Bug 689889 - allow fine grained password policy duration attributes in days, hours, minutes, as well
allow fine grained password policy duration attributes in days, hours, minute...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base (Show other bugs)
6.1
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Rich Megginson
Chandrasekar Kannan
: screened
Depends On: 681015
Blocks: 639035 389_1.2.8 681611
  Show dependency treegraph
 
Reported: 2011-03-22 14:07 EDT by Noriko Hosoi
Modified: 2015-01-04 18:47 EST (History)
6 users (show)

See Also:
Fixed In Version: 389-ds-base-1.2.8-0.7.rc2.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 681015
Environment:
Last Closed: 2011-05-19 08:42:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Noriko Hosoi 2011-03-22 14:07:58 EDT
+++ This bug was initially created as a clone of Bug #681015 +++

Description of problem:
This bug fix allows global password policy duration attributes in the format of ##D|d, ##H|h, ##M|m, ##S|s.
Bug 627993 - RFE: allow global password policy duration attributes in days, hours, minutes, as well

On the other hand, the fine grained has no ability to handle such format.  Actually, there is no methods to check the invalid input to the fine grained password policy duration attributes.

$ ldapmodify ...
dn: cn=cn\3DnsPwPolicyEntry\2Cou\3DPeople\2Cdc\3Dexample\2Cdc\3Dcom,cn=nsPwPol
 icyContainer,ou=People,dc=example,dc=com
changetype: modify
replace: passwordMaxAge
passwordMaxAge: abcdefg
$ echo $?
0
--- Additional comment from amsharma@redhat.com on 2011-03-21 10:13:20 EDT ---

passwordLockoutDuration attribute is not working with the fine grain password policy. So, I am moving the bug to ASSIGNED state.

Its not behaving as expected, if passwordLockoutDuration is set to "1m, 1M, 1d and 2h". This works fine when I set this value in seconds without prefixing it, like (60, 120 and 30).

--- Additional comment from nhosoi@redhat.com on 2011-03-21 19:49:17 EDT ---

Created attachment 486705 [details]
git patch file (master)

Thanks to Amita for finding out this bug..

Description: passwordLockoutDuration attribute is not working 
with the fine grain password policy.  The code to parse the  
value of passwordLockoutDuration was missing.  This patch 
adds it.

With this fix, your test case passes 100%.

--- Additional comment from nhosoi@redhat.com on 2011-03-22 14:04:59 EDT ---

Reviewed by Nathan (Thank you!!!)

Pushed to master.

$ git merge 681015
Updating 9d5d73c..6ada149
Fast-forward
 ldap/servers/slapd/pw.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

$ git push
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 736 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   9d5d73c..6ada149  master -> master


commit 6ada149c42dbcce727662927129ae55832def5a0
Author: Noriko Hosoi <nhosoi@redhat.com>
Date:   Mon Mar 21 16:44:16 2011 -0700

    Bug 681015 - RFE: allow fine grained password policy duration attributes ...


Cherry picked commit 6ada149c42dbcce727662927129ae55832def5a0 and pushed to 389-ds-base-1.2.8, as well.

$ git cherry-pick 6ada149c42dbcce727662927129ae55832def5a0
Finished one cherry-pick.
[ds128-local df7c57c] Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
 1 files changed, 1 insertions(+), 1 deletions(-)

$ git push origin ds128-local:389-ds-base-1.2.8
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 731 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   2ba240b..df7c57c  ds128-local -> 389-ds-base-1.2.8
Comment 2 Amita Sharma 2011-03-31 06:59:33 EDT
I have verified this bug and automated the test cases, All test cases are passed.
Comment 3 errata-xmlrpc 2011-05-19 08:42:47 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html

Note You need to log in before you can comment on or make changes to this bug.