summaryrefslogtreecommitdiffstats
path: root/install/updates
diff options
context:
space:
mode:
authorRob Crittenden <rcritten@redhat.com>2009-10-08 16:48:04 -0400
committerJason Gerard DeRose <jderose@redhat.com>2009-10-17 22:51:53 -0600
commit383492866e1c29110e8727ee81cf6dd5e110ab20 (patch)
treebefe15bb375ad580dad938121716954d62c80577 /install/updates
parentf838e7e18b5348980134fdce17d8cb2ef44b57b0 (diff)
downloadfreeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.zip
freeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.tar.gz
freeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.tar.xz
Fix ACI for host delegation
We had changed the DN format, I must have missed these ACIs the first go around.
Diffstat (limited to 'install/updates')
-rw-r--r--install/updates/40-delegation.update4
1 files changed, 2 insertions, 2 deletions
diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update
index 079a9f8..b07dfc7 100644
--- a/install/updates/40-delegation.update
+++ b/install/updates/40-delegation.update
@@ -216,10 +216,10 @@ add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX'
# Add the ACIs that grant these permissions for host administration
dn: $SUFFIX
-add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version
+add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
3.0;acl "Add Hosts";allow (add) groupdn = "ldap:///cn=addhosts,cn=taskgroups
,cn=accounts,$SUFFIX";)'
-add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version
+add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
3.0;acl "Remove Hosts";allow (delete) groupdn = "ldap:///cn=removehosts,cn=
taskgroups,cn=accounts,$SUFFIX";)'
add:aci: '(targetattr = "cn || description || l || location ||