Bug 710240 - Added option to Sudo rule message is displayed even when the given option already exists.
Summary: Added option to Sudo rule message is displayed even when the given option alr...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa
Version: 6.2
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-06-02 18:59 UTC by Gowrishankar Rajaiyan
Modified: 2015-01-04 23:49 UTC (History)
3 users (show)

Fixed In Version: ipa-2.1.0-1.el6
Doc Type: Bug Fix
Doc Text:
Cause: Adding a duplicate sudorule option does not generate an error. Consequence: This is confusing and inconsistent with the IPA command-line. Fix: Rather than ignoring duplicate values an error is raised when one is added. Result: An error is raised when a duplicate option is added.
Clone Of:
Environment:
Last Closed: 2011-12-06 18:22:55 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:1533 0 normal SHIPPED_LIVE Moderate: ipa security and bug fix update 2011-12-06 01:23:31 UTC

Description Gowrishankar Rajaiyan 2011-06-02 18:59:43 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
ipa-server-2.0.0-23.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. # ipa sudorule-add-option defaultrule1--sudooption=always_set_home
--------------------
sudorule-add-option:
--------------------
----------------------------------------------------------
Added option "always_set_home" to Sudo rule "defaultrule1"
----------------------------------------------------------

2. Add the same option again.
# ipa sudorule-add-option defaultrule1--sudooption=always_set_home

  
Actual results:
1. # ipa sudorule-add-option defaultrule1--sudooption=always_set_home
--------------------
sudorule-add-option:
--------------------
----------------------------------------------------------
Added option "always_set_home" to Sudo rule "defaultrule1"
----------------------------------------------------------

2. The option is not added as it already exists as expected. 


Expected results:
Appropriate message should be displayed stating that the given sudooption already exists. 

Additional info:
Comment 2 Dmitri Pal 2011-06-02 19:55:00 UTC 
https://fedorahosted.org/freeipa/ticket/1277
Comment 3 Rob Crittenden 2011-07-19 17:22:53 UTC 
master: 44cdf8ef54ff761a5e38919b8cdce5128928985a
Comment 5 Jenny Severance 2011-10-05 20:15:15 UTC 
verified :

[root@ipaserver ~]# ipa sudorule-add-option sudorule1 --sudooption=always_set_home
-------------------------------------------------------
Added option "always_set_home" to Sudo Rule "sudorule1"
-------------------------------------------------------
  Rule name: sudorule1
  Enabled: TRUE
  Sudo Option: always_set_home

[root@ipaserver ~]# ipa sudorule-add-option sudorule1 --sudooption=always_set_home
ipa: ERROR: This entry already exists

[root@ipaserver ~]# echo $?
1

version:
ipa-server-2.1.1-4.el6.x86_64
Comment 6 Rob Crittenden 2011-10-31 19:24:22 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause: Adding a duplicate sudorule option does not generate an error.
Consequence: This is confusing and inconsistent with the IPA command-line.
Fix: Rather than ignoring duplicate values an error is raised when one is added.
Result: An error is raised when a duplicate option is added.
Comment 7 errata-xmlrpc 2011-12-06 18:22:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2011-1533.html
Note You need to log in before you can comment on or make changes to this bug.