diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-08-01 16:14:11 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-08-01 16:15:51 +0200 |
| commit | fb817d340139822d17414da93853be5bc3bf6086 (patch) | |
| tree | 4f086f792a9e776b71e36fcc5c693e3df1e687a2 /install/updates/10-selinuxusermap.update | |
| parent | fd31396d5129b1980d3ce979af7239f16d3f6fc5 (diff) | |
| download | freeipa-fb817d340139822d17414da93853be5bc3bf6086.tar.gz freeipa-fb817d340139822d17414da93853be5bc3bf6086.tar.xz freeipa-fb817d340139822d17414da93853be5bc3bf6086.zip | |
Add per-service option to store the types of PAC it supports
Create a per-service default as well.
https://fedorahosted.org/freeipa/ticket/2184
Diffstat (limited to 'install/updates/10-selinuxusermap.update')
| -rw-r--r-- | install/updates/10-selinuxusermap.update | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/install/updates/10-selinuxusermap.update b/install/updates/10-selinuxusermap.update index 431477adf..f9af01fad 100644 --- a/install/updates/10-selinuxusermap.update +++ b/install/updates/10-selinuxusermap.update @@ -21,6 +21,11 @@ add:attributeTypes: X-ORIGIN 'IPA v3') replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder) ) +# Add the default PAC service type relies on the new SELinux user map +# values being there so add it here. +dn: cn=schema +replace:objectClasses:( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder ) )::( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $$ ipaGroupSearchFields $$ ipaSearchTimeLimit $$ ipaSearchRecordsLimit $$ ipaCustomFields $$ ipaHomesRootDir $$ ipaDefaultLoginShell $$ ipaDefaultPrimaryGroup $$ ipaMaxUsernameLength $$ ipaPwdExpAdvNotify $$ ipaUserObjectClasses $$ ipaGroupObjectClasses $$ ipaDefaultEmailDomain $$ ipaMigrationEnabled $$ ipaCertificateSubjectBase $$ ipaSELinuxUserMapDefault $$ ipaSELinuxUserMapOrder $$ ipaKrbAuthzData) ) + # Add the SELinux User map schema add:attributeTypes: ( 2.16.840.1.113730.3.8.11.30 |