[pbs-devel] [PATCH proxmox-backup 2/3] fix #3939: set default value in domains endpoint
Thomas Lamprecht
t.lamprecht at proxmox.com
Mon Apr 11 13:34:29 CEST 2022
On 11.04.22 12:20, Matthias Heiserer wrote:
> On 11.04.2022 10:12, Thomas Lamprecht wrote:
>> On 23.03.22 14:01, Matthias Heiserer wrote:
>>> Because the default realm is stored in node.cfg, here we have to add
>>> it to the returned information.
>>>
>>> Signed-off-by: Matthias Heiserer <m.heiserer at proxmox.com>
>>> ---
>>> src/api2/access/domain.rs | 11 +++++++++--
>>> 1 file changed, 9 insertions(+), 2 deletions(-)
>>>
>>
>>> @@ -24,17 +24,19 @@ use pbs_api_types::BasicRealmInfo;
>>> /// Authentication domain/realm index.
>>> fn list_domains(mut rpcenv: &mut dyn RpcEnvironment) -> Result<Vec<BasicRealmInfo>, Error> {
>>> let mut list = Vec::new();
>>> + let default_realm = node::config()?.0.default_realm;
>>
>> feels not ideal to pull in the node config here, if we really need to add a config
>> (see my bugzilla reply asking if the requester would be OK with just making the
>> realm box stateful), then I'd actually add it in the domain config as priority
>> flag (allow 0 to 100, default 50) which is then used for sorting the realms and
>> also for auto-selecting the highest priority + name sorted realm.
> If I'm not mistaken the realm selector on the login screen is already stateful.
> Sorting sounds interesting, but how would we go about the default pam/pbs auth? They are not in the domains config, so i guess we have to add them there.
Yes, if the priority would be set the built-in realms would show up in
the configuration too.
>>
>> Same level of complexity in terms of what we need to safe (one new struct member),
>> but avoids the need to always load+parse an extra config and also more features we
>> can use it for.
>>
>> Please note also that we'd like to have feature parity for the stuff that exists
>> in PVE or PMG too.
> Not sure I understand the point on feature parity. You mean that the default realm should be set in the realms view?
That whatever we add as feature for PBS, it should also be added to PVE/PMG, at least
if sensible; doesn't have to be in the same series, but it should be planned.
More information about the pbs-devel
mailing list