720459 – Sudo Schema is old and needs updating

Bug 720459 - Sudo Schema is old and needs updating

Summary: Sudo Schema is old and needs updating

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	389-ds-base
Sub Component:
Version:	6.2
Hardware:	All
OS:	All
Priority:	unspecified
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Rich Megginson
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:	713209
Blocks:	690318
TreeView+	depends on / blocked

Reported:	2011-07-11 17:02 UTC by Rich Megginson
Modified:	2015-01-04 23:49 UTC (History)
CC List:	5 users (show)
Fixed In Version:	389-ds-base-1.2.8.6-1.el6
Doc Type:	Bug Fix
Doc Text:
Clone Of:	713209
Environment:
Last Closed:	2011-12-06 17:55:36 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2011:1711	0	normal	SHIPPED_LIVE	389-ds-base bug fix and enhancement update	2011-12-06 01:02:20 UTC

Comment 5 Jenny Severance 2011-09-23 17:14:58 UTC

You just need to verify that the following
attributes are defined in the schema after setting up a DS instance:

  sudoRunAsUser
  sudoRunAsGroup
  sudoNotBefore
  sudoNotAfter
  sudoOrder

You can check the schema by either grepping the schema files for these
attributes in /etc/dirsrv/slapd-<instance>/schema, or you can use ldapsearch to
return the loaded schema by searching the 'cn=schema' entry and explicitly
requesting the 'attributeTypes' attribute to be returned.  You can then grep
through the returned values for the attribute definitions mentioned above.

Comment 6 Jenny Severance 2011-09-27 18:44:46 UTC

verified :

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoRunAsUser
  NAME 'sudoRunAsUser'
  MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoRunAsGroup
  NAME 'sudoRunAsGroup'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoNotBefore
   NAME 'sudoNotBefore'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoNotAfter
  NAME 'sudoNotAfter'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $
# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoOrder
  NAME 'sudoOrder'
        sudoOrder $ description )

version:
389-ds-base-1.2.9.11-1.el6.x86_64

Comment 7 errata-xmlrpc 2011-12-06 17:55:36 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2011-1711.html

Note You need to log in before you can comment on or make changes to this bug.