projects / mirror / userdir-ldap.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1c2b018) | patch
Give keyring-maint write access to keyFingerPrint
authorFaidon Liambotis <paravoid@debian.org>
Mon, 31 May 2010 14:38:21 +0000 (17:38 +0300)
committerPeter Palfrader <peter@palfrader.org>
Tue, 1 Jun 2010 15:22:05 +0000 (17:22 +0200)
commit1efd4dde6267910089fcf13b949c7e8ec030d447
treeee2e86eeb0e6dc6b7dad807051746ba5ce559934tree | snapshot
parent1c2b018f76877714b51209152dc4e81bb29e97b5commit | diff
Give keyring-maint write access to keyFingerPrint

However, make an exception for supplementaryGid=adm users for security
reasons (wouldn't want keyring-maint to be able to takeover a root
account).

The ACL gives writes to a non-existing group; this should be created,
e.g.
  cn=Keyring Maintainers,ou=users,dc=debian,dc=org
  objectClass: top
  objectClass: groupOfNames
  cn: Keyring Maintainers
  member: uid=noodles,ou=users,dc=debian,dc=org
  member: uid=gwolf,ou=users,dc=debian,dc=org

Signed-off-by: Peter Palfrader <peter@palfrader.org>
userdir-ldap-slapd.conf.in diff | blob | history
Mirror of Debian's userdir-ldap repository