Bug 1851411
| Summary: | ipa: typo issue in ipanthomedirectoryrive deffinition | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Alexander Bokovoy <abokovoy> | ||||||||
| Component: | ipa | Assignee: | Thomas Woerner <twoerner> | ||||||||
| Status: | CLOSED ERRATA | QA Contact: | ipa-qe <ipa-qe> | ||||||||
| Severity: | unspecified | Docs Contact: | |||||||||
| Priority: | unspecified | ||||||||||
| Version: | --- | CC: | ksiddiqu, rcritten, ssidhaye, tscherf | ||||||||
| Target Milestone: | rc | Flags: | pm-rhel:
mirror+
|
||||||||
| Target Release: | 8.0 | ||||||||||
| Hardware: | Unspecified | ||||||||||
| OS: | Unspecified | ||||||||||
| Whiteboard: | |||||||||||
| Fixed In Version: | ipa-4.8.7-3 | Doc Type: | If docs needed, set a value | ||||||||
| Doc Text: | Story Points: | --- | |||||||||
| Clone Of: | Environment: | ||||||||||
| Last Closed: | 2020-11-04 02:51:04 UTC | Type: | Bug | ||||||||
| Regression: | --- | Mount Type: | --- | ||||||||
| Documentation: | --- | CRM: | |||||||||
| Verified Versions: | Category: | --- | |||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||
| Embargoed: | |||||||||||
| Attachments: |
|
||||||||||
Fixed upstream with
commit 3912e8e6739058ef8fcb2964fda0edc3ee23fc1e
Author: Petr Voborník <pvoborni>
Date: Mon Jun 8 19:27:30 2020 +0200
baseuser: fix ipanthomedirectorydrive option name
It should be ipanthomedirectorydrive and not ipanthomedirectoryrive.
This fixes showing the field in Web UI and also should fix CLI as it
probably never worked.
Signed-off-by: Petr Vobornik <pvoborni>
Reviewed-By: Alexander Bokovoy <abokovoy>
ipa-4-8:
commit a090b429fda35c5a9c3cfb672ab42a5985d00ff9
Author: Petr Voborník <pvoborni>
Date: Mon Jun 8 19:27:30 2020 +0200
baseuser: fix ipanthomedirectorydrive option name
It should be ipanthomedirectorydrive and not ipanthomedirectoryrive.
This fixes showing the field in Web UI and also should fix CLI as it
probably never worked.
Signed-off-by: Petr Vobornik <pvoborni>
Reviewed-By: Alexander Bokovoy <abokovoy>
no automation for this and only manual execution for text change. One more related fix is from the upstream ticket 8336
master:
commit f6707a71dcefd4b54d7909ad1ba9ba84f57c430a
Author: Petr Voborník <pvoborni>
Date: Mon Jun 8 19:11:33 2020 +0200
webui: hide user attributes for SMB services section if empty
This section should be hidded if user object hasn't ipantuserattrs
object class. I.e. when trusts are not enabled.
Web UI framework already supports hidding of sections if the
section contains no visible field. So to achieve it we simply needs
to hide the fields. Given that attributelevelrights
contains rights only for attributes of current object classes, all
of these are regarded as not writable.
We can leverage feature of input_widget that it gets hidden
when the attribute is not writable and has no value and widget's
"hidden_if_empty" is set to true. Thus doing it here.
For this to work, it is also required to fix an issue with
"ipanthomedirectorydrive" which is optional (in API) but Web UI
doesn't offer "empty" ("") value. Adding it here.
fixes: https://pagure.io/freeipa/issue/8336
Signed-off-by: Petr Vobornik <pvoborni>
Reviewed-By: Alexander Bokovoy <abokovoy>
Reviewed-By: Serhii Tsymbaliuk <stsymbal>
ipa-4-8:
commit 691b3cddb275821630f443f22706fa75e7c7a5c8
Author: Petr Voborník <pvoborni>
Date: Mon Jun 8 19:11:33 2020 +0200
webui: hide user attributes for SMB services section if empty
This section should be hidded if user object hasn't ipantuserattrs
object class. I.e. when trusts are not enabled.
Web UI framework already supports hidding of sections if the
section contains no visible field. So to achieve it we simply needs
to hide the fields. Given that attributelevelrights
contains rights only for attributes of current object classes, all
of these are regarded as not writable.
We can leverage feature of input_widget that it gets hidden
when the attribute is not writable and has no value and widget's
"hidden_if_empty" is set to true. Thus doing it here.
For this to work, it is also required to fix an issue with
"ipanthomedirectorydrive" which is optional (in API) but Web UI
doesn't offer "empty" ("") value. Adding it here.
fixes: https://pagure.io/freeipa/issue/8336
Signed-off-by: Petr Vobornik <pvoborni>
Reviewed-By: Serhii Tsymbaliuk <stsymbal>
Reviewed-By: Alexander Bokovoy <abokovoy>
Reproducer:
Builds used :
[root@ci-vm-10-0-136-213 test]# rpm -q ipa-server ipa-server-dns ipa-server-trust-ad
ipa-server-4.8.4-7.module+el8.2.0+6046+aaa49f96.x86_64
ipa-server-dns-4.8.4-7.module+el8.2.0+6046+aaa49f96.noarch
package ipa-server-trust-ad is not installed
[root@ci-vm-10-0-136-213 test]#
[root@ci-vm-10-0-136-213 test]# ipa user-show testuser --all
dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-136-213,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
User login: testuser
First name: test
Last name: user
Full name: test user
Display name: test user
Initials: tu
Home directory: /home/testuser
GECOS: test user
Login shell: /bin/sh
Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM
Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM
Email address: testuser.upshift.rdu2.redhat.com
UID: 1164400001
GID: 1164400001
Account disabled: False
Preserved user: False
Password: False
Member of groups: ipausers
Kerberos keys available: False
ipauniqueid: a1319918-d7cb-11ea-b416-fa163ef2fa38
mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-136-213,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject,
ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry
"User attributes for SMB services" is shown in UI even though it's not set for the user
Screenshot attached
Verification:
Builds used:
[root@ci-vm-10-0-137-134 test]# rpm -q ipa-server ipa-server-dns ipa-server-trust-ad
ipa-server-4.8.7-8.module+el8.3.0+7513+a375844a.x86_64
ipa-server-dns-4.8.7-8.module+el8.3.0+7513+a375844a.noarch
ipa-server-trust-ad-4.8.7-8.module+el8.3.0+7513+a375844a.x86_64
[root@ci-vm-10-0-137-134 test]#
[root@ci-vm-10-0-137-134 test]# ipa user-show testuser --all
dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
User login: testuser
First name: tet
Last name: user
Full name: tet user
Display name: tet user
Initials: tu
Home directory: /home/testuser
GECOS: tet user
Login shell: /bin/sh
Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM
Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM
Email address: testuser.upshift.rdu2.redhat.com
UID: 807800001
GID: 807800001
Account disabled: False
Preserved user: False
Password: False
Member of groups: ipausers
Kerberos keys available: False
ipauniqueid: cf199606-d7e3-11ea-835e-fa163ee246c8
mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject,
ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry
"User attributes for SMB services" is not shown in UI when ipantuserattrs attribute for the user is not set
Screenshot attached
[root@ci-vm-10-0-137-134 test]# ipa user-show testuser --all
dn: uid=testuser,cn=users,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
User login: testuser
First name: tet
Last name: user
Full name: tet user
Display name: tet user
Initials: tu
Home directory: /home/testuser
GECOS: tet user
Login shell: /bin/sh
Principal name: testuser.UPSHIFT.RDU2.REDHAT.COM
Principal alias: testuser.UPSHIFT.RDU2.REDHAT.COM
Email address: testuser.upshift.rdu2.redhat.com
UID: 807800001
GID: 807800001
Account disabled: False
Preserved user: False
Password: False
Member of groups: ipausers
Kerberos keys available: False
ipantsecurityidentifier: S-1-5-21-4140417676-3365399039-539626829-1001
ipauniqueid: cf199606-d7e3-11ea-835e-fa163ee246c8
mepmanagedentry: cn=testuser,cn=groups,cn=accounts,dc=ci-vm-10-0-137-134,dc=hosted,dc=upshift,dc=rdu2,dc=redhat,dc=com
objectclass: top, person, organizationalperson, inetorgperson, inetuser, posixaccount, krbprincipalaux, krbticketpolicyaux, ipaobject,
ipasshuser, ipaSshGroupOfPubKeys, mepOriginEntry, ipantuserattrs
"User attributes for SMB services" is shown in UI when ipantuserattrs attribute for the user is set
Screenshot attached
Created attachment 1710679 [details]
Reproducer
Created attachment 1710680 [details]
Verification : before ipantuserattrs is set
Created attachment 1710681 [details]
Verification : after ipantuserattrs is set
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:4670 |
It should be ipanthomedirectorydrive and not ipanthomedirectoryrive, note the 'drive' versus 'rive'. This fixes showing the field in Web UI and also should fix CLI as it probably never worked.