Return-Path: Received: from homiemail-a77.g.dreamhost.com (caiajhbdcbef.dreamhost.com [208.97.132.145]) by krbdev.mit.edu (Postfix) with ESMTP id BAE223EBB6; Fri, 5 Oct 2012 12:57:11 -0400 (EDT) Received: from homiemail-a77.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a77.g.dreamhost.com (Postfix) with ESMTP id E4C859406D; Fri, 5 Oct 2012 09:57:10 -0700 (PDT) Dkim-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:content-type; s=cryptonector.com; bh=huiuNQjuBPrrusjzCBmUBDW 6Qik=; b=oy+qDmizHkjWkIjt3OJVtWjWb5KMwin8wh6eK1n6CFxzG9ccQZigXYS OoR+d369GzW7UhRw8nybguOKrQSYqQAuKFN5SzUjroMQQtbtNWm0jQHTtI5u6uY1 3FYc3B7g/EskuZg0Akv5miPkURR3f2PBMt0XYV4R3MFjuyWCc7kU= Received: from mail-pb0-f50.google.com (mail-pb0-f50.google.com [209.85.160.50]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a77.g.dreamhost.com (Postfix) with ESMTPSA id C286E9405E; Fri, 5 Oct 2012 09:57:10 -0700 (PDT) Received: by mail-pb0-f50.google.com with SMTP id md4so2257051pbc.23 for ; Fri, 05 Oct 2012 09:57:10 -0700 (PDT) MIME-Version: 1.0 Received: by 10.68.204.132 with SMTP id ky4mr32021552pbc.164.1349456230392; Fri, 05 Oct 2012 09:57:10 -0700 (PDT) Received: by 10.68.20.194 with HTTP; Fri, 5 Oct 2012 09:57:10 -0700 (PDT) In-Reply-To: References: Date: Fri, 5 Oct 2012 11:57:10 -0500 Message-ID: Subject: Re: [krbdev.mit.edu #7405] All kadm5srv consumers should log writes to the iprop ulog From: Nico Williams To: rt-comment@krbdev.mit.edu, rt@krbdev.mit.edu Content-Type: text/plain; charset=UTF-8 RT-Send-Cc: Content-Length: 823 Although, only kadm5 consumers on master KDCs should all log to the ulog. There's no nice programmatic distinction between master and slave. The distinction lies in what services they run. (And if we ever get read-only kadmind then the distinction will lie in what services they run and how they are configured.) Today, running kadmin.local on a slave will screw up iprop, likely resulting in a full resync (which will clobber the local change). This is a bit of a mess. A simple fix would be to have kpropd mark a ulog as being "slave-side", then iprop can simply not log any local changes to the ulog (or, perhaps, log them, but not change the ulog header). An alternative would be to have two ulogs: one for slave-side operations, one for master-side operations, with one being named by suffixing the other, say.