app-admin/mmc-agent: Update kerberos Patch
git-svn-id: https://svn.disconnected-by-peer.at/svn/linamh/trunk/mds@708 6952d904-891a-0410-993b-d76249ca496b
This commit is contained in:
geos_one
@@ -294,3 +294,143 @@ diff -Naur mmc-agent-2.3.1.orig/setup.py mmc-agent-2.3.1/setup.py
|
||||
- packages = ["mmc", "mmc.support", "mmc.plugins", "mmc.plugins.base", "mmc.plugins.samba", "mmc.plugins.proxy", "mmc.plugins.mail", "mmc.plugins.network"],
|
||||
+ packages = ["mmc", "mmc.support", "mmc.plugins", "mmc.plugins.base", "mmc.plugins.samba", "mmc.plugins.proxy", "mmc.plugins.mail", "mmc.plugins.network", "mmc.plugins.kerberos"],
|
||||
)
|
||||
diff -Naur mmc-agent-2.3.1.orig/contrib/ldap/krb5-kdc.schema mmc-agent-2.3.1/contrib/ldap/krb5-kdc.schema
|
||||
--- mmc-agent-2.3.1.orig/contrib/ldap/krb5-kdc.schema
|
||||
+++ mmc-agent-2.3.1/contrib/ldap/krb5-kdc.schema
|
||||
@@ -0,0 +1,136 @@
|
||||
+# $Id: krb5-kdc.schema,v 1.1 2004-03-22 17:25:05 quanah Exp $
|
||||
+# Definitions for a Kerberos V KDC schema
|
||||
+
|
||||
+# OID Base is iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) padl(5322) kdcSchema(10)
|
||||
+#
|
||||
+# Syntaxes are under 1.3.6.1.4.1.5322.10.0
|
||||
+# Attributes types are under 1.3.6.1.4.1.5322.10.1
|
||||
+# Object classes are under 1.3.6.1.4.1.5322.10.2
|
||||
+
|
||||
+# Syntax definitions
|
||||
+
|
||||
+#krb5KDCFlagsSyntax SYNTAX ::= {
|
||||
+# WITH SYNTAX INTEGER
|
||||
+#-- initial(0), -- require as-req
|
||||
+#-- forwardable(1), -- may issue forwardable
|
||||
+#-- proxiable(2), -- may issue proxiable
|
||||
+#-- renewable(3), -- may issue renewable
|
||||
+#-- postdate(4), -- may issue postdatable
|
||||
+#-- server(5), -- may be server
|
||||
+#-- client(6), -- may be client
|
||||
+#-- invalid(7), -- entry is invalid
|
||||
+#-- require-preauth(8), -- must use preauth
|
||||
+#-- change-pw(9), -- change password service
|
||||
+#-- require-hwauth(10), -- must use hwauth
|
||||
+#-- ok-as-delegate(11), -- as in TicketFlags
|
||||
+#-- user-to-user(12), -- may use user-to-user auth
|
||||
+#-- immutable(13) -- may not be deleted
|
||||
+# ID { 1.3.6.1.4.1.5322.10.0.1 }
|
||||
+#}
|
||||
+
|
||||
+#krb5PrincipalNameSyntax SYNTAX ::= {
|
||||
+# WITH SYNTAX OCTET STRING
|
||||
+#-- String representations of distinguished names as per RFC1510
|
||||
+# ID { 1.3.6.1.4.1.5322.10.0.2 }
|
||||
+#}
|
||||
+
|
||||
+# Attribute type definitions
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.1
|
||||
+ NAME 'krb5PrincipalName'
|
||||
+ DESC 'The unparsed Kerberos principal name'
|
||||
+ EQUALITY caseExactIA5Match
|
||||
+ SINGLE-VALUE
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.2
|
||||
+ NAME 'krb5KeyVersionNumber'
|
||||
+ EQUALITY integerMatch
|
||||
+ SINGLE-VALUE
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.3
|
||||
+ NAME 'krb5MaxLife'
|
||||
+ EQUALITY integerMatch
|
||||
+ SINGLE-VALUE
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.4
|
||||
+ NAME 'krb5MaxRenew'
|
||||
+ EQUALITY integerMatch
|
||||
+ SINGLE-VALUE
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.5
|
||||
+ NAME 'krb5KDCFlags'
|
||||
+ EQUALITY integerMatch
|
||||
+ SINGLE-VALUE
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.6
|
||||
+ NAME 'krb5EncryptionType'
|
||||
+ EQUALITY integerMatch
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.7
|
||||
+ NAME 'krb5ValidStart'
|
||||
+ EQUALITY generalizedTimeMatch
|
||||
+ ORDERING generalizedTimeOrderingMatch
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||
+ SINGLE-VALUE )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.8
|
||||
+ NAME 'krb5ValidEnd'
|
||||
+ EQUALITY generalizedTimeMatch
|
||||
+ ORDERING generalizedTimeOrderingMatch
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||
+ SINGLE-VALUE )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.9
|
||||
+ NAME 'krb5PasswordEnd'
|
||||
+ EQUALITY generalizedTimeMatch
|
||||
+ ORDERING generalizedTimeOrderingMatch
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
|
||||
+ SINGLE-VALUE )
|
||||
+
|
||||
+# this is temporary; keys will eventually
|
||||
+# be child entries or compound attributes.
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.10
|
||||
+ NAME 'krb5Key'
|
||||
+ DESC 'Encoded ASN1 Key as an octet string'
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.11
|
||||
+ NAME 'krb5PrincipalRealm'
|
||||
+ DESC 'Distinguished name of krb5Realm entry'
|
||||
+ SUP distinguishedName )
|
||||
+
|
||||
+attributetype ( 1.3.6.1.4.1.5322.10.1.12
|
||||
+ NAME 'krb5RealmName'
|
||||
+ EQUALITY octetStringMatch
|
||||
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
|
||||
+
|
||||
+# Object class definitions
|
||||
+
|
||||
+objectclass ( 1.3.6.1.4.1.5322.10.2.1
|
||||
+ NAME 'krb5Principal'
|
||||
+ SUP top
|
||||
+ AUXILIARY
|
||||
+ MUST ( krb5PrincipalName )
|
||||
+ MAY ( cn $ krb5PrincipalRealm ) )
|
||||
+
|
||||
+objectclass ( 1.3.6.1.4.1.5322.10.2.2
|
||||
+ NAME 'krb5KDCEntry'
|
||||
+ SUP krb5Principal
|
||||
+ AUXILIARY
|
||||
+ MUST ( krb5KeyVersionNumber )
|
||||
+ MAY ( krb5ValidStart $ krb5ValidEnd $ krb5PasswordEnd $
|
||||
+ krb5MaxLife $ krb5MaxRenew $ krb5KDCFlags $
|
||||
+ krb5EncryptionType $ krb5Key ) )
|
||||
+
|
||||
+objectclass ( 1.3.6.1.4.1.5322.10.2.3
|
||||
+ NAME 'krb5Realm'
|
||||
+ SUP top
|
||||
+ AUXILIARY
|
||||
+ MUST ( krb5RealmName ) )
|
||||
+
|
||||
|
||||
Reference in New Issue
Block a user