Created attachment 504721 [details] Current Sudo Schema Description of problem: The current schema for Sudo in 389ds is old and lacking attributes currently used by modern implementations of Sudo. Particularly FreeIPA New Schema attached.
Created attachment 511796 [details] Patch
Pushed to master. Thanks to Rich for his review! Counting objects: 17, done. Delta compression using up to 2 threads. Compressing objects: 100% (8/8), done. Writing objects: 100% (9/9), 1.08 KiB, done. Total 9 (delta 7), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git dfcc435..65553ca master -> master
[root@snmaptest schema]# grep -i RunAsUser /etc/dirsrv/slapd-M1/schema/* /etc/dirsrv/slapd-M1/schema/60sudo.ldif: NAME 'sudoRunAsUser' /etc/dirsrv/slapd-M1/schema/60sudo.ldif: MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ [root@snmaptest schema]# grep -i sudoRunAsGroup /etc/dirsrv/slapd-M1/schema/* /etc/dirsrv/slapd-M1/schema/60sudo.ldif: NAME 'sudoRunAsGroup' /etc/dirsrv/slapd-M1/schema/60sudo.ldif: sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ [root@snmaptest schema]# grep -i sudoNotBefore /etc/dirsrv/slapd-M1/schema/* /etc/dirsrv/slapd-M1/schema/60sudo.ldif: NAME 'sudoNotBefore' /etc/dirsrv/slapd-M1/schema/60sudo.ldif: sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ [root@snmaptest schema]# grep -i sudoNotAfter /etc/dirsrv/slapd-M1/schema/* /etc/dirsrv/slapd-M1/schema/60sudo.ldif: NAME 'sudoNotAfter' /etc/dirsrv/slapd-M1/schema/60sudo.ldif: sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $ [root@snmaptest schema]# grep -i sudoOrder /etc/dirsrv/slapd-M1/schema/* /etc/dirsrv/slapd-M1/schema/60sudo.ldif: NAME 'sudoOrder' /etc/dirsrv/slapd-M1/schema/60sudo.ldif: sudoOrder $ description ) Hence Verified.