From de154919a6dc7e2302af62735baa81773bb2b121 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 20 May 2010 13:50:22 -0400
Subject: Add 'all' serviceCategory to default HBAC group and add some default
 services

---
 install/share/default-hbac.ldif | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

(limited to 'install/share')

diff --git a/install/share/default-hbac.ldif b/install/share/default-hbac.ldif
index 541ff0df3..ecbaeaedd 100644
--- a/install/share/default-hbac.ldif
+++ b/install/share/default-hbac.ldif
@@ -8,7 +8,38 @@ accessruletype: allow
 usercategory: all
 hostcategory: all
 sourcehostcategory: all
+servicecategory: all
 ipaenabledflag: TRUE
 description: Allow all users to access any host from any host
 # ipauniqueid gets added for us by 389-ds
 
+dn: cn=sshd,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: sshd
+description: sshd
+
+dn: cn=ftp,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: ftp
+description: ftp
+
+dn: cn=sudo,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: sudo
+description: sudo
+
+dn: cn=su,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: su
+description: su
+
+dn: cn=login,cn=hbacservices,cn=accounts,$SUFFIX
+changetype: add
+objectclass: ipahbacservice
+cn: login
+description: login
+
-- 
cgit