Bug 766181
Summary: | [RFE] Provide option to disable Automatic Private Group creation for users | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.0 | CC: | jgalipea, mkosek |
Target Milestone: | rc | Keywords: | FutureFeature |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-2.2.0-1.el6 | Doc Type: | Enhancement |
Doc Text: |
Cause: When a new user is added, User Private Group (UPG) is created and assigned as user primary group by default. However, there may be use cases when administrator wants to rather use a common group assigned as a primary group for all users. However, there is no switch to enforce this behavior for all user additions.
Consequence: Whenever a new user is added a special option always need to be used to prevent creation of UPG.
Change: Directory Server plugin which handles the creation of UPG can now be disabled with a new tool - ipa-managed-entries.
Result: Administrator can disable automatic creation of UPGs and let all new future users share a common group as their primary group.
|
Story Points: | --- |
Clone Of: | 697890 | Environment: | |
Last Closed: | 2012-06-20 13:28:00 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 697890 | ||
Bug Blocks: | 736854 |
Description
Dmitri Pal
2011-12-10 20:32:41 UTC
Fixed upstream master: https://fedorahosted.org/freeipa/changeset/dea578a357b2ebc68f56ef31f841cfe056f73303 verified :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Get Default Status of User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Running 'ipa-managed-entries -e "UPG Definition" status > /tmp/upgstatus.out 2>&1' :: [ PASS ] :: File '/tmp/upgstatus.out' should contain 'Plugin Enabled' :: [ LOG ] :: Duration: 3s :: [ LOG ] :: Assertions: 2 good, 0 bad :: [ PASS ] :: RESULT: Get Default Status of User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Disable User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Disable UPG Plugin :: [ PASS ] :: Required directory server restart :: [ PASS ] :: Get the status of the plugin :: [ PASS ] :: File '/tmp/upgstatus.out' should contain 'Plugin Disabled' :: [ LOG ] :: Duration: 14s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: Disable User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Add user with User Private Group Plugin Disabled :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Add user with plugin disabled :: [ PASS ] :: Make sure user private group was not added :: [ PASS ] :: Delete the test user added :: [ LOG ] :: Duration: 14s :: [ LOG ] :: Assertions: 3 good, 0 bad :: [ PASS ] :: RESULT: Add user with User Private Group Plugin Disabled :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Re-Enable User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Re-enable UPG Plugin :: [ PASS ] :: Required directory server restart :: [ PASS ] :: Get the status of the plugin :: [ PASS ] :: File '/tmp/upgstatus.out' should contain 'Plugin Enabled' :: [ LOG ] :: Duration: 17s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: Re-Enable User Private Groups Plugin :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Add user with User Private Groups Plugin Re-Enabled :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Add user with plugin re-enabled :: [ PASS ] :: Make sure user private group was added :: [ PASS ] :: Delete the test user added :: [ PASS ] :: Make sure user private group was delete too :: [ LOG ] :: Duration: 16s :: [ LOG ] :: Assertions: 4 good, 0 bad :: [ PASS ] :: RESULT: Add user with User Private Groups Plugin Re-Enabled version : ipa-server-2.2.0-7.el6.x86_64 Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No documentation needed. Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1 +1,4 @@ -No documentation needed.+Cause: When a new user is added, User Private Group (UPG) is created and assigned as user primary group by default. However, there may be use cases when administrator wants to rather use a common group assigned as a primary group for all users. However, there is no switch to enforce this behavior for all user additions. +Consequence: Whenever a new user is added a special option always need to be used to prevent creation of UPG. +Change: Directory Server plugin which handles the creation of UPG can now be disabled with a new tool - ipa-managed-entries. +Result: Administrator can disable automatic creation of UPGs and let all new future users share a common group as their primary group. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html |