Jump to: navigation, search

V4/Notification system

Name: V4/Notification system
Ticket: #1593
Author: Petr Kubat
Incomplete.png Pending review
Last updated: 2015-10-11 by Petr Kubat


A notification system for changes or warnings in FreeIPA. The system should be general enough to be able to send messages through various outputs (like email, IRC) and maybe not only limited to the FreeIPA framework.

Use Cases

  • Create mounted home directories on user creation
  • Recieve notifications about expiring passwords/certificates

Open questions

Hook locations

Where to place the hooks that would be in charge of sending notifications?

Related to the granularity of the notification system. Hooks in the components instead of the framework would allow for a better coverage of events we're interested in (eg. user creation directly through LDAP).

Method of transport

What method of transport for messages generated on changes/warnings would be the best?

If multiple sources of information were needed for the notification system (Kerberos, 389-DS, certmonger) a universal system like dbus might be the best method to use. However some components would have to be extended first. Maybe different kinds of transport for different components (fedmsg for python, dbus for C)?

Expiring passwords

How to poll for expiring passwords and certificates?

Probably using some daemon that would periodically check the records. How often? Performance implications?

User scripts

Should the system be general enough to allow for running user scripts?

Reaction to hooks

Do we want for FreeIPA to be able to react to the hooks?

If yes, should the hooks be synchronous/asynchronous? Performance implications?

Performance issues

How will the hooks impact performance when they are/are not used?