Modify the PrivilegeMapperEntry interface
The object path for the privilege mapper cannot have LDAP group name
in the path name. The D-Bus object path should only contain the ASCII
characters [A-Z][a-z][0-9]_. According to RFC 2253, the LDAP group name
can have additional special characters. A unique identifier is added to
the D-Bus object path and the group name is a property of the privilege
mapper.
Change-Id: If1c511bee7a492887eb45e7ce00fdfc55e98c073
Signed-off-by: Tom Joseph <tomjoseph@in.ibm.com>
diff --git a/xyz/openbmc_project/User/PrivilegeMapperEntry.interface.yaml b/xyz/openbmc_project/User/PrivilegeMapperEntry.interface.yaml
index a90989d..cea3ca2 100644
--- a/xyz/openbmc_project/User/PrivilegeMapperEntry.interface.yaml
+++ b/xyz/openbmc_project/User/PrivilegeMapperEntry.interface.yaml
@@ -2,6 +2,15 @@
Implement to provide privilege for the group.
properties:
+ - name: GroupName
+ type: string
+ description: >
+ Group Name to which the privilege is to be assigned. In the case of
+ LDAP, the GroupName will be the LDAP group the user is part of.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.InvalidArgument
+ - xyz.openbmc_project.User.Common.Error.PrivilegeMappingExists
- name: Privilege
type: string
description: >