Hide Forgot
Description of problem: when give no value for "--permission", ipa server seen like delete this selfservice permission Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. install ipa server 2. create a selfservice permission with this command: [yi@i386a(101) ~] ipa selfservice-add "edit address" --permission=write,read --attrs=l -------------------------------- Added selfservice "edit address" -------------------------------- Self-service name: edit address Permissions: write, read Attributes: l 3. confirm the above action with selfservice-find [yi@i386a(101) ~] ipa selfservice-find ---------------------- 3 selfservices matched ---------------------- Self-service name: Self can write own password Permissions: write Attributes: userpassword, krbprincipalkey, sambalmpassword, sambantpassword Self-service name: User Self service Permissions: write Attributes: givenname, sn, cn, displayname, title, initials, loginshell, gecos, homephone, mobile, pager, facsimiletelephonenumber, telephonenumber, street, roomnumber, l, st, postalcode, manager, secretary, description, carlicense, labeleduri, inetuserhttpurl, seealso, employeetype, businesscategory, ou Self-service name: edit address Permissions: write, read Attributes: l ---------------------------- Number of entries returned 3 ---------------------------- 4. run the problematic command: [yi@i386a(101) ~] ipa selfservice-mod "edit address" --permissions="" ipa: ERROR: 'permissions' is required 5. the error msg look fine, but when run selfservice-find, the permission "edit address" disappeared: [yi@i386a(101) ~] ipa selfservice-find ---------------------- 2 selfservices matched ---------------------- Self-service name: Self can write own password Permissions: write Attributes: userpassword, krbprincipalkey, sambalmpassword, sambantpassword Self-service name: User Self service Permissions: write Attributes: givenname, sn, cn, displayname, title, initials, loginshell, gecos, homephone, mobile, pager, facsimiletelephonenumber, telephonenumber, street, roomnumber, l, st, postalcode, manager, secretary, description, carlicense, labeleduri, inetuserhttpurl, seealso, employeetype, businesscategory, ou ---------------------------- Number of entries returned 2 ---------------------------- Additional info: there is no error msg in /var/log/httpd/error_log
to verify: 1. create selfservice permission: ipa selfservice-add "edit address" --permission=write,read --attrs=l 2. check with selfservice-find ipa selfservice-add "edit address" --permission=write,read --attrs=l 3. run problematic statement: ipa selfservice-mod "edit address" --permissions="" 4. check selfservice permissions with find ipa selfservice-find if the "edit address" exist, then test pass
Upstream ticket: https://fedorahosted.org/freeipa/ticket/2013
Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/d50618f6bd032b59a1893f7eb23e47616efab8fe ipa-2-2: https://fedorahosted.org/freeipa/changeset/fcbff4b102c47d5c8543f031baf96f9f4deb2c4e
Verified. Version :: ipa-server-2.2.0-4.el6.x86_64 Automated Test Results :: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: selfservice_bz_747730 ipa selfservice-mod edit address --permissions="" delete a selfservice permission :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: BZ Test Running: ipa selfservice-mod selfservice_bz_747730 --permissions="" > /tmp/tmp.V5BS5xp3mS/selfservice_bz_747730.26503.out 2>&1 :: [ LOG ] :: Duration: 12s :: [ LOG ] :: Assertions: 0 good, 0 bad :: [ PASS ] :: RESULT: selfservice_bz_747730 ipa selfservice-mod edit address --permissions="" delete a selfservice permission Manual Test Results :: [root@hp-xw6600-01 ipa-selfservice]# ipa selfservice-add bz747730 --attrs=l ---------------------------- Added selfservice "bz747730" ---------------------------- Self-service name: bz747730 Permissions: write Attributes: l [root@hp-xw6600-01 ipa-selfservice]# ipa selfservice-mod bz747730 --permissions="" ipa: ERROR: 'permissions' is required [root@hp-xw6600-01 ipa-selfservice]# ipa selfservice-show bz747730 Self-service name: bz747730 Permissions: write Attributes: l
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No documentation needed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html