Issue #3877: Privilege "SELinux User Map Administrators" does not list its permissions - freeipa

freeipa

#3877 Privilege "SELinux User Map Administrators" does not list its permissions

Closed: Fixed None Opened 10 years ago by rcritten.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 997085

Description of problem:
When verifying that all privileges have permissions assigned, "SELinux User Map
Administrators" doesn't list any permissions. But the permission expected to be
listed indicates that it is granted to this privilege.
Behaviour was different in 6.4.

Using ipa-server-3.3.0-6.el7.x86_64
# ipa privilege-show "SELinux User Map Administrators"
  Privilege name: SELinux User Map Administrators
  Description: SELinux User Map Administrators

# ipa permission-show "modify selinux user maps"
  Permission name: Modify SELinux User Maps
  Permissions: write
  Attributes: cn, memberuser, memberhost, seealso, ipaselinuxuser,
ipaenabledflag
  Subtree: ldap:///ipauniqueid=*,cn=usermap,cn=selinux,dc=testrelm,dc=com
  Granted to Privilege: SELinux User Map Administrators

Using ipa-server-3.0.0-26.el6_4.4.x86_64
# ipa privilege-show "SELinux User Map Administrators"
  Privilege name: SELinux User Map Administrators
  Description: SELinux User Map Administrators
  Permissions: modify selinux user maps, add selinux user maps, remove selinux
user maps


# ipa permission-show "modify selinux user maps"
  Permission name: Modify SELinux User Maps
  Permissions: write
  Attributes: cn, memberuser, memberhost, seealso, ipaselinuxuser,
ipaenabledflag
  Subtree: ldap:///ipauniqueid=*,cn=usermap,cn=selinux,dc=testrelm,dc=com
  Granted to Privilege: SELinux User Map Administrators

Version-Release number of selected component (if applicable):
ipa-server-3.3.0-6.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1. ipa privilege-show "SELinux User Map Administrators"


Actual results:
No permissions listed

Expected results:
should list permissions: modify selinux user maps, add selinux user maps,
remove selinux user maps


Additional info:

mkosek commented 10 years ago

attachment
freeipa-mkosek-424-remove-faulty-dns-memberof-task.patch

mkosek commented 10 years ago

Patch freeipa-mkosek-424-remove-faulty-dns-memberof-task.patch sent for review

pviktori commented 10 years ago

master: b145137[[BR]]
ipa-3-3: b32ed6d

Metadata Update from @rcritten:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 3.3.x - 2013/09 (bug fixing)

7 years ago

Metadata

Assignee

mkosek

Tags

None

Blocking

None

Depending on

None

Priority

normal

Milestone

FreeIPA 3.3.x - 2013/09 (bug fixing)

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

https://bugzilla.redhat.com/show_bug.cgi?id=997085

tester

None

changelog

None

design

None

freeipa

Source Code

#3877 Privilege "SELinux User Map Administrators" does not list its permissions Closed: Fixed None Opened 10 years ago by rcritten.

Metadata

#3877 Privilege "SELinux User Map Administrators" does not list its permissions

Closed: Fixed None Opened 10 years ago by rcritten.