Bug 667412
Summary: | ipa host-mod --setattr on cn should not be allowed | ||
---|---|---|---|
Product: | [Retired] freeIPA | Reporter: | Jenny Severance <jgalipea> |
Component: | ipa-admintools | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 2.0 | CC: | benl, dpal, jgalipea |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | freeipa-2.0.0-1.fc15 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-03-27 07:13:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jenny Severance
2011-01-05 14:53:23 UTC
Similarly to https://bugzilla.redhat.com/show_bug.cgi?id=667410 - this is not a valid use case. CN is not a part of host entry so the cn attribute can be added and modified if administrator wants to. There is nothing in the system that would require these operations to be treated as illegal. https://fedorahosted.org/freeipa/ticket/707 After some discussion we agreed that the ticket is valid. master: 86fe47b87df4e503e9d1d4c6cf6be62b5cbab685 Verified version: ipa-server-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64 ipa-admintools-2.0.0-13.20110228T1743zgit99d6e08.el6.x86_64 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-32: Negative - setattr and addattr on cn :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ---------------------------- Added host "mytest.testrelm" ---------------------------- Host name: mytest.testrelm Principal name: host/mytest.testrelm@TESTRELM Managed by: mytest.testrelm :: [15:20:14] :: Adding new host mytest.testrelm successful with force option. :: [15:20:14] :: Executing: ipa host-mod --setattr cn=mytest2.testrelm mytest.testrelm ipa: ERROR: Insufficient access: cn is immutable :: [15:20:17] :: "ipa host-mod --setattr cn=mytest2.testrelm mytest.testrelm" failed as expected. :: [15:20:20] :: Error message as expected: ipa: ERROR: Insufficient access: cn is immutable :: [ PASS ] :: Verify expected error message for --setattr. :: [15:20:21] :: Executing: ipa host-mod --addattr cn=mytest3.testrelm mytest.testrelm ipa: ERROR: Insufficient access: cn is immutable :: [15:20:24] :: "ipa host-mod --addattr cn=mytest3.testrelm mytest.testrelm" failed as expected. :: [15:20:27] :: Error message as expected: ipa: ERROR: Insufficient access: cn is immutable :: [ PASS ] :: Verify expected error message for --addattr. |