summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipaserver/install/krbinstance.py4
1 files changed, 1 insertions, 3 deletions
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index a6caa81eb..f45075cf2 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -44,9 +44,7 @@ import pyasn1.codec.ber.encoder
import pyasn1.codec.ber.decoder
import struct
-KRBMKEY_DENY_ACI = """
-(targetattr = "krbMKey")(version 3.0; acl "No external access"; deny (all) userdn != "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";)
-"""
+KRBMKEY_DENY_ACI = '(targetattr = "krbMKey")(version 3.0; acl "No external access"; deny (read,write,search,compare) userdn != "ldap:///uid=kdc,cn=sysaccounts,cn=etc,$SUFFIX";)'
def update_key_val_in_file(filename, key, val):
if os.path.exists(filename):
generated by cgit (git 2.34.1) at 2024-05-25 07:01:04 +0000