Pushed this fix under the 1-liner rule. We had the wrong attribute in an
aci.
diff --git a/install/updates/40-delegation.update
b/install/updates/40-delegation.update
index da17358..d51e213 100644
--- a/install/updates/40-delegation.update
+++ b/install/updates/40-delegation.update
@@ -241,7 +241,7 @@ add:aci: '(target =
"ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
add:aci: '(target =
"ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version
3.0;acl "Remove Hosts";allow (delete) groupdn =
"ldap:///cn=removehosts,cn=
taskgroups,cn=accounts,$SUFFIX";)'
-add:aci: '(targetattr = "cn || description || l || location ||
+add:aci: '(targetattr = "cn || description || l || nshostlocation ||
nshardwareplatform || nsosversion")
(target = "ldap:///fqdn=*,cn=computers,cn=accounts,$SUFFIX")(version 3.0;
acl "Modify Hosts";allow (write) groupdn = "ldap:///cn=modifyhosts,
--
1.6.2.5
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel