mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
ed001c97ee
Add new options to ipa config-mod, allowing to enable SID generation on upgraded servers: ipa config-mod --enable-sid --add-sids --netbios-name NAME The new option uses Dbus to launch an oddjob command, org.freeipa.server.config-enable-sid that runs the installation steps related to SID generation. --add-sids is optional and triggers the sid generation task that populates SID for existing users / groups. --netbios-name is optional and allows to specify the NetBIOS Name. When not provided, the NetBIOS name is generated based on the leading component of the DNS domain name. This command can be run multiple times. Fixes: https://pagure.io/freeipa/issue/8995 Signed-off-by: Florence Blanc-Renaud <flo@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> |
||
---|---|---|
.. | ||
ipa.fc | ||
ipa.if | ||
ipa.te | ||
Makefile.am | ||
README.md |
IPA SELinux policy
The ipa
SELinux policy is used by IPA client and server. The
policy was forked off from Fedora upstream policy
at commit b1751347f4af99de8c88630e2f8d0a352d7f5937
.
Some file locations are owned by other policies:
/var/lib/ipa/pki-ca/publish(/.*)?
is owned by Dogtag PKI policy/usr/lib/ipa/certmonger(/.*)?
is owned by certmonger policy/var/lib/ipa-client(/.*)?
is owned by realmd policy