1# 2# OpenLDAP schema file for Sudo 3# Save as /etc/openldap/schema/sudo.schema 4# 5 6attributetype ( 1.3.6.1.4.1.15953.9.1.1 7 NAME 'sudoUser' 8 DESC 'User(s) who may run sudo' 9 EQUALITY caseExactIA5Match 10 SUBSTR caseExactIA5SubstringsMatch 11 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 12 13attributetype ( 1.3.6.1.4.1.15953.9.1.2 14 NAME 'sudoHost' 15 DESC 'Host(s) who may run sudo' 16 EQUALITY caseExactIA5Match 17 SUBSTR caseExactIA5SubstringsMatch 18 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 19 20attributetype ( 1.3.6.1.4.1.15953.9.1.3 21 NAME 'sudoCommand' 22 DESC 'Command(s) to be executed by sudo' 23 EQUALITY caseExactIA5Match 24 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 25 26attributetype ( 1.3.6.1.4.1.15953.9.1.4 27 NAME 'sudoRunAs' 28 DESC 'User(s) impersonated by sudo (deprecated)' 29 EQUALITY caseExactIA5Match 30 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 31 32attributetype ( 1.3.6.1.4.1.15953.9.1.5 33 NAME 'sudoOption' 34 DESC 'Options(s) followed by sudo' 35 EQUALITY caseExactIA5Match 36 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 37 38attributetype ( 1.3.6.1.4.1.15953.9.1.6 39 NAME 'sudoRunAsUser' 40 DESC 'User(s) impersonated by sudo' 41 EQUALITY caseExactIA5Match 42 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 43 44attributetype ( 1.3.6.1.4.1.15953.9.1.7 45 NAME 'sudoRunAsGroup' 46 DESC 'Group(s) impersonated by sudo' 47 EQUALITY caseExactIA5Match 48 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) 49 50attributetype ( 1.3.6.1.4.1.15953.9.1.8 51 NAME 'sudoNotBefore' 52 DESC 'Start of time interval for which the entry is valid' 53 EQUALITY generalizedTimeMatch 54 ORDERING generalizedTimeOrderingMatch 55 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) 56 57attributetype ( 1.3.6.1.4.1.15953.9.1.9 58 NAME 'sudoNotAfter' 59 DESC 'End of time interval for which the entry is valid' 60 EQUALITY generalizedTimeMatch 61 ORDERING generalizedTimeOrderingMatch 62 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ) 63 64attributeTypes ( 1.3.6.1.4.1.15953.9.1.10 65 NAME 'sudoOrder' 66 DESC 'an integer to order the sudoRole entries' 67 EQUALITY integerMatch 68 ORDERING integerOrderingMatch 69 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) 70 71objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL 72 DESC 'Sudoer Entries' 73 MUST ( cn ) 74 MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ sudoOrder $ sudoNotBefore $ sudoNotAfter $ 75 description ) 76 ) 77