Bug 713209 - Sudo Schema is old and needs updating
Summary: Sudo Schema is old and needs updating
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: 389
Classification: Retired
Component: Schema
Version: 1.2.9
Hardware: All
OS: All
unspecified
high
Target Milestone: ---
Assignee: Nathan Kinder
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks: 690318 389_1.2.9 720459
TreeView+ depends on / blocked
 
Reported: 2011-06-14 16:37 UTC by Jr Aquino
Modified: 2015-12-07 16:58 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 720459 (view as bug list)
Environment:
Last Closed: 2015-12-07 16:58:20 UTC


Attachments (Terms of Use)
Current Sudo Schema (3.50 KB, application/text)
2011-06-14 16:37 UTC, Jr Aquino
no flags Details
Patch (4.08 KB, patch)
2011-07-07 20:59 UTC, Nathan Kinder
nkinder: review?
rmeggins: review+
Details | Diff

Description Jr Aquino 2011-06-14 16:37:06 UTC
Created attachment 504721 [details]
Current Sudo Schema

Description of problem:
The current schema for Sudo in 389ds is old and lacking attributes currently used by modern implementations of Sudo.  Particularly FreeIPA

New Schema attached.

Comment 3 Nathan Kinder 2011-07-07 20:59:49 UTC
Created attachment 511796 [details]
Patch

Comment 4 Nathan Kinder 2011-07-07 21:20:03 UTC
Pushed to master.  Thanks to Rich for his review!

Counting objects: 17, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (8/8), done.
Writing objects: 100% (9/9), 1.08 KiB, done.
Total 9 (delta 7), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   dfcc435..65553ca  master -> master

Comment 11 Amita Sharma 2011-09-26 08:08:25 UTC
[root@snmaptest schema]# grep -i RunAsUser /etc/dirsrv/slapd-M1/schema/*
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:  NAME 'sudoRunAsUser'
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:  MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $

[root@snmaptest schema]# grep -i sudoRunAsGroup /etc/dirsrv/slapd-M1/schema/*
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:  NAME 'sudoRunAsGroup'
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

[root@snmaptest schema]# grep -i sudoNotBefore /etc/dirsrv/slapd-M1/schema/*
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:   NAME 'sudoNotBefore'
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

[root@snmaptest schema]# grep -i sudoNotAfter /etc/dirsrv/slapd-M1/schema/*
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:  NAME 'sudoNotAfter'
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

[root@snmaptest schema]# grep -i sudoOrder /etc/dirsrv/slapd-M1/schema/*
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:  NAME 'sudoOrder'
/etc/dirsrv/slapd-M1/schema/60sudo.ldif:        sudoOrder $ description )

Hence Verified.


Note You need to log in before you can comment on or make changes to this bug.