Add sudoPassword to schema

diff --git a/userdir-ldap-slapd.conf.in b/userdir-ldap-slapd.conf.in
index 6b70173..cf4ecfd 100644 (file)
--- a/userdir-ldap-slapd.conf.in
+++ b/userdir-ldap-slapd.conf.in
@@ -26,7 +26,7 @@ sizelimit 10000
 lastmod on
 
 # owner writeable
-access to attrs=userPassword,sshrsaauthkey
+access to attrs=userPassword,sudoPassword,sshrsaauthkey
        by group="cn=LDAP Administrator,ou=users,@@DN@@" write
        by dn="uid=sshdist,ou=users,@@DN@@"  write
        by self read

diff --git a/userdir-ldap.schema b/userdir-ldap.schema
index 3f64e90..f9c96a4 100644 (file)
--- a/userdir-ldap.schema
+++ b/userdir-ldap.schema
@@ -98,6 +98,7 @@
 #   .33 - purpose
 #   .34 - physicalHost
 #   .35 - VoIP
+#   .36 - sudoPassword
 #
 # .3 - experimental LDAP objectClasses
 #   .1 - debianDeveloper
@@ -359,6 +360,13 @@ attributetype ( 1.3.6.1.4.1.9586.100.4.2.35
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
 
+attributetype ( 1.3.6.1.4.1.9586.100.4.2.36
+       NAME 'sudoPassword'
+       DESC 'sudo password'
+       EQUALITY octetStringMatch
+       SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
+
+
 # Public object classes
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
@@ -366,7 +374,7 @@ objectclass ( 1.3.6.1.4.1.9586.100.4.1.1
        DESC 'Abstraction of an account with POSIX attributes and UTF8 support'
        SUP top AUXILIARY
        MUST ( cn $ uid $ uidNumber $ gidNumber )
-       MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage ) )
+       MAY ( userPassword $ loginShell $ gecos $ homeDirectory $ description $ mailDisableMessage $ sudoPassword ) )
 
 objectclass ( 1.3.6.1.4.1.9586.100.4.1.2
        NAME 'debianGroup'