[Freeipa-users] hostMask attribute syntax issue in 60sudo.ldif
Brian LaMere
brian at cukerinteractive.com
Fri Sep 24 19:26:47 UTC 2010
On Fri, Sep 24, 2010 at 10:43 AM, Dmitri Pal <dpal at redhat.com> wrote:
> Brian LaMere wrote:
> > ah, odd - I'm used to IPs being IA5. then the equality match should
> > be changed? Can't have caseIgnoreIA5Match on a directory string :)
> Yes. This is what the patch does :-)
>
>
so, out of curiousity...why 60sudo? Seems like a string matching netmask
could be used more generically...it's redefined over as
radiusFramedIPNetmask in 60radius.ldif. I go through and purge my tree of
attributes I'll never need, sorry - I have strange quirks.
Also, I've noted that when I stop services, then start them again per the
order in /etc/rc3.d, named doesn't know about the local domain yet because
it connects to an empty socket (since the krb and dirsrv services aren't
started yet)
trying to establish LDAP connection to
ldapi://%2fvar%2frun%2fslapd-BRIAN-INTERNAL.socket
which fails at:
Principal not found in cred cache (Matching credential not found)
Once everything is up, if I run "rndc reload" the local domain lookups (and
thus, everything else) works again. Should one of the other services
incorporate a rndc reload, for this reason? I didn't actually restart the
server (can't, due to something else it is doing) I just stopped things per
rc3.d/k* order, and then started them per s* order.
Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20100924/18578e8f/attachment.htm>
More information about the Freeipa-users
mailing list