[Freeipa-devel] [PATCH 0060] raise an error when trying to preserve an already preserved user

thierry bordaz tbordaz at redhat.com
Thu Aug 20 09:12:43 UTC 2015 

On 08/20/2015 11:05 AM, thierry bordaz wrote:
> On 08/19/2015 06:28 PM, Martin Babinsky wrote:
>> On 08/19/2015 02:54 PM, Martin Babinsky wrote:
>>> this patch prevents https://fedorahosted.org/freeipa/ticket/5234 from
>>> happening.
>>>
>>>
>>>
>> Actually, we (myself, mbasti, jcholast) found out that `user-del 
>> --preserve` could use some more usability improvements.
>>
>> This quick patch should fix both 
>> https://fedorahosted.org/freeipa/ticket/5234 and 
>> https://fedorahosted.org/freeipa/ticket/5236 and make user 
>> preservation operate on multiple arguments in a same way as plain 
>> deletion.
>>
>>
>>
> Hi Martin,
>
> This is curious it is looking like in my test the fix does not prevent 
> the deletion:
>
>     [root at vm-141 freeipa]# ipa user-del ttest1 --preserve
>     ---------------------
>     Deleted user "ttest1"
>     ---------------------
>     [root at vm-141 freeipa]# ipa user-del ttest1 --preserve
>     ---------------------
>     Deleted user "ttest1"
>     ---------------------
>     [root at vm-141 freeipa]# ipa user-find ttest1 --preserve=true
>     ---------------
>     0 users matched
>     ---------------
>     ----------------------------
>     Number of entries returned 0
>     ----------------------------
>
>
>     [20/Aug/2015:11:00:33 +0200] conn=124 op=9 MODRDN
>     dn="uid=ttest1,cn=users,cn=accounts,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
>     newrdn="uid=ttest1" newsuperior="cn=deleted
>     users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
>     [20/Aug/2015:11:00:33 +0200] conn=124 op=9 RESULT err=0 tag=109
>     nentries=0 etime=0
>     ...
>     [20/Aug/2015:11:00:44 +0200] conn=125 op=14 SRCH
>     base="uid=ttest1,cn=deleted
>     users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
>     scope=0 filter="(objectClass=*)" attrs="distinguishedName"
>     [20/Aug/2015:11:00:44 +0200] conn=125 op=14 RESULT err=0 tag=101
>     nentries=1 etime=0
>     [20/Aug/2015:11:00:44 +0200] conn=125 op=15 DEL
>     dn="uid=ttest1,cn=deleted
>     users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
>     [20/Aug/2015:11:00:44 +0200] conn=125 op=15 RESULT *err=0* tag=107
>     nentries=0 etime=0
>     ...
>     [20/Aug/2015:11:00:57 +0200] conn=126 op=5 SRCH base="cn=deleted
>     users,cn=accounts,cn=provisioning,dc=abc,dc=idm,dc=lab,dc=eng,dc=brq,dc=redhat,dc=com"
>     scope=1
>     filter="(&(|(telephoneNumber=*ttest1*)(uid=*ttest1*)(title=*ttest1*)(sn=*ttest1*)(ou=*ttest1*)(givenName=*ttest1*))(objectClass=posixaccount))"
>     attrs="telephoneNumber sshpubkeyfp uid title loginShell uidNumber
>     gidNumber sn homeDirectory mail givenName nsAccountLock"
>     [20/Aug/2015:11:00:57 +0200] conn=126 op=5 RESULT err=0 tag=101
>     *nentries=0* etime=0
>
>
>
>
>
Hi Martin,

Sorry I did a mistake in my tests.. retesting it


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150820/097ab08b/attachment.htm>

More information about the Freeipa-devel mailing list