diff options
author | Tomas Babej <tbabej@redhat.com> | 2014-05-14 12:52:26 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-06-25 20:14:49 +0200 |
commit | a228d7a3cb32b14ff24b47adb14d896d317f6312 (patch) | |
tree | 3edbf0018942f36d28d56b317e5941c908bd1c6c /install/updates/10-schema_compat.update | |
parent | 5a1207cb6ee6dd4314ae95e6637ee6859d5fda1a (diff) | |
download | freeipa-a228d7a3cb32b14ff24b47adb14d896d317f6312.tar.gz freeipa-a228d7a3cb32b14ff24b47adb14d896d317f6312.tar.xz freeipa-a228d7a3cb32b14ff24b47adb14d896d317f6312.zip |
sudorule: Allow using hostmasks for setting allowed hosts
Adds a new --hostmasks option to sudorule-add-host and sudorule-remove-host
commands, which allows setting a range of hosts specified by a hostmask.
https://fedorahosted.org/freeipa/ticket/4274
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Diffstat (limited to 'install/updates/10-schema_compat.update')
-rw-r--r-- | install/updates/10-schema_compat.update | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/install/updates/10-schema_compat.update b/install/updates/10-schema_compat.update index 505bfcaa8..c45734c55 100644 --- a/install/updates/10-schema_compat.update +++ b/install/updates/10-schema_compat.update @@ -2,6 +2,9 @@ dn: cn=sudoers,cn=Schema Compatibility,cn=plugins,cn=config only:schema-compat-entry-rdn:'%ifeq("ipaEnabledFlag", "FALSE", "DISABLED", "cn=%{cn}")' replace: schema-compat-entry-attribute:'sudoRunAsGroup=%deref("ipaSudoRunAs","cn")::sudoRunAsGroup=%deref_f("ipaSudoRunAsGroup","(objectclass=posixGroup)","cn")' +dn: cn=sudoers,cn=Schema Compatibility,cn=plugins,cn=config +add:schema-compat-entry-attribute: 'sudoHost=%ifeq("hostCategory","all","ALL","%{hostMask}")' + # Change padding for host and userCategory so the pad returns the same value # as the original, '' or -. dn: cn=ng,cn=Schema Compatibility,cn=plugins,cn=config |