#57341 – Не хватает обязательного параметра --scope для команды pveum realm sync

Bug 57341 - Не хватает обязательного параметра --scope для команды pveum realm sync

Summary: Не хватает обязательного параметра --scope для команды pveum realm sync

Status:	RESOLVED FIXED

Alias:	None

Product:	Sisyphus
Classification:	Development
Component:	docs-alt-virtualization-pve (show other bugs)
Version:	unstable
Hardware:	x86_64 Linux

Importance:	P5 normal
Assignee:	lepata@altlinux.org
QA Contact:	qa-sisyphus

URL:
Keywords:

Depends on:
Blocks:

Reported:	2025-12-23 17:25 MSK by Vladislav Glinkin
Modified:	2025-12-30 19:27 MSK (History)
CC List:	5 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vladislav Glinkin 2025-12-23 17:25:13 MSK

Версия пакета: docs-alt-virtualization-pve-11.1-alt1

В разделе, посвящённому областям аутентификации приводятся примеры синхронизации пользователей и групп через терминал:

	# pveum realm sync example.test

При выполнении данной команды, пользователь столкнётся с проблемой:

	400 Parameter verification failed.
	scope: Not passed as parameter and not defined in realm default sync options.
	pveum realm sync <realm> [OPTIONS]

Необходимо дополнительно указывать параметр --scope.

Предлагаю:

	# pveum realm sync example.test --scope both

Согласно man'у:

	pveum realm sync <realm> [OPTIONS]  
	
	Syncs users and/or groups from the configured LDAP to user.cfg. NOTE: Synced groups will have the name name-$realm, so make sure those groups do not exist to prevent overwriting.  
	
	<realm>: <string>  
	Authentication domain ID  
	
	--dry-run <boolean> (default = 0)  
	If set, does not write anything.  
	
	--enable-new <boolean> (default = 1)  
	Enable newly synced users immediately.  
	
	--full <boolean>  
	DEPRECATED: use remove-vanished instead. If set, uses the LDAP Directory as source of truth, deleting users or groups not returned from the sync and removing all locally modified properties of synced users. If not set, only syncs information which is present  
	in the synced data, and does not delete or modify anything else.  
	
	--purge <boolean>  
	DEPRECATED: use remove-vanished instead. Remove ACLs for users or groups which were removed from the config during a sync.  
	
	--remove-vanished ([acl];[properties];[entry])|none (default = none)  
	A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: entry removes the user/group when not returned from the sync.  properties removes the set properties on existing user/group that  
	do not appear in the source (even custom ones).  acl removes acls when the user/group is not returned from the sync. Instead of a list it also can be none (the default).  
	
	--scope <both | groups | users>  
	Select what to sync.

Данный пример встречается в разделах:

*  ⁠42.3.3. LDAP аутентификация
*  ⁠42.3.4. AD аутентификация

Comment 1 Repository Robot 2025-12-30 19:27:55 MSK

docs-alt-virtualization-pve-11.1-alt3 -> sisyphus:

Tue Dec 30 2025 Elena Mishina <lepata@altlinux> 11.1-alt3
- small improvements (ALT 57405, 57341, 57359)
- fix sdn (ALT 57396, 57397, 57398)
- fix typo (ALT 57400)