ldap/admin/src/scripts/60upgradeschemafiles.pl | 2
ldap/schema/60sudo.ldif | 58 ++++++++++++++++++++++---
2 files changed, 54 insertions(+), 6 deletions(-)
New commits:
commit 65553cafddfdadba2fa55c92a06ad9a291bf612e
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Jul 7 13:52:49 2011 -0700
Bug 713209 - Update sudo schema
Our sudo schema file is out of date. This patch updates the
sudo schema file to be more current. The new schema is fully
backwards compatible.
diff --git a/ldap/admin/src/scripts/60upgradeschemafiles.pl
b/ldap/admin/src/scripts/60upgradeschemafiles.pl
index 99373dc..c308716 100644
--- a/ldap/admin/src/scripts/60upgradeschemafiles.pl
+++ b/ldap/admin/src/scripts/60upgradeschemafiles.pl
@@ -11,7 +11,7 @@ sub runinst {
# these schema files are obsolete, or we want to replace
# them with newer versions
- my @toremove = qw(00core.ldif 01core389.ldif 01common.ldif 02common.ldif
05rfc2247.ldif 05rfc4523.ldif 05rfc4524.ldif 06inetorgperson.ldif 10presence.ldif
28pilot.ldif 30ns-common.ldif 50ns-directory.ldif 60mozilla.ldif);
+ my @toremove = qw(00core.ldif 01core389.ldif 01common.ldif 02common.ldif
05rfc2247.ldif 05rfc4523.ldif 05rfc4524.ldif 06inetorgperson.ldif 10presence.ldif
28pilot.ldif 30ns-common.ldif 50ns-directory.ldif 60mozilla.ldif 60sudo.ldif);
# these hashes will be used to check for obsolete schema
# in 99user.ldif
diff --git a/ldap/schema/60sudo.ldif b/ldap/schema/60sudo.ldif
index cc94370..746c4be 100644
--- a/ldap/schema/60sudo.ldif
+++ b/ldap/schema/60sudo.ldif
@@ -12,8 +12,7 @@ attributeTypes: (
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
- X-ORIGIN 'SUDO'
- )
+ X-ORIGIN 'SUDO' )
#
################################################################################
#
@@ -58,6 +57,54 @@ attributeTypes: (
#
################################################################################
#
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.6
+ NAME 'sudoRunAsUser'
+ DESC 'User(s) impersonated by sudo'
+ EQUALITY caseExactIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+ X-ORIGIN 'SUDO' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.7
+ NAME 'sudoRunAsGroup'
+ DESC 'Group(s) impersonated by sudo'
+ EQUALITY caseExactIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+ X-ORIGIN 'SUDO' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.8
+ NAME 'sudoNotBefore'
+ DESC 'Start of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+ X-ORIGIN 'SUDO' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.9
+ NAME 'sudoNotAfter'
+ DESC 'End of time interval for which the entry is valid'
+ EQUALITY generalizedTimeMatch
+ ORDERING generalizedTimeOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+ X-ORIGIN 'SUDO' )
+#
+################################################################################
+#
+attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10
+ NAME 'sudoOrder'
+ DESC 'an integer to order the sudoRole entries'
+ EQUALITY integerMatch
+ ORDERING integerOrderingMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
+ X-ORIGIN 'SUDO' )
+#
+################################################################################
+#
objectClasses: (
1.3.6.1.4.1.15953.9.2.1
NAME 'sudoRole'
@@ -65,9 +112,10 @@ objectClasses: (
STRUCTURAL
DESC 'Sudoer Entries'
MUST ( cn )
- MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoOption $ description )
- X-ORIGIN 'SUDO'
- )
+ MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $
+ sudoRunAsGroup $ sudoOption $ sudoNotBefore $ sudoNotAfter $
+ sudoOrder $ description )
+ X-ORIGIN 'SUDO' )
#
################################################################################
#
Show replies by date