From b2cdf5dc62717a618e63a82c8cce3bfb5e604a4d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= <aurelien@bompard.org>
Date: Mon, 31 Aug 2020 22:58:51 +0200
Subject: [PATCH] Now that IPA is the reference, allow users to change their
 own attributes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
---
 roles/ipa/server/files/configure-ipa.sh | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/roles/ipa/server/files/configure-ipa.sh b/roles/ipa/server/files/configure-ipa.sh
index 0b62940a97..296796201f 100644
--- a/roles/ipa/server/files/configure-ipa.sh
+++ b/roles/ipa/server/files/configure-ipa.sh
@@ -8,15 +8,5 @@ trap cleanup EXIT
 
 echo $ADMIN_PASSWORD | kinit admin
 
-# Disallow all users to change their own settings
-ipa selfservice-find | grep "Self-service name:" | sed -e "s/  Self-service name: //" | \
-while read line
-do
-    echo "Removing $line"
-    ipa selfservice-del "$line"
-done
-
 # Disable default permissions so we don't break our privacy policy
 ipa permission-mod "System: Read User Addressbook Attributes" --bindtype=permission
-
-# TODO: Add custom permissions to grant specific access to user attributes