Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1187548

Summary:	group-find fails to find post renaming of detached group.
Product:	Red Hat Enterprise Linux 7	Reporter:	Gowrishankar Rajaiyan <grajaiya>
Component:	ipa	Assignee:	IPA Maintainers <ipa-maint>
Status:	CLOSED DUPLICATE	QA Contact:	Namita Soman <nsoman>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	7.1	CC:	grajaiya, mkosek, rcritten
Target Milestone:	rc	Keywords:	Regression
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2015-01-30 12:18:00 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Gowrishankar Rajaiyan 2015-01-30 12:08:51 UTC

Description of problem: Group detach an user private group and then rename it. Group find command fails to find this group. However, I could find the renamed group through ldapsearch.


Version-Release number of selected component (if applicable):
ipa-server-4.1.0-16.el7.x86_64

How reproducible: Always


Steps to Reproduce:
1. ipa user-add --first gs --last r shanks
2. ipa group-detach shanks 
3. ipa group-mod --rename=new_group1 shanks
3. ipa group-find new_group1



Actual results:
[root@qe-blade-05 ~]# ipa user-del shanks
---------------------
Deleted user "shanks"
---------------------
[root@qe-blade-05 ~]# ipa user-d^Chanks
[root@qe-blade-05 ~]# ipa user-add --first gs --last r shanks
-------------------
Added user "shanks"
-------------------
  User login: shanks
  First name: gs
  Last name: r
  Full name: gs r
  Display name: gs r
  Initials: gr
  Home directory: /home/shanks
  GECOS: gs r
  Login shell: /bin/sh
  Kerberos principal: shanks.ENG.BOS.REDHAT.COM
  Email address: shanks.eng.bos.redhat.com
  UID: 787600009
  GID: 787600009
  Password: False
  Member of groups: ipausers
  Kerberos keys available: False
[root@qe-blade-05 ~]# ipa group-detach shanks 
------------------------------------------
Detached group "shanks" from user "shanks"
------------------------------------------
[root@qe-blade-05 ~]# ipa group-mod --rename=new_group1 shanks
-----------------------
Modified group "shanks"
-----------------------
  Group name: new_group1
  Description: User private group for shanks
  GID: 787600009
[root@qe-blade-05 ~]# ipa group-find new_group1
----------------
0 groups matched
----------------
----------------------------
Number of entries returned 0
----------------------------
[root@qe-blade-05 ~]# ldapsearch -x -LLL -h $HOSTNAME -b cn=new_group1,cn=groups,cn=accounts,dc=idmqe,dc=lab,dc=eng,dc=bos,dc=redhat,dc=com
dn: cn=new_group1,cn=groups,cn=accounts,dc=idmqe,dc=lab,dc=eng,dc=bos,dc=redha
 t,dc=com
objectClass: posixgroup
objectClass: ipaobject
objectClass: top
gidNumber: 787600009
description: User private group for shanks
ipaUniqueID: 88bb2cca-a877-11e4-922c-00215e2032c0
cn: new_group1

[root@qe-blade-05 ~]# 


Expected results:
"ipa group-find new_group1" should find the renamed group.

Additional info:

Comment 1 Gowrishankar Rajaiyan 2015-01-30 12:09:39 UTC

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-group-cli-rename-02: Rename group after detaching from the UPG
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [  BEGIN   ] :: Detach user's private group. :: actually running 'detachUPG supercr1'
----------------------------------------------
Detached group "supercr1" from user "supercr1"
----------------------------------------------
:: [ 07:48:34 ] :: User Private Group supercr1 detached successfully.
:: [   PASS   ] :: Detach user's private group. (Expected 0, got 0)
:: [  BEGIN   ] :: Verify group is regular group now. :: actually running 'verifyGroupClasses supercr1 posix'
:: [ 07:48:35 ] :: Group type is posix
objectclass: posixgroup, top, ipaobject
:: [ 07:48:35 ] :: objectclass top was returned as expected with group-show --all
:: [ 07:48:36 ] :: ERROR - objectclass groupofnames was not returned with group-show --all
:: [ 07:48:36 ] :: ERROR - objectclass nestedgroup was not returned with group-show --all
:: [ 07:48:36 ] :: ERROR - objectclass ipausergroup was not returned with group-show --all
objectclass: posixgroup, top, ipaobject
:: [ 07:48:36 ] :: objectclass ipaobject was returned as expected with group-show --all
objectclass: posixgroup, top, ipaobject
:: [ 07:48:36 ] :: objectclass posixgroup was returned as expected with group-show --all
:: [   FAIL   ] :: Verify group is regular group now. (Expected 0, got 1)
:: [ 07:48:36 ] :: Executing: ipa group-mod --rename=new_group1 supercr1
:: [  BEGIN   ] :: Renaming upg supercr1 to new_group1 :: actually running 'ipa group-mod --rename=new_group1 supercr1'
-------------------------
Modified group "supercr1"
-------------------------
  Group name: new_group1
  Description: User private group for supercr1
  GID: 1583800046
:: [   PASS   ] :: Renaming upg supercr1 to new_group1 (Expected 0, got 0)
:: [  BEGIN   ] ::  Renamed group should now be returned by group-find command. :: actually running 'findGroup new_group1'
----------------
0 groups matched
----------------
----------------------------
Number of entries returned 0
----------------------------
:: [ 07:48:38 ] :: WARNING: Failed to find group.
:: [   FAIL   ] ::  Renamed group should now be returned by group-find command. (Expected 0, got 1)

Comment 2 Martin Kosek 2015-01-30 12:18:00 UTC

This is duplicate to Bug 1187540. After fixing it in my env, I see:

# ipa user-add --first=Test --last=User tuser && ipa group-detach tuser && ipa group-show tuser --all --raw
------------------
Added user "tuser"
------------------
  User login: tuser
  First name: Test
  Last name: User
  Full name: Test User
  Display name: Test User
  Initials: TU
  Home directory: /home/tuser
  GECOS: Test User
  Login shell: /bin/sh
  Kerberos principal: tuser
  Email address: tuser
  UID: 54000007
  GID: 54000007
  Password: False
  Member of groups: ipausers
  Kerberos keys available: False
----------------------------------------
Detached group "tuser" from user "tuser"
----------------------------------------
  dn: cn=tuser,cn=groups,cn=accounts,dc=mkosek-rhel71,dc=test
  cn: tuser
  description: User private group for tuser
  gidnumber: 54000007
  ipaUniqueID: 4369a650-a814-11e4-b5a4-001a4a104eb7
  objectClass: posixgroup
  objectClass: ipaobject
  objectClass: top
  objectClass: ipausergroup
  objectClass: groupofnames
  objectClass: nestedgroup


# ipa group-mod --rename=barbar tuser
----------------------
Modified group "tuser"
----------------------
  Group name: barbar
  Description: User private group for tuser
  GID: 54000007

# ipa group-find barbar
---------------
1 group matched
---------------
  Group name: barbar
  Description: User private group for tuser
  GID: 54000007
----------------------------
Number of entries returned 1
----------------------------

*** This bug has been marked as a duplicate of bug 1187540 ***