[Pkg-freeipa-devel] [Git][freeipa-team/bind-dyndb-ldap][master] d/t/dyndb-ldap: allow writing to the dns tree

[Timo Aaltonen (@tjaalton)]

Timo Aaltonen pushed to branch master at FreeIPA packaging / bind-dyndb-ldap


Commits:
79afdcaf by Andreas Hasenack at 2023-09-05T10:59:46-03:00
d/t/dyndb-ldap: allow writing to the dns tree

Sometimes the plugin wants to update some records, like idnsSOASerial.

See also LP: #2034250

- - - - -


1 changed file:

- debian/tests/dyndb-ldap


Changes:

=====================================
debian/tests/dyndb-ldap
=====================================
@@ -132,11 +132,13 @@ EOF
     # this sets the password
     ldappasswd -x -D "${ldap_admin_dn}" -w "${ldap_admin_pw}" -s "${ldap_bind9_pw}" "${ldap_bind9_dn}"
 
+    # The plugin can change some attributes, like SOA records. For this test,
+    # it's simpler to just allow it to write to the whole dns tree.
     ldapmodify -Q -Y EXTERNAL -H ldapi:/// <<EOF
 dn: olcDatabase={1}mdb,cn=config
 changetype: modify
 add: olcAccess
-olcAccess: {1}to dn.subtree="ou=dns,${ldap_suffix}" by dn.exact="${ldap_bind9_dn}" read by * none
+olcAccess: {1}to dn.subtree="ou=dns,${ldap_suffix}" by dn.exact="${ldap_bind9_dn}" write by * none
 
 EOF
 }



View it on GitLab: https://salsa.debian.org/freeipa-team/bind-dyndb-ldap/-/commit/79afdcaf0f3cda9227f5f03f84dded1c6d76d1f3

-- 
View it on GitLab: https://salsa.debian.org/freeipa-team/bind-dyndb-ldap/-/commit/79afdcaf0f3cda9227f5f03f84dded1c6d76d1f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20230905/a8a342a2/attachment.htm>