I’m working through the issues getting the unit tests to run cleanly. Here’s my setup:
July 2010
Troubleshooting FreeIPA Certificate issues
For the past couple of months, I’ve been heads down working on the UI for the FreeIPA project. Since FreeIPA is designed to be the cornerstone of a companies security management infrastructure, it is designed to do everything “right” as far as cryptography, certificates, Kerberos, SELinux and the like go. If something is not configured correctly, it shuts down, doesn’t start, breaks, and so on. We, the developers, deal with the pain of getting it configured correctly so that, hopefully, the end users get an experience that is both smooth and secure. So, if you are sharing some of that pain, here’s an analgesic:
Talking to FreeIPA JSON web API via curl
One of the benefits of web APIs is that we can use command line tools to call them. FreeIPA is no different, but perhaps a hair trickier, as it combines the use of Kerberos with a strict JSON format. Getting it right took a little trial and error.
(If you can’t guess the tune, get off my lawn!)
Are you posting a Sys Admin’s Req
telnet, CUPS, Sendmail, and BIND
Consider her I worked with at DEC
She once was an admin of mine
Have her crimp me a crossover cable
telnet, CUPS, Sendmail, and BIND
Bridging hub and subnet unstable
And then she’ll be an admin of mine
Have her build me a server of web
telnet, CUPS, Sendmail, and BIND
Without virtualized overhead
And then she’ll be an admin of mine
Have her craft me a Kerberos Key
telnet, CUPS, Sendmail, and BIND
But not based on code writ at MIT
And then she’ll be an Admin of mine
Have her write me a recovery plan
telnet, CUPS, Sendmail, and BIND
With servers unconnected to SAN
And then she’ll be an admin of mine
Sysadmin12 Jul 2010 06:36 pm
streamline development with autoexpect
expect is one of the old UNIX tools that people seem to continually rediscover. It is a hole plugger, linking together other tools to do things that you just can’t do any other way, or at least, not without some serious coding.
I am continually deploying and undeploying IPA Server as part of my development. Installing requires, amongst other things, typing in a password at least four times. I was sick of typing it, and decided to turn to expect.
I’m lazy. I didn’t want to learn another Domain specific language. So, while procrastinating by reading man pages and such, I cam across a tool that made my life much easier.
autoexpect
It is basically a macro recorder for the bash shell. I ran
autoexpect
ipa-server-install –uninstall
And ran through the install process. When I was done, typed exit, and there was a beautiful expect script all ready for me in script.exp. renamed it t ipa-uninstall.exp. Same thing for the install process.
I should rarely, if ever have to type those passwords again.
revision control and Software08 Jul 2010 09:45 am
Using git for distributed development
As of today we are in early stages of development on a new UI approach for FreeIPA. Since the “bits are very fresh” we want to keep from breaking the existing code base. The policy for the upstream Repo for FreeIPA is that code must pass a fairly strenuous review process before getting checked in, and our code isn’t that way yet. However, there are two of us doing UI development, and we need to share our code back and forth prior to checking it in to the main repo.
This is a situation where git shines, and really can redefine your approach to development. I realize I am a late comer to git. I’m a bit of a Luddite, and slow to pick up on technologies in general, so this should come as no surprise. Here’s our approach.