[Freeipa-devel] [PATCH] 31 Correct behavior for sudorunasgroup vs sudorunasuser
JR Aquino
JR.Aquino at citrix.com
Tue Jun 14 19:03:13 UTC 2011
Adjustment to install/share/schema_compat.uldif to correctly assign sudorunasuser for both a user and group object respectively.
The bug had to do with the compat plugin syntax needing to correctly identify the difference behind intent with the 'runas' attributes.
The difference is handling is:
Sudo allowing someone to run a command as a user, or any user in a _group_.
vs
Sudo allowing someone to run a command as their own user but with a different _Group_ or GUID.
This is a very subtle difference that can be frustrating to configure / think about.
I have added a patch to address new standard installs and updates.
(This Fix is blocked by https://bugzilla.redhat.com/show_bug.cgi?id=713209)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jraquino-0031-Correct-behavior-for-sudorunasgroup-vs-sudorunasuser.patch
Type: application/octet-stream
Size: 1848 bytes
Desc: freeipa-jraquino-0031-Correct-behavior-for-sudorunasgroup-vs-sudorunasuser.patch
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110614/a1f53ebb/attachment.obj>
More information about the Freeipa-devel
mailing list