Bug 800544

Summary: Sudo commands are case-insensitive
Product: Red Hat Enterprise Linux 7 Reporter: Dmitri Pal <dpal>
Component: ipaAssignee: Rob Crittenden <rcritten>
Status: CLOSED CURRENTRELEASE QA Contact: IDM QE LIST <seceng-idm-qe-list>
Severity: unspecified Docs Contact:
Priority: low    
Version: 7.0CC: grajaiya, jgalipea, mkosek, nsoman, rcritten
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ipa-3.2.1-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 812122 (view as bug list) Environment:
Last Closed: 2014-06-13 11:42:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 812122    

Description Dmitri Pal 2012-03-06 17:19:13 UTC 
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/2482

{{{
    $ ipa sudocmd-add /usr/bin/X
    -------------------------------
    Added Sudo Command "/usr/bin/X"
    -------------------------------
      Sudo Command: /usr/bin/X
     
    $ ipa sudocmd-show /usr/bin/x
      Sudo Command: /usr/bin/X
     
    pviktori@vm-140:~/freeipa$ ipa sudocmd-add /usr/bin/x
    ipa: ERROR: sudo command with name "/usr/bin/x" already exists
     
    $ ipa sudocmdgroup-add group1 --desc=blabla
    ---------------------------------
    Added Sudo Command Group "group1"
    ---------------------------------
      Sudo Command Group: group1
      Description: blabla
     
    $ ipa sudocmdgroup-add-member group1 --sudocmds=/usr/bin/X
      Sudo Command Group: group1
      Description: blabla
      Member Sudo commands: /usr/bin/x
    -------------------------
    Number of members added 1
    -------------------------
     
    $ ipa sudocmd-del /usr/bin/x
    ---------------------------------
    Deleted Sudo Command "/usr/bin/x"
    ---------------------------------
     
    $ ipa sudocmdgroup-show group1
      Sudo Command Group: group1
      Description: blabla 
}}}
Comment 2 Martin Kosek 2013-02-20 16:39:09 UTC 
Fixed upstream:

master:
981c9f10ee43a6ce94a99ac3d743933470f69c63 Update sudocmd ACIs to use targetfilter
a694e61f42092cc75585c42238e158bc85edc31f Prevent a sudo command from being deleted if it is a member of a sudo rule
d66898405b2a38244723555c5d9e1b8510919baa Use ipauniqueid for the RDN of sudo commands

ipa-3-1:
344feaaef42514405893ae82ccade2b03b2aa13e Update sudocmd ACIs to use targetfilter
de776e9899cf967365f9b7f06a8f70aca19e6e86 Prevent a sudo command from being deleted if it is a member of a sudo rule
c03aa63bcfa49e22c8833099c34f19f4fa286f92 Use ipauniqueid for the RDN of sudo commands
Comment 3 Martin Kosek 2013-02-21 09:17:53 UTC 
*** Bug 812122 has been marked as a duplicate of this bug. ***
Comment 6 Namita Soman 2013-12-16 16:59:19 UTC 
Verified using ipa-server-3.3.3-4.el7.x86_64

Automated test result:
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: Bug 800544 - Sudo commands are case-insensitive
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ 19:11:55 ] ::  verifies https://bugzilla.redhat.com/show_bug.cgi?id=800544
-------------------------------
Added Sudo Command "/usr/bin/X"
-------------------------------
  Sudo Command: /usr/bin/X
:: [   PASS   ] :: Running 'ipa sudocmd-add /usr/bin/X' (Expected 0, got 0)
-------------------------------
Added Sudo Command "/usr/bin/x"
-------------------------------
  Sudo Command: /usr/bin/x
:: [   PASS   ] :: Running 'ipa sudocmd-add /usr/bin/x' (Expected 0, got 0)
--------------------------------------
Added Sudo Command Group "group800544"
--------------------------------------
  Sudo Command Group: group800544
  Description: blabla
:: [   PASS   ] :: Running 'ipa sudocmdgroup-add group800544 --desc=blabla' (Expected 0, got 0)
  Sudo Command Group: group800544
  Description: blabla
  Member Sudo commands: /usr/bin/X
-------------------------
Number of members added 1
-------------------------
:: [   PASS   ] :: Running 'ipa sudocmdgroup-add-member group800544 --sudocmds=/usr/bin/X' (Expected 0, got 0)
  Sudo Command Group: group800544
  Description: blabla
  Member Sudo commands: /usr/bin/X, /usr/bin/x
-------------------------
Number of members added 1
-------------------------
:: [   PASS   ] :: Running 'ipa sudocmdgroup-add-member group800544 --sudocmds=/usr/bin/x' (Expected 0, got 0)
  Sudo Command Group: group800544
  Description: blabla
  Member Sudo commands: /usr/bin/x
---------------------------
Number of members removed 1
---------------------------
:: [   PASS   ] :: Running 'ipa sudocmdgroup-remove-member group800544 --sudocmds=/usr/bin/X' (Expected 0, got 0)
  Sudo Command Group: group800544
  Description: blabla
---------------------------
Number of members removed 1
---------------------------
:: [   PASS   ] :: Running 'ipa sudocmdgroup-remove-member group800544 --sudocmds=/usr/bin/x' (Expected 0, got 0)
---------------------------------
Deleted Sudo Command "/usr/bin/x"
---------------------------------
:: [   PASS   ] :: Running 'ipa sudocmd-del /usr/bin/x' (Expected 0, got 0)
---------------------------------
Deleted Sudo Command "/usr/bin/X"
---------------------------------
:: [   PASS   ] :: Running 'ipa sudocmd-del /usr/bin/X' (Expected 0, got 0)
----------------------------------------
Deleted Sudo Command Group "group800544"
----------------------------------------
:: [   PASS   ] :: Running 'ipa sudocmdgroup-del group800544' (Expected 0, got 0)
'e46ebc45-6598-419c-a443-8d8f5753ad39'
Bug-800544-Sudo-commands-are-case-insensitive result: PASS
Comment 7 Ludek Smid 2014-06-13 11:42:44 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.