RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1981713 - [ansible-freeipa] Required correct error message for removing in/ex/clusive regex with an invalid key from automember rule
Summary: [ansible-freeipa] Required correct error message for removing in/ex/clusive r...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 9
Classification: Red Hat
Component: ansible-freeipa
Version: 9.0
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: beta
: ---
Assignee: Thomas Woerner
QA Contact: ipa-qe
URL:
Whiteboard:
Depends On: 1976926
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-07-13 08:02 UTC by Thomas Woerner
Modified: 2021-12-07 21:31 UTC (History)
2 users (show)

Fixed In Version: ansible-freeipa-0.3.8-1.el9
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1976926
Environment:
Last Closed: 2021-12-07 21:30:47 UTC
Type: Bug
Target Upstream Version:
Embargoed:
pm-rhel: mirror+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker FREEIPA-7452 0 None None None 2021-12-02 14:33:36 UTC

Description Thomas Woerner 2021-07-13 08:02:38 UTC 
+++ This bug was initially created as a clone of Bug #1976926 +++

Description of problem:
Required correct error message while removing in/ex/clusive regex with an invalid key from automember rule

Version-Release number of selected component (if applicable):
ansible-freeipa-0.3.6-3.el8.noarch


Steps to Reproduce:
[root@ansible ~]# cat automember3_remove.yaml
---
- name: Playbook to ensure group automember is not able to remove with invalid exclusive regex key
  hosts: ipaserver
  become: yes
  
  tasks:
  - ipaautomember:      
      ipaadmin_principal: admin
      Ipaadmin_password: <xxxxxxxxx>
      name: 01automemb_usergroup
      exclusive:
        - key: tesykey
          expression: '^uid=clint'
      action: member
      automember_type: group
      state: absent


[root@ansible ~]# ansible-playbook -vv -i inventory/automember.hosts 
PLAYBOOK: automember3_remove.yaml *****************************************************************************************
1 plays in automember3_remove.yaml

PLAY [Playbook to ensure group automember is not able to remove with invalid exclusive regex key] *************************

TASK [Gathering Facts] ****************************************************************************************************
task path: /root/automember3_remove.yaml:2
ok: [master.ipadomain.test]
META: ran handlers

TASK [ipaautomember] ******************************************************************************************************
task path: /root/automember3_remove.yaml:7
fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "too many values to unpack (expected 2)"}

PLAY RECAP ****************************************************************************************************************
master.ipadomain.test      : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0  

Actual results:
FAILED! => {"changed": false, "msg": "too many values to unpack (expected 2)"}

Expected results:
tesykey is not a valid attribute.

Additional info:

--- Additional comment from Thomas Woerner on 2021-07-08 19:44:21 UTC ---

Upstream PR: https://github.com/freeipa/ansible-freeipa/pull/590

--- Additional comment from Thomas Woerner on 2021-07-12 12:24:47 UTC ---

The upstream PR has been merged.
Comment 2 Thomas Woerner 2021-07-15 15:54:39 UTC 
Here is an additional PR to verify condition keys: https://github.com/freeipa/ansible-freeipa/pull/596
Comment 9 Varun Mylaraiah 2021-08-09 11:39:03 UTC 
Verified

ansible-freeipa-0.3.8-1.el9.noarch
ipa-server-4.9.6-4.el9.x86_64

Red Hat Enterprise Linux release 9.0 Beta (Plow)

Passed	ansible_freeipa_tests/automember/test_automember.py::TestAutomember::()::test_automember_group_rule_remove_with_invalid_exclusive_regex_key	6.84	
------------------------------ Captured log call -------------------------------
transport.py               397 INFO     RUN ['/usr/bin/rpm', '-q', 'ansible-freeipa']
transport.py               519 DEBUG    RUN ['/usr/bin/rpm', '-q', 'ansible-freeipa']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    ansible-freeipa-0.3.8-1.el9.noarch
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['kinit', 'admin']
transport.py               519 DEBUG    RUN ['kinit', 'admin']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    Password for admin: 
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['ipa', 'automember-show', '--type=group', '02automemb_usergroup']
transport.py               519 DEBUG    RUN ['ipa', 'automember-show', '--type=group', '02automemb_usergroup']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG      Automember Rule: 02automemb_usergroup
transport.py               563 DEBUG      Inclusive Regex: manager=^uid=miles, manager=^uid=vrns
transport.py               563 DEBUG      Exclusive Regex: cn=^uid=miles, cn=^uid=clint
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['kdestroy', '-A']
transport.py               519 DEBUG    RUN ['kdestroy', '-A']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               217 DEBUG    Exit code: 0
transport.py               433 INFO     PUT inventory/automember.hosts
transport.py               519 DEBUG    RUN ['tee', 'inventory/automember.hosts']
transport.py               217 DEBUG    Exit code: 0
transport.py               433 INFO     PUT automember_module.yml
transport.py               519 DEBUG    RUN ['tee', 'automember_module.yml']
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/automember.hosts', 'automember_module.yml']
transport.py               519 DEBUG    RUN ['ansible-playbook', '--ssh-extra-args="-o StrictHostKeyChecking=no"', '-vv', '-i', 'inventory/automember.hosts', 'automember_module.yml']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    ansible-playbook 2.9.24
transport.py               563 DEBUG      config file = None
transport.py               563 DEBUG      configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
transport.py               563 DEBUG      ansible python module location = /usr/local/lib/python3.9/site-packages/ansible
transport.py               563 DEBUG      executable location = /usr/local/bin/ansible-playbook
transport.py               563 DEBUG      python version = 3.9.6 (default, Jul 29 2021, 00:00:00) [GCC 11.1.1 20210623 (Red Hat 11.1.1-6)]
transport.py               563 DEBUG    No config file found; using defaults
transport.py               563 DEBUG    Skipping callback 'actionable', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'counter_enabled', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'debug', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'dense', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'dense', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'full_skip', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'json', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'minimal', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'null', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'oneline', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'selective', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'skippy', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'stderr', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'unixy', as we already have a stdout callback.
transport.py               563 DEBUG    Skipping callback 'yaml', as we already have a stdout callback.
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAYBOOK: automember_module.yml ************************************************
transport.py               563 DEBUG    1 plays in automember_module.yml
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAY [Playbook to ensure group automember is not able to remove with invalid exclusive regex key] ***
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [Gathering Facts] *********************************************************
transport.py               563 DEBUG    task path: /root/automember_module.yml:2
transport.py               563 DEBUG    ok: [master.ipadomain.test]
transport.py               563 DEBUG    META: ran handlers
transport.py               563 DEBUG    [DEPRECATION WARNING]: Distribution rhel 9.0 on host master.ipadomain.test 
transport.py               563 DEBUG    should use /usr/libexec/platform-python, but is using /usr/bin/python for 
transport.py               563 DEBUG    backward compatibility with prior Ansible releases. A future Ansible release 
transport.py               563 DEBUG    will default to using the discovered platform python for this host. See https:/
transport.py               563 DEBUG    /docs.ansible.com/ansible/2.9/reference_appendices/interpreter_discovery.html 
transport.py               563 DEBUG    for more information. This feature will be removed in version 2.12. Deprecation
transport.py               563 DEBUG     warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
transport.py               563 DEBUG    
transport.py               563 DEBUG    TASK [ipaautomember] ***********************************************************
transport.py               563 DEBUG    task path: /root/automember_module.yml:7
transport.py               563 DEBUG    fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "Invalid automember condition key 'tesykey'"}
transport.py               563 DEBUG    
transport.py               563 DEBUG    PLAY RECAP *********************************************************************
transport.py               563 DEBUG    master.ipadomain.test      : ok=1    changed=0    unreachable=0    failed=1    skipped=0    rescued=0    ignored=0   
transport.py               563 DEBUG    
transport.py               217 DEBUG    Exit code: 2
transport.py               397 INFO     RUN ['kinit', 'admin']
transport.py               519 DEBUG    RUN ['kinit', 'admin']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG    Password for admin: 
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['ipa', 'automember-show', '--type=group', '02automemb_usergroup']
transport.py               519 DEBUG    RUN ['ipa', 'automember-show', '--type=group', '02automemb_usergroup']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               563 DEBUG      Automember Rule: 02automemb_usergroup
transport.py               563 DEBUG      Inclusive Regex: manager=^uid=miles, manager=^uid=vrns
transport.py               563 DEBUG      Exclusive Regex: cn=^uid=miles, cn=^uid=clint
transport.py               217 DEBUG    Exit code: 0
transport.py               397 INFO     RUN ['kdestroy', '-A']
transport.py               519 DEBUG    RUN ['kdestroy', '-A']
transport.py               563 DEBUG    bash: line 1: cd: /root/multihost_tests: No such file or directory
transport.py               563 DEBUG    bash: line 2: /root/multihost_tests/env.sh: No such file or directory
transport.py               217 DEBUG    Exit code: 0
Note You need to log in before you can comment on or make changes to this bug.