[Freeipa-devel] [PATCH] 20 Create default disabled sudo bind user
JR Aquino
JR.Aquino at citrix.com
Wed Feb 23 03:45:11 UTC 2011
This patch addressees ticket #998
It adds:
* ldif to create a default sudo bind user: dn: uid=sudo,cn=sysaccounts,cn=etc,$SUFFIX
* modifications to dsinstance.py to add the ldif
* modifications to dsinstance.py to add a call to ipautil.ipa_generate_password() for an random password. It is added to the sub_dict as 'RANDOM_PASSWORD'
* addition to the Makefile.am in install/share to account for the new ldif file
Documentation to follow will include:
the method of enabling the user with:
* LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W -h ipa.example.com -ZZ -D "cn=Directory Manager" uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
* Configuring nss_ldap.conf for using this user as the binddn
* Help file for the ipa sudo command to reference the user and the written documentation.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jraquino-0020-Create-default-disabled-sudo-bind-user.patch
Type: application/octet-stream
Size: 3414 bytes
Desc: freeipa-jraquino-0020-Create-default-disabled-sudo-bind-user.patch
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110223/61134e08/attachment.obj>
More information about the Freeipa-devel
mailing list