Bug 720459 - Sudo Schema is old and needs updating
Summary: Sudo Schema is old and needs updating
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.2
Hardware: All
OS: All
unspecified
high
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On: 713209
Blocks: 690318
TreeView+ depends on / blocked
 
Reported: 2011-07-11 17:02 UTC by Rich Megginson
Modified: 2015-01-04 23:49 UTC (History)
5 users (show)

Fixed In Version: 389-ds-base-1.2.8.6-1.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 713209
Environment:
Last Closed: 2011-12-06 17:55:36 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2011:1711 normal SHIPPED_LIVE 389-ds-base bug fix and enhancement update 2011-12-06 01:02:20 UTC

Comment 5 Jenny Severance 2011-09-23 17:14:58 UTC
You just need to verify that the following
attributes are defined in the schema after setting up a DS instance:

  sudoRunAsUser
  sudoRunAsGroup
  sudoNotBefore
  sudoNotAfter
  sudoOrder

You can check the schema by either grepping the schema files for these
attributes in /etc/dirsrv/slapd-<instance>/schema, or you can use ldapsearch to
return the loaded schema by searching the 'cn=schema' entry and explicitly
requesting the 'attributeTypes' attribute to be returned.  You can then grep
through the returned values for the attribute definitions mentioned above.

Comment 6 Jenny Severance 2011-09-27 18:44:46 UTC
verified :

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoRunAsUser
  NAME 'sudoRunAsUser'
  MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoRunAsGroup
  NAME 'sudoRunAsGroup'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoNotBefore
   NAME 'sudoNotBefore'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $

# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoNotAfter
  NAME 'sudoNotAfter'
        sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $
# cat /etc/dirsrv/slapd-TESTRELM/schema/60sudo.ldif | grep sudoOrder
  NAME 'sudoOrder'
        sudoOrder $ description )

version:
389-ds-base-1.2.9.11-1.el6.x86_64

Comment 7 errata-xmlrpc 2011-12-06 17:55:36 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2011-1711.html


Note You need to log in before you can comment on or make changes to this bug.