summaryrefslogtreecommitdiffstats
path: root/install
diff options
context:
space:
mode:
Diffstat (limited to 'install')
-rw-r--r--install/share/Makefile.am2
-rw-r--r--install/share/host_nis_groups.ldif6
-rw-r--r--install/share/managed-entries.ldif17
-rw-r--r--install/share/repoint-managed-entries.ldif5
-rw-r--r--install/share/user_private_groups.ldif6
-rw-r--r--install/updates/19-managed-entries.update17
-rw-r--r--install/updates/20-host_nis_groups.update22
-rw-r--r--install/updates/20-user_private_groups.update19
-rw-r--r--install/updates/50-suppress-upg.update2
-rw-r--r--install/updates/Makefile.am2
10 files changed, 79 insertions, 19 deletions
diff --git a/install/share/Makefile.am b/install/share/Makefile.am
index f2a6a6ca..991f3b47 100644
--- a/install/share/Makefile.am
+++ b/install/share/Makefile.am
@@ -42,6 +42,8 @@ app_DATA = \
schema_compat.uldif \
ldapi.ldif \
wsgi.py \
+ repoint-managed-entries.ldif \
+ managed-entries.ldif \
user_private_groups.ldif \
host_nis_groups.ldif \
uuid-ipauniqueid.ldif \
diff --git a/install/share/host_nis_groups.ldif b/install/share/host_nis_groups.ldif
index bb28c597..096a881f 100644
--- a/install/share/host_nis_groups.ldif
+++ b/install/share/host_nis_groups.ldif
@@ -1,4 +1,4 @@
-dn: cn=NGP HGP Template,cn=etc,$SUFFIX
+dn: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
changetype: add
objectclass: mepTemplateEntry
cn: NGP HGP Template
@@ -13,11 +13,11 @@ mepMappedAttr: description: ipaNetgroup $$cn
# Changes to this definition need to be reflected in
# updates/20-host_nis_groups.update
-dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+dn: cn=NGP Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
changetype: add
objectclass: extensibleObject
cn: NGP Definition
originScope: cn=hostgroups,cn=accounts,$SUFFIX
originFilter: objectclass=ipahostgroup
managedBase: cn=ng,cn=alt,$SUFFIX
-managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX
+managedTemplate: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
diff --git a/install/share/managed-entries.ldif b/install/share/managed-entries.ldif
new file mode 100644
index 00000000..ce65eae5
--- /dev/null
+++ b/install/share/managed-entries.ldif
@@ -0,0 +1,17 @@
+dn: cn=Managed Entries,cn=etc,$SUFFIX
+changetype: add
+objectClass: nsContainer
+objectClass: top
+cn: Managed Entries
+
+dn: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
+changetype: add
+objectClass: nsContainer
+objectClass: top
+cn: Templates
+
+dn: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
+changetype: add
+objectClass: nsContainer
+objectClass: top
+cn: Definitions
diff --git a/install/share/repoint-managed-entries.ldif b/install/share/repoint-managed-entries.ldif
new file mode 100644
index 00000000..89666621
--- /dev/null
+++ b/install/share/repoint-managed-entries.ldif
@@ -0,0 +1,5 @@
+# Repoint Managed Entries to the replicated cn=etc space
+dn: cn=Managed Entries,cn=plugins,cn=config
+changetype: modify
+add: nsslapd-pluginConfigArea
+nsslapd-pluginConfigArea: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
diff --git a/install/share/user_private_groups.ldif b/install/share/user_private_groups.ldif
index 9aed09ba..0d5656d4 100644
--- a/install/share/user_private_groups.ldif
+++ b/install/share/user_private_groups.ldif
@@ -1,4 +1,4 @@
-dn: cn=UPG Template,cn=etc,$SUFFIX
+dn: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
changetype: add
objectclass: mepTemplateEntry
cn: UPG Template
@@ -12,12 +12,12 @@ mepMappedAttr: description: User private group for $$uid
# Changes to this definition need to be reflected in
# updates/20-user_private_groups.update
-dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
+dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
changetype: add
objectclass: extensibleObject
cn: UPG Definition
originScope: cn=users,cn=accounts,$SUFFIX
originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
managedBase: cn=groups,cn=accounts,$SUFFIX
-managedTemplate: cn=UPG Template,cn=etc,$SUFFIX
+managedTemplate: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
diff --git a/install/updates/19-managed-entries.update b/install/updates/19-managed-entries.update
new file mode 100644
index 00000000..1d8ebebf
--- /dev/null
+++ b/install/updates/19-managed-entries.update
@@ -0,0 +1,17 @@
+dn: cn=Managed Entries,cn=plugins,cn=config
+only: nsslapd-pluginConfigArea: 'cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX'
+
+dn: cn=Managed Entries,cn=etc,$SUFFIX
+default: objectClass: nsContainer
+default: objectClass: top
+default: cn: Managed Entries
+
+dn: cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
+default: objectClass: nsContainer
+default: objectClass: top
+default: cn: Templates
+
+dn: cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
+default: objectClass: nsContainer
+default: objectClass: top
+default: cn: Definitions
diff --git a/install/updates/20-host_nis_groups.update b/install/updates/20-host_nis_groups.update
index 66298021..c6fe8d8a 100644
--- a/install/updates/20-host_nis_groups.update
+++ b/install/updates/20-host_nis_groups.update
@@ -2,14 +2,22 @@
# This is required for replication. The template entry will get
# replicated but the plugin configuration will not.
-dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+dn: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
+default:objectclass: mepTemplateEntry
+default:cn: NGP HGP Template
+default:mepRDNAttr: cn
+default:mepStaticAttr: ipaUniqueId: autogenerate
+default:mepStaticAttr: objectclass: ipanisnetgroup
+default:mepStaticAttr: objectclass: ipaobject
+default:mepStaticAttr: nisDomainName: $DOMAIN
+default:mepMappedAttr: cn: $$cn
+default:mepMappedAttr: memberHost: $$dn
+default:mepMappedAttr: description: ipaNetgroup $$cn
+
+dn: cn=NGP Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
default:objectclass: extensibleObject
-default:cn: NGP Definition
+only:cn: NGP Definition
default:originScope: cn=hostgroups,cn=accounts,$SUFFIX
default:originFilter: objectclass=ipahostgroup
default:managedBase: cn=ng,cn=alt,$SUFFIX
-default:managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX
-
-# Fix an existing configuration with the wrong cn
-dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
-only:cn: NGP Definition
+default:managedTemplate: cn=NGP HGP Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
diff --git a/install/updates/20-user_private_groups.update b/install/updates/20-user_private_groups.update
index 8c7baca4..d54cc02d 100644
--- a/install/updates/20-user_private_groups.update
+++ b/install/updates/20-user_private_groups.update
@@ -2,10 +2,23 @@
# This is required for replication. The template entry will get
# replicated but the plugin configuration will not.
-dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
+dn: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
+default:objectclass: mepTemplateEntry
+default:cn: UPG Template
+default:mepRDNAttr: cn
+default:mepStaticAttr: objectclass: posixgroup
+default:mepStaticAttr: objectclass: ipaobject
+default:mepStaticAttr: ipaUniqueId: autogenerate
+default:mepMappedAttr: cn: $$uid
+default:mepMappedAttr: gidNumber: $$uidNumber
+default:mepMappedAttr: description: User private group for $$uid
+
+
+dn: cn=UPG Definition,cn=Definitions,cn=Managed Entries,cn=etc,$SUFFIX
default:objectclass: extensibleObject
+replace:originFilter:objectclass=posixAccount::(&(objectclass=posixAccount)(!(description=__no_upg__)))
default:cn: UPG Definition
default:originScope: cn=users,cn=accounts,$SUFFIX
-default:originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
+default:originFilter: objectclass=posixAccount
default:managedBase: cn=groups,cn=accounts,$SUFFIX
-default:managedTemplate: cn=UPG Template,cn=etc,$SUFFIX
+default:managedTemplate: cn=UPG Template,cn=Templates,cn=Managed Entries,cn=etc,$SUFFIX
diff --git a/install/updates/50-suppress-upg.update b/install/updates/50-suppress-upg.update
deleted file mode 100644
index 57178826..00000000
--- a/install/updates/50-suppress-upg.update
+++ /dev/null
@@ -1,2 +0,0 @@
-dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
-replace: originFilter:objectclass=posixAccount::(&(objectclass=posixAccount)(!(description=__no_upg__)))
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index cf29e3f2..bf4d9af9 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -7,6 +7,7 @@ app_DATA = \
10-RFC4876.update \
10-config.update \
10-sudo.update \
+ 19-managed-entries.update \
20-aci.update \
20-dna.update \
20-host_nis_groups.update \
@@ -22,7 +23,6 @@ app_DATA = \
50-lockout-policy.update \
50-groupuuid.update \
50-hbacservice.update \
- 50-suppress-upg.update \
$(NULL)
EXTRA_DIST = \
generated by cgit (git 2.34.1) at 2025-09-04 04:00:55 +0000