From 9821160d893bf35069119339cf9edb15a697afe1 Mon Sep 17 00:00:00 2001
From: Jr Aquino <jr.aquino@citrix.com>
Date: Tue, 19 Jul 2011 15:21:33 -0700
Subject: Correct sudo runasuser and runasgroup attributes in schema

https://fedorahosted.org/freeipa/ticket/1309
---
 install/updates/10-sudo.update | 40 ++++++++++++++++++++++++++++++++++++++++
 install/updates/Makefile.am    |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 install/updates/10-sudo.update

(limited to 'install/updates')

diff --git a/install/updates/10-sudo.update b/install/updates/10-sudo.update
new file mode 100644
index 000000000..88bdc3ce1
--- /dev/null
+++ b/install/updates/10-sudo.update
@@ -0,0 +1,40 @@
+# Update the SUDO schema
+# These are the deltas from the new Sudo Schema
+# This is required for updating older installs which are
+# missing the new attributes.
+dn: cn=schema
+add:attributeTypes:
+   ( 1.3.6.1.4.1.15953.9.1.6
+     NAME 'sudoRunAsUser'
+     DESC 'User(s) impersonated by sudo'
+     EQUALITY caseExactIA5Match
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.7
+     NAME 'sudoRunAsGroup'
+     DESC 'Group(s) impersonated by sudo'
+     EQUALITY caseExactIA5Match
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.8
+     NAME 'sudoNotBefore'
+     DESC 'Start of time interval for which the entry is valid'
+     EQUALITY generalizedTimeMatch
+     ORDERING generalizedTimeOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.9
+     NAME 'sudoNotAfter'
+     DESC 'End of time interval for which the entry is valid'
+     EQUALITY generalizedTimeMatch
+     ORDERING generalizedTimeOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+     X-ORIGIN 'SUDO' )
+add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10
+     NAME 'sudoOrder'
+     DESC 'an integer to order the sudoRole entries'
+     EQUALITY integerMatch
+     ORDERING integerOrderingMatch
+     SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+     X-ORIGIN 'SUDO' )
+replace:objectClasses:( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries' STRUCTURAL MUST cn MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoOption $$ description ) X-ORIGIN 'SUDO' )::( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoRunAsUser $$ sudoRunAsGroup $$ sudoOption $$ sudoNotBefore $$ sudoNotAfter $$ sudoOrder $$ description ) X-ORIGIN 'SUDO')
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index 38e4cab57..a50adca98 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -6,6 +6,7 @@ app_DATA =				\
 	10-RFC2307bis.update		\
 	10-RFC4876.update		\
 	10-config.update		\
+	10-sudo.update			\
 	20-aci.update			\
 	20-dna.update			\
 	20-host_nis_groups.update	\
-- 
cgit