RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 689889 - allow fine grained password policy duration attributes in days, hours, minutes, as well
Summary: allow fine grained password policy duration attributes in days, hours, minute...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On: 681015
Blocks: 639035 389_1.2.8 681611
TreeView+ depends on / blocked
 
Reported: 2011-03-22 18:07 UTC by Noriko Hosoi
Modified: 2015-01-04 23:47 UTC (History)
6 users (show)

Fixed In Version: 389-ds-base-1.2.8-0.7.rc2.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 681015
Environment:
Last Closed: 2011-05-19 12:42:47 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2011:0533 0 normal SHIPPED_LIVE new package: 389-ds-base 2011-05-18 17:57:44 UTC

Description Noriko Hosoi 2011-03-22 18:07:58 UTC 
+++ This bug was initially created as a clone of Bug #681015 +++

Description of problem:
This bug fix allows global password policy duration attributes in the format of ##D|d, ##H|h, ##M|m, ##S|s.
Bug 627993 - RFE: allow global password policy duration attributes in days, hours, minutes, as well

On the other hand, the fine grained has no ability to handle such format.  Actually, there is no methods to check the invalid input to the fine grained password policy duration attributes.

$ ldapmodify ...
dn: cn=cn\3DnsPwPolicyEntry\2Cou\3DPeople\2Cdc\3Dexample\2Cdc\3Dcom,cn=nsPwPol
 icyContainer,ou=People,dc=example,dc=com
changetype: modify
replace: passwordMaxAge
passwordMaxAge: abcdefg
$ echo $?
0
--- Additional comment from amsharma on 2011-03-21 10:13:20 EDT ---

passwordLockoutDuration attribute is not working with the fine grain password policy. So, I am moving the bug to ASSIGNED state.

Its not behaving as expected, if passwordLockoutDuration is set to "1m, 1M, 1d and 2h". This works fine when I set this value in seconds without prefixing it, like (60, 120 and 30).

--- Additional comment from nhosoi on 2011-03-21 19:49:17 EDT ---

Created attachment 486705 [details]
git patch file (master)

Thanks to Amita for finding out this bug..

Description: passwordLockoutDuration attribute is not working 
with the fine grain password policy.  The code to parse the  
value of passwordLockoutDuration was missing.  This patch 
adds it.

With this fix, your test case passes 100%.

--- Additional comment from nhosoi on 2011-03-22 14:04:59 EDT ---

Reviewed by Nathan (Thank you!!!)

Pushed to master.

$ git merge 681015
Updating 9d5d73c..6ada149
Fast-forward
 ldap/servers/slapd/pw.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

$ git push
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 736 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   9d5d73c..6ada149  master -> master


commit 6ada149c42dbcce727662927129ae55832def5a0
Author: Noriko Hosoi <nhosoi>
Date:   Mon Mar 21 16:44:16 2011 -0700

    Bug 681015 - RFE: allow fine grained password policy duration attributes ...


Cherry picked commit 6ada149c42dbcce727662927129ae55832def5a0 and pushed to 389-ds-base-1.2.8, as well.

$ git cherry-pick 6ada149c42dbcce727662927129ae55832def5a0
Finished one cherry-pick.
[ds128-local df7c57c] Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
 1 files changed, 1 insertions(+), 1 deletions(-)

$ git push origin ds128-local:389-ds-base-1.2.8
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 731 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   2ba240b..df7c57c  ds128-local -> 389-ds-base-1.2.8
Comment 2 Amita Sharma 2011-03-31 10:59:33 UTC 
I have verified this bug and automated the test cases, All test cases are passed.
Comment 3 errata-xmlrpc 2011-05-19 12:42:47 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html
Note You need to log in before you can comment on or make changes to this bug.