Red Hat Bugzilla – Bug 710253
RunAs group is not displayed in output while adding as sudorule-add-runasuser with --groups swtich.
Last modified: 2015-01-04 18:49:01 EST
Description of problem: Version-Release number of selected component (if applicable): ipa-server-2.0.0-23.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. # ipa sudorule-add-runasuser sudorule1 --users=test1 Rule name: sudorule1 Enabled: TRUE Sudo Deny Commands: /bin/ls RunAs External User: test, test1 ------------------------- Number of members added 1 ------------------------- Observe that test1 user is displayed in the output when added. 2. # ipa sudorule-add-runasuser sudorule1 --groups=group1 Rule name: sudorule1 Enabled: TRUE Sudo Deny Commands: /bin/ls ------------------------- Number of members added 1 ------------------------- Actual results: RunAs group is not displayed. Expected results: "RunAs Group: group1" should be displayed. Sample output: # ipa sudorule-add-runasuser sudorule1 --groups=group1 Rule name: sudorule1 Enabled: TRUE Sudo Deny Commands: /bin/ls RunAs Group: group1 ------------------------- Number of members added 1 ------------------------- Additional info:
https://fedorahosted.org/freeipa/ticket/1278
Fixed in patch in ticket 1326 master: d49bf3871bd4471d73ac06b871ae509bc340a544 ipa-2-0: 533c11ead972350e9597b3882c5e1819b33706ca
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: When adding a runasuser and defining a group the value is not included in output. Consequence: The command seems successful but the added data is not in the output. Fix: The label for the returned data was mislabled so was not appearing in the command-line. Result: Adding a group to runasuser is properly displayed.
:: [ PASS ] :: Running 'ipa sudorule-add rule1' :: [ PASS ] :: Running 'ipa sudorule-add-runasuser rule1 --groups=sudogrp1,sudogrp2 > /tmp/tmp.jHjyYyUOzz/sudorule-add-runasuser_003.txt 2>&1' :: [ PASS ] :: File '/tmp/tmp.jHjyYyUOzz/sudorule-add-runasuser_003.txt' should contain 'Rule name: rule1' :: [11:45:20] :: Verifying bug https://bugzilla.redhat.com/show_bug.cgi?id=710253 :: [ PASS ] :: File '/tmp/tmp.jHjyYyUOzz/sudorule-add-runasuser_003.txt' should contain 'Groups of RunAs Users: sudogrp1, sudogrp2' :: [ PASS ] :: File '/tmp/tmp.jHjyYyUOzz/sudorule-add-runasuser_003.txt' should contain 'Number of members added 2' Rule name: rule1 Enabled: TRUE Groups of RunAs Users: sudogrp1, sudogrp2 ------------------------- Number of members added 2 ------------------------- Verified. Version: ipa-server-2.1.3-7.el6.x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2011-1533.html