1921545 – [ansible-freeipa] [RFE] idrange module for ansible-freeipa

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1921545 - [ansible-freeipa] [RFE] idrange module for ansible-freeipa

Summary: [ansible-freeipa] [RFE] idrange module for ansible-freeipa

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 8
Classification:	Red Hat
Component:	ansible-freeipa
Sub Component:
Version:	8.4
Hardware:	x86_64
OS:	Linux
Priority:	medium
Severity:	unspecified
Target Milestone:	rc
Target Release:	8.0
Assignee:	Rafael Jeffman
QA Contact:	Varun Mylaraiah
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2069188
TreeView+	depends on / blocked

Reported:	2021-01-28 07:03 UTC by Varun Mylaraiah
Modified:	2023-02-21 05:28 UTC (History)
CC List:	3 users (show)
Fixed In Version:	ansible-freeipa-1.7.0-1.el8
Doc Type:	Enhancement
Doc Text:
Clone Of:
Clones:	2069188 (view as bug list)
Environment:
Last Closed:	2022-11-08 09:39:04 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:
Flags:	pm-rhel: mirror+

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	freeipa ansible-freeipa issues 610	None	open	[RFE] idrange module for ansible-freeipa	2022-04-11 21:28:04 UTC
Red Hat Issue Tracker	FREEIPA-7196	None	None	None	2021-11-01 12:14:50 UTC
Red Hat Product Errata	RHEA-2022:7556	None	None	None	2022-11-08 09:39:18 UTC

Description Varun Mylaraiah 2021-01-28 07:03:10 UTC

Description of problem:
Currently, we have a trust module in ansible-freeipa. We can add and remove trust but can not remove idrange to readd trust.


Actual results:

fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "invalid 'id range': An id range already exists for this trust. You should either delete the old range, or exclude --base-id/--range-size options from the command."}

Comment 2 Varun Mylaraiah 2022-03-24 08:16:36 UTC

More information:
Currently, there is a module to manage Trust, but no module to manage to add/update/delete ID range.

CLI commands:
idrange-add                       Add new ID range.
idrange-del                       Delete an ID range.
idrange-find                      Search for ranges.
idrange-mod                       Modify ID range.
idrange-show                      Display information about a range.

Comment 3 Rafael Jeffman 2022-04-15 19:30:49 UTC

An upstream PR is available: https://github.com/freeipa/ansible-freeipa/pull/813

Comment 4 Rafael Jeffman 2022-04-29 12:50:33 UTC

Upstream PR was merged.

Comment 11 Varun Mylaraiah 2022-05-23 03:29:15 UTC

Verified

ansible-2.9.27-1.el8ae.noarch
ansible-freeipa-1.7.0-1.el8.noarch


PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestIdrangePrerequisite::test_setup_trust
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_add_local_idrange
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_update_local_idrange
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_type_ipaadtrust_and_dom_sid
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_type_ipaadtrustposix_and_dom_sid
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_update_existing_ad_idrange_type_ipaadtrust
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_update_existing_ad_idrange_type_ipaadtrustposix
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_type_ipaadtrustposix
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_type_ipaadtrust
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_autoprivategroup_true
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_update_existing_ad_idrange_with_autoprivategroup_false
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_autoprivategroup_hybrid
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_invalid_autoprivategroup
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_autoprivategroup
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_invalid_rangesize
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_alphanumeric_rangesize
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_invalid_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_invalid_base_id
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_invalid_secondary_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_existing_range_base_id
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_existing_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_existing_secondary_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_with_alpha_num_and_specialchar
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_local_idrange_without_secondary_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_dom_sid_and_secondary_rid_base
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_without_rid_base_for_type_ipaadtrust
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_add_ad_idrange_with_inexistent_dom_name
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_remove
PASSED ansible_freeipa_tests/idrange/test_idrange.py::TestsIdRange::test_idrange_remove_primary_local_id_range


Based on the above observation, marking the bug VERIFIED

Comment 13 errata-xmlrpc 2022-11-08 09:39:04 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (ansible-freeipa bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2022:7556

Note You need to log in before you can comment on or make changes to this bug.