diff options
author | Rob Crittenden <rcritten@redhat.com> | 2008-02-27 10:50:17 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-02-27 10:50:17 -0500 |
commit | f49ed705b3040cb1b098341ccb1cdac34d21d8db (patch) | |
tree | c7e84c572c7648b9738ef52f4b5d48593da21e0f | |
parent | f02b5c196221d487b201f78a492038089962bd9e (diff) | |
download | freeipa-f49ed705b3040cb1b098341ccb1cdac34d21d8db.tar.gz freeipa-f49ed705b3040cb1b098341ccb1cdac34d21d8db.tar.xz freeipa-f49ed705b3040cb1b098341ccb1cdac34d21d8db.zip |
The admins group cannot be renamed.
433880
-rw-r--r-- | ipa-python/ipaerror.py | 5 | ||||
-rw-r--r-- | ipa-server/xmlrpc-server/funcs.py | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py index c5ed7e778..8a47ead88 100644 --- a/ipa-python/ipaerror.py +++ b/ipa-python/ipaerror.py @@ -148,6 +148,11 @@ INPUT_NOT_DNS_A_RECORD = gen_error_code( 0x0003, "The requested hostname is not a DNS A record. This is required by Kerberos.") +INPUT_ADMINS_IMMUTABLE = gen_error_code( + INPUT_CATEGORY, + 0x0004, + "The admins group cannot be renamed.") + # # Connection errors # diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py index a2031eca9..6bd404012 100644 --- a/ipa-server/xmlrpc-server/funcs.py +++ b/ipa-server/xmlrpc-server/funcs.py @@ -1518,6 +1518,9 @@ class IPAServer: if isinstance(newcn, str): newcn = [newcn] + if "admins" in oldcn: + raise ipaerror.gen_exception(ipaerror.INPUT_ADMINS_IMMUTABLE) + oldcn.sort() newcn.sort() if oldcn != newcn: |