diff options
Diffstat (limited to 'install/updates/10-selinuxusermap.update')
| -rw-r--r-- | install/updates/10-selinuxusermap.update | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/install/updates/10-selinuxusermap.update b/install/updates/10-selinuxusermap.update new file mode 100644 index 000000000..431477adf --- /dev/null +++ b/install/updates/10-selinuxusermap.update @@ -0,0 +1,50 @@ +# Add the SELinux User map config schema +dn: cn=schema +add:attributeTypes: + ( 2.16.840.1.113730.3.8.3.26 + NAME 'ipaSELinuxUserMapDefault' + DESC 'Default SELinux user' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE + X-ORIGIN 'IPA v3') +add:attributeTypes: + ( 2.16.840.1.113730.3.8.3.27 + NAME 'ipaSELinuxUserMapOrder' + DESC 'Available SELinux user context ordering' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE + X-ORIGIN 'IPA v3') + X-ORIGIN 'IPA v3') +replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder) ) + +# Add the SELinux User map schema +add:attributeTypes: + ( 2.16.840.1.113730.3.8.11.30 + NAME 'ipaSELinuxUser' + DESC 'An SELinux user' + EQUALITY caseIgnoreMatch + ORDERING caseIgnoreOrderingMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE + X-ORIGIN 'IPA v3') +add:objectClasses: + ( 2.16.840.1.113730.3.8.12.10 + NAME 'ipaSELinuxUserMap' SUP ipaAssociation + STRUCTURAL MUST ipaSELinuxUser + MAY ( accessTime $$ seeAlso ) + +# Create the SELinux User map container +dn: cn=selinux,$SUFFIX +default:objectClass: top +default:objectClass: nsContainer +default:cn: selinux + +dn: cn=usermap,cn=selinux,$SUFFIX +default:objectClass: top +default:objectClass: nsContainer +default:cn: usermap + |