|
 |
905b4d |
From 65679aaa24942edb448077eb172361b45b4f2a71 Mon Sep 17 00:00:00 2001
|
|
|
905b4d |
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
|
905b4d |
Date: Fri, 31 Oct 2014 14:26:30 +0100
|
|
|
905b4d |
Subject: [PATCH 54/64] IPA: use ipaUserGroup object class for groups
|
|
|
905b4d |
|
|
|
905b4d |
dfb34c6c82ed5014599bf70de6791e6d79106fc2 changed object class
|
|
|
905b4d |
of IPA groups from posixGroups to more general groupOfNames.
|
|
|
905b4d |
However, this object class is used also for roles, permissions and
|
|
|
905b4d |
privileges which caused SSSD to consider those objects to be groups as
|
|
|
905b4d |
well during initgroups.
|
|
|
905b4d |
|
|
|
905b4d |
Resolves:
|
|
|
905b4d |
https://fedorahosted.org/sssd/ticket/2471
|
|
|
905b4d |
|
|
|
905b4d |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
905b4d |
---
|
|
|
905b4d |
src/providers/ipa/ipa_opts.h | 2 +-
|
|
|
905b4d |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
905b4d |
|
|
|
905b4d |
diff --git a/src/providers/ipa/ipa_opts.h b/src/providers/ipa/ipa_opts.h
|
|
|
905b4d |
index 4785e0164bf6d9efb574a8703b573f4e8086cab6..0e0eed49cd397fe88ce7bf41579c066088947d04 100644
|
|
|
905b4d |
--- a/src/providers/ipa/ipa_opts.h
|
|
|
905b4d |
+++ b/src/providers/ipa/ipa_opts.h
|
|
|
905b4d |
@@ -205,7 +205,7 @@ struct sdap_attr_map ipa_user_map[] = {
|
|
|
905b4d |
};
|
|
|
905b4d |
|
|
|
905b4d |
struct sdap_attr_map ipa_group_map[] = {
|
|
|
905b4d |
- { "ldap_group_object_class", "groupOfNames", SYSDB_GROUP_CLASS, NULL },
|
|
|
905b4d |
+ { "ldap_group_object_class", "ipaUserGroup", SYSDB_GROUP_CLASS, NULL },
|
|
|
905b4d |
{ "ldap_group_object_class_alt", "posixGroup", SYSDB_GROUP_CLASS, NULL },
|
|
|
905b4d |
{ "ldap_group_name", "cn", SYSDB_NAME, NULL },
|
|
|
905b4d |
{ "ldap_group_pwd", "userPassword", SYSDB_PWD, NULL },
|
|
|
905b4d |
--
|
|
|
905b4d |
1.9.3
|
|
|
905b4d |
|