[Freeipa-devel] [PATCH] 279 Fix/enhance the aci plugin
Rob Crittenden
rcritten at redhat.com
Sat Sep 26 02:25:26 UTC 2009
Rob Crittenden wrote:
> The aci plugin didn't quite work with the new ldap2 backend, fix that.
>
> We already walk through the target part of the ACI syntax so skip that
> in the regex altogether. This now lets us handle all current ACIs in IPA
> (some used to be ignored/skipped)
>
> Add support for user groups so one can do v1-style delegation (group A
> can write attributes x,y,z in group B). It is actually quite a lot more
> flexible than that but you get the idea. I'm not sure yet but it might
> be better to split this out into a separate plugin, or to make a simple
> mode or something.
>
> Improve error messages in the aci library (so you can better know what
> broke, not just that it is broken).
>
> rob
As odd as it sounds, I'm going to nack my own patch. I see some places
that need more work.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090925/ba458e94/attachment.bin>
More information about the Freeipa-devel
mailing list