Bug 2127913

Summary: [ansible-freeipa] sudorule has no support for attribute hostmask
Product: Red Hat Enterprise Linux 9 Reporter: Thomas Woerner <twoerner>
Component: ansible-freeipaAssignee: Rafael Jeffman <rjeffman>
Status: CLOSED ERRATA QA Contact: Varun Mylaraiah <mvarun>
Severity: unspecified Docs Contact: Filip Hanzelka <fhanzelk>
Priority: unspecified    
Version: 9.2CC: emartyny, fhanzelk, ipa-qe, mvarun, rjeffman
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: pm-rhel: mirror+
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ansible-freeipa-1.9.0-1.el9 Doc Type: Bug Fix
Doc Text:
.IdM now supports setting hostmasks for `sudo` rules using Ansible Previously, the `ipa sudorule-add-host` command allowed setting a hostmask to be used by the `sudo` rule, but this option was not present in the `ansible-freeipa` package. With this update, you can now use the `ansible-freeipa` `hostmask` variable to define a list of hostmasks to which a particular `sudo` rule, defined in Identity Management (IdM), applies. As a result, you can now automate setting host masks for IdM `sudo` rules with Ansible.
 Story Points: ---
Clone Of: 2127912 Environment:
Last Closed: 2023-05-09 07:25:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2127912    
Bug Blocks:    

Description Thomas Woerner 2022-09-19 11:01:59 UTC 
+++ This bug was initially created as a clone of Bug #2127912 +++

IPA sudorule-add-host allows to set the hostmask to be use by the rule, but this attribute is not present in ansible-freeipa.
Comment 2 Rafael Jeffman 2022-09-26 19:30:56 UTC 
Upstream PR: https://github.com/freeipa/ansible-freeipa/pull/922
Comment 6 Varun Mylaraiah 2022-12-20 13:21:48 UTC 
Verified
ansible-core-2.14.1-1.el9.x86_64
ansible-freeipa-1.9.0-1.el9.noarch

PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_add_with_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_add_with_multiple_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_update_additional_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_remove_multiple_hostmask
PASSED ansible_freeipa_tests/sudo/test_sudo.py::Testsudorule::test_sudorule_remove_hostmask

Based on the test result, marking the bug Verified
Comment 10 errata-xmlrpc 2023-05-09 07:25:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:2168