#7029 Fix inconsistent reporting of server roles/attributes in *config-show commands
Closed: fixed 3 years ago Opened 3 years ago by mbabinsk.

In FreeIPA 4.4.x, *config-show commands were not returning anything for empty server attributes (DNSSec key master, CA renewal master) and returned empty list when no server role such as CA, KRA was enabled in topology (or the requestor had not read privilege for the service entries).

In other plugin, however, if the optional attribute is not set or the requestor has no read access to it, it was not sent at all in the response. We should amend the behavior of this component to conform to intended semantics of output parameters.


Metadata Update from @mbabinsk:
- Issue assigned to mbabinsk

3 years ago

Metadata Update from @mbasti:
- Issue set to the milestone: FreeIPA 4.5.3

3 years ago

master:

  • f4d7753 *config-show: Do not show empty roles/attributes
  • e2e380e Do not remove the old masters when setting the attribute fails

ipa-4-5:

  • 2431c76 *config-show: Do not show empty roles/attributes
  • 03a30c0 Do not remove the old masters when setting the attribute fails

Metadata Update from @mbasti:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 years ago

Login to comment on this ticket.

Metadata