Bug 1138792

Summary: Disable unsupported ID range types
Product: Red Hat Enterprise Linux 7 Reporter: Martin Kosek <mkosek>
Component: ipaAssignee: Martin Kosek <mkosek>
Status: CLOSED ERRATA QA Contact: Namita Soman <nsoman>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.0CC: rcritten, sgoveas
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-4.0.3-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-05 10:13:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Kosek 2014-09-05 16:00:11 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/4323

{{{
$ ipa idrange-add -h
--type=['ipa-ad-trust-posix', 'ipa-ad-trust', 'ipa-local', 'ipa-ad-winsync', 'ipa-ipa-trust']
                        ID range type, one of ipa-ad-trust-posix, ipa-ad-
                        trust, ipa-local, ipa-ad-winsync, ipa-ipa-trust
}}}

We allow invalid ID range types that are not really validated or checked by ID range DS plugin:
{{{
        u'ipa-ipa-trust': unicode(_('IPA trust range')),
        u'ipa-ad-winsync': unicode(_('Active Directory winsync range')),
}}}

I think we should remove these types.
Comment 1 Martin Kosek 2014-09-05 16:14:02 UTC 
Fixed upstream:

master:
e74307caa6daf1e7e261ff481f6c5b089df82f57 ipalib: idrange: Make non-implemented range types fail the validation

ipa-4-1:
e74307caa6daf1e7e261ff481f6c5b089df82f57 ipalib: idrange: Make non-implemented range types fail the validation

ipa-4-0:
fb89a774e331c3b3eb70950911e4136a7e1f141b ipalib: idrange: Make non-implemented range types fail the 

Fix API.txt:

master:
ab5edd0e450fdd926b7c49535424149413c3f956 Update API.txt

ipa-4-1:
ab5edd0e450fdd926b7c49535424149413c3f956 Update API.txt

ipa-4-0:
4baf1531581bbc5d075d46a832ca139edc8e75d3 Update API.txt
Comment 3 Steeve Goveas 2015-01-27 13:12:42 UTC 
Verified in version
[root@vm-idm-019 ~]# rpm -q ipa-server 
ipa-server-4.1.0-16.el7.x86_64

[root@vm-idm-019 ~]# ipa idrange-add -h | grep -A2 "type"
  --type=['ipa-ad-trust-posix', 'ipa-ad-trust', 'ipa-local']
                        ID range type, one of ipa-ad-trust-posix, ipa-ad-
                        trust, ipa-local
  --setattr=STR         Set an attribute to a name/value pair. Format is
Comment 5 errata-xmlrpc 2015-03-05 10:13:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0442.html