[Freeipa-devel] [PATCH] 0015-16 Allow multiple krbprincipalnames + test
Martin Kosek
mkosek at redhat.com
Thu Sep 18 08:34:34 UTC 2014
On 09/18/2014 10:19 AM, David Kupka wrote:
> + 'System: Add krbCanonicalName to a Host': {
> + 'ipapermright': {'write'},
> + 'ipapermdefaultattr': {'krbcanonicalname'},
> + 'default_privileges': {'Host Administrators'},
> + },
Would it make sense to add the krbCanonicalName to "System: Add
krbPrincipalName to a Host" permission as they are semantically connected? I.e.
having one ACI without the other does not make much sense?
Martin
More information about the Freeipa-devel
mailing list