https://bugzilla.redhat.com/show_bug.cgi?id=815364 (Red Hat Enterprise Linux 6)
Description of problem: ipa permission-find --all dns lists 5 permissions - add dns entries read dns entries remove dns entries update dns entries Write DNS Configuration But in UI, a search for dns lists only: read dns entries Also these permissions do not follow the case used for other permissions. For example, it should be Add DNS entries, and so on. Version-Release number of selected component (if applicable): ipa-server-2.2.0-10.el6.x86_64 How reproducible: always Steps to Reproduce: 1. ipa permission-find --all --raw dns 2. From UI, search for permissions, using string dns Actual results: only "read dns entries" is listed Expected results: list all 5 permissions that match the string dns Additional info: Noticed difference between the permission (read dns entries) that is listed in UI, and the one that is not (say, add dns entries objectclass: ipapermission is not included. Outputs for the 2 permissions below: dn: cn=add dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com cn: add dns entries member: cn=DNS Administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com member: cn=DNS Servers,cn=privileges,cn=pbac,dc=testrelm,dc=com aci: (target = "ldap:///idnsname=*,cn=dns,dc=testrelm,dc=com")(version 3.0;acl "permission:add dns entries";allow (add) groupdn = "ldap:///cn=add dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com";) description: Add DNS entries memberindirect: cn=dns administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com memberindirect: cn=dns servers,cn=privileges,cn=pbac,dc=testrelm,dc=com memberindirect: krbprincipalname=dns/rhel63-server.testrelm.com@testrelm.com, cn=services,cn=accounts,dc=testrelm,dc=com objectclass: groupofnames objectclass: top dn: cn=read dns entries,cn=permissions,cn=pbac,dc=testrelm,dc=com cn: read dns entries member: cn=DNS Administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com member: cn=DNS Servers,cn=privileges,cn=pbac,dc=testrelm,dc=com member: cn=testprivilegedns,cn=privileges,cn=pbac,dc=testrelm,dc=com ipapermissiontype: SYSTEM description: Read DNS entries memberindirect: cn=dns administrators,cn=privileges,cn=pbac,dc=testrelm,dc=com memberindirect: cn=dns servers,cn=privileges,cn=pbac,dc=testrelm,dc=com memberindirect: krbprincipalname=dns/rhel63-server.testrelm.com@testrelm.com, cn=services,cn=accounts,dc=testrelm,dc=com memberindirect: cn=testroledns,cn=roles,cn=accounts,dc=testrelm,dc=com memberindirect: uid=testuserdns,cn=users,cn=accounts,dc=testrelm,dc=com objectclass: top objectclass: groupofnames objectclass: ipapermission
Duplicate to #2659.
Metadata Update from @dpal: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 3.0 Core Effort - 2012/05
Login to comment on this ticket.