mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-01-05 22:03:01 -06:00
41 lines
1.8 KiB
Plaintext
41 lines
1.8 KiB
Plaintext
# Update the SUDO schema
|
|
# These are the deltas from the new Sudo Schema
|
|
# This is required for updating older installs which are
|
|
# missing the new attributes.
|
|
dn: cn=schema
|
|
add:attributeTypes:
|
|
( 1.3.6.1.4.1.15953.9.1.6
|
|
NAME 'sudoRunAsUser'
|
|
DESC 'User(s) impersonated by sudo'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
X-ORIGIN 'SUDO' )
|
|
add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.7
|
|
NAME 'sudoRunAsGroup'
|
|
DESC 'Group(s) impersonated by sudo'
|
|
EQUALITY caseExactIA5Match
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
|
|
X-ORIGIN 'SUDO' )
|
|
add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.8
|
|
NAME 'sudoNotBefore'
|
|
DESC 'Start of time interval for which the entry is valid'
|
|
EQUALITY generalizedTimeMatch
|
|
ORDERING generalizedTimeOrderingMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
|
X-ORIGIN 'SUDO' )
|
|
add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.9
|
|
NAME 'sudoNotAfter'
|
|
DESC 'End of time interval for which the entry is valid'
|
|
EQUALITY generalizedTimeMatch
|
|
ORDERING generalizedTimeOrderingMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
|
X-ORIGIN 'SUDO' )
|
|
add:attributeTypes: ( 1.3.6.1.4.1.15953.9.1.10
|
|
NAME 'sudoOrder'
|
|
DESC 'an integer to order the sudoRole entries'
|
|
EQUALITY integerMatch
|
|
ORDERING integerOrderingMatch
|
|
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
|
|
X-ORIGIN 'SUDO' )
|
|
replace:objectClasses:( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' DESC 'Sudoer Entries' STRUCTURAL MUST cn MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoOption $$ description ) X-ORIGIN 'SUDO' )::( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $$ sudoHost $$ sudoCommand $$ sudoRunAs $$ sudoRunAsUser $$ sudoRunAsGroup $$ sudoOption $$ sudoNotBefore $$ sudoNotAfter $$ sudoOrder $$ description ) X-ORIGIN 'SUDO')
|