From 96decfea26a1ca977aa81456e46e0590dde1f861 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 13 Sep 2012 15:11:57 -0400 Subject: Add uniqueness plugin configuration for sudorule cn We do a search looking for duplicate values but this leaves open the possibility that two adds are happening at the same time so both searches return NotFound therefore we get two entries with the same cn value. https://fedorahosted.org/freeipa/ticket/3017 --- install/share/unique-attributes.ldif | 18 ++++++++++++++++++ install/updates/10-uniqueness.update | 16 ++++++++++++++++ install/updates/Makefile.am | 1 + 3 files changed, 35 insertions(+) create mode 100644 install/updates/10-uniqueness.update diff --git a/install/share/unique-attributes.ldif b/install/share/unique-attributes.ldif index 4537e7468..0e680a0e4 100644 --- a/install/share/unique-attributes.ldif +++ b/install/share/unique-attributes.ldif @@ -70,6 +70,24 @@ nsslapd-pluginVersion: 1.1.0 nsslapd-pluginVendor: Fedora Project nsslapd-pluginDescription: Enforce unique attribute values +dn: cn=sudorule name uniqueness,cn=plugins,cn=config +changetype: add +objectClass: top +objectClass: nsSlapdPlugin +objectClass: extensibleObject +cn: sudorule name uniqueness +nsslapd-pluginDescription: Enforce unique attribute values +nsslapd-pluginPath: libattr-unique-plugin +nsslapd-pluginInitfunc: NSUniqueAttr_Init +nsslapd-pluginType: preoperation +nsslapd-pluginEnabled: on +nsslapd-pluginarg0: cn +nsslapd-pluginarg1: cn=sudorules,cn=sudo,$SUFFIX +nsslapd-plugin-depends-on-type: database +nsslapd-pluginId: NSUniqueAttr +nsslapd-pluginVersion: 1.1.0 +nsslapd-pluginVendor: Fedora Project + #dn: cn=uid uniqueness,cn=plugins,cn=config #objectClass: top #objectClass: nsSlapdPlugin diff --git a/install/updates/10-uniqueness.update b/install/updates/10-uniqueness.update new file mode 100644 index 000000000..96363d9e0 --- /dev/null +++ b/install/updates/10-uniqueness.update @@ -0,0 +1,16 @@ +dn: cn=sudorule name uniqueness,cn=plugins,cn=config +default:objectClass: top +default:objectClass: nsSlapdPlugin +default:objectClass: extensibleObject +default:cn: sudorule name uniqueness +default:nsslapd-pluginDescription: Enforce unique attribute values +default:nsslapd-pluginPath: libattr-unique-plugin +default:nsslapd-pluginInitfunc: NSUniqueAttr_Init +default:nsslapd-pluginType: preoperation +default:nsslapd-pluginEnabled: on +default:nsslapd-pluginarg0: cn +default:nsslapd-pluginarg1: cn=sudorules,cn=sudo,$SUFFIX +default:nsslapd-plugin-depends-on-type: database +default:nsslapd-pluginId: NSUniqueAttr +default:nsslapd-pluginVersion: 1.1.0 +default:nsslapd-pluginVendor: Fedora Project diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index 1233126b1..8f60bc181 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -11,6 +11,7 @@ app_DATA = \ 10-sudo.update \ 10-ssh.update \ 10-bind-schema.update \ + 10-uniqueness.update \ 19-managed-entries.update \ 20-aci.update \ 20-dna.update \ -- cgit