URL: https://github.com/freeipa/freeipa/pull/617
Title: #617: Allow renaming of sudo rules
stlaz commented:
"""
Thank you Alexander for your insight. Since this was a hack, I did not want to
do it server-wise. I chose a different approach to the problem and reworked the
original idea so the rename option is now worked with on server.
With this approach, we are able to white-list objects which we think may be
allowed renaming even though their primary keys are not in their RDN.
Just for the record, the names of sudo rules are still not checked for CN
compatibility since their primary key is not part of their DN, but that's how
things have been since for ever, I am afraid (you can try `ipa sudorule-add
bad,cn=rule`).
"""
See the full comment at
https://github.com/freeipa/freeipa/pull/617#issuecomment-288389417
--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code