Bug 797561

Summary: Bool attributes used in setattr/addattr/delattr options are not encoded properly
Product: Red Hat Enterprise Linux 6 Reporter: Dmitri Pal <dpal>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED ERRATA QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.3CC: grajaiya, jgalipea, mkosek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-2.2.0-3.el6 Doc Type: Bug Fix
Doc Text:
No documentation needed.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-20 13:19:28 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dmitri Pal 2012-02-26 18:05:51 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/2418

It's not possible to add/delete boolean attribute idnsAllowDynUpdate in DNS zone.

Error examples are attached in dnszone-mod, zone object is in zone.ldif.

Same error like for ipa dnszone-mod --addattr
"LDAP: error code 21 - idnsAllowDynUpdate: value #0 invalid per syntax"
appears if value is added/modified by hand and is not uppercase. ("True" is not accepted by server, but "TRUE" is accepted.)

Wrong string conversion before calling LDAP?
Comment 1 Rob Crittenden 2012-03-02 20:01:09 UTC 
fixed upstream.

master: eeee8e1c6e01a36916bec3eed9212742e089c5b8

ipa-2-2: bd0a6aa2382c6a23d620b48e582fa4592a04c238

I tested with:

% ipa config-mod --setattr ipamigrationenabled=true

It will fail with a syntax error on older releases and update properly on fixed releases.
Comment 4 Martin Kosek 2012-04-24 12:10:39 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed.
Comment 5 Jenny Severance 2012-05-16 20:26:00 UTC 
verified ::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz797561 Bool attributes used in setattr/addattr/delattr options are not encoded properly
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa dnszone-add example.com --name-server=hp-bl495cg5-02.testrelm.com --admin-email=admin'
:: [   PASS   ] :: Running 'ipa dnszone-show example.com --all --raw | grep -i "idnsallowdynupdate: FALSE"'
:: [   LOG    ] :: Executing: ipa dnszone-mod example.com --addattr=idnsAllowDynUpdate=true
:: [   LOG    ] :: "ipa dnszone-mod example.com --addattr=idnsAllowDynUpdate=true" failed as expected.
:: [   PASS   ] :: Error message as expected: ipa: ERROR: idnsallowdynupdate: Only one value allowed.
:: [   PASS   ] :: Running 'ipa dnszone-show example.com --all --raw | grep -i "idnsallowdynupdate: FALSE"'
:: [   PASS   ] :: Running 'ipa dnszone-mod example.com --setattr=idnsAllowDynUpdate=true'
:: [   PASS   ] :: Running 'ipa dnszone-show example.com --all --raw | grep -i "idnsallowdynupdate: TRUE"'
:: [   PASS   ] :: Running 'ipa dnszone-del example.com'
:: [   PASS   ] :: Running 'service named restart'
:: [   LOG    ] :: Duration: 28s
:: [   LOG    ] :: Assertions: 8 good, 0 bad
:: [   PASS   ] :: RESULT: bz797561 Bool attributes used in setattr/addattr/delattr options are not encoded properly

version ::

ipa-server-2.2.0-12.el6.i686
Comment 8 errata-xmlrpc 2012-06-20 13:19:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html