Bug 1981322

Summary: [RFE] Add support for managing subuids and subgids in FreeIPA
Product: Red Hat Enterprise Linux 8 Reporter: Petr Čech <pcech>
Component: ipaAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact: ipa-qe <ipa-qe>
Severity: unspecified Docs Contact: Alexandra Nikandrova <anikandr>
Priority: high    
Version: ---CC: abokovoy, aborah, amore, anikandr, atikhono, cheimes, frenaud, ipa-qe, mpolovka, pvoborni, rcritten, rjeffman, ssidhaye, sumenon, tscherf, twoerner
Target Milestone: betaKeywords: FutureFeature, Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-4.9.8-1.module+el8.6.0+13486+dbe20af2 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 1952028 Environment:
Last Closed: 2022-05-10 14:08:44 UTC Type: Enhancement
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1952028    
Bug Blocks: 1957737, 2013006    

Comment 1 Florence Blanc-Renaud 2021-07-13 13:54:13 UTC 
Fixed upstream:
master:

    1c4ae37 Add basic support for subordinate user/group ids
    c78d134 Redesign subid feature
    51035d9 Use 389-DS' dnaInterval setting to assign intervals
    1e00748 Fix ipa-server-upgrade
    110940b Fix oid of ipaUserDefaultSubordinateId
    30eceb5 WebUI: Improve subordinate ids user workflow
    aae6c02 Test DNA plugin configuration
Comment 2 Florence Blanc-Renaud 2021-07-13 13:55:03 UTC 
ipa-4-9:

    3540986 Add basic support for subordinate user/group ids
    5d4fe06 Redesign subid feature
    ef115b0 Use 389-DS' dnaInterval setting to assign intervals
    e6e3fb6 Fix ipa-server-upgrade
    44ccc0f Fix oid of ipaUserDefaultSubordinateId
    9f4b898 WebUI: Improve subordinate ids user workflow
    b53a52a Test DNA plugin configuration
Comment 3 Florence Blanc-Renaud 2021-07-16 08:16:58 UTC 
An additional fix is needed, see ticket https://pagure.io/freeipa/issue/8920
Comment 4 Florence Blanc-Renaud 2021-07-16 14:34:39 UTC 
Fixed upstream
master:
https://pagure.io/freeipa/c/cb37f499db8c66bf77a4e716ef1cf2a6c321cb6a
Comment 5 Florence Blanc-Renaud 2021-07-17 14:21:23 UTC 
Fixed upstream
ipa-4-9:
https://pagure.io/freeipa/c/b132956e42a88ab39bb8d6a854e7c5d28d544a11
Comment 6 François Cami 2021-09-03 11:32:38 UTC 
Another fix ( https://pagure.io/freeipa/issue/8977 ):

Fixed upstream
master:
https://pagure.io/freeipa/c/b624179cb18d445c27abef067540fa9e914eacc5

Fixed upstream
ipa-4-9:
https://pagure.io/freeipa/c/4785a90946ec694ccc082f062b2181b23c7099e3
Comment 23 Michal Polovka 2022-01-17 10:47:05 UTC 
Verified using automation on RHEL8.6 machine with ipa-server-4.9.8-2.module+el8.6.0+13621+937b8cd9.x86_64 from nightly compose.


============================= test session starts ==============================
platform linux -- Python 3.6.8, pytest-3.10.1, py-1.11.0, pluggy-1.0.0 -- /usr/libexec/platform-python
cachedir: /home/cloud-user/.pytest_cache
metadata: {'Python': '3.6.8', 'Platform': 'Linux-4.18.0-359.el8.x86_64-x86_64-with-redhat-8.6-Ootpa', 'Packages': {'pytest': '3.10.1', 'py': '1.11.0', 'pluggy': '1.0.0'}, 'Plugins': {'metadata': '1.11.0', 'html': '1.22.1', 'multihost': '3.0', 'sourceorder': '0.5'}}
rootdir: /usr/lib/python3.6/site-packages/ipatests, inifile:
plugins: metadata-1.11.0, html-1.22.1, multihost-3.0, sourceorder-0.5
collecting ... collected 7 items

test_integration/test_subids.py::TestSubordinateId::test_dna_config PASSED [ 14%]
test_integration/test_subids.py::TestSubordinateId::test_auto_generate_subid PASSED [ 28%]
test_integration/test_subids.py::TestSubordinateId::test_ipa_subid_script PASSED [ 42%]
test_integration/test_subids.py::TestSubordinateId::test_subid_selfservice PASSED [ 57%]
test_integration/test_subids.py::TestSubordinateId::test_subid_useradmin PASSED [ 71%]
test_integration/test_subids.py::TestSubordinateId::test_idrange_subid PASSED [ 85%]
test_integration/test_subids.py::TestSubordinateId::test_subid_stats PASSED [100%]

---------------- generated xml file: /home/cloud-user/junit.xml ----------------
----------- generated html file: file:///home/cloud-user/report.html -----------
========================== 7 passed in 634.12 seconds ==========================

Therefore marking as verified. Automation exists.
Comment 27 errata-xmlrpc 2022-05-10 14:08:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (idm:client and idm:DL1 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2022:1884