https://bugzilla.redhat.com/show_bug.cgi?id=797256 (Red Hat Enterprise Linux 6)
Description of problem: ipa netgroup-add-member allows invalid characters like ?, | $, etc. Version-Release number of selected component (if applicable): 389-ds-base-1.2.10.1-1.el6.x86_64 389-ds-base-libs-1.2.10.1-1.el6.x86_64 ipa-server-2.2.0-102.20120220T2339zgit7fe095c.el6.x86_64 How reproducible: always Steps to Reproduce: 1. <setup ipa server> 2. kinit admin 3. ipa netgroup-add testng1 --desc=desc1 4. ipa netgroup-add-member testng1 --hosts=badhost? 5. ipa netgroup-add-member testng1 --hosts=badhost\!\@\#\$\%\^\&\*\(\) Actual results: # ipa netgroup-add testng1 --desc=desc1 ------------------------ Added netgroup "testng1" ------------------------ Netgroup name: testng1 Description: desc1 NIS domain name: testrelm.com IPA unique ID: 40d66da2-5f0a-11e1-9c9c-5254008638a1 # ipa netgroup-add-member --hosts=badhost? Netgroup name: testng1 Description: desc1 NIS domain name: testrelm.com External host: badhost? ------------------------- Number of members added 1 ------------------------- # ipa netgroup-add-member testng1 --hosts=badhost\!\@\#\$\%\^\&\*\(\) Netgroup name: testng1 Description: desc1 NIS domain name: testrelm.com External host: badhost?, badhost!@#$%^&*() ------------------------- Number of members added 1 ------------------------- Expected results: Should error on invalid characters for external hosts Additional info: Also affects netgroup-mod: # ipa netgroup-mod testng1 --addattr=externalhost=anotherbadhost? --------------------------- Modified netgroup "testng1" --------------------------- Netgroup name: testng1 Description: desc1 NIS domain name: testrelm.com External host: badhost?, badhost!@#$%^&*(), anotherbadhost? # ipa netgroup-mod testng1 --addattr=externalhost=anotherbadhost\!\@\#\$\%\^\&\*\(\) --------------------------- Modified netgroup "testng1" --------------------------- Netgroup name: testng1 Description: desc1 NIS domain name: testrelm.com External host: badhost?, badhost!@#$%^&*(), anotherbadhost?, anotherbadhost!@#$%^&*() /var/log/httpd/error_log entries: [Fri Feb 24 11:09:35 2012] [error] ipa: INFO: admin@TESTRELM.COM: netgroup_add_member(u'testng1', all=False, raw=False, version=u'2.26', host=(u'badhost?',)): SUCCESS [Fri Feb 24 11:09:54 2012] [error] ipa: INFO: admin@TESTRELM.COM: netgroup_add_member(u'testng1', all=False, raw=False, version=u'2.26', host=(u'badhost!@#$%^&*()',)): SUCCESS [Fri Feb 24 11:13:17 2012] [error] ipa: INFO: admin@TESTRELM.COM: netgroup_mod(u'testng1', addattr=(u'externalhost=anotherbadhost?',), rights=False, all=False, raw=False, version=u'2.26'): SUCCESS [Fri Feb 24 11:13:24 2012] [error] ipa: INFO: admin@TESTRELM.COM: netgroup_mod(u'testng1', addattr=(u'externalhost=anotherbadhost!@#$%^&*()',), rights=False, all=False, raw=False, version=u'2.26'): SUCCESS
master: 5cfee23[[BR]] ipa-2-2: df0e73a
Some issues were found (see the BZ for details), reopening the ticket.
master: 6f7224f[[BR]] ipa-2-2: dc0132a
This patch includes just the fix for a crash when --hosts= is passed. Validation of externalHost attribute passed via --setattr or --addattr will be solved in ticket #2649.
(In #2649) This ticket originates from ticket #2447.
Metadata Update from @dpal: - Issue assigned to ohamada - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/04
Login to comment on this ticket.