[Freeipa-devel] [PATCH 0069] Adds 389DS plugin to enforce UUID token IDs
Nathaniel McCallum
npmccallum at redhat.com
Sun Sep 21 19:07:27 UTC 2014
Users that can rename the token (such as admins) can also create
non-UUID token names.
https://fedorahosted.org/freeipa/ticket/4456
NOTE: this patch is an alternate approach to my patch 0065. This version
has two main advantages compared to 0065:
1. Permissions are more flexible (not tied to the admin group).
2. Enforcement occurs at the DS-level
It should also be noted that this patch does not enforce UUID
randomness, only syntax. Users can still specify a token ID so long as
it is in UUID format.
Nathaniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0069-Adds-389DS-plugin-to-enforce-UUID-token-IDs.patch
Type: text/x-patch
Size: 12594 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20140921/f11f3b8f/attachment.bin>
More information about the Freeipa-devel
mailing list