-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.10
-
ansible-freeipa-1.12.0-1.el8
-
None
-
None
-
2
-
sst_idm_ipa
-
ssg_idm
-
13
-
15
-
1
-
QE ack, Dev ack
-
False
-
-
No
-
2023-Q4-Alpha-S4, 2023-Q4-Alpha-S5
-
Pass
-
Automated
-
None
Unable to remove group idoverride from IDview without using 'continue: true' option in the idoverride group module.
Steps to reproduce
# cat idoverride_test.yaml --- - name: Playbook hosts: ipaserver become: true tasks: # Create group - ipagroup: ipaadmin_password: <xxxxxxxx> name: AF_idoverride_testgroup description: "POSIX group" # Create IDview - ipaidview: ipaadmin_password: <xxxxxxxx> name: AF_testidview # ensure the group is present in the IDview - ipaidoverridegroup: ipaadmin_password: <xxxxxxxx> idview: AF_testidview anchor: AF_idoverride_testgroup # removing group from IDview without "continue: true" - ipaidoverridegroup: ipaadmin_password: <xxxxxxxx> idview: AF_testidview anchor: AF_idoverride_testgroup state: absent
PLAY [Playbook] ***************************************************************************************
TASK [Gathering Facts] *************************************************************************************************************
task path: /root/idoverride_test.yaml:2
ok: [master.ipadomain.test]
TASK [ipagroup] ********************************************************************************************************************
task path: /root/idoverride_test.yaml:8
changed: [master.ipadomain.test] => {"changed": true}
TASK [ipaidview] *******************************************************************************************************************
task path: /root/idoverride_test.yaml:15
changed: [master.ipadomain.test] => {"changed": true}
TASK [ipaidoverridegroup] **********************************************************************************************************
task path: /root/idoverride_test.yaml:20
changed: [master.ipadomain.test] => {"changed": true}
TASK [ipaidoverridegroup] **********************************************************************************************************
task path: /root/idoverride_test.yaml:26
fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "idoverridegroup_del: AF_testidview: 'continue' is required"}
PLAY RECAP *************************************************************************************************************************
master.ipadomain.test : ok=4 changed=3 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
On the command line, we can remove the group idoverride from IDview without using the '--continue' option.
Expected results
successful removal of the group idoverride from IDview without the necessity of using the 'continue: true' option.
Actual results
fatal: [master.ipadomain.test]: FAILED! => {"changed": false, "msg": "idoverridegroup_del: AF_testidview: 'continue' is required"}
Additional info:
CLI Console output
[root@master ~]# ipa group-add idoverride_testgroup ---------------------------------- Added group "idoverride_testgroup" ---------------------------------- Group name: idoverride_testgroup GID: 107200006 [root@master ~]# ipa idview-add testidview -------------------------- Added ID View "testidview" -------------------------- ID View Name: testidview [root@master ~]# ipa idoverridegroup-add testidview idoverride_testgroup ---------------------------------------------- Added Group ID override "idoverride_testgroup" ---------------------------------------------- Anchor to override: idoverride_testgroup [root@master ~]# ipa idoverridegroup-del testidview idoverride_testgroup ------------------------------------------------ Deleted Group ID override "idoverride_testgroup" ------------------------------------------------
- links to
-
RHBA-2023:125076
ansible-freeipa update
- mentioned on
