https://bugzilla.redhat.com/show_bug.cgi?id=797237 (Red Hat Enterprise Linux 6)
Description of problem: ipa netgroup-add should not allow commas in value for --nisdomain option. # ipa netgroup-add mynetgroup1 --desc=description1 --nisdomain=testone,testtwo ---------------------------- Added netgroup "mynetgroup1" ---------------------------- Netgroup name: mynetgroup1 Description: description1 NIS domain name: testone,testtwo IPA unique ID: 5e7e205e-5efe-11e1-a7d2-5254008638a1 # ipa netgroup-add-member mynetgroup1 --hosts=one,two Netgroup name: mynetgroup1 Description: description1 NIS domain name: testone,testtwo External host: one, two ------------------------- Number of members added 2 ------------------------- Looking at the triple with ypcat: # ypcat -k -d $DOMAIN -h $MASTER netgroup mynetgroup1 (two,-,testone,testtwo) (one,-,testone,testtwo) Version-Release number of selected component (if applicable): 389-ds-base-1.2.10.1-1.el6.x86_64 389-ds-base-libs-1.2.10.1-1.el6.x86_64 ipa-server-2.2.0-102.20120220T2339zgit7fe095c.el6.x86_64 How reproducible: always Steps to Reproduce: 1. <setup ipa server> 2. kinit admin 3. ipa netgroup-add mytestng1 --desc=test --nisdomain=test1,test2 4. ipa netgroup-add-member mytestng1 --hosts=one,two 5. ipa netgroup-show mytestng1 And to test with ypcat: 6. ipa-compat-manage enable 7. ipa-nis-manage enable 8. service rpcbind restart 9. service dirsrv restart 10. yum install yp-tools 11. ypcat -k -d <domainname> -h localhost netgroup | grep mytestng1 Actual results: # ipa netgroup-add mytestng1 --desc=test --nisdomain=test1,test2 -------------------------- Added netgroup "mytestng1" -------------------------- Netgroup name: mytestng1 Description: test NIS domain name: test1,test2 IPA unique ID: 4e315802-5f02-11e1-8113-5254008638a1 # ipa netgroup-add-member mytestng1 --hosts=one,two Netgroup name: mytestng1 Description: test NIS domain name: test1,test2 External host: one, two ------------------------- Number of members added 2 ------------------------- # ipa netgroup-show mytestng1 Netgroup name: mytestng1 Description: test NIS domain name: test1,test2 External host: two, one # ypcat -k -d $DOMAIN -h localhost netgroup | grep mytestng1 mytestng1 (two,-,test1,test2) (one,-,test1,test2) Expected results: I'd expect some type of error like invalid character or only one value is allowed. Additional info: Other special characters seem to be allowed as well: # ipa netgroup-add mytestng2 --desc=desc2 --nisdomain=seven^\|\!\@\#\$\%\&\*\)\( -------------------------- Added netgroup "mytestng2" -------------------------- Netgroup name: mytestng2 Description: desc2 NIS domain name: seven^|!@#$%&*)( IPA unique ID: ab77f718-5f03-11e1-803b-5254008638a1 # ipa netgroup-add-member mytestng2 --users=admin Netgroup name: mytestng2 Description: desc2 NIS domain name: seven^|!@#$%&*)( Member User: admin ------------------------- Number of members added 1 ------------------------- # ypcat -k -d $DOMAIN -h $MASTER netgroup|grep mytestng2 mytestng2 (-,admin,seven^|!@#$%&*)() /var/log/httpd/error_log entry: [Fri Feb 24 10:16:14 2012] [error] ipa: INFO: admin@TESTRELM.COM: netgroup_add(u'mytestng1', description=u'test', nisdomainname=u'test1,test2', all=False, raw=False, version=u'2.26'): SUCCESS This same underlying issue can be seen with ipa netgroup-mod: # ipa netgroup-mod mytestng1 --setattr=nisdomainname=one,two,three ----------------------------- Modified netgroup "mytestng1" ----------------------------- Netgroup name: mytestng1 Description: test NIS domain name: one,two,three # ipa netgroup-mod mytestng1 --nisdomain=five,six ----------------------------- Modified netgroup "mytestng1" ----------------------------- Netgroup name: mytestng1 Description: test NIS domain name: five,six
master: 5cfee23[[BR]] ipa-2-2: df0e73a
Metadata Update from @dpal: - Issue assigned to ohamada - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03
Login to comment on this ticket.