diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-03-01 14:02:28 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-03-01 21:02:33 -0500 |
commit | d55d8bfa7ed1d3617274c9f53974e7bf5209cc4e (patch) | |
tree | c5b69a401c0c8ae3dba503bf0bb7137cd641e382 /install/updates | |
parent | 31eebda584d556454104a8fbf26974b6b49d9589 (diff) | |
download | freeipa-d55d8bfa7ed1d3617274c9f53974e7bf5209cc4e.tar.gz freeipa-d55d8bfa7ed1d3617274c9f53974e7bf5209cc4e.tar.xz freeipa-d55d8bfa7ed1d3617274c9f53974e7bf5209cc4e.zip |
Add support for sudoOrder
Update ipaSudoRule objectClass on upgrades to add new attributes.
Ensure uniqueness of sudoOrder in rules.
The attributes sudoNotBefore and sudoNotAfter are being added to
schema but not as Params.
https://fedorahosted.org/freeipa/ticket/1314
Diffstat (limited to 'install/updates')
-rw-r--r-- | install/updates/10-sudo.update | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/install/updates/10-sudo.update b/install/updates/10-sudo.update index 88bdc3ce1..a12da0043 100644 --- a/install/updates/10-sudo.update +++ b/install/updates/10-sudo.update @@ -38,3 +38,5 @@ add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 X-ORIGIN 'SUDO' ) replace:objectClasses:( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries' STRUCTURAL MUST cn MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoOption $$ description ) X-ORIGIN 'SUDO' )::( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoRunAsUser $$ sudoRunAsGroup $$ sudoOption $$ sudoNotBefore $$ sudoNotAfter $$ sudoOrder $$ description ) X-ORIGIN 'SUDO') + +replace:objectClasses: ( 2.16.840.1.113730.3.8.8.1 NAME 'ipaSudoRule' SUP ipaAssociation STRUCTURAL MAY ( externalUser $$ externalHost $$ hostMask $$ memberAllowCmd $$ memberDenyCmd $$ cmdCategory $$ ipaSudoOpt $$ ipaSudoRunAs $$ ipaSudoRunAsExtUser $$ ipaSudoRunAsUserCategory $$ ipaSudoRunAsGroup $$ ipaSudoRunAsExtGroup $$ ipaSudoRunAsGroupCategory ) X-ORIGIN 'IPA v2' )::(2.16.840.1.113730.3.8.8.1 NAME 'ipaSudoRule' SUP ipaAssociation STRUCTURAL MAY ( externalUser $$ externalHost $$ hostMask $$ memberAllowCmd $$ memberDenyCmd $$ cmdCategory $$ ipaSudoOpt $$ ipaSudoRunAs $$ ipaSudoRunAsExtUser $$ ipaSudoRunAsUserCategory $$ ipaSudoRunAsGroup $$ ipaSudoRunAsExtGroup $$ ipaSudoRunAsGroupCategory $$ sudoNotBefore $$ sudoNotAfter $$ sudoOrder) X-ORIGIN 'IPA v2' ) |