dominik Csapak
2022-03-22 6:11 ` [pve-devel] [PATCH access-control/manager v2] fix #3668: improving realm sync Thomas Lamprecht
2022-03-22 13:44 ` Thomas Lamprecht
2022-03-22 15:23 ` Dominik Csapak
2022-03-23 7:33 ` Thomas Lamprecht
2022-03-23 8:21 ` Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220204142501.1461441-1-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox