#2255 Unable to unset permission memberof
Closed: Fixed None Opened 12 years ago by edewata.

Modifying permission memberof to empty will generate an internal error.

See the following permission:

# ipa permission-add test --permission=all --memberof=editors --type=user
-----------------------
Added permission "test"
-----------------------
  Permission name: test
  Permissions: all
  Type: user
  Member of group: editors

Modifying the memberof to another value works fine:

# ipa permission-mod test --memberof=ipausers
--------------------------
Modified permission "test"
--------------------------
  Permission name: test
  Permissions: all
  Type: user
  Member of group: ipausers

Modifying memberof to empty fails:

# ipa permission-mod test --memberof=
ipa: ERROR: an internal error has occurred

Here is the stack trace from /var/log/httpd/error_log:

ipa: ERROR: non-public: AttributeError: 'NoneType' object has no attribute 'find'
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 229, in wsgi_execute
    result = self.Command[name](*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 438, in __call__
    ret = self.run(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 696, in run
    return self.execute(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/plugins/baseldap.py", line 1106, in execute
    ldap, dn, entry_attrs, attrs_list, *keys, **options
  File "/usr/lib/python2.7/site-packages/ipalib/plugins/permission.py", line 299, in pre_callback
    raise e
AttributeError: 'NoneType' object has no attribute 'find'
ipa: INFO: admin@EXAMPLE.COM: permission_mod(u'test', memberof=None, rights=False, all=False, raw=False, version=u'2.20'): AttributeError

Ondra, please check this one.

#2100 & #2101 are the fixes for this one.

Metadata Update from @edewata:
- Issue assigned to ohamada
- Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/02

7 years ago

Login to comment on this ticket.

Metadata