Description of problem:
In the IPA there is a possibility to rename users group with the command line interface:
ipa group-mod test_group --rename="test1_group"
However, hbacrule-mod does not have --rename option for HBAC rules.
Version-Release number of selected component (if applicable):
Why does the customer need this? (List the business requirements here)
Often customer havs internal clients renaming team names, systems etc, so it would be great if we could rename HBAC rules.
How would the customer like to achieve this? (List the functional requirements here)
ipa hbacrule-mod name --rename="newname"
Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?
Is the sales team involved in this request and do they have any additional input?
List any affected packages or components.
Would the customer be able to assist in testing this functionality if implemented?
Please note that Red Hat officially released public RHEL-7.4 Beta this week, as announced here:
The new RHEL-7.4 release includes a lot of new IdM functionality, including this RFE. Highlights can be found in RHEL-7.4 Release Notes, especially in the Authentication & Interoperability chapter:
IdM Engineering team would like to encourage everyone interested in this new functionality (and especially customers or community members requesting it) to try Beta and provide us with your feedback!
# ipa hbacrule-mod --help
Usage: ipa [global-options] hbacrule-mod NAME [options]
Modify an HBAC rule.
-h, --help show this help message and exit
--usercat=['all'] User category the rule applies to
--hostcat=['all'] Host category the rule applies to
--servicecat=['all'] Service category the rule applies to
--setattr=STR Set an attribute to a name/value pair. Format is
attr=value. For multi-valued attributes, the command
replaces the values already present.
--addattr=STR Add an attribute/value pair. Format is attr=value. The
attribute must be part of the schema.
--delattr=STR Delete an attribute/value pair. The option will be
evaluated last, after all sets and adds.
--rights Display the access rights of this entry (requires
--all). See ipa man page for details.
--all Retrieve and print all attributes from the server.
Affects command output.
--raw Print entries as stored on the server. Only affects
--no-members Suppress processing of membership attributes.
--rename=STR Rename the HBAC rule object
# ipa hbacrule-add newrule
Added HBAC rule "newrule"
Rule name: newrule
# ipa hbacrule-mod newrule --rename=renamedrule
Modified HBAC rule "newrule"
Rule name: renamedrule
# ipa hbacrule-show newrule
ipa: ERROR: newrule: HBAC rule not found
# ipa hbacrule-show renamedrule
Rule name: renamedrule
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.