[Freeipa-devel] [PATCH] 761 keytab manipulation permission management
Petr Vobornik
pvoborni at redhat.com
Wed Oct 8 16:51:13 UTC 2014
On 1.10.2014 18:15, Petr Vobornik wrote:
> Hello list,
>
> Patch for: https://fedorahosted.org/freeipa/ticket/4419
>
New revisions of 761 and 763 with updated API and ACIs:
ipa host-allow-operation HOSTNAME retrieve-keytab --users=STR --groups STR
ipa host-disallow-operation HOSTNAME retrieve-keytab --users=STR
--groups STR
ipa host-allow-operation HOSTNAME create-keytab --users=STR --groups STR
ipa host-disallow-operation HOSTNAME create-keytab --users=STR
--groups STR
ipa service-allow-operation PRINCIPAL retrieve-keytab --users=STR
--groups STR
ipa service-disallow-operation PRINCIPAL retrieve-keytab --users=STR
--groups STR
ipa service-allow-operation PRINCIPAL create-keytab --users=STR
--groups STR
ipa service-disallow-operation PRINCIPAL create-keytab --users=STR
--groups STR
ACIs are targeted to specific operations by including subtypes.
--
Petr Vobornik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0761-2-keytab-manipulation-permission-management.patch
Type: text/x-patch
Size: 27257 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141008/6edaf55f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pvoborni-0763-1-tests-management-of-keytab-permissions.patch
Type: text/x-patch
Size: 30836 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20141008/6edaf55f/attachment-0001.bin>
More information about the Freeipa-devel
mailing list