diff options
author | Rob Crittenden <rcritten@redhat.com> | 2009-10-08 16:48:04 -0400 |
---|---|---|
committer | Jason Gerard DeRose <jderose@redhat.com> | 2009-10-17 22:51:53 -0600 |
commit | 383492866e1c29110e8727ee81cf6dd5e110ab20 (patch) | |
tree | befe15bb375ad580dad938121716954d62c80577 /install/updates | |
parent | f838e7e18b5348980134fdce17d8cb2ef44b57b0 (diff) | |
download | freeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.tar.gz freeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.tar.xz freeipa-383492866e1c29110e8727ee81cf6dd5e110ab20.zip |
Fix ACI for host delegation
We had changed the DN format, I must have missed these ACIs the first
go around.
Diffstat (limited to 'install/updates')
-rw-r--r-- | install/updates/40-delegation.update | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update index 079a9f8b5..b07dfc756 100644 --- a/install/updates/40-delegation.update +++ b/install/updates/40-delegation.update @@ -216,10 +216,10 @@ add:member:'cn=hostadmin,cn=rolegroups,cn=accounts,$SUFFIX' # Add the ACIs that grant these permissions for host administration dn: $SUFFIX -add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version +add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Add Hosts";allow (add) groupdn = "ldap:///cn=addhosts,cn=taskgroups ,cn=accounts,$SUFFIX";)' -add:aci: '(target = "ldap:///cn=*,cn=computers,cn=accounts,$SUFFIX")(version +add:aci: '(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;acl "Remove Hosts";allow (delete) groupdn = "ldap:///cn=removehosts,cn= taskgroups,cn=accounts,$SUFFIX";)' add:aci: '(targetattr = "cn || description || l || location || |