[Freeipa-devel] [freeipa PR#617][comment] Allow renaming of sudo rules
stlaz
freeipa-github-notification at redhat.com
Wed Mar 22 12:54:50 UTC 2017
URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo rules
stlaz commented:
"""
Thank you Alexander for your insight. Since this was a hack, I did not want to do it server-wise. I chose a different approach to the problem and reworked the original idea so the rename option is now worked with on server.
With this approach, we are able to white-list objects which we think may be allowed renaming even though their primary keys are not in their RDN.
Just for the record, the names of sudo rules are still not checked for CN compatibility since their primary key is not part of their DN, but that's how things have been since for ever, I am afraid (you can try `ipa sudorule-add bad,cn=rule`).
"""
See the full comment at https://github.com/freeipa/freeipa/pull/617#issuecomment-288389417
More information about the Freeipa-devel
mailing list