On 09/05/2014 01:34 PM, Alexander Bokovoy wrote:
On Fri, 05 Sep 2014, Petr Viktorin wrote:
On 09/05/2014 09:18 AM, Martin Kosek wrote:
...
Thanks! Looks sane to me. We would just need to remove Views related
ACIs for
the 4.0.x version that we will need for today.
Thanks indeed!
Here is the patched patch. The Read Operational Attributes permission
is split for createtimestamp/modifytimestamp/entryusn (anonymous) and
creatorsname/modifiersname (authenticated).
Thanks! ACK.
Pushed to:
master: 418ce870bfbe13cea694a7b862cafe35c703f660
ipa-4-0: 3e2c86aeabbd2e3c54ad73a40803ef2bf5b0cb17
ipa-4-1: 9bcd88589e30d31d3f533cd42d2f816ef01b07c7
Only admins can read the cn=compat entry itself. I don't think that's
an issue though.
It is an empty virtual entry that doesn't exist anywhere and is
synthesized by slapi-nis on each request.
As with most containers, it's not very interesting, but if it's hidden
its contents won't be listed in GUI browsers.
In the compat tree that's not much of an issue, hopefully.
--
PetrĀ³
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
