Input: [ayoung@ipa ~]$ ipa permission-add test-perm --desc "Test Permission" --permissions='add, delete' --type 'hostgroup'
Output:
Permission name: test-perm Description: Test Permission Permissions: add, delete Type: hostgroup
Input: [ayoung@ipa ~]$ ipa permission-mod test-perm --desc "Test Permission" --permissions='add' --type 'hostgroup'
output: ipa: ERROR: This entry already exists
There doesn't seem to be a way to remove a permission other than this.
handle updating description freeipa-rcrit-643-permission.patch
It was always trying to update description when provided even if it hadn't changed.
I noticed that a pure aci-only update (such as changing the permissions) would result in an EmptyModList because the permission object itself wasn't updated. I had half coded that originally, I finished the job here.
master: c9807f4
Metadata Update from @admiyo: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.0 - 2010/12 (FC)
Login to comment on this ticket.