diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2013-04-22 15:21:04 +0200 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2013-04-26 11:15:16 -0400 |
| commit | d4a0fa34afd30765e5ea6f0df21976a6494f13d6 (patch) | |
| tree | c1624dfc264a2339111c49130d0245ca630e0ab5 /install/updates/10-selinuxusermap.update | |
| parent | e9863e3fe3cc5ca016c4e216ae3d34b750a34c73 (diff) | |
| download | freeipa-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.tar.gz freeipa-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.tar.xz freeipa-d4a0fa34afd30765e5ea6f0df21976a6494f13d6.zip | |
Fix syntax errors in schema files
- add missing closing parenthesis in idnsRecord declaration
- remove extra dollar sign from ipaSudoRule declaration
- handle missing/extraneous X-ORIGIN lines in 10-selinuxusermap.update
This does not use the schema updater because the syntax needs to be
fixed in the files themselves, otherwise 389 1.3.2+ will fail
to start.
Older DS versions transparently fix the syntax errors.
The existing ldap-updater directive for ipaSudoRule is fixed
(ldap-updater runs after upgradeconfig).
https://fedorahosted.org/freeipa/ticket/3578
Diffstat (limited to 'install/updates/10-selinuxusermap.update')
| -rw-r--r-- | install/updates/10-selinuxusermap.update | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/install/updates/10-selinuxusermap.update b/install/updates/10-selinuxusermap.update index f9af01fad..c5a5167a5 100644 --- a/install/updates/10-selinuxusermap.update +++ b/install/updates/10-selinuxusermap.update @@ -18,7 +18,6 @@ add:attributeTypes: SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'IPA v3') - X-ORIGIN 'IPA v3') replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder) ) # Add the default PAC service type relies on the new SELinux user map @@ -41,6 +40,7 @@ add:objectClasses: NAME 'ipaSELinuxUserMap' SUP ipaAssociation STRUCTURAL MUST ipaSELinuxUser MAY ( accessTime $$ seeAlso ) + X-ORIGIN 'IPA v3') # Create the SELinux User map container dn: cn=selinux,$SUFFIX |