Hide Forgot
This bug is created as a clone of upstream ticket: https://fedorahosted.org/freeipa/ticket/1675 The host plugin does define a "managing" attribute, but it seems to be incomplete so the following options are missing: {{{ --man-hosts=LIST Search for hosts with these managing hosts. --not-man-hosts=LIST Search for hosts without these managing hosts. }}} These options do appear after adding "managing" into the default_attributes and host_find's member_attributes, but they don't seem to be working correctly. The --man-hosts will always return empty, and the --not-man-hosts will always return everything. So there might be some other issues. These options would be useful for the UI when adding "Managed by Hosts". The --not-man-hosts option can be used to find hosts that have not already been managing the current host, thus avoiding duplicates.
Fixed upstream: master: 4277253b837f1485a900abee2b5fd0c246fa8d50 0b9279a30a04de447b324eeb87e7a9e3b288bb1d ipa-2-2: 71aa3d8d4ae49261f445bfa2ee3848d0e1f5a19f 6863b8fe409f6f267597955376e20df21cfd2dae
UI fix: * master: 6bd2f5ba350f7b21fc2da7acec862d342423b3d9 * ipa-2-2: 2b9db630315454ae35da5c0fa451a61eeb5c5cec
Tested host-find with --man-hosts and --not-man-hosts options with ipa-server-2.2 on a RHEL 6.3 STABLE machine. --man-hosts returns the managed hosts successfully. --not-man-hosts option does not return all hosts that have not already been managing the current host. This behaviour is observed when there is already existing hosts. In the following test with --not-man-hosts option does not return host nmanbyhost3.testrelm.com as expected: [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost1.testrelm.com --force ------------------------------------- Added host "nmanbyhost1.testrelm.com" ------------------------------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost2.testrelm.com --force ------------------------------------- Added host "nmanbyhost2.testrelm.com" ------------------------------------- Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost3.testrelm.com --force ------------------------------------- Added host "nmanbyhost3.testrelm.com" ------------------------------------- Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-add-managedby --hosts="nmanbyhost2.testrelm.com" nmanbyhost1.testrelm.com Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com ------------------------- Number of members added 1 ------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find --man-hosts=nmanbyhost1.testrelm.com --------------- 2 hosts matched --------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com ---------------------------- Number of entries returned 2 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find --not-man-hosts=nmanbyhost1.testrelm.com --------------- 5 hosts matched --------------- Host name: host1.testrelm.com Principal name: host/host1.testrelm.com Password: False Keytab: False Managed by: host1.testrelm.com Host name: host2.testrelm.com Principal name: host/host2.testrelm.com Password: False Keytab: False Managed by: host2.testrelm.com Host name: host3.testrelm.com Principal name: host/host3.testrelm.com Password: False Keytab: False Managed by: host3.testrelm.com Host name: host4.testrelm.com Principal name: host/host4.testrelm.com Password: False Keytab: False Managed by: host4.testrelm.com Host name: nec-em25.testrelm.com Principal name: host/nec-em25.testrelm.com SSH public key fingerprint: F7:90:60:C3:F4:D9:6C:3F:11:63:CE:D1:0B:1C:1D:DA (ssh-dss), 27:AE:20:10:F1:25:3B:73:BD:04:8A:14:AC:E8:77:2C (ssh-rsa) Password: False Keytab: True Managed by: nec-em25.testrelm.com ---------------------------- Number of entries returned 5 ----------------------------
I do not understand how can I reproduced this issue. Can you please provide a closer explanation? It would be also nice to attach just plain "host-find" output before you try it with --man-hosts or --not-man-hosts. It would be easier to evaluate the filtering. This is an output from my test, where the option worked properly: # ipa host-add nmanbyhost1.testrelm.com --force ------------------------------------- Added host "nmanbyhost1.testrelm.com" ------------------------------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com # ipa host-add nmanbyhost2.testrelm.com --force ------------------------------------- Added host "nmanbyhost2.testrelm.com" ------------------------------------- Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com # ipa host-add nmanbyhost3.testrelm.com --force ------------------------------------- Added host "nmanbyhost3.testrelm.com" ------------------------------------- Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com # ipa host-add-managedby --hosts="nmanbyhost2.testrelm.com" nmanbyhost1.testrelm.com Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com.BOS.REDHAT.COM Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com ------------------------- Number of members added 1 ------------------------- # ipa host-find --------------- 4 hosts matched --------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com Host name: vm-068.idm.lab.bos.redhat.com Principal name: host/vm-068.idm.lab.bos.redhat.com.BOS.REDHAT.COM SSH public key fingerprint: A6:84:D6:9C:99:17:69:99:2C:DC:FA:BE:77:4E:E9:75 (ssh-dss), 0B:33:31:7D:73:CF:9A:D3:72:30:9F:21:99:F5:24:49 (ssh-rsa) Password: False Keytab: True Managed by: vm-068.idm.lab.bos.redhat.com ---------------------------- Number of entries returned 4 ---------------------------- # ipa host-find --man-hosts=nmanbyhost1.testrelm.com --------------- 2 hosts matched --------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com ---------------------------- Number of entries returned 2 ---------------------------- # ipa host-find --not-man-hosts=nmanbyhost1.testrelm.com --------------- 2 hosts matched --------------- Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com.BOS.REDHAT.COM Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com Host name: vm-068.idm.lab.bos.redhat.com Principal name: host/vm-068.idm.lab.bos.redhat.com.BOS.REDHAT.COM SSH public key fingerprint: A6:84:D6:9C:99:17:69:99:2C:DC:FA:BE:77:4E:E9:75 (ssh-dss), 0B:33:31:7D:73:CF:9A:D3:72:30:9F:21:99:F5:24:49 (ssh-rsa) Password: False Keytab: True Managed by: vm-068.idm.lab.bos.redhat.com ---------------------------- Number of entries returned 2 ----------------------------
Here is the list of hosts. After adding the 3 new hosts, "host-find" returns only the 5 old hosts, and does not include the newly added ones. [root@nec-em25 ipa-host-cli]# ipa host-find --------------- 5 hosts matched --------------- Host name: host1.testrelm.com Principal name: host/host1.testrelm.com Password: False Keytab: False Managed by: host1.testrelm.com Host name: host2.testrelm.com Principal name: host/host2.testrelm.com Password: False Keytab: False Managed by: host2.testrelm.com Host name: host3.testrelm.com Principal name: host/host3.testrelm.com Password: False Keytab: False Managed by: host3.testrelm.com Host name: host4.testrelm.com Principal name: host/host4.testrelm.com Password: False Keytab: False Managed by: host4.testrelm.com Host name: nec-em25.testrelm.com Principal name: host/nec-em25.testrelm.com SSH public key fingerprint: F7:90:60:C3:F4:D9:6C:3F:11:63:CE:D1:0B:1C:1D:DA (ssh-dss), 27:AE:20:10:F1:25:3B:73:BD:04:8A:14:AC:E8:77:2C (ssh-rsa) Password: False Keytab: True Managed by: nec-em25.testrelm.com ---------------------------- Number of entries returned 5 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost1.testrelm.com --force ------------------------------------- Added host "nmanbyhost1.testrelm.com" ------------------------------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost2.testrelm.com --force ------------------------------------- Added host "nmanbyhost2.testrelm.com" ------------------------------------- Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-add nmanbyhost3.testrelm.com --force ------------------------------------- Added host "nmanbyhost3.testrelm.com" ------------------------------------- Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com [root@nec-em25 ipa-host-cli]# ipa host-find --------------- 5 hosts matched --------------- Host name: host1.testrelm.com Principal name: host/host1.testrelm.com Password: False Keytab: False Managed by: host1.testrelm.com Host name: host2.testrelm.com Principal name: host/host2.testrelm.com Password: False Keytab: False Managed by: host2.testrelm.com Host name: host3.testrelm.com Principal name: host/host3.testrelm.com Password: False Keytab: False Managed by: host3.testrelm.com Host name: host4.testrelm.com Principal name: host/host4.testrelm.com Password: False Keytab: False Managed by: host4.testrelm.com Host name: nec-em25.testrelm.com Principal name: host/nec-em25.testrelm.com SSH public key fingerprint: F7:90:60:C3:F4:D9:6C:3F:11:63:CE:D1:0B:1C:1D:DA (ssh-dss), 27:AE:20:10:F1:25:3B:73:BD:04:8A:14:AC:E8:77:2C (ssh-rsa) Password: False Keytab: True Managed by: nec-em25.testrelm.com ---------------------------- Number of entries returned 5 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find nmanbyhost1.testrelm.com -------------- 1 host matched -------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com ---------------------------- Number of entries returned 1 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find nmanbyhost2.testrelm.com -------------- 1 host matched -------------- Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com ---------------------------- Number of entries returned 1 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find nmanbyhost3.testrelm.com -------------- 1 host matched -------------- Host name: nmanbyhost3.testrelm.com Principal name: host/nmanbyhost3.testrelm.com Password: False Keytab: False Managed by: nmanbyhost3.testrelm.com ---------------------------- Number of entries returned 1 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-add-managedby --hosts=nmanbyhost2.testrelm.com nmanbyhost1.testrelm.com Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com ------------------------- Number of members added 1 ------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find --man-hosts=nmanbyhost1.testrelm.com --------------- 2 hosts matched --------------- Host name: nmanbyhost1.testrelm.com Principal name: host/nmanbyhost1.testrelm.com Password: False Keytab: False Managed by: nmanbyhost1.testrelm.com, nmanbyhost2.testrelm.com Host name: nmanbyhost2.testrelm.com Principal name: host/nmanbyhost2.testrelm.com Password: False Keytab: False Managed by: nmanbyhost2.testrelm.com ---------------------------- Number of entries returned 2 ---------------------------- [root@nec-em25 ipa-host-cli]# ipa host-find --not-man-hosts=nmanbyhost1.testrelm.com --------------- 5 hosts matched --------------- Host name: host1.testrelm.com Principal name: host/host1.testrelm.com Password: False Keytab: False Managed by: host1.testrelm.com Host name: host2.testrelm.com Principal name: host/host2.testrelm.com Password: False Keytab: False Managed by: host2.testrelm.com Host name: host3.testrelm.com Principal name: host/host3.testrelm.com Password: False Keytab: False Managed by: host3.testrelm.com Host name: host4.testrelm.com Principal name: host/host4.testrelm.com Password: False Keytab: False Managed by: host4.testrelm.com Host name: nec-em25.testrelm.com Principal name: host/nec-em25.testrelm.com SSH public key fingerprint: F7:90:60:C3:F4:D9:6C:3F:11:63:CE:D1:0B:1C:1D:DA (ssh-dss), 27:AE:20:10:F1:25:3B:73:BD:04:8A:14:AC:E8:77:2C (ssh-rsa) Password: False Keytab: True Managed by: nec-em25.testrelm.com ---------------------------- Number of entries returned 5 ----------------------------
It looks like the number of hosts is always limited to 5 entries, i.e. even bare host-find did not return all entered hosts. Don't you have a limit for maximum number of returned LDAP entries? What does your "ipa config-show" returns?
In the test environment "ipa config-mod --searchrecordslimit=5" was set previously, after setting a default value of --searchrecordslimit=100, --not-man-hosts works as expected. Marking the bug verified.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: No documentation needed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0819.html