On Mon, May 11, 2009 at 7:09 PM, Chris St. Pierre <stpierre@xxxxxxxxxxxxxxxx> wrote:
++ Makes perfect sense, thanks a bunch, so i should be most concerned with the fedora-ds-base and fedora-ds-console packages for revision or version changes. I will definitely keep that in mind.
Thanks again for the clarity.
James
On Mon, 11 May 2009, James Chavez wrote:In the sudoers schema file
Now If the uid is listed as Joe_Montana..and I login as Joe_Montana then the
entry is recognized correctly by the sudo functions.
If I login as joe_montana the sudo functions fail.
Is there a way to force 389 to be case insensitive so that username or UIDs
are recognized regardless of case?
(/etc/dirsrv/slapd-<instance>/schema/60sudo.ldif), you'll note that
the sudoUser attribute has:
EQUALITY caseExactIA5Match
SUBSTR caseExactIA5SubstringsMatch
So do the sudoHost, sudoCommand, etc., attributes. If you want
case-insensitive matching, you should change that to:
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
And then restart the DS.
++ Chris thanks for the reply. That helps...seems obvious now that you pointed it to me. i appreciate it.
Yes, those are the latest packages. Note that the fedora-ds-base
Secondly it seems the Fedora 9 newkey updates repo is broken. I upgraded all
of our installations to the newest packages 2 to 3 weeks ago and i am
wondering if these are still the latest packages.
fedora-ds-dsgw-1.1.1-1.fc9.i386
fedora-ds-console-1.2.0-1.fc9.noarch
fedora-ds-base-1.2.0-4.fc9.i386
fedora-ds-1.1.3-1.fc9.noarch
fedora-ds-admin-1.1.7-3.fc9.i386
fedora-ds-admin-console-1.1.3-1.fc9.noarch
package -- which has the important stuff -- and the fedora-ds-console
package -- which has the shiny GUI stuff -- are both at 1.2.0, the
latest version. FDS -- err, 389DS -- doesn't rev all of the package
versions to track the release version, so the fedora-ds package is
still at 1.1.3 while its requirements are at various other versions.
Some nuts and bolts: fedora-ds is itself just a "meta-package" that
contains nothing; it just requires other packages. So the fedora-ds
package version really only needs to incremented if the requirements
change. Since they didn't, it's easier for the dev team to leave what
they can alone and only release new versions of packages that actually
have some changed code.
Make sense?
++ Makes perfect sense, thanks a bunch, so i should be most concerned with the fedora-ds-base and fedora-ds-console packages for revision or version changes. I will definitely keep that in mind.
Thanks again for the clarity.
James
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
