[Freeipa-devel] [PATCHES 0031-0032] Improve HBAC rule handling in selinuxusermap-add/mod/find
Rob Crittenden
rcritten at redhat.com
Wed Feb 6 18:57:27 UTC 2013
Tomas Babej wrote:
> Hi,
>
> this pair of patches improves HBAC rule handling in selinuxusermap
> commands.
>
> Patch 0031 deals with:
> https://fedorahosted.org/freeipa/ticket/3349
>
> Patch 0032 takes care of:
> https://fedorahosted.org/freeipa/ticket/3348
>
> and is to be applied on top of Patch 0031.
>
> See commit messages for detailed info.
>
> Tomas
>
ACK for patch 0032.
For patch 0031 we can't change the data type of an existing attribute.
It will break backwards compatibility. Can you test with an older client
to see if it cares (it may not care about the name of the type). If
older clients will work then this is probably ok.
I gather that seealso detected as a DN attribute and converted into a DN
class and this is blowing up the Str validator?
rob
More information about the Freeipa-devel
mailing list