From e123fa66719c7f71587383406d3205d17e60f669 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 21 May 2010 16:27:40 -0400
Subject: Add ipaUniqueID to HBAC services and service groups

Also fix the memberOf attribute for the HBAC services
---
 install/share/60basev2.ldif     |  2 +-
 install/share/default-hbac.ldif | 30 ------------------------------
 2 files changed, 1 insertion(+), 31 deletions(-)

(limited to 'install/share')

diff --git a/install/share/60basev2.ldif b/install/share/60basev2.ldif
index 10edaba61..0112142c2 100644
--- a/install/share/60basev2.ldif
+++ b/install/share/60basev2.ldif
@@ -42,7 +42,7 @@ objectClasses: (1.3.6.1.1.1.2.16 NAME 'automountMap' DESC 'Automount Map informa
 objectClasses: (1.3.6.1.1.1.2.17 NAME 'automount' DESC 'Automount information' SUP top STRUCTURAL MUST ( automountKey $ automountInformation ) MAY description X-ORIGIN 'RFC 2307bis' )
 attributeTypes: (2.16.840.1.113730.3.8.3.17 NAME 'hostCApolicy' DESC 'Policy on how to treat host requests for cert operations.' EQUALITY caseIgnoreMatch ORDERING caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'IPA v2' )
 objectClasses: (2.16.840.1.113730.3.8.4.9 NAME 'ipaCAaccess' STRUCTURAL MAY (member $ hostCApolicy) X-ORIGIN 'IPA v2' )
-objectClasses: (2.16.840.1.113730.3.8.4.10 NAME 'ipaHBACService' AUXILIARY MUST ( cn ) MAY ( description ) X-ORIGIN 'IPA v2' )
+objectClasses: (2.16.840.1.113730.3.8.4.10 NAME 'ipaHBACService' AUXILIARY MUST ( cn ) MAY ( description $ memberOf ) X-ORIGIN 'IPA v2' )
 objectClasses: (2.16.840.1.113730.3.8.4.11 NAME 'ipaHBACServiceGroup' DESC 'IPA HBAC service group object class' SUP nestedGroup STRUCTURAL X-ORIGIN 'IPA v2' )
 attributeTypes: (1.3.6.1.4.1.2428.20.0.0 NAME 'dNSTTL' DESC 'An integer denoting time to live' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
 attributeTypes: (1.3.6.1.4.1.2428.20.0.1 NAME 'dNSClass' DESC 'The class of a resource record' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
diff --git a/install/share/default-hbac.ldif b/install/share/default-hbac.ldif
index ecbaeaedd..29ec88838 100644
--- a/install/share/default-hbac.ldif
+++ b/install/share/default-hbac.ldif
@@ -13,33 +13,3 @@ ipaenabledflag: TRUE
 description: Allow all users to access any host from any host
 # ipauniqueid gets added for us by 389-ds
 
-dn: cn=sshd,cn=hbacservices,cn=accounts,$SUFFIX
-changetype: add
-objectclass: ipahbacservice
-cn: sshd
-description: sshd
-
-dn: cn=ftp,cn=hbacservices,cn=accounts,$SUFFIX
-changetype: add
-objectclass: ipahbacservice
-cn: ftp
-description: ftp
-
-dn: cn=sudo,cn=hbacservices,cn=accounts,$SUFFIX
-changetype: add
-objectclass: ipahbacservice
-cn: sudo
-description: sudo
-
-dn: cn=su,cn=hbacservices,cn=accounts,$SUFFIX
-changetype: add
-objectclass: ipahbacservice
-cn: su
-description: su
-
-dn: cn=login,cn=hbacservices,cn=accounts,$SUFFIX
-changetype: add
-objectclass: ipahbacservice
-cn: login
-description: login
-
-- 
cgit