freeipa

Clone
Source Code
GIT

#302 ipa host-mod --setattr should not allow enrolledBy to be changed
Closed: Fixed None Opened 13 years ago by rcritten.

Closed: Fixed
Reopen Issue

https://bugzilla.redhat.com/show_bug.cgi?id=634301

Only going to do this in the plugin, not as an ACI, to prevent accidental overwriting.

disallow writes on some attrs
freeipa-566-write.patch

Oh, hrm, I forgot about host enrollment, this will break it. New patch coming.

The enrolledBy attribute was addressed by a later patch, this is fixed.

master: 9726941

I think that enrolledBy got added back as a mistake but I can't be sure.

I do remember have a discussion with Simo related to this type of field, if not this particular one. It is difficult to write an aci with sufficient logic to allow some updates and disallow others.

So enrolledBy won't be removed during unenrollment, but it will be updated when a host is enrolled.

master: 37e3bf2

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: FreeIPA 2.1 - 2011/07
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
IPA
None
1
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=634301
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.