IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity
92cd987e0a
freeipa/install/updates
History
Martin Kosek b1451373c4 Remove faulty DNS memberOf Task 
This task was added with a DN colliding with privilege update memberOf
task being run later and caused this task to be ineffective and thus
miss some privilege membership, like "SELinux User Map Administrators"

DNS update plugin do not need to run any task at all as privileges
will be updated later in scope of 55-pbacmemberof.update

https://fedorahosted.org/freeipa/ticket/3877
2013-10-04 14:30:13 +02:00
..
10-60basev2.update Disallow direct modifications to enrolledBy. 2011-07-14 19:11:49 -04:00
10-60basev3.update Add ipaUserAuthType and ipaUserAuthTypeClass 2013-05-17 09:30:51 +02:00
10-70ipaotp.update Fix for small syntax error in OTP schema 2013-07-11 12:39:29 +03:00
10-bind-schema.update Fix syntax errors in schema files 2013-04-26 11:15:16 -04:00
10-config.update Increase default SASL buffer size 2013-08-07 14:13:56 +02:00
10-enable-betxn.update Enable transactions by default, make password and modrdn TXN-aware 2012-11-21 14:55:12 +01:00
10-RFC2307bis.update Name update files so they can be easily sorted. 2009-03-25 11:03:07 -04:00
10-RFC4876.update Fix quoting to work with new csv handler in ldapupdate 2009-05-19 11:50:39 -06:00
10-schema_compat.update Remove disabled entries from sudoers compat tree. 2013-03-06 16:08:20 +01:00
10-selinuxusermap.update Fix syntax errors in schema files 2013-04-26 11:15:16 -04:00
10-ssh.update Add LDAP schema for SSH public keys. 2012-02-13 22:20:18 -05:00
10-sudo.update Add support for sudoOrder 2012-03-01 21:02:33 -05:00
10-uniqueness.update Add uniqueness plugin configuration for sudorule cn 2012-10-08 18:32:41 -04:00
19-managed-entries.update Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
20-aci.update Add LDAP ACIs for SSH public key schema. 2012-02-13 22:20:23 -05:00
20-dna.update Change DNA magic value to -1 to make UID 999 usable 2013-03-11 17:07:07 +01:00
20-host_nis_groups.update Move Managed Entries into their own container in the replicated space. 2011-09-12 16:28:27 -04:00
20-indices.update Add missing equality index for ipaUniqueId. 2013-07-11 12:39:26 +03:00
20-nss_ldap.update Name update files so they can be easily sorted. 2009-03-25 11:03:07 -04:00
20-replication.update Don't add another nsDS5ReplicaId on updates if one already exists 2013-02-06 12:22:00 +01:00
20-user_private_groups.update Add plugin framework to LDAP updates. 2011-11-22 23:57:10 -05:00
20-winsync_index.update Name update files so they can be easily sorted. 2009-03-25 11:03:07 -04:00
21-ca_renewal_container.update Use certmonger to renew CA subsystem certificates 2012-07-30 13:39:08 +02:00
21-replicas_container.update Store list of non-master replicas in DIT and provide way to list them 2011-03-02 09:46:46 -05:00
25-referint.update Expand Referential Integrity checks 2012-09-16 17:59:27 -04:00
30-policy.update Re-number some attributes to compress our usage to be contiguous 2010-05-27 10:50:49 -04:00
30-s4u2proxy.update Add S4U2Proxy delegation permissions on upgrades 2012-02-15 18:00:46 +01:00
40-automember.update Enable automember for upgraded servers 2011-11-29 09:02:06 +01:00
40-delegation.update Add missing permissions to Host Administrators privilege 2013-04-24 14:35:22 -04:00
40-dns.update Remove faulty DNS memberOf Task 2013-10-04 14:30:13 +02:00
40-otp.update Add IPA OTP schema and ACLs 2013-05-17 09:30:51 +02:00
40-realm_domains.update Add list of domains associated to our realm to cn=etc 2013-02-19 14:15:46 +02:00
40-replication.update Extend ipa-replica-manage to be able to manage DNA ranges. 2013-03-13 10:32:36 -04:00
45-roles.update Reorder privileges so that memberof for permissions are generated properly. 2011-12-08 10:08:10 +01:00
50-7_bit_check.update Do not check userPassword with 7-bit plugin 2013-06-06 18:12:50 +02:00
50-groupuuid.update The default groups we create should have ipaUniqueId set 2011-04-15 13:02:17 +02:00
50-hbacservice.update Add crond as a default HBAC service 2013-01-17 09:50:48 -05:00
50-ipaconfig.update Set MLS/MCS for user_u context to what will be on remote systems. 2012-11-02 10:17:51 -04:00
50-krbenctypes.update Add Camellia ciphers to allowed list. 2013-07-18 10:49:38 +03:00
50-lockout-policy.update Disallow direct modifications to enrolledBy. 2011-07-14 19:11:49 -04:00
50-nis.update - add a pair of ethers maps for computers with hardware addresses on file 2012-04-26 09:00:22 +02:00
55-pbacmemberof.update Enable transactions by default, make password and modrdn TXN-aware 2012-11-21 14:55:12 +01:00
60-trusts.update ipa-sam: do not modify objectclass when trust object already created 2013-09-20 09:59:02 +02:00
61-trusts-s4u2proxy.update Add cifs principal to S4U2Proxy targets only when running ipa-adtrust-install 2012-10-09 18:15:01 -04:00
62-ranges.update Add ipaRangeType attribute to LDAP Schema 2013-06-10 12:27:33 +03:00
Makefile.am Add Camellia ciphers to allowed list. 2013-07-18 10:49:38 +03:00
README Apply LDAP update files in blocks of 10, as originally designed. 2013-04-12 10:16:01 -04:00

README 

The update files are sorted before being processed because there are
cases where order matters (such as getting schema added first, creating
parent entries, etc).

Updates are applied in blocks of ten so that any entries that are dependant
on another can be added successfully without having to rely on the length
of the DN to get the sorting correct.

The file names should use the format #-<description>.update where # conforms
to this:

10 - 19: Schema
20 - 29: 389-ds configuration, new indices
30 - 39: Structual elements of the DIT
40 - 49: Pre-loaded data
50 - 59: Cleanup existing data
60 - 69: AD Trust
70 - 79: Reserved
80 - 89: Reserved

These numbers aren't absolute, there may be reasons to put an update
into one place or another, but by adhereing to the scheme it will be
easier to find existing updates and know where to put new ones.