summaryrefslogtreecommitdiffstats
path: root/install/updates/10-selinuxusermap.update
diff options
context:
space:
mode:
Diffstat (limited to 'install/updates/10-selinuxusermap.update')
-rw-r--r--install/updates/10-selinuxusermap.update45
1 files changed, 0 insertions, 45 deletions
diff --git a/install/updates/10-selinuxusermap.update b/install/updates/10-selinuxusermap.update
index c5a5167a..a7fbef46 100644
--- a/install/updates/10-selinuxusermap.update
+++ b/install/updates/10-selinuxusermap.update
@@ -1,47 +1,3 @@
-# Add the SELinux User map config schema
-dn: cn=schema
-add:attributeTypes:
- ( 2.16.840.1.113730.3.8.3.26
- NAME 'ipaSELinuxUserMapDefault'
- DESC 'Default SELinux user'
- EQUALITY caseIgnoreMatch
- ORDERING caseIgnoreMatch
- SUBSTR caseIgnoreSubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
- X-ORIGIN 'IPA v3')
-add:attributeTypes:
- ( 2.16.840.1.113730.3.8.3.27
- NAME 'ipaSELinuxUserMapOrder'
- DESC 'Available SELinux user context ordering'
- EQUALITY caseIgnoreMatch
- ORDERING caseIgnoreMatch
- SUBSTR caseIgnoreSubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
- X-ORIGIN 'IPA v3')
-replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder) )
-
-# Add the default PAC service type relies on the new SELinux user map
-# values being there so add it here.
-dn: cn=schema
-replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder $$ ipaKrbAuthzData) )
-
-# Add the SELinux User map schema
-add:attributeTypes:
- ( 2.16.840.1.113730.3.8.11.30
- NAME 'ipaSELinuxUser'
- DESC 'An SELinux user'
- EQUALITY caseIgnoreMatch
- ORDERING caseIgnoreOrderingMatch
- SUBSTR caseIgnoreSubstringsMatch
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
- X-ORIGIN 'IPA v3')
-add:objectClasses:
- ( 2.16.840.1.113730.3.8.12.10
- NAME 'ipaSELinuxUserMap' SUP ipaAssociation
- STRUCTURAL MUST ipaSELinuxUser
- MAY ( accessTime $$ seeAlso )
- X-ORIGIN 'IPA v3')
-
# Create the SELinux User map container
dn: cn=selinux,$SUFFIX
default:objectClass: top
@@ -52,4 +8,3 @@ dn: cn=usermap,cn=selinux,$SUFFIX
default:objectClass: top
default:objectClass: nsContainer
default:cn: usermap
-
generated by cgit (git 2.34.1) at 2025-09-07 20:44:08 +0000