freeipa

Clone
Source Code
GIT

dee3255 ldap2: fix implementation of can_add

3 files Authored by ftweedal 6 years ago, Committed by cheimes 6 years ago,
raw patch tree parent
3 files changed. 39 lines added. 15 lines removed.
freeipa.spec.in
file modified
+8 -4
ipaserver/plugins/ca.py
file modified
+1 -1
ipaserver/plugins/ldap2.py
file modified
+30 -10 
    ldap2: fix implementation of can_add
    
    ldap2.can_add checks for add permission of a given entry.
    It did not work properly due to a defect in 389 DS.  Now that the
    defect has been fixed, we also need to update can_add to work with
    the mechanism 389 DS provides for checking add permission for
    entries where ACIs are in effect.
    
    Update the ldap2.can_add implementation to perform the add
    permission check properly.  Also update call sites accordingly.
    
    Update the spec file to require 389-ds-base-1.3.7.9-1 which is the
    first release containing the fix.  This version of 389-ds-base also
    resolves a couple of other issues related to replication and
    connection management.
    
    Fixes: https://pagure.io/freeipa/issue/6609
    Fixes: https://pagure.io/freeipa/issue/7165
    Fixes: https://pagure.io/freeipa/issue/7228
    Reviewed-By: Christian Heimes <cheimes@redhat.com>
file modified
+8 -4
file modified
+1 -1
file modified
+30 -10
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.