[Freeipa-users] User Private Groups
Ryan Thomson
ryan at pet.ubc.ca
Thu May 6 23:38:15 UTC 2010
Thanks for the responses, Rob and Dmitri! The solution sounds very elegant.
I await UPG and the next FreeIPA release (whether or not it has UPG) eagerly.
--Ryan
On 2010-05-06, at 4:16 PM, Rob Crittenden wrote:
> Ryan Thomson wrote:
>> Wow, I need to improve my search skills: http://freeipa.org/page/IPAv2_alpha2
>> My answer is at the bottom of the page!
>> My apologies, everyone.
>
> No worries.
>
> We're going to build this on a new feature in 389-ds, Managed Entries (http://directory.fedoraproject.org/wiki/Managed_Entry_Design)
>
> We need an enhancement in the DNA plugin to be able to keep the uidNumber and gidNumber the same but the Managed Entries plugin does most of the heavy lifting of avoiding race conditions for us already.
>
> At this point we just need to wait for the next 389-ds release which should be in the next few weeks. Once that is available we can create our private groups.
>
> rob
>
>> --Ryan
>> Ryan Thomson wrote:
>>> Hi list,
>>>
>>> I am wondering if FreeIPA is planning to conform to RHEL's user private group (UPG) scheme? I think having an option to enable the UPG scheme would be beneficial.
>>>
>>> Adding a user to the v2 beta reveals that the UPG scheme is not currently being followed with all new accounts auto-added to the default "ipausers" group.
>>>
>>> I noticed an older mailing list post by rob saying that UPG was being investigated. Has there been any progress in that investigation? Any decisions?
>>>
>>> Thank you,
>>>
>>> --Ryan
>>>
>>> _______________________________________________
>>> Freeipa-users mailing list
>>> Freeipa-users at redhat.com
>>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
More information about the Freeipa-users
mailing list