[Freeipa-devel] [PATCH] 593 fix group objectclasses on detach
Rob Crittenden
rcritten at redhat.com
Thu Nov 18 22:37:52 UTC 2010
Rob Crittenden wrote:
> Jakub Hrozek wrote:
>> On Mon, Nov 01, 2010 at 12:08:36PM -0400, Rob Crittenden wrote:
>>> Make sure a detached group has the default list of objectclasses.
>>> ipaUniqueId is handled by the new uuid plugin.
>>>
>>> https://fedorahosted.org/freeipa/ticket/250
>>>
>>> rob
>>
>> I haven't fully tested the patch yet, but this caught my attention:
>>
>>> + (group_dn, group_attrs) = ldap.get_entry(group_dn)
>>> + is_managed = self.obj.has_objectclass(group_attrs['objectclass'], '')
>>
>> I think that is_managed is guaranteed to be False in this case, since
>> has_objectclass would do:
>>
>> return '' in group_attrs['objectclass']
>
> Gah! Good catch, that should be mepManagedBy. Can you fix this and
> continue testing?
>
> rob
I rebased this and fix this error (I rebased it with patches 604 and 607
on my tree in case that makes a difference).
To test this do:
# ipa user-add --first=Tim --last=User tuser
# ipa group-show tuser --all
[ note the objectclasses ]
# ipa group-detach tuser
# ipa group-show --all tuser
It should now be a full POSIX group with a ipaUniqueId and a full set of
objectclass. You should be able to add a user to it.
# ipa group-add-member --users=tuser tuser
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-593-2-group.patch
Type: text/x-patch
Size: 5718 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20101118/2206629f/attachment.bin>
More information about the Freeipa-devel
mailing list