https://bugzilla.redhat.com/show_bug.cgi?id=646707
Based on the two following threads, please add support to create ACIs for ldapi socket connections. Apparently, support does not exist at this time. http://lists.fedoraproject.org/pipermail/389-users/2010-July/011765.html http://lists.fedoraproject.org/pipermail/389-users/2010-October/012367.html This is a feature request. Thanks.
batch update moving tickets to future
set default ticket origin to Community
Added initial screened field value.
We'd like this functionality in IPA to protect the Kerberos master key from being read over anything except ldapi, ideally even for DM.
attachment 0001-Ticket-77-RFE-Add-ACI-support-for-ldapi.patch
git merge ticket77 Updating de61f34..579fcf4 Fast-forward ldap/servers/plugins/acl/acl.h | 2 ++ ldap/servers/plugins/acl/acl_ext.c | 18 ++++++++++++++++-- ldap/servers/plugins/acl/aclinit.c | 2 +- ldap/servers/plugins/acl/acllas.c | 19 +++++++++++++++---- ldap/servers/slapd/libslapd.def | 1 + ldap/servers/slapd/pblock.c | 9 +++++++++ ldap/servers/slapd/slapi-plugin.h | 9 +++++++++ 7 files changed, 53 insertions(+), 7 deletions(-)
git push origin master Counting objects: 27, done. Delta compression using up to 4 threads. Compressing objects: 100% (14/14), done. Writing objects: 100% (14/14), 1.92 KiB, done. Total 14 (delta 12), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git de61f34..579fcf4 master -> master
commit 579fcf4
Metadata Update from @rcritten: - Issue assigned to mreynolds - Issue set to the milestone: 1.3.2 - 04/13 (April)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/77
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.