Bug 871208
Summary: | ipa sudorule-add-user should accept external users | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Scott Poore <spoore> |
Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | medium | ||
Version: | 8.0 | CC: | abokovoy, blc, dpal, ipa-maint, jgalipea, ksiddiqu, ldelouw, mkosek, mpolovka, mvarun, ndehadra, pasik, pcech, pvoborni, rcritten, ssidhaye, tscherf, twoerner, wefleury |
Target Milestone: | rc | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-4.9.1-1 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-05-18 15:47:45 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Scott Poore
2012-10-29 22:33:01 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/3226 After Sumit brought up a good point, I'm modifying this request. Instead of modifying --users option functionality, I'd like to request a new --external (or similar) option. This will allow a distinction between adding IPA users and External ones coming from other sources like AD. I'd think we'd keep the option similar to the group-add one used when adding AD groups/users to a group in IPA. The bugzilla doesn't have high enough priority in comparison to other bugs/RFEs for 7.4. Moving to next release. Without sufficient justification it can be moved again later. Fixed upstream master: https://pagure.io/freeipa/c/afcb06006c46073838ca196ac6d235854c91b854 https://pagure.io/freeipa/c/172e4b977048af7cdb244b52aec08a024749962e https://pagure.io/freeipa/c/5fae809d921c58b6450d4d10f46b9013e1e31da1 https://pagure.io/freeipa/c/0ffdfc70f26e6f863c69c2ff03219e96dd5fd618 https://pagure.io/freeipa/c/a37db297f036390c6b75eca77fa88422df4f51a0 https://pagure.io/freeipa/c/349322e3fb6da88a964d53e6f157743b29e40d30 https://pagure.io/freeipa/c/09e06e05641be5e71d5a1a6a273cb0c3c0c4531b https://pagure.io/freeipa/c/642b81e99f6f267c2c24a47816a2f9ae7464a858 https://pagure.io/freeipa/c/c91a1a078aea9996d30854ede1ce266f74a6176f https://pagure.io/freeipa/c/08d720982876926ba555b94fdde6c84469b20868 Fixed upstream ipa-4-9: https://pagure.io/freeipa/c/16b30cbe5e4f1fd8965ed27ba2ca9b4b7b295e9c https://pagure.io/freeipa/c/132d7fb0ed21e2e7cc69366e2141ae69e7864afb https://pagure.io/freeipa/c/ffc2edf61efccbcbd4294fbc8a8613decea299a3 https://pagure.io/freeipa/c/a3563d1c35fbe9e6e96199ead211ec3b4ff1d2d2 https://pagure.io/freeipa/c/054a068f4705cd715789ceda75fa709404d5f884 https://pagure.io/freeipa/c/78043bfb5e2a3b1fc0fae6d55ba605ba469ce5ae https://pagure.io/freeipa/c/f4d3c91e7f80659268e006dffa5f064b29b45c98 https://pagure.io/freeipa/c/a7c56fde7727bfad3f885cf50e21182cdc46024e https://pagure.io/freeipa/c/64b70be65698b12927795a7a8b79ef7aada010b8 https://pagure.io/freeipa/c/51ca38772f41d3a26a4253a732338d09a69f9647 Upstream design document: https://freeipa.readthedocs.io/en/latest/designs/adtrust/sudorules-with-ad-objects.html Verified using ipa-server-4.9.1-1.module+el8.4.0+9665+c9815399.x86_64 and ipa-server-trust-ad-4.9.1-1.module+el8.4.0+9665+c9815399.x86_64 in RHEL8.4 nightly build. Passed test_integration/test_trust.py::TestTrust::()::test_sudorules_ad_users Passed test_integration/test_trust.py::TestTrust::()::test_sudorules_ad_groups Passed test_integration/test_trust.py::TestTrust::()::test_sudorules_ad_runasuser Passed test_integration/test_trust.py::TestTrust::()::test_sudorules_ad_runasuser_group Passed test_integration/test_trust.py::TestTrust::()::test_sudorules_ad_runasgroup Full test log is available as an attachment of this BZ. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:1846 |