Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | makeaci: Use the DN where the ACI is stored, not the permission's DN | Petr Viktorin | 2014-07-07 | 1 | -1/+1 |
| | | | | Reviewed-By: Martin Basti <mbasti@redhat.com> | ||||
* | Make sure member* attrs are always granted together in read permissions | Petr Viktorin | 2014-06-11 | 1 | -0/+18 |
| | | | | | | | | | | | | | | Memberofindirect processing of an entry doesn't work if the user doesn't have rights to any one of these attributes: - member - memberuser - memberhost Add all of these to any read permission that specifies any of them. Add a check to makeaci that will enforce this for any future permissions. Reviewed-By: Martin Kosek <mkosek@redhat.com> | ||||
* | Add ACI.txt | Petr Viktorin | 2014-06-11 | 1 | -0/+119 |
The ACI.txt file is a list all managed permissions in ACI form. Similarly to API.txt, it ensures that changes are not made lightly, since modifications must be reflected in ACI.txt and committed to Git. Add a script, makeaci, which parallels makeapi: it recreates or validates ACI.txt. Call makeaci --validate before the build, just after API.txt is validated. Reviewed-By: Martin Kosek <mkosek@redhat.com> |