[Freeipa-devel] [PATCH] 0022 Use ipauniqueid for the RDN of sudo commands (rebased)
Petr Viktorin
pviktori at redhat.com
Mon Mar 12 13:38:20 UTC 2012
On 03/12/2012 01:26 PM, Martin Kosek wrote:
> On Thu, 2012-03-08 at 16:57 +0100, Petr Viktorin wrote:
>> Since sudo commands are case-sensitive, we can't use the CN as the RDN.
>> With this patch, the UUID is used instead.
>> It seems like a too easy fix. What am I missing?
>>
>> As far as I understand, the fact that the DN has a different structure
>> now shouldn't cause problems, even if there still are commands created
>> by old IPA versions.
>> For testing, use an unpatched version to create a few of these.
>>
>> The sudo commands are no longer sorted in sudocmd-find output. Doing
>> that would require the ability to use an arbitrary attribute as sort
>> key. Should I file an issue for that?
>
> I don't think that's necessary. We sort by LDAP object's primary key and
> since new SUDO commands still have sudocmd as its primary key, the
> sorting should just work (at least it does for me).
Right, sorry for the noise.
>>
>> Tests for the case sensitivity are included.
>>
>> https://fedorahosted.org/freeipa/ticket/2482
>
> This works pretty fine. Both my old client tests and sudoers compat tree
> tests looks good. So, cautious ACK from me.
>
> Martin
>
The attached version is rebased against my patch 20.
--
Petr³
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0022-02-Use-ipauniqueid-for-the-RDN-of-sudo-commands.patch
Type: text/x-patch
Size: 14311 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120312/35f54698/attachment.bin>
More information about the Freeipa-devel
mailing list