diff options
author | Jr Aquino <jr.aquino@citrix.com> | 2011-02-23 11:37:07 -0800 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-02-23 15:32:24 -0500 |
commit | 1770750b8adad6d9f2d98c0c9debc54d61f341cf (patch) | |
tree | 1643d76b32080976114f495b486928c84afae63b /install/share | |
parent | 523eaa9749a37f8a5b6f62136567629193adade7 (diff) | |
download | freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.gz freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.xz freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.zip |
Create default disabled sudo bind user
Read access is denied to the sudo container for unauthenticated users.
This shared user can be used to provide authenticated access to the
sudo information.
https://fedorahosted.org/freeipa/ticket/998
Diffstat (limited to 'install/share')
-rw-r--r-- | install/share/Makefile.am | 1 | ||||
-rw-r--r-- | install/share/sudobind.ldif | 9 |
2 files changed, 10 insertions, 0 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am index 4527a922..c6361099 100644 --- a/install/share/Makefile.am +++ b/install/share/Makefile.am @@ -48,6 +48,7 @@ app_DATA = \ modrdn-krbprinc.ldif \ entryusn.ldif \ root-autobind.ldif \ + sudobind.ldif \ $(NULL) EXTRA_DIST = \ diff --git a/install/share/sudobind.ldif b/install/share/sudobind.ldif new file mode 100644 index 00000000..77a2aad9 --- /dev/null +++ b/install/share/sudobind.ldif @@ -0,0 +1,9 @@ +#SUDO bind user +dn: uid=sudo,cn=sysaccounts,cn=etc,$SUFFIX +changetype: add +objectclass: account +objectclass: simplesecurityobject +uid: sudo +userPassword: $RANDOM_PASSWORD +passwordExpirationTime: 20380119031407Z +nsIdleTimeout: 0 |