ALAHYANE Rachid wrote:
I execute this command hoping it'll work but I get some errors :

on my client ====================================== ipa -v aci-mod --taskgroup=modifyusers --permissions=write --attrs=mail --type=user "Modify Users" ipa: INFO: skipping plugin module ipalib.plugins.cert: env.enable_ra is not True
ipa: INFO: Created connection context.xmlclient
ipa: INFO: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') ipa: INFO: Forwarding 'aci_mod' to server u'https://server.gamma.domain.org/ipa/xml'
ipa: INFO: Destroyed connection context.xmlclient
ipa: ERROR: an internal error has occurred
======================================

logs on the server ======================================
==> /var/log/httpd/error_log <==
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Created connection context.ldap2 [Thu Jun 10 18:30:31 2010] [error] ipa: DEBUG: raw: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: aci_mod(u'Modify Users', taskgroup=u'modifyusers', permissions=(u'write',), attrs=(u'mail',), type=u'user') [Thu Jun 10 18:30:31 2010] [error] ipa: ERROR: non-public: KeyError: 'targetfilter'
[Thu Jun 10 18:30:31 2010] [error] Traceback (most recent call last):
[Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 206, in wsgi_execute [Thu Jun 10 18:30:31 2010] [error] result = self.Command[name](*args, **options) [Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 401, in __call__
[Thu Jun 10 18:30:31 2010] [error]     ret = self.run(*args, **options)
[Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 669, in run
[Thu Jun 10 18:30:31 2010] [error]     return self.execute(*args, **options)
[Thu Jun 10 18:30:31 2010] [error] File "/usr/lib/python2.6/site-packages/ipalib/plugins/aci.py", line 374, in execute [Thu Jun 10 18:30:31 2010] [error] kw['filter'] = aci.target['targetfilter']['expression']
[Thu Jun 10 18:30:31 2010] [error] KeyError: 'targetfilter'
[Thu Jun 10 18:30:31 2010] [error] ipa: INFO: response: InternalError: an internal error has occurred [Thu Jun 10 18:30:31 2010] [error] ipa: INFO: Destroyed connection context.ldap2
======================================

Hoping it will help.

NB : Sorry Rob for the duplicate mail ;)


No worries, thanks for your persistence :-)

It looks like this plugin is just plain broken. I wrote it for use internally as an aid to write the original ACIs and hadn't intended on shipping it. I decided that I didn't know everything about what other users would want in an ACI so I cleaned it up a little and went ahead and included it. Looks like it needs some more attention.

As I'm sure you've seen there are a ton of options in ACIs, some of which are mutually exclusive. I think this bug is related to an attempt at enforcing that and it looks like I assume there will always be a target filter. On a change this is likely to not be true.

regards

rob

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to