Bug 1222778
| Summary: | idoverride group-del can delete user and user-del can delete group | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Steeve Goveas <sgoveas> |
| Component: | ipa | Assignee: | IPA Maintainers <ipa-maint> |
| Status: | CLOSED ERRATA | QA Contact: | Namita Soman <nsoman> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.1 | CC: | rcritten, sumenon, tbabej |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ipa-4.2.0-3.el7 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-11-19 12:03:55 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Steeve Goveas
2015-05-19 07:20:42 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/5029 Fixed upstream master: https://fedorahosted.org/freeipa/changeset/970a5535c09f382527af212e77e842a279a7ad9b https://fedorahosted.org/freeipa/changeset/e0d3231f07426b193f2f4e1a9e9f31494a5c39b1 https://fedorahosted.org/freeipa/changeset/aa066f31a5341079197f7b5a79fe2fa1045688bb ipa-4-2: https://fedorahosted.org/freeipa/changeset/fe74c839afe55a373bc705d1e7ee2a66e87a4840 https://fedorahosted.org/freeipa/changeset/68e00cf10f04808f326d412ab0ef277bcbc6ee04 https://fedorahosted.org/freeipa/changeset/a60f4ad7d0bbdaca2fbec2c9c491e976bf935f7e Verified using RHEL7.2 ipa-server-trust-ad-4.2.0-12.el7.x86_64 ipa-server-4.2.0-12.el7.x86_64 ipa-server-dns-4.2.0-12.el7.x86_64 Observations: #ipa idoverride group-del cannot delete user #ipa idoverrideuser-del cannot delete group [root@ipa01 ~]# ipa idoverrideuser-find 'default trust view' --------------------------- 2 User ID overrides matched --------------------------- Anchor to override: aduser1.in Anchor to override: aduser2 User login: aduser2 UID: 653800001 GECOS: aduser2 GID: 653800001 Login shell: /bin/sh ---------------------------- Number of entries returned 2 ---------------------------- [root@ipa01 ~]# ipa idoverridegroup-find 'default trust view' --------------------------- 1 Group ID override matched --------------------------- Anchor to override: adgroup1 Group name: adgroup1 ---------------------------- Number of entries returned 1 ---------------------------- [root@ipa01 ~]# ipa idoverridegroup-del 'default trust view' aduser1.in ipa: ERROR: aduser1.in: group not found <==== [root@ipa01 ~]# ipa idoverridegroup-del 'default trust view' aduser2 ipa: ERROR: aduser2: group not found <========= [root@ipa01 ~]# ipa idoverrideuser-find 'default trust view' --------------------------- 2 User ID overrides matched --------------------------- Anchor to override: aduser1.in Anchor to override: aduser2 User login: aduser2 UID: 653800001 GECOS: aduser2 GID: 653800001 Login shell: /bin/sh ---------------------------- Number of entries returned 2 ---------------------------- [root@ipa01 ~]# ipa idoverridegroup-find 'default trust view' --------------------------- 1 Group ID override matched --------------------------- Anchor to override: adgroup1 Group name: adgroup1 ---------------------------- Number of entries returned 1 ---------------------------- [root@ipa01 ~]# ipa idoverrideuser-del 'default trust view' adgroup1 ipa: ERROR: adgroup1: user not found <======= Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2362.html |