Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-4845

Protect *all* IPA service principals

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • ipa-4.12.2-16.el10
    • None
    • Low
    • 4
    • rhel-idm-ipa
    • ssg_idm
    • 6
    • 8
    • 3
    • QE ack, Dev ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • 2025-Q1-Bravo-S4, 2025-Q1-Bravo-S5, 2025-Q1-Bravo-S6, 2025-Q2-Bravo-S2
    • Release Note Not Required
    • None
    • 57,005

      Some service principals used by IPA are not protected from accidental deletion.
      This might cause issues if an administrator accidentally selects all principals and then deletes them.

      It would be best to block accidental deletion of these by IPA commands and the WebUI with checks.

      For instance. the dogtag and ipa-dnskeysyncd service principals are not protected from deletion, neither in the WebUI nor the CLI.

              rh-ee-dhanina David Hanina
              rh-support-fcami François Cami
              Florence Renaud Florence Renaud
              Anuja More Anuja More
              Dominika Borges Dominika Borges
              Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

                Created:
                Updated:
                Resolved: