remove dnsZoneEntry from restricted attributes to match config on db.d.o

author Peter Palfrader <peter@palfrader.org>

Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)

committer Peter Palfrader <peter@palfrader.org>

Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)
author Peter Palfrader <peter@palfrader.org>
Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)
committer Peter Palfrader <peter@palfrader.org>
Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)
diff --git a/debian/changelog b/debian/changelog

index 0839d77..0d12ca6 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,8 @@
  userdir-ldap (0.3.87) UNRELEASED; urgency=medium
  
-  * userdir-ldap-slapd.conf.in: Rhonda points out dnsZoneEntry should not be
-    world readable
+  * remove dnsZoneEntry from restricted attributes to match config on db.d.o
  
- -- Peter Palfrader <weasel@debian.org>  Fri, 17 Apr 2015 20:34:18 +0200
+ -- Peter Palfrader <weasel@debian.org>  Fri, 17 Apr 2015 20:42:12 +0200
  
  userdir-ldap (0.3.86) unstable; urgency=medium
  
diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in

index f8f3303..8794277 100644 (file)
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -73,7 +73,7 @@ access to attrs=sshrsaauthkey
         by * none
  
  # debian.org readable, authenticated user readable
-access to attrs=activity-pgp,activity-from,dnsZoneEntry,c,l,loginShell,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions
+access to attrs=activity-pgp,activity-from,c,l,loginShell,onVacation,birthDate,mailDisableMessage,gender,emailforward,mailCallout,mailGreylisting,mailRBL,mailRHSBL,mailWhitelist,mailContentInspectionAction,mailDefaultOptions
         by peername.ip=127.0.0.1 read
         by domain=alioth.debian.org none
         by domain.subtree=@@DOMAIN@@ read
@@ -86,7 +86,7 @@ access to attrs=facsimileTelephoneNumber,telephoneNumber,postalAddress,postalCod
         by * none
  
  # rest is globally readable
-access to attrs=access,accountComment,accountStatus,admin,allowedGroups,allowedHost,architecture,bandwidth,cn,comment,dc,description,disk,distribution,dnsTTL,exportOptions,gecos,gid,gidNumber,homeDirectory,host,hostname,icqUin,ipHostNumber,ircNick,jabberJID,keyFingerPrint,labeledURI,mXRecord,machine,member,memory,mn,objectClass,ou,physicalHost,purpose,shadowExpire,shadowLastChange,shadowMax,shadowMin,shadowWarning,sn,sponsor,sponsor-admin,sshRSAHostKey,status,subGroup,supplementaryGid,uid,uidNumber
+access to attrs=access,accountComment,accountStatus,admin,allowedGroups,allowedHost,architecture,bandwidth,cn,comment,dc,description,disk,distribution,dnsTTL,dnsZoneEntry,exportOptions,gecos,gid,gidNumber,homeDirectory,host,hostname,icqUin,ipHostNumber,ircNick,jabberJID,keyFingerPrint,labeledURI,mXRecord,machine,member,memory,mn,objectClass,ou,physicalHost,purpose,shadowExpire,shadowLastChange,shadowMax,shadowMin,shadowWarning,sn,sponsor,sponsor-admin,sshRSAHostKey,status,subGroup,supplementaryGid,uid,uidNumber
         by * read
  
  access to *
author	Peter Palfrader <peter@palfrader.org>
	Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)
committer	Peter Palfrader <peter@palfrader.org>
	Fri, 17 Apr 2015 18:42:41 +0000 (20:42 +0200)
debian/changelog		patch \| blob \| history
userdir-ldap-slapd.conf.in		patch \| blob \| history