diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-09-17 17:45:42 +0200 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-09-17 17:48:25 +0200 |
| commit | c9c55a2845fd8471bc609a23f5a32d252f7df04c (patch) | |
| tree | a7ae157b90ece3bc3829c234d7bd8a2177f0e800 /install/updates | |
| parent | c0630950a170cc9c0fa68256ff606589641bc812 (diff) | |
| download | freeipa-c9c55a2845fd8471bc609a23f5a32d252f7df04c.tar.gz freeipa-c9c55a2845fd8471bc609a23f5a32d252f7df04c.tar.xz freeipa-c9c55a2845fd8471bc609a23f5a32d252f7df04c.zip | |
Run the CLEANALLRUV task when deleting a replication agreement.
This adds two new commands to ipa-replica-manage: list-ruv & clean-ruv
list-ruv can be use to list the update vectors the master has
configugured
clean-ruv can be used to fire off the CLEANRUV task to remove a
replication vector. It should be used with caution.
https://fedorahosted.org/freeipa/ticket/2303
Diffstat (limited to 'install/updates')
| -rw-r--r-- | install/updates/40-replication.update | 4 | ||||
| -rw-r--r-- | install/updates/Makefile.am | 1 |
2 files changed, 5 insertions, 0 deletions
diff --git a/install/updates/40-replication.update b/install/updates/40-replication.update new file mode 100644 index 000000000..f9e0496be --- /dev/null +++ b/install/updates/40-replication.update @@ -0,0 +1,4 @@ +# Let a delegated user put the database into read-only mode when deleting +# an agreement. +dn: cn=userRoot,cn=ldbm database,cn=plugins,cn=config +add:aci: '(targetattr=nsslapd-readonly)(version 3.0; acl "Allow marking the database readonly"; allow (write) groupdn = "ldap:///cn=Remove Replication Agreements,cn=permissions,cn=pbac,$SUFFIX";)' diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am index 9e0689665..1233126b1 100644 --- a/install/updates/Makefile.am +++ b/install/updates/Makefile.am @@ -26,6 +26,7 @@ app_DATA = \ 25-referint.update \ 30-s4u2proxy.update \ 40-delegation.update \ + 40-replication.update \ 40-dns.update \ 40-automember.update \ 45-roles.update \ |