Bug 634194
| Summary: | ipa host-mod --addattr on ipaUniqueID successful | ||
|---|---|---|---|
| Product: | [Retired] freeIPA | Reporter: | Jenny Severance <jgalipea> |
| Component: | ipa-admintools | Assignee: | Rob Crittenden <rcritten> |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
| Severity: | high | Docs Contact: | |
| Priority: | low | ||
| Version: | 2.0 | CC: | benl, dpal, jgalipea |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | freeipa-2.0.0-1.fc15 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-03-27 07:13:47 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Jenny Severance
2010-09-15 13:34:13 UTC
Two hosts with same unique id - ldapsearch output: <snip> # jennyv1.bos.redhat.com, computers, accounts, bos.redhat.com dn: fqdn=jennyv1.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=c om cn: jennyv1.bos.redhat.com objectClass: ipaobject objectClass: nshost objectClass: ipahost objectClass: pkiuser objectClass: ipaservice objectClass: krbprincipalaux objectClass: krbprincipal objectClass: top fqdn: jennyv1.bos.redhat.com managedBy: fqdn=jennyv1.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redh at,dc=com ipaUniqueID: 9ca8bb70-bc3a-11df-9a4d-000c29a5c12c krbPrincipalName: host/jennyv1.bos.redhat.com.COM serverHostName: jennyv1 nsHostLocation: Lab 3 l: Westord nsOsVersion: Fedora 13 nsHardwarePlatform: i636 enrolledBy: uid=admin,cn=users,cn=accounts,dc=bos,dc=redhat,dc=com description: testings # myhost.bos.redhat.com, computers, accounts, bos.redhat.com dn: fqdn=myhost.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=co m cn: myhost.bos.redhat.com objectClass: ipaobject objectClass: nshost objectClass: ipahost objectClass: pkiuser objectClass: ipaservice objectClass: krbprincipalaux objectClass: krbprincipal objectClass: top fqdn: myhost.bos.redhat.com managedBy: fqdn=myhost.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redha t,dc=com ipaUniqueID: 9ca8bb70-bc3a-11df-9a4d-000c29a5c12c krbPrincipalName: host/myhost.bos.redhat.com.COM serverHostName: myhost </snip> ipa host-show --all output: <snip> [root@dhcp-100-3-186 ipa-host-cli]# ipa host-show --all jennyv1.bos.redhat.com dn: fqdn=jennyv1.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=com Host name: jennyv1.bos.redhat.com Description: testings Locality: Westord Location: Lab 3 Platform: i636 Operating system: Fedora 13 Principal name: host/jennyv1.bos.redhat.com.COM Keytab: False cn: jennyv1.bos.redhat.com enrolledby_user: admin ipauniqueid: 9ca8bb70-bc3a-11df-9a4d-000c29a5c12c managedby: fqdn=jennyv1.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=com objectclass: ipaobject, nshost, ipahost, pkiuser, ipaservice, krbprincipalaux, krbprincipal, top serverhostname: jennyv1 [root@dhcp-100-3-186 ipa-host-cli]# ipa host-show --all myhost.bos.redhat.com dn: fqdn=myhost.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=com Host name: myhost.bos.redhat.com Principal name: host/myhost.bos.redhat.com.COM Keytab: False cn: myhost.bos.redhat.com ipauniqueid: 9ca8bb70-bc3a-11df-9a4d-000c29a5c12c managedby: fqdn=myhost.bos.redhat.com,cn=computers,cn=accounts,dc=bos,dc=redhat,dc=com objectclass: ipaobject, nshost, ipahost, pkiuser, ipaservice, krbprincipalaux, krbprincipal, top serverhostname: myhost </snip> master: e648e03d0c730e07a55f64e9fb49a2f9bdcf6e52 verified :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: ipa-host-cli-15: Negative - setattr and addattr on ipaUniqueID :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Executing: ipa host-mod --setattr ipaUniqueID=127863947-84375973-gq9587 nightcrawler.testrelm :: [ LOG ] :: "ipa host-mod --setattr ipaUniqueID=127863947-84375973-gq9587 nightcrawler.testrelm" failed as expected. :: [ LOG ] :: Error message as expected: ipa: ERROR: Insufficient access: Only the Directory Manager can set arbitrary values for ipaUniqueID :: [ PASS ] :: Verify expected error message for --setattr. :: [ LOG ] :: Executing: ipa host-mod --addattr ipaUniqueID=127863947-84375973-gq9587 nightcrawler.testrelm :: [ LOG ] :: "ipa host-mod --addattr ipaUniqueID=127863947-84375973-gq9587 nightcrawler.testrelm" failed as expected. :: [ LOG ] :: Error message as expected: ipa: ERROR: Insufficient access: Only the Directory Manager can set arbitrary values for ipaUniqueID :: [ PASS ] :: Verify expected error message for --addattr. :: [ LOG ] :: Duration: 7s :: [ LOG ] :: Assertions: 2 good, 0 bad :: [ PASS ] :: RESULT: ipa-host-cli-15: Negative - setattr and addattr on ipaUniqueID # rpm -qi ipa-server | head Name : ipa-server Relocations: (not relocatable) Version : 2.0.0 Vendor: Red Hat, Inc. Release : 23.el6 Build Date: Wed 20 Apr 2011 09:57:13 AM EDT Install Date: Thu 19 May 2011 12:47:52 PM EDT Build Host: x86-003.build.bos.redhat.com Group : System Environment/Base Source RPM: ipa-2.0.0-23.el6.src.rpm Size : 2565882 License: GPLv3+ Signature : RSA/8, Thu 21 Apr 2011 03:48:25 PM EDT, Key ID 199e2f91fd431d51 Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.freeipa.org/ Summary : The IPA authentication server |