1#
2# OpenLDAP schema file for Sudo
3# Save as /etc/openldap/schema/sudo.schema
4#
5
6attributetype ( 1.3.6.1.4.1.15953.9.1.1
7    NAME 'sudoUser'
8    DESC 'User(s) who may  run sudo'
9    EQUALITY caseExactIA5Match
10    SUBSTR caseExactIA5SubstringsMatch
11    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
12
13attributetype ( 1.3.6.1.4.1.15953.9.1.2
14    NAME 'sudoHost'
15    DESC 'Host(s) who may run sudo'
16    EQUALITY caseExactIA5Match
17    SUBSTR caseExactIA5SubstringsMatch
18    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
19
20attributetype ( 1.3.6.1.4.1.15953.9.1.3
21    NAME 'sudoCommand'
22    DESC 'Command(s) to be executed by sudo'
23    EQUALITY caseExactIA5Match
24    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
25
26attributetype ( 1.3.6.1.4.1.15953.9.1.4
27    NAME 'sudoRunAs'
28    DESC 'User(s) impersonated by sudo (deprecated)'
29    EQUALITY caseExactIA5Match
30    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
31
32attributetype ( 1.3.6.1.4.1.15953.9.1.5
33    NAME 'sudoOption'
34    DESC 'Options(s) followed by sudo'
35    EQUALITY caseExactIA5Match
36    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
37
38attributetype ( 1.3.6.1.4.1.15953.9.1.6
39    NAME 'sudoRunAsUser'
40    DESC 'User(s) impersonated by sudo'
41    EQUALITY caseExactIA5Match
42    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
43
44attributetype ( 1.3.6.1.4.1.15953.9.1.7
45    NAME 'sudoRunAsGroup'
46    DESC 'Group(s) impersonated by sudo'
47    EQUALITY caseExactIA5Match
48    SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
49
50attributetype ( 1.3.6.1.4.1.15953.9.1.8
51    NAME 'sudoNotBefore'
52    DESC 'Start of time interval for which the entry is valid'
53    EQUALITY generalizedTimeMatch
54    ORDERING generalizedTimeOrderingMatch
55    SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
56
57attributetype ( 1.3.6.1.4.1.15953.9.1.9
58    NAME 'sudoNotAfter'
59    DESC 'End of time interval for which the entry is valid'
60    EQUALITY generalizedTimeMatch
61    ORDERING generalizedTimeOrderingMatch
62    SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
63
64attributeTypes ( 1.3.6.1.4.1.15953.9.1.10
65    NAME 'sudoOrder'
66    DESC 'an integer to order the sudoRole entries'
67    EQUALITY integerMatch
68    ORDERING integerOrderingMatch
69    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
70
71objectclass ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL
72    DESC 'Sudoer Entries'
73    MUST ( cn )
74    MAY ( sudoUser $ sudoHost $ sudoCommand $ sudoRunAs $ sudoRunAsUser $ sudoRunAsGroup $ sudoOption $ sudoOrder $ sudoNotBefore $ sudoNotAfter $
75	    description )
76    )
77