Correct sudo runasuser and runasgroup attributes in schema

https://fedorahosted.org/freeipa/ticket/1309
author: Jr Aquino <jr.aquino@citrix.com> 2011-07-19 15:21:33 -0700
committer: Rob Crittenden <rcritten@redhat.com> 2011-07-19 08:06:41 -0400
commit: 9821160d893bf35069119339cf9edb15a697afe1 (patch)
tree: 93630380d12164c63136c50808420ebd369002f0 /install/updates/10-sudo.update
parent: 78c3abd6bae2e2b8f2725beeeda41d718ba5dc17 (diff)
download: freeipa-9821160d893bf35069119339cf9edb15a697afe1.tar.gz
freeipa-9821160d893bf35069119339cf9edb15a697afe1.tar.xz
freeipa-9821160d893bf35069119339cf9edb15a697afe1.zip
1 files changed, 40 insertions, 0 deletions
diff --git a/install/updates/10-sudo.update b/install/updates/10-sudo.update
new file mode 100644
index 000000000..88bdc3ce1
--- /dev/null
+++ b/install/updates/10-sudo.update
@@ -0,0 +1,40 @@
+# Update the SUDO schema
+# These are the deltas from the new Sudo Schema
+# This is required for updating older installs which are
+# missing the new attributes.
+dn: cn=schema
+add:attributeTypes:
+   ( 1.3.6.1.4.1.15953.9.1.6
+     NAME 'sudoRunAsUser'
+     DESC 'User(s) impersonated by sudo'
+     EQUALITY caseExactIA5Match
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.7
+     NAME 'sudoRunAsGroup'
+     DESC 'Group(s) impersonated by sudo'
+     EQUALITY caseExactIA5Match
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.8
+     NAME 'sudoNotBefore'
+     DESC 'Start of time interval for which the entry is valid'
+     EQUALITY generalizedTimeMatch
+     ORDERING generalizedTimeOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.9
+     NAME 'sudoNotAfter'
+     DESC 'End of time interval for which the entry is valid'
+     EQUALITY generalizedTimeMatch
+     ORDERING generalizedTimeOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10
+     NAME 'sudoOrder'
+     DESC 'an integer to order the sudoRole entries'
+     EQUALITY integerMatch
+     ORDERING integerOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+     X-ORIGIN 'SUDO' )
+replace:objectClasses:( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries' STRUCTURAL MUST cn MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoOption $$ description ) X-ORIGIN 'SUDO' )::( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoRunAsUser $$ sudoRunAsGroup $$ sudoOption $$ sudoNotBefore $$ sudoNotAfter $$ sudoOrder $$ description ) X-ORIGIN 'SUDO')
author	Jr Aquino <jr.aquino@citrix.com>	2011-07-19 15:21:33 -0700
committer	Rob Crittenden <rcritten@redhat.com>	2011-07-19 08:06:41 -0400
commit	9821160d893bf35069119339cf9edb15a697afe1 (patch)
tree	93630380d12164c63136c50808420ebd369002f0 /install/updates/10-sudo.update
parent	78c3abd6bae2e2b8f2725beeeda41d718ba5dc17 (diff)
download	freeipa-9821160d893bf35069119339cf9edb15a697afe1.tar.gz freeipa-9821160d893bf35069119339cf9edb15a697afe1.tar.xz freeipa-9821160d893bf35069119339cf9edb15a697afe1.zip