diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-12-08 10:04:09 +0100 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2011-12-08 10:08:10 +0100 |
commit | 373e9d1cf8b6539149e50b02655bdc7e931d7bf6 (patch) | |
tree | 8d16c5fd0985721734516fec412b4ab5e6a17c0e /install/updates/45-roles.update | |
parent | 58e5610592ff60a96111a0ef0cb72bc45507f6b4 (diff) | |
download | freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.tar.gz freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.tar.xz freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.zip |
Reorder privileges so that memberof for permissions are generated properly.
The privilege was added after the permission causing the memberof to not
be generated.
Add a new task to regenerate memberof for existing PBAC to fix upgrades.
https://fedorahosted.org/freeipa/ticket/2058
https://fedorahosted.org/freeipa/ticket/2059
https://fedorahosted.org/freeipa/ticket/2060
https://fedorahosted.org/freeipa/ticket/2061
Diffstat (limited to 'install/updates/45-roles.update')
-rw-r--r-- | install/updates/45-roles.update | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/install/updates/45-roles.update b/install/updates/45-roles.update index 04f4be8fd..3803cee3b 100644 --- a/install/updates/45-roles.update +++ b/install/updates/45-roles.update @@ -21,6 +21,9 @@ default:cn: Modify Group membership default:description: Modify Group membership default:member: cn=helpdesk,cn=roles,cn=accounts,$SUFFIX +dn: cn=Modify Group membership,cn=permissions,cn=pbac,$SUFFIX +add:member: 'cn=Modify Group membership,cn=privileges,cn=pbac,$SUFFIX' + dn: cn=User Administrator,cn=roles,cn=accounts,$SUFFIX default:objectClass: groupofnames default:objectClass: nestedgroup |