Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1009102
Description of problem: Update from 6.2 to 6.5 ipa permission-find --all dns lists 5 permissions - add dns entries read dns entries remove dns entries update dns entries write dns configuration But in UI, a search for 'dns' in rbac permissions page lists only: read dns entries read dns entries remove dns entries update dns entries But go to Privileges -click DNS Administrators (or DNS Servers) it lists out all 5 permissions including write dns configuration . The only issue is this permission exists but not showing in the search result after an upgrade from 6.2 to 6.5 Version-Release number of selected component (if applicable): ipa-server-2.1.3-9.el6.x86_64 to ipa-server-3.0.0-35.el6.x86_64 How reproducible: Always Steps to Reproduce: see above Actual results: 'Write DNS Configuration' permission does not show up in search results Expected results: 'Write DNS Configuration' permission show ups in search results Additional info:
See https://bugzilla.redhat.com/show_bug.cgi?id=1009102#c8 for the root cause analysis.
Note that the linked Bugzilla was closed as the ticket won't be fixed in RHEL as the bug is hard to even reproduce with current IPA versions and there is a very easy workaround. We may still want to fix the root cause from upstream code purity POV, if we get time.
Adjusting time plan - 3.4 development was postponed as we focused on 3.3.x testing and stabilization.
This issue was fixed as part of #4346.
Metadata Update from @mkosek: - Issue assigned to pviktori - Issue set to the milestone: FreeIPA 4.0 Backlog
Login to comment on this ticket.