Output form Michael's bug repro: [oVirt shell (connected)]# show role aaa id : 1f3724c0-1ada-4e13-aa37-5910c86e14b9 name : aaa _Base__context: 140680821593424 administrative: False mutable : True [oVirt shell (connected)]# list permits --role-identifier aaa id : 502 name : manipulate_permissions id : 1300 name : login [oVirt shell (connected)]# add permit --role-identifier aaa --id 7 id : 7 name : connect_to_vm _Base__context: 140680821593424 administrative: False role-id : 1f3724c0-1ada-4e13-aa37-5910c86e14b9 [oVirt shell (connected)]# list permits --role-identifier aaa id : 502 name : manipulate_permissions id : 1300 name : login id : 7 name : connect_to_vm [oVirt shell (connected)]# remove permit connect_to_vm --role-identifier aaa [oVirt shell (connected)]# list permits --role-identifier aaa id : 502 name : manipulate_permissions id : 1300 name : login
ilia, It's not 'list command doesn't work by-id', but 'remove command' and for very specific use-case - permit.
http://gerrit.ovirt.org/10366
RHEVM shell (connected)]# add permit --role-identifier aaa --id 7 id : 7 name : connect_to_vm administrative: False role-id : c92b0f80-5fc8-4b12-94f4-5db34707ccb1 [RHEVM shell (connected)]# remove permit connect_to_vm --role-identifier aaa accepted. [RHEVM shell (connected)]# list permits --role-identifier aaa id : 301 name : edit_vm_pool_configuration Verified sf5
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-0890.html