freeipa

Clone
Source Code
GIT

#2014 command: ipa selfservice-mod : provide wrong attr for --attrs delete a selfservice permission
Closed: Fixed None Opened 12 years ago by dpal.

Closed: Fixed
Reopen Issue

https://bugzilla.redhat.com/show_bug.cgi?id=747741

Description of problem:
example: such command : ipa  selfservice-mod "edit address"
--attrs="nosuchattr"
will delete selfservice permission "edit address" from ipa server


Version-Release number of selected component (if applicable):
[yi@i386a(101) ~] rpm -qi ipa-server
Name        : ipa-server                   Relocations: (not relocatable)
Version     : 2.1.3                             Vendor: Red Hat, Inc.
Release     : 2.el6                         Build Date: Tue 18 Oct 2011
11:12:34 AM PDT
Install Date: Thu 20 Oct 2011 10:39:05 AM PDT      Build Host:
x86-002.build.bos.redhat.com
Group       : System Environment/Base       Source RPM: ipa-2.1.3-2.el6.src.rpm
Size        : 3355311                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.freeipa.org/
Summary     : The IPA authentication server
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof). If you are installing an IPA server you need
to install this package (in other words, most people should NOT install
this package).


How reproducible: always


Steps to Reproduce:
1. install ipa server
2. create selfservice permission
[yi@i386a(101) ~] ipa selfservice-add "edit address" --permission=write,read
--attrs=l
--------------------------------
Added selfservice "edit address"
--------------------------------
  Self-service name: edit address
  Permissions: write, read
  Attributes: l

3. modify this permission by providing wrong attr value
[yi@i386a(101) ~] ipa  selfservice-mod "edit address" --attrs="nosuchattr"
ipa: ERROR: targetattr "nosuchattr" does not exist in schema. Please add
attributeTypes "nosuchattr" to schema if necessary. ACL Syntax
Error(-5):(targetattr = \22nosuchattr\22)(version 3.0;acl \22selfservice:edit
address\22;allow (write,read) userdn = \22ldap:///self\22;): Invalid syntax.

-- the return message is correct, but the permission is disappeared from ipa
server,

[yi@i386a(101) ~] ipa selfservice-find "edit address"
----------------------
0 selfservices matched
----------------------
----------------------------
Number of entries returned 0
----------------------------


Actual results:


Expected results:


Additional info: no error msg found in /var/log/httpd/error_log

May be connected to #2010, I can do this ticket too while hacking selfservice plugin.

master: d50618f[[BR]]
ipa-2-2: fcbff4b

Metadata Update from @dpal:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/01
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
IPA
None
1
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=747741
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.