summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--freeipa.spec.in6
-rw-r--r--install/share/unique-attributes.ldif12
-rw-r--r--install/updates/10-uniqueness.update20
3 files changed, 15 insertions, 23 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in
index 2bf14ef9e..737364556 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -34,7 +34,7 @@ Source0: freeipa-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%if ! %{ONLY_CLIENT}
-BuildRequires: 389-ds-base-devel >= 1.3.3.9
+BuildRequires: 389-ds-base-devel >= 1.3.4.a1
BuildRequires: svrcore-devel
BuildRequires: policycoreutils >= 2.1.12-5
BuildRequires: systemd-units
@@ -109,7 +109,7 @@ Group: System Environment/Base
Requires: %{name}-python = %{version}-%{release}
Requires: %{name}-client = %{version}-%{release}
Requires: %{name}-admintools = %{version}-%{release}
-Requires: 389-ds-base >= 1.3.3.9
+Requires: 389-ds-base >= 1.3.4.a1
Requires: openldap-clients > 2.4.35-4
Requires: nss >= 3.14.3-12.0
Requires: nss-tools >= 3.14.3-12.0
@@ -144,7 +144,7 @@ Requires: zip
Requires: policycoreutils >= 2.1.12-5
Requires: tar
Requires(pre): certmonger >= 0.76.8
-Requires(pre): 389-ds-base >= 1.3.3.9
+Requires(pre): 389-ds-base >= 1.3.4.a1
Requires: fontawesome-fonts
Requires: open-sans-fonts
Requires: openssl
diff --git a/install/share/unique-attributes.ldif b/install/share/unique-attributes.ldif
index 7e1e53fbc..60f2c3470 100644
--- a/install/share/unique-attributes.ldif
+++ b/install/share/unique-attributes.ldif
@@ -14,8 +14,8 @@ nsslapd-pluginId: NSUniqueAttr
nsslapd-pluginVersion: 1.1.0
nsslapd-pluginVendor: Fedora Project
nsslapd-pluginDescription: Enforce unique attribute values
-uniqueness-subtrees: cn=accounts,$SUFFIX
-uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+uniqueness-subtrees: $SUFFIX
+uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
uniqueness-across-all-subtrees: on
dn: cn=krbCanonicalName uniqueness,cn=plugins,cn=config
@@ -34,8 +34,8 @@ nsslapd-pluginId: NSUniqueAttr
nsslapd-pluginVersion: 1.1.0
nsslapd-pluginVendor: Fedora Project
nsslapd-pluginDescription: Enforce unique attribute values
-uniqueness-subtrees: cn=accounts,$SUFFIX
-uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+uniqueness-subtrees: $SUFFIX
+uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
uniqueness-across-all-subtrees: on
dn: cn=netgroup uniqueness,cn=plugins,cn=config
@@ -72,8 +72,8 @@ nsslapd-pluginId: NSUniqueAttr
nsslapd-pluginVersion: 1.1.0
nsslapd-pluginVendor: Fedora Project
nsslapd-pluginDescription: Enforce unique attribute values
-uniqueness-subtrees: cn=accounts,$SUFFIX
-uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+uniqueness-subtrees: $SUFFIX
+uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
uniqueness-across-all-subtrees: on
dn: cn=sudorule name uniqueness,cn=plugins,cn=config
diff --git a/install/updates/10-uniqueness.update b/install/updates/10-uniqueness.update
index 2c9f1c555..dd8ec3a75 100644
--- a/install/updates/10-uniqueness.update
+++ b/install/updates/10-uniqueness.update
@@ -59,8 +59,8 @@ default:nsslapd-pluginInitfunc: NSUniqueAttr_Init
default:nsslapd-pluginType: preoperation
default:nsslapd-pluginEnabled: on
default:uniqueness-attribute-name: uid
-default:uniqueness-subtrees: cn=accounts,$SUFFIX
-default:uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+default:uniqueness-subtrees: $SUFFIX
+default:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
default:uniqueness-across-all-subtrees: on
default:uniqueness-subtree-entries-oc: posixAccount
default:nsslapd-plugin-depends-on-type: database
@@ -71,30 +71,22 @@ default:nsslapd-pluginDescription: Enforce unique attribute values
# uid uniqueness scopes Active/Delete containers
dn: cn=uid uniqueness,cn=plugins,cn=config
-remove:uniqueness-subtrees: $SUFFIX
-add:uniqueness-subtrees: cn=accounts,$SUFFIX
-add:uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
remove:uniqueness-across-all-subtrees: off
add:uniqueness-across-all-subtrees: on
add:uniqueness-subtree-entries-oc: posixAccount
# krbPrincipalName uniqueness scopes Active/Delete containers
dn: cn=krbPrincipalName uniqueness,cn=plugins,cn=config
-remove:uniqueness-subtrees: $SUFFIX
-add:uniqueness-subtrees: cn=accounts,$SUFFIX
-add:uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
add:uniqueness-across-all-subtrees: on
# krbCanonicalName uniqueness scopes Active/Delete containers
dn: cn=krbCanonicalName uniqueness,cn=plugins,cn=config
-remove:uniqueness-subtrees: $SUFFIX
-add:uniqueness-subtrees: cn=accounts,$SUFFIX
-add:uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
add:uniqueness-across-all-subtrees: on
# ipaUniqueID uniqueness scopes Active/Delete containers
dn: cn=ipaUniqueID uniqueness,cn=plugins,cn=config
-remove:uniqueness-subtrees: $SUFFIX
-add:uniqueness-subtrees: cn=accounts,$SUFFIX
-add:uniqueness-subtrees: cn=deleted users,cn=accounts,cn=provisioning,$SUFFIX
+add:uniqueness-exclude-subtrees: cn=staged users,cn=accounts,cn=provisioning,$SUFFIX
add:uniqueness-across-all-subtrees: on
generated by cgit (git 2.34.1) at 2026-02-07 01:24:11 +0000