*<dpal> rcrit, ayoung our UI and CLI allow pretty distractive things like removing keytab or cert of the core services or host. Such actions would lead to the installation to become unusable.

*<dpal> I think we should have some ways to prevent this.

*<dpal> May be for each server we add we explicitely remove the permissions to modify these services and hosts

*<dpal> What do you think?

*<rcrit> there would need to be an override

*<rcrit> need to be able to renew certs, keytabs, etc

*<ayoung> rcrit, there would be; the acis

*<rcrit> acis don't do overrides

*<ayoung> no, I mean, you go to the aci, turn off the rule, do the update, then turn it back on

*<rcrit> ew

*<dpal> rcrit, I do not know how to do it. We need to design it better. I will file a ticket

*<rcrit> I think an additional flag is probably better

*<dpal> But then we would have to handle it in UI too, right?

*<dpal> So logic will be: the plugin will detect that it is a critical server or host and will return a special attribute in the RPC/JSON call. The CLI will see if there is an override flag. If there is it will proceed in not return error. The UI will put a scary message or even say that such operation is not allowed from UI do it from command line.

*<dpal> rcrit, agree?

*<rcrit> uh, boy, that's really convoluted

*<rcrit> there are lots of services, this has to apply to replicas too

*<dpal> rcrit, it has to apply to all hosts that are in the replica table and all HTTP & LDAP services that are running on such hosts

*<rcrit> and DNS and host and perhaps others too

*<dpal> I do not think that determining this would be a hard task

*<dpal> rcrit, yes you are right

*<dpal> but it is still a finite list

*<rcrit> yes, I think we can get this from simo's new replica info

*<dpal> Yes. Viva simo! I will create a ticket.

*<rcrit> I think for the UI if we have a force checkbox that triggers an alert that when checked says "you are a crazy person for doing this but ok"

*<rcrit> on the cli you get what you ask for

*<dpal> rcrit, I think doing this from UI should be prohibited

*<rcrit> why?

*<dpal> If you are messing with these things you would have to use CLI anyways

*<dpal> so just go to CLI and do everything there

*<rcrit> ok, it just goes against our policy of "if you can do it on the cli you can do it in the ui"

*<dpal> To make sure you are not just doing it by mistake

*<dpal> rcrit, not exactly, it is a special case for the services and hosts that are a part of the infrastructure

*<rcrit> alright, I agree that it is necessary but this is a pretty big thing to integrate in the last week of development

*<dpal> We will triage