diff options
author | Petr Viktorin <pviktori@redhat.com> | 2014-05-14 15:10:10 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-06-04 17:34:18 +0200 |
commit | f802845a7abfca0b414ad6801968d33e6788916b (patch) | |
tree | 34eba4cb325fb43846c850b4554b6ee8967755e9 /ipalib/plugins/sudorule.py | |
parent | 91a5aecd4892700cf1468a9ac5608227d06d21db (diff) | |
download | freeipa-f802845a7abfca0b414ad6801968d33e6788916b.tar.gz freeipa-f802845a7abfca0b414ad6801968d33e6788916b.tar.xz freeipa-f802845a7abfca0b414ad6801968d33e6788916b.zip |
Add missing attributes to 'Modify Sudo rule' permission
https://fedorahosted.org/freeipa/ticket/4344
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'ipalib/plugins/sudorule.py')
-rw-r--r-- | ipalib/plugins/sudorule.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py index 658cc06ba..5520a37ee 100644 --- a/ipalib/plugins/sudorule.py +++ b/ipalib/plugins/sudorule.py @@ -169,7 +169,10 @@ class sudorule(LDAPObject): 'hostcategory', 'cmdcategory', 'ipasudorunasusercategory', 'ipasudorunasgroupcategory', 'externaluser', 'ipasudorunasextuser', 'ipasudorunasextgroup', 'memberdenycmd', - 'memberallowcmd', 'memberuser', + 'memberallowcmd', 'memberuser', 'memberhost', 'externalhost', + 'sudonotafter', 'hostmask', 'sudoorder', 'sudonotbefore', + 'ipasudorunas', 'externalhost', 'ipasudorunasgroup', + 'ipasudoopt', 'memberhost', }, 'replaces': [ '(targetattr = "description || ipaenabledflag || usercategory || hostcategory || cmdcategory || ipasudorunasusercategory || ipasudorunasgroupcategory || externaluser || ipasudorunasextuser || ipasudorunasextgroup || memberdenycmd || memberallowcmd || memberuser")(target = "ldap:///ipauniqueid=*,cn=sudorules,cn=sudo,$SUFFIX")(version 3.0;acl "permission:Modify Sudo rule";allow (write) groupdn = "ldap:///cn=Modify Sudo rule,cn=permissions,cn=pbac,$SUFFIX";)', |