Add 'all' serviceCategory to default HBAC group and add some default services

1 files changed, 31 insertions, 0 deletions

diff --git a/install/share/default-hbac.ldif b/install/share/default-hbac.ldif
index 541ff0df3..ecbaeaedd 100644
--- a/install/share/default-hbac.ldif
+++ b/install/share/default-hbac.ldif
@@ -8,7 +8,38 @@ accessruletype: allow
 usercategory: all
 hostcategory: all
 sourcehostcategory: all
+servicecategory: all
 ipaenabledflag: TRUE
 description: Allow all users to access any host from any host
 # ipauniqueid gets added for us by 389-ds
 
+dn: cn=sshd,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: sshd
+description: sshd
+
+dn: cn=ftp,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: ftp
+description: ftp
+
+dn: cn=sudo,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: sudo
+description: sudo
+
+dn: cn=su,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: su
+description: su
+
+dn: cn=login,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: login
+description: login
+