Bug 805546 - when adding a user with --noprivate option gidNumber should be required
when adding a user with --noprivate option gidNumber should be required
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa (Show other bugs)
6.3
Unspecified Unspecified
high Severity unspecified
: rc
: ---
Assigned To: Rob Crittenden
IDM QE LIST
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-21 10:53 EDT by Jenny Galipeau
Modified: 2015-01-21 15:04 EST (History)
1 user (show)

See Also:
Fixed In Version: ipa-2.2.0-9.el6
Doc Type: Bug Fix
Doc Text:
No documentation needed.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-06-20 09:25:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jenny Galipeau 2012-03-21 10:53:47 EDT
Description of problem:

When adding a user with --noprivate (don't add private user group ) the user's gidNumber should be set to the gidNumber ipausers, right now it is being set to the user's gidNumber like there was a private group added.

ipa user-add --first=test --last=test --noprivate test
-----------------
Added user "test"
-----------------
  User login: test
  First name: test
  Last name: test
  Full name: test test
  Display name: test test
  Initials: tt
  Home directory: /home/test
  GECOS field: test test
  Login shell: /bin/sh
  Kerberos principal: test@TESTRELM.COM
  UID: 404600032
  GID: 404600032   <========================================================
  Password: False
  Kerberos keys available: False

# ipa group-find --private test
----------------
0 groups matched
----------------
----------------------------
Number of entries returned 0



Version-Release number of selected component (if applicable):
ipa-server-2.2.0-4.el6.x86_64

How reproducible:
always

Steps to Reproduce:
1. See description
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Jenny Galipeau 2012-03-21 11:05:21 EDT
Can not set to ipausers, as the default is now non-posix and it doesn't have a gidNumber .... add should fail with gidNumber required
Comment 2 Jenny Galipeau 2012-03-21 12:38:44 EDT
The following automated tests were added ::


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-user-add-052: user gidnumber defaults to upg gidnumber which matches user uidnumber
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test testusr'
:: [   PASS   ] :: User gidnumber matches user uidnumber.  uidNumber: 404600090  gidNumber: 404600090
:: [   LOG    ] :: Duration: 13s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: ipa-user-add-052: user gidnumber defaults to upg gidnumber which matches user uidnumber

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-user-add-053: --noprivate group specified gidnumber exists - default group non-posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test --noprivate --gidnumber=404600091 testusr'
:: [   PASS   ] :: Make sure private group not added
:: [   PASS   ] :: User's gidnumber as expected.
:: [   LOG    ] :: Duration: 22s
:: [   LOG    ] :: Assertions: 3 good, 0 bad
:: [   PASS   ] :: RESULT: ipa-user-add-053: --noprivate group specified gidnumber exist - ipausers non-posix

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 --noprivate group specified gid number does not exist - default group non-posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Executing: ipa user-add --first=test --last=test --noprivate --gidnumber=123 testusr
:: [   LOG    ] :: ERROR: Expected "ipa user-add --first=test --last=test --noprivate --gidnumber=123 testusr" to fail.
:: [   FAIL   ] :: Verify expected error message. (Expected 0, got 1)
:: [   LOG    ] :: Duration: 7s
:: [   LOG    ] :: Assertions: 0 good, 1 bad
:: [   FAIL   ] :: RESULT: ipa-user-add-054: --noprivate group specified gid number does not exist - default group non-posix

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 --noprivate gidnumber not specifiec - default group posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Change default group to testgrp gidnumber: 404600094
:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test --noprivate testusr'
:: [   PASS   ] :: Make sure private group not added
:: [   FAIL   ] :: User's gidnumber not as expected.  Expected: 404600094  Got: 404600095 
:: [   LOG    ] :: Duration: 25s
:: [   LOG    ] :: Assertions: 3 good, 1 bad
:: [   FAIL   ] :: RESULT: ipa-user-add-055: --noprivate gidnumber not specifiec - default group posix

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 when adding a user with --noprivate option the gidNumber should be required
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Executing: ipa user-add --first=test --last=test --noprivate testusr
:: [   LOG    ] :: ERROR: Expected "ipa user-add --first=test --last=test --noprivate testusr" to fail.
:: [   FAIL   ] :: Verify expected error message. (Expected 0, got 1)
:: [   LOG    ] :: Duration: 7s
:: [   LOG    ] :: Assertions: 0 good, 1 bad
:: [   FAIL   ] :: RESULT: bz805546 when adding a user with --noprivate option the gidNumber should be required
Comment 3 Martin Kosek 2012-03-22 04:40:04 EDT
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/2572
Comment 8 Martin Kosek 2012-04-25 05:41:12 EDT
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
No documentation needed.
Comment 9 Jenny Galipeau 2012-05-03 10:01:16 EDT
verified ::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-user-add-052: user gidnumber defaults to upg gidnumber which matches user uidnumber
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test testusr'
:: [   PASS   ] :: User gidnumber matches user uidnumber.  uidNumber: 1895200026  gidNumber: 1895200026
:: [   LOG    ] :: Duration: 8s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: ipa-user-add-052: user gidnumber defaults to upg gidnumber which matches user uidnumber

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-user-add-053: --noprivate group specified gidnumber exists - default group non-posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test --noprivate --gidnumber=1895200027 testusr'
:: [   PASS   ] :: Make sure private group not added
:: [   PASS   ] :: User's gidnumber as expected.
:: [   LOG    ] :: Duration: 14s
:: [   LOG    ] :: Assertions: 3 good, 0 bad
:: [   PASS   ] :: RESULT: ipa-user-add-053: --noprivate group specified gidnumber exists - default group non-posix


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 --noprivate group specified gid number does not exist - default group non-posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test --noprivate --gidnumber=123 testusr'
:: [   PASS   ] :: Make sure private group not added
:: [   PASS   ] :: User's gidnumber as expected.
:: [   PASS   ] :: Running 'ipa user-del testusr'
:: [   LOG    ] :: Duration: 8s
:: [   LOG    ] :: Assertions: 4 good, 0 bad
:: [   PASS   ] :: RESULT: bz805546 --noprivate group specified gid number does not exist - default group non-posix

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 --noprivate gidnumber not specifiec - default group posix
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   PASS   ] :: Change default group to testgrp gidnumber: 1895200031
:: [   PASS   ] :: Running 'ipa user-add --first=test --last=test --noprivate testusr'
:: [   PASS   ] :: Make sure private group not added
:: [   PASS   ] :: User's gidnumber as expected.
:: [   LOG    ] :: Duration: 18s
:: [   LOG    ] :: Assertions: 4 good, 0 bad
:: [   PASS   ] :: RESULT: bz805546 --noprivate gidnumber not specifiec - default group posix

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz805546 when adding a user with --noprivate option the gidNumber should be required
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [   LOG    ] :: Executing: ipa user-add --first=test --last=test --noprivate testusr
:: [   LOG    ] :: "ipa user-add --first=test --last=test --noprivate testusr" failed as expected.
:: [   PASS   ] :: Error message as expected: ipa: ERROR: Default group for new users is not POSIX
:: [   PASS   ] :: Verify expected error message.
:: [   LOG    ] :: Duration: 6s
:: [   LOG    ] :: Assertions: 2 good, 0 bad
:: [   PASS   ] :: RESULT: bz805546 when adding a user with --noprivate option the gidNumber should be required


version ::

ipa-server-2.2.0-11.el6
Comment 11 errata-xmlrpc 2012-06-20 09:25:19 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0819.html

Note You need to log in before you can comment on or make changes to this bug.