diff options
| author | Petr Viktorin <pviktori@redhat.com> | 2014-03-26 17:11:23 +0100 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-04-24 14:36:41 +0200 |
| commit | d893b77fb69ef2e0aedf823e7cd82ca86a2971af (patch) | |
| tree | 481f017b65e80d6ae1fdb8029c834f76502f0db5 /install/updates | |
| parent | af3a4adc46368f736151c118ccb1dd0e9bb89144 (diff) | |
| download | freeipa-d893b77fb69ef2e0aedf823e7cd82ca86a2971af.tar.gz freeipa-d893b77fb69ef2e0aedf823e7cd82ca86a2971af.tar.xz freeipa-d893b77fb69ef2e0aedf823e7cd82ca86a2971af.zip | |
Add several managed read permissions under cn=etc
This adds permissions to:
- cn=masters,cn=ipa (with new privilege)
- cn=dna,cn=ipa (authenticated users)
- cn=ca_renewal,cn=ipa (authenticated users)
- cn=CAcert,cn=ipa (anonymous)
- cn=replication (authenticated users)
- cn=ad (authenticated users)
Part of the work for: https://fedorahosted.org/freeipa/ticket/3566
Reviewed-By: Martin Kosek <mkosek@redhat.com>
Diffstat (limited to 'install/updates')
| -rw-r--r-- | install/updates/40-delegation.update | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/install/updates/40-delegation.update b/install/updates/40-delegation.update index 33383038c..7f0f85124 100644 --- a/install/updates/40-delegation.update +++ b/install/updates/40-delegation.update @@ -461,3 +461,10 @@ default:objectClass: groupofnames default:objectClass: top default:cn: Automember Readers default:description: Read Automember definitions + +dn: cn=IPA Masters Readers,cn=privileges,cn=pbac,$SUFFIX +default:objectClass: nestedgroup +default:objectClass: groupofnames +default:objectClass: top +default:cn: IPA Masters Readers +default:description: Read list of IPA masters |