diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-12-08 10:04:09 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2011-12-08 10:08:10 +0100 |
| commit | 373e9d1cf8b6539149e50b02655bdc7e931d7bf6 (patch) | |
| tree | 8d16c5fd0985721734516fec412b4ab5e6a17c0e /install/updates/55-pbacmemberof.update | |
| parent | 58e5610592ff60a96111a0ef0cb72bc45507f6b4 (diff) | |
| download | freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.tar.gz freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.tar.xz freeipa-373e9d1cf8b6539149e50b02655bdc7e931d7bf6.zip | |
Reorder privileges so that memberof for permissions are generated properly.
The privilege was added after the permission causing the memberof to not
be generated.
Add a new task to regenerate memberof for existing PBAC to fix upgrades.
https://fedorahosted.org/freeipa/ticket/2058
https://fedorahosted.org/freeipa/ticket/2059
https://fedorahosted.org/freeipa/ticket/2060
https://fedorahosted.org/freeipa/ticket/2061
Diffstat (limited to 'install/updates/55-pbacmemberof.update')
| -rw-r--r-- | install/updates/55-pbacmemberof.update | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/install/updates/55-pbacmemberof.update b/install/updates/55-pbacmemberof.update new file mode 100644 index 000000000..bc17f5664 --- /dev/null +++ b/install/updates/55-pbacmemberof.update @@ -0,0 +1,10 @@ +# +# This needs to come later in the cycle otherwise the DN sorting is going +# to cause it to execute before the member attributes are added +dn: cn=Update PBAC memberOf $TIME, cn=memberof task, cn=tasks, cn=config +add: objectClass: top +add: objectClass: extensibleObject +add: cn: IPA PBAC memberOf $TIME +add: basedn: 'cn=privileges,cn=pbac,$SUFFIX' +add: filter: (objectclass=*) +add: ttl: 10 |