896589 – [RFE] Add crond into the list of hbac-services in default install

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 896589 - [RFE] Add crond into the list of hbac-services in default install

Summary: [RFE] Add crond into the list of hbac-services in default install

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Rob Crittenden
QA Contact:	IDM QE LIST
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	910621 918318 (view as bug list)
Depends On:	867183
Blocks:
TreeView+	depends on / blocked

Reported:	2013-01-17 15:11 UTC by Rob Crittenden
Modified:	2018-11-29 19:42 UTC (History)
CC List:	7 users (show)
Fixed In Version:	ipa-3.2.1-1.el7
Doc Type:	Enhancement
Doc Text:
Clone Of:	867183
Environment:
Last Closed:	2014-06-13 09:29:54 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Rob Crittenden 2013-01-17 15:11:13 UTC

+++ This bug was initially created as a clone of Bug #867183 +++

Description of problem:

Currently crond is not included in the list of hbac services in IPA and needs to be added manually - as crond is a commonly used service requesting that this is added in

Version-Release number of selected component (if applicable):

All version including ipa-server-2.2.0-16

How reproducible:

To allow IPA users to access cron when hbac rules only allow specific services you need to manually add crond as a service via command:

# ipa hbacsvc-add crond --desc="crond"
  
Expected results:

Would expect that crond would be included in the list of hbac services

Additional info:

Have raised a separate BZ for documentation team to document the process of adding hbac rule for crond: https://bugzilla.redhat.com/show_bug.cgi?id=867176

--- Additional comment from Dmitri Pal on 2012-10-25 11:39:42 EDT ---

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/3215

Comment 1 Rob Crittenden 2013-01-17 15:12:35 UTC

Fixed upstream

master: 3bd96ddf05ab9c55047eac3b5df8717b190f7ef2

Comment 3 Namita Soman 2013-02-28 19:43:05 UTC

*** Bug 910621 has been marked as a duplicate of this bug. ***

Comment 4 Martin Kosek 2013-03-07 11:06:25 UTC

*** Bug 918318 has been marked as a duplicate of this bug. ***

Comment 7 Kaleem 2013-12-23 11:10:40 UTC

Verified.

 +-----------------------------[RPMs & OS: [RedHat - x86_64]-----------------------------+
|       ipa-admintools-3.3.3-5.el7.x86_64
|       ipa-client-3.3.3-5.el7.x86_64
|       ipa-server-3.3.3-5.el7.x86_64
|       sssd-ipa-1.11.2-1.el7.x86_64
------------------------------------------------------------------------------------------

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: ipa-hbacsvc-cli-027: crond into the list of hbac-services in default install
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

  Service name: crond
  Description: crond
:: [   PASS   ] :: crond has been added into the list of hbac-services in default install (Expected 0, got 0)
'ad665f63-3756-4b5f-8915-b4ab10f20caf'
ipa-hbacsvc-cli-027 result: PASS
   metric: 0
   Log: /var/tmp/beakerlib-17564653/journal.txt
    Info: Searching AVC errors produced since 1385453165.28 (Tue Nov 26 03:06:05 2013)
     Searching logs...
     Info: No AVC messages found.
 Writing to /mnt/testarea/tmp.8xz96m
:
   AvcLog: /mnt/testarea/tmp.8xz96m

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Comment 9 Ludek Smid 2014-06-13 09:29:54 UTC

This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.

Note You need to log in before you can comment on or make changes to this bug.