[Freeipa-devel] [PATCH] 0507 Allow anonymous read access to containers
Petr Viktorin
pviktori at redhat.com
Thu Apr 3 13:19:45 UTC 2014
On 04/03/2014 02:53 PM, Simo Sorce wrote:
> On Thu, 2014-04-03 at 13:34 +0200, Petr Viktorin wrote:
>> Hello,
>> This adds anonymous read access to containers, as discussed in this
>> thread:
>> https://www.redhat.com/archives/freeipa-devel/2014-March/msg00442.html
>>
>> Additionally access is granted for $SUFFIX itself with targetfilter
>> "(objectclass=domain)", and attributes objectclass, dc, info, nisDomain,
>> associatedDomain.
>>
>> These are raw ACIs, not permission-based ones.
>>
>
> Why is this not set in default-aci.ldif as well ?
>
> Simo.
Because we don't want to duplicate information.
--
Petr³
More information about the Freeipa-devel
mailing list