[Freeipa-devel] [PATCH] 1056 sudorule cn uniqueness
Rob Crittenden
rcritten at redhat.com
Tue Oct 9 15:49:54 UTC 2012
Martin Kosek wrote:
> On 09/14/2012 05:13 PM, Rob Crittenden wrote:
>> Rob Crittenden wrote:
>>> A sudorule dn uses ipaUniqueId as the cn so we have to do a search to
>>> ensure uniqueness. This leaves us vulnerable to a race. Configure the
>>> uniqueness plugin to ensure no dups.
>>>
>>> rob
>>
>> Add missing attribute to the fresh install ldif. I had already fixed this in
>> the update, missed it on fresh install.
>>
>> rob
>>
>
> Works fine. Reproduced the issue with simple ldapadd.
>
> ACK if you change the whitespace error below:
>
> # git apply /home/mkosek/freeipa-rcrit-1056-2-sudorule-uniqueness.patch
> /home/mkosek/freeipa-rcrit-1056-2-sudorule-uniqueness.patch:70: new blank line
> at EOF.
> +
> warning: 1 line adds whitespace errors.
>
> Martin
>
Fixed and pushed to master and ipa-3-0
rob
More information about the Freeipa-devel
mailing list