Bug 1374650 - sss_cache -r option does not print error message if more than one argument is supplied
Summary: sss_cache -r option does not print error message if more than one argument is...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: sssd
Version: 7.3
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: SSSD Maintainers
QA Contact: shridhar
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-09 10:38 UTC by shridhar
Modified: 2020-05-02 18:29 UTC (History)
7 users (show)

Fixed In Version: sssd-1.15.0-2.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 09:00:03 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github SSSD sssd issues 4213 None None None 2020-05-02 18:29:18 UTC
Red Hat Product Errata RHEA-2017:2294 normal SHIPPED_LIVE sssd bug fix and enhancement update 2017-08-01 12:39:55 UTC

Description shridhar 2016-09-09 10:38:52 UTC
Description of problem:
While executing sss_cache command to invalidate multiple sudo rule with '-r' option it does not print any error about multiple sudo  rules mentioned. Command executes with invalidating first rule mentioned and exit status '0' . 

Environment : Configure sssd as ldap-client against LDAP-server such as OpenLDAP or IPA or 389-DS.
Store sudo rules on LDAP-server. And configure sssd-client system to fetch sudo rules from LDAP server.


Version-Release number of selected component (if applicable):
sssd-1.14.0-27.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. # sss_cache -r sudo_rule_1 sudo_rule_2

Actual results:
Command exits with exit_status '0'

Expected results:
Command should print warning or error message about incorrect syntax. It could also direct toward Usage option. Something like:

# sss_cache -r sudo_rule_1 sudo_rule_2

Please use only one object to invalidate. 

Additional info:

Comment 2 Lukas Slebodnik 2016-09-09 10:59:58 UTC
the same applies to other related option
e.g.
sss_cache -u user1 user2 user3

Comment 4 shridhar 2016-09-09 11:56:01 UTC
(In reply to Lukas Slebodnik from comment #2)
> the same applies to other related option
> e.g.
> sss_cache -u user1 user2 user3

Yes And it also run without any error or warning when the switches/option in Capital letters are used. Such as -U to invalidate all users, -G for all group , -R for all sudo rules.

# sss_cache -R rule1 rule2 rule3
# sss_cache -U user1 user2 user3
# sss_cache -G group1 group2
# sss_cache -N netgroup netgroup2 netgrou3

Comment 5 Jakub Hrozek 2016-09-12 09:31:08 UTC
Upstream ticket:
https://fedorahosted.org/sssd/ticket/3180

Comment 6 Jakub Hrozek 2016-11-07 15:08:12 UTC
master: 1330390c698ca0802200725df43356557aa633a2

Comment 8 shridhar 2017-05-25 11:21:44 UTC
verified with sssd-1.15.2-33.el7.x86_64

[root@shr-r7-permanent ~]# sss_cache -r sudo_rule_1 sudo_rule_2
Usage: sss_cache [-?EUGNSAHR] [-?|--help] [--usage] [-E|--everything] [-u|--user STRING] [-U|--users] [-g|--group STRING] [-G|--groups] [-n|--netgroup STRING] [-N|--netgroups] [-s|--service STRING] [-S|--services]
        [-a|--autofs-map STRING] [-A|--autofs-maps] [-h|--ssh-host STRING] [-H|--ssh-hosts] [-r|--sudo-rule STRING] [-R|--sudo-rules] [-d|--domain STRING]
Unexpected argument(s) provided, options that invalidate a single object only accept a single provided argument.

[root@shr-r7-permanent ~]# echo $?
1



:: [  BEGIN   ] :: sss_cache -r returned warning :: actually running 'strict eval 'sss_cache -r test test2''
Usage: sss_cache [-?EUGNSAHR] [-?|--help] [--usage] [-E|--everything]
        [-u|--user STRING] [-U|--users] [-g|--group STRING] [-G|--groups]
        [-n|--netgroup STRING] [-N|--netgroups] [-s|--service STRING]
        [-S|--services] [-a|--autofs-map STRING] [-A|--autofs-maps]
        [-h|--ssh-host STRING] [-H|--ssh-hosts] [-r|--sudo-rule STRING]
        [-R|--sudo-rules] [-d|--domain STRING]
Unexpected argument(s) provided, options that invalidate a single object only accept a single provided argument.
:: [   PASS   ] :: sss_cache -r returned warning (Expected 1, got 1)

Comment 9 errata-xmlrpc 2017-08-01 09:00:03 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:2294


Note You need to log in before you can comment on or make changes to this bug.