[Freeipa-devel] [PATCHES] 0594-0606 Convert default permissions to managed
Martin Kosek
mkosek at redhat.com
Mon Jun 23 08:07:24 UTC 2014
On 06/20/2014 11:17 PM, Martin Kosek wrote:
> On 06/20/2014 05:06 PM, Petr Viktorin wrote:
>> All these should be independent, except for conflicts in ACI.txt that are
>> easily solved by running makeaci.
>
> Umh, now the fun begins as I see :) There will probably need to be some rebase,
> it clashed with some other ACI patches in my tree (namely Hosts which I acked).
>
> 594: we miss permissions for Automount Locations. Permissions for keys&maps
> look ok.
>
> 595: "System: Modify Group Membership" is probably waiting for the group
> objectclass fix - the filter is different. Otherwise it looks ok.
>
> 596-598: HBAC is ok
>
> 599: hostgroup is OK
>
> 600: there must have been some DS problem on my side as my regular user could
> not see any netgroup
>
> 601: privileges - we miss CRUD ACIs
>
> 602: roles were ok
>
> 603: ok
>
> I got this far today, the rest will need to wait for the next week.
604: ok, I was able to create a service, get a keytab
605: Should we case the permissions as "Sudo Command instead of "Sudo command"?
606: we also miss Modify Sudo Command permission so that people can modify
description. Otherwise ok.
Martin
More information about the Freeipa-devel
mailing list