When ipa-replica-manage script is run as a non-root user it prints out an inconvenient error:
ipa-replica-manage
$ ipa-replica-manage list ipa: ERROR: Cannot open log file u'/var/log/ipa/default.log': Permission denied vm-029.idm.lab.bos.redhat.com vm-082.idm.lab.bos.redhat.com
I would suggest making it run only with a root user - just like other replication management scripts:
$ ipa-replica-prepare You must be root to run this script.
No, this script can run fine w/o root as it doesn't need to touch any file. Please just make it just skip logging if it fails to open the log file.
You are right, I will implement it this way.
Patch is ready, waiting for branch 2.1 to be initialized.
master: e96d077[[BR]] ipa-2-0: 958cce0
Metadata Update from @mkosek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.1 - 2011/05
Login to comment on this ticket.