|
 |
e3ffab |
From faa47e835213aaeff8ad4fa73b2bc20735615b37 Mon Sep 17 00:00:00 2001
|
|
|
e3ffab |
From: Martin Basti <mbasti@redhat.com>
|
|
|
e3ffab |
Date: Mon, 10 Nov 2014 14:13:07 +0100
|
|
|
e3ffab |
Subject: [PATCH] Upgrade: fix trusts objectclass violationi
|
|
|
e3ffab |
|
|
|
e3ffab |
Execute updates in proper ordering.
|
|
|
e3ffab |
Curently ldap-updater implementation doesnt allow better fix.
|
|
|
e3ffab |
|
|
|
e3ffab |
Ticket: https://fedorahosted.org/freeipa/ticket/4680
|
|
|
e3ffab |
Reviewed-By: David Kupka <dkupka@redhat.com>
|
|
|
e3ffab |
---
|
|
|
e3ffab |
install/updates/59-trusts-sysacount.update | 8 ++++++++
|
|
|
e3ffab |
install/updates/60-trusts.update | 6 ------
|
|
|
e3ffab |
install/updates/Makefile.am | 1 +
|
|
|
e3ffab |
3 files changed, 9 insertions(+), 6 deletions(-)
|
|
|
e3ffab |
create mode 100644 install/updates/59-trusts-sysacount.update
|
|
|
e3ffab |
|
|
|
e3ffab |
diff --git a/install/updates/59-trusts-sysacount.update b/install/updates/59-trusts-sysacount.update
|
|
|
e3ffab |
new file mode 100644
|
|
|
e3ffab |
index 0000000000000000000000000000000000000000..b90de80d27b36c9a7bfd3b358338a0a79d969813
|
|
|
e3ffab |
--- /dev/null
|
|
|
e3ffab |
+++ b/install/updates/59-trusts-sysacount.update
|
|
|
e3ffab |
@@ -0,0 +1,8 @@
|
|
|
e3ffab |
+# this update must be applied before 60-trusts.update, because current
|
|
|
e3ffab |
+# implementation of ipa-ldap-updater doesn't keep the order of updates in
|
|
|
e3ffab |
+# filesets
|
|
|
e3ffab |
+dn: cn=adtrust agents,cn=sysaccounts,cn=etc,$SUFFIX
|
|
|
e3ffab |
+add: objectClass: nestedgroup
|
|
|
e3ffab |
+default: objectClass: GroupOfNames
|
|
|
e3ffab |
+default: objectClass: top
|
|
|
e3ffab |
+default: cn: adtrust agents
|
|
|
e3ffab |
diff --git a/install/updates/60-trusts.update b/install/updates/60-trusts.update
|
|
|
e3ffab |
index 9dabc806e2f747c47ab809cd2ed2150b2a13c2a6..79caa837a55eae0e05e1a94f3eabdda7b2b9cc38 100644
|
|
|
e3ffab |
--- a/install/updates/60-trusts.update
|
|
|
e3ffab |
+++ b/install/updates/60-trusts.update
|
|
|
e3ffab |
@@ -10,12 +10,6 @@ default: member: uid=admin,cn=users,cn=accounts,$SUFFIX
|
|
|
e3ffab |
default: nsAccountLock: FALSE
|
|
|
e3ffab |
default: ipaUniqueID: autogenerate
|
|
|
e3ffab |
|
|
|
e3ffab |
-dn: cn=adtrust agents,cn=sysaccounts,cn=etc,$SUFFIX
|
|
|
e3ffab |
-add: objectClass: nestedgroup
|
|
|
e3ffab |
-default: objectClass: GroupOfNames
|
|
|
e3ffab |
-default: objectClass: top
|
|
|
e3ffab |
-default: cn: adtrust agents
|
|
|
e3ffab |
-
|
|
|
e3ffab |
dn: cn=ADTrust Agents,cn=privileges,cn=pbac,$SUFFIX
|
|
|
e3ffab |
default: objectClass: top
|
|
|
e3ffab |
default: objectClass: groupofnames
|
|
|
e3ffab |
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
|
|
|
e3ffab |
index e62a64cea925aaeae9d013ab01a89371c727a6fd..255586c6de1cab52a526c1ca82b4720adf998eee 100644
|
|
|
e3ffab |
--- a/install/updates/Makefile.am
|
|
|
e3ffab |
+++ b/install/updates/Makefile.am
|
|
|
e3ffab |
@@ -41,6 +41,7 @@ app_DATA = \
|
|
|
e3ffab |
50-nis.update \
|
|
|
e3ffab |
50-ipaconfig.update \
|
|
|
e3ffab |
55-pbacmemberof.update \
|
|
|
e3ffab |
+ 59-trusts-sysacount.update \
|
|
|
e3ffab |
60-trusts.update \
|
|
|
e3ffab |
61-trusts-s4u2proxy.update \
|
|
|
e3ffab |
62-ranges.update \
|
|
|
e3ffab |
--
|
|
|
e3ffab |
2.1.0
|
|
|
e3ffab |
|