Bug 2127912

Summary: [ansible-freeipa] sudorule has no support for attribute hostmask
Product: Red Hat Enterprise Linux 8 Reporter: Thomas Woerner <twoerner>
Component: ansible-freeipaAssignee: Rafael Jeffman <rjeffman>
Status: CLOSED ERRATA QA Contact: Varun Mylaraiah <mvarun>
Severity: unspecified Docs Contact: Filip Hanzelka <fhanzelk>
Priority: unspecified    
Version: 8.5CC: fhanzelk, lmanasko, mvarun, rjeffman
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ansible-freeipa-1.9.0-1.el8 Doc Type: Bug Fix
Doc Text:
.IdM now supports setting hostmasks for `sudo` rules using Ansible Previously, the `ipa sudorule-add-host` command allowed setting a hostmask to be used by the `sudo` rule, but this option was not present in the `ansible-freeipa` package. With this update, you can now use the `ansible-freeipa` `hostmask` variable to define a list of hostmasks to which a particular `sudo` rule, defined in Identity Management (IdM), applies. As a result, you can now automate setting host masks for IdM `sudo` rules with Ansible.
 Story Points: ---
Clone Of:
: 2127913 (view as bug list) Environment:
Last Closed: 2023-05-16 08:15:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2127913    

Description Thomas Woerner 2022-09-19 11:00:21 UTC 
IPA sudorule-add-host allows to set the hostmask to be use by the rule, but this attribute is not present in ansible-freeipa.
Comment 1 Rafael Jeffman 2022-09-26 19:30:29 UTC 
Upstream PR: https://github.com/freeipa/ansible-freeipa/pull/922
Comment 5 Varun Mylaraiah 2022-12-19 12:15:19 UTC 
Verified
ansible-2.9.27-1.el8ae.noarch
ansible-freeipa-1.9.0-1.el8.noarch

PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_add_with_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_add_with_multiple_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_update_additional_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_remove_multiple_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_remove_hostmask

Based on the test result, marking the bug Verified
Comment 13 errata-xmlrpc 2023-05-16 08:15:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:2752