Issue #2938: ipa config-mod --ipaselinuxusermaporder - should modify SELinux user map order - freeipa

freeipa

#2938 ipa config-mod --ipaselinuxusermaporder - should modify SELinux user map order

Closed: Fixed None Opened 11 years ago by aakkiang.

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [ LOG ] :: ipa-selinuxusermap-cli-002: Modify ipa config selinuxuser map order
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

:: [ PASS ] :: Show ipa default config
Maximum username length: 32
Home directory base: /home
Default shell: /bin/sh
Default users group: ipausers
Default e-mail domain: testrelm.com
Search time limit: 2
Search size limit: 100
User search fields: uid,givenname,sn,telephonenumber,ou,title
Group search fields: cn,description
Enable migration mode: FALSE
Certificate Subject base: O=TESTRELM.COM
Password Expiration Notification (days): 4
Password plugin features: AllowNThash
SELinux user map order: guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
Default SELinux user: guest_u:s0
:: [ PASS ] :: Running 'cat /tmp/tmp.1xONpGFItS/selinuxusermap_default.out'
:: [17:45:20] :: Executing: ipa config-mod --ipaselinuxusermaporder=xguest_u:s0$guest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
ipa: ERROR: invalid 'ipaselinuxusermaporder': Default SELinux user map default user not in order list
:: [ PASS ] :: Show ipa config
Maximum username length: 32
Home directory base: /home
Default shell: /bin/sh
Default users group: ipausers
Default e-mail domain: testrelm.com
Search time limit: 2
Search size limit: 100
User search fields: uid,givenname,sn,telephonenumber,ou,title
Group search fields: cn,description
Enable migration mode: FALSE
Certificate Subject base: O=TESTRELM.COM
Password Expiration Notification (days): 4
Password plugin features: AllowNThash
SELinux user map order: guest_u:s0$xguest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023
Default SELinux user: guest_u:s0
:: [ PASS ] :: Running 'cat /tmp/tmp.1xONpGFItS/selinuxusermap_neworder.out'
:: [ FAIL ] :: File '/tmp/tmp.1xONpGFItS/selinuxusermap_neworder.out' should contain 'SELinux user map order: xguest_u:s0$guest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023'
ipa: ERROR: invalid 'ipaselinuxusermaporder': Default SELinux user map default user not in order list

Steps to Reproduce:
1. ipa config-mod --ipaselinuxusermaporder=xguest_u:s0$guest_u:s0$user_u:s0-s0:c0.c1023$staff_u:s0-s0:c0.c1023$unconfined_u:s0-s0:c0.c1023

Actual results:
Error message: "ipa: ERROR: invalid 'ipaselinuxusermaporder': Default SELinux user map default user not in order list"

Expected results:
ipa config-mod --ipaselinuxusermaporder should successfully modify SELinux user map order.

jgalipea commented 11 years ago

feature not yet in RHEL upstream only

rcritten commented 11 years ago

master: e345ad1

Metadata Update from @aakkiang:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 3.0 Beta 2

7 years ago

Metadata

Assignee

rcritten

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 3.0 Beta 2

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#2938 ipa config-mod --ipaselinuxusermaporder - should modify SELinux user map order Closed: Fixed None Opened 11 years ago by aakkiang.

Metadata

#2938 ipa config-mod --ipaselinuxusermaporder - should modify SELinux user map order

Closed: Fixed None Opened 11 years ago by aakkiang.