Bug 854335 - Unable to update "remove automount keys" - it has filter and subtree specified
Unable to update "remove automount keys" - it has filter and subtree specified
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: ipa (Show other bugs)
7.0
Unspecified Unspecified
medium Severity unspecified
: rc
: ---
Assigned To: Martin Kosek
Namita Soman
:
: 958133 (view as bug list)
Depends On:
Blocks: 1113520
  Show dependency treegraph
 
Reported: 2012-09-04 12:39 EDT by Dmitri Pal
Modified: 2015-05-18 22:56 EDT (History)
3 users (show)

See Also:
Fixed In Version: ipa-4.0.3-1.el7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-05 05:08:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dmitri Pal 2012-09-04 12:39:56 EDT
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/freeipa/ticket/3028

# ipa permission-mod --permissions="add" "remove automount keys"
ipa: ERROR: invalid 'target': type, filter, subtree and targetgroup are mutually exclusive

The Web UI also had both the values set for the permission "remove automount keys"
Comment 2 Martin Kosek 2013-05-02 05:54:10 EDT
*** Bug 958133 has been marked as a duplicate of this bug. ***
Comment 3 Martin Kosek 2014-02-12 11:38:03 EST
This issue was fixed in scope of upstream ticket https://fedorahosted.org/freeipa/ticket/3566 (FreeIPA 3.4):

# ipa permission-mod --permissions={delete,add} "remove automount keys"
-------------------------------------------
Modified permission "remove automount keys"
-------------------------------------------
  Permission name: Remove Automount keys
  Permissions: add, delete
  Bind rule type: permission
  Subtree: dc=example,dc=com
  ACI target filter: (objectclass=automount)
  ACI target DN: automountmapname=*,cn=automount,dc=example,dc=com
  Granted to Privilege: Automount Administrators
Comment 5 Namita Soman 2015-01-24 22:06:12 EST
In rhel7.1, from http://www.freeipa.org/page/V4/Managed_Read_permissions
modifications to default poermissions is restricted.

# ipa permission-mod --permissions={delete,add} "System: Remove Automount Keys"
ipa: ERROR: invalid 'ipapermright': not modifiable on managed permissions
Comment 7 errata-xmlrpc 2015-03-05 05:08:36 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0442.html

Note You need to log in before you can comment on or make changes to this bug.