[Freeipa-devel] [PATCH] 0616 Allow read access to services in cn=masters to auth'd users
Petr Spacek
pspacek at redhat.com
Fri Jul 4 14:08:36 UTC 2014
On 4.7.2014 14:49, Petr Viktorin wrote:
> Hello,
>
> The dns-is-enabled command, used by the Web UI to determine if DNS pages
> should be displayed, queries '(&(objectClass=ipaConfigObject)(cn=DNS))' in
> cn=masters. However, currently the service entries are not accessible to all
> users, so the check will fail for non-admins.
>
> We talked about this with Martin and agreed that there's no sensitive
> information in the service entries.
> This patch grants read access to all authenticated users.
>
> Simo, is this OK?
This patch fixes https://fedorahosted.org/freeipa/ticket/4425 for me.
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list