diff options
| author | Tomas Babej <tbabej@redhat.com> | 2014-05-14 13:18:00 +0200 |
|---|---|---|
| committer | Petr Viktorin <pviktori@redhat.com> | 2014-06-25 20:14:50 +0200 |
| commit | 3a56b155e80a744c7a924915aae954e0a3d81e9e (patch) | |
| tree | eb555b6e8dd58f1c02d8e59beb4b96e0bd62fc81 /install/share/schema_compat.uldif | |
| parent | 9304b649a32c57e80f53913d7fbdee92fd76a251 (diff) | |
| download | freeipa-3a56b155e80a744c7a924915aae954e0a3d81e9e.tar.gz freeipa-3a56b155e80a744c7a924915aae954e0a3d81e9e.tar.xz freeipa-3a56b155e80a744c7a924915aae954e0a3d81e9e.zip | |
sudorule: Make sure sudoRunAsGroup is dereferencing the correct attribute
Makes sure we dereference the correct attribute. Also adds object class
checking.
https://fedorahosted.org/freeipa/ticket/4324
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Diffstat (limited to 'install/share/schema_compat.uldif')
| -rw-r--r-- | install/share/schema_compat.uldif | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/install/share/schema_compat.uldif b/install/share/schema_compat.uldif index 79fce21b0..b5f61bb10 100644 --- a/install/share/schema_compat.uldif +++ b/install/share/schema_compat.uldif @@ -96,7 +96,7 @@ add:schema-compat-entry-attribute: 'sudoRunAsUser=%%%{ipaSudoRunAsExtUserGroup}' add:schema-compat-entry-attribute: 'sudoRunAsUser=%deref("ipaSudoRunAs","uid")' add:schema-compat-entry-attribute: 'sudoRunAsUser=%ifeq("ipaSudoRunAsUserCategory","all","ALL","%%%deref_f(\"ipaSudoRunAs\",\"(objectclass=posixGroup)\",\"cn\")")' add:schema-compat-entry-attribute: 'sudoRunAsGroup=%{ipaSudoRunAsExtGroup}' -add:schema-compat-entry-attribute: 'sudoRunAsGroup=%deref("ipaSudoRunAs","cn")' +add:schema-compat-entry-attribute: 'sudoRunAsGroup=%deref_f("ipaSudoRunAsGroup","(objectclass=posixGroup)","cn")' add:schema-compat-entry-attribute: 'sudoOption=%{ipaSudoOpt}' dn: cn=computers, cn=Schema Compatibility, cn=plugins, cn=config |