Create default disabled sudo bind user

Read access is denied to the sudo container for unauthenticated users. This shared user can be used to provide authenticated access to the sudo information. https://fedorahosted.org/freeipa/ticket/998
author: Jr Aquino <jr.aquino@citrix.com> 2011-02-23 11:37:07 -0800
committer: Rob Crittenden <rcritten@redhat.com> 2011-02-23 15:32:24 -0500
commit: 1770750b8adad6d9f2d98c0c9debc54d61f341cf (patch)
tree: 1643d76b32080976114f495b486928c84afae63b /install
parent: 523eaa9749a37f8a5b6f62136567629193adade7 (diff)
download: freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.gz
freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.xz
freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.zip
2 files changed, 10 insertions, 0 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index 4527a922..c6361099 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -48,6 +48,7 @@ app_DATA =				\
 	modrdn-krbprinc.ldif		\
 	entryusn.ldif			\
 	root-autobind.ldif		\
+	sudobind.ldif			\
 	$(NULL)
 
 EXTRA_DIST =				\
diff --git a/install/share/sudobind.ldif b/install/share/sudobind.ldif
new file mode 100644
index 00000000..77a2aad9
--- /dev/null
+++ b/install/share/sudobind.ldif
@@ -0,0 +1,9 @@
+#SUDO bind user
+dn: uid=sudo,cn=sysaccounts,cn=etc,$SUFFIX
+changetype: add
+objectclass: account
+objectclass: simplesecurityobject
+uid: sudo
+userPassword: $RANDOM_PASSWORD
+passwordExpirationTime: 20380119031407Z
+nsIdleTimeout: 0
author	Jr Aquino <jr.aquino@citrix.com>	2011-02-23 11:37:07 -0800
committer	Rob Crittenden <rcritten@redhat.com>	2011-02-23 15:32:24 -0500
commit	1770750b8adad6d9f2d98c0c9debc54d61f341cf (patch)
tree	1643d76b32080976114f495b486928c84afae63b /install
parent	523eaa9749a37f8a5b6f62136567629193adade7 (diff)
download	freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.gz freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.tar.xz freeipa-1770750b8adad6d9f2d98c0c9debc54d61f341cf.zip