diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2009-04-11 10:20:48 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2009-04-13 09:06:49 -0400 |
commit | 4626af1ad1141291f226382f3569e4dd0486cd08 (patch) | |
tree | f35309c400cd028482750e0469db218e6eb02d49 /server/examples | |
parent | c1d6bffe9ba81c265042859dddf3b39be87c161b (diff) | |
download | sssd-4626af1ad1141291f226382f3569e4dd0486cd08.tar.gz sssd-4626af1ad1141291f226382f3569e4dd0486cd08.tar.xz sssd-4626af1ad1141291f226382f3569e4dd0486cd08.zip |
Allow configuration of the SSSD through /etc/sssd/sssd.conf
The SSSD now links with the ini_config and collection libraries
in the common directory.
The monitor will track changes to the /etc/sssd/sssd.conf file
using inotify on platforms that support it, or polled every 5
seconds on platforms that do not.
At startup or modification of the conf file, the monitor will
purge the existing confdb and reread it completely from the conf
file, to ensure that there are no lingering entries. It does this
in a transaction, so there should be no race condition with the
client services.
A new option has been added to the startup options for the SSSD.
It is now possible to specify an alternate config file with the
-c <file> at the command line.
Diffstat (limited to 'server/examples')
-rw-r--r-- | server/examples/config.ldif | 88 | ||||
-rw-r--r-- | server/examples/db.ldif | 71 | ||||
-rw-r--r-- | server/examples/sssd.conf | 51 |
3 files changed, 51 insertions, 159 deletions
diff --git a/server/examples/config.ldif b/server/examples/config.ldif deleted file mode 100644 index b9eb33407..000000000 --- a/server/examples/config.ldif +++ /dev/null @@ -1,88 +0,0 @@ -# editing 4 records -# record 1 -dn: cn=config -cn: config -version: 0.1 - -dn: cn=services,cn=config -cn: services -description: Local service configuration -activeServices: nss -activeServices: dp -activeServices: pam -activeServices: info - -dn: cn=nss,cn=services,cn=config -cn: nss -description: NSS Responder Configuration -filterGroups: root -filterGroups: foo@TEST -filterUsers: root -filterUsers: bar@TEST - -dn: cn=dp,cn=services,cn=config -cn: dp -description: Data Provider Configuration - -dn: cn=monitor,cn=services,cn=config -cn: monitor -description: Monitor Configuration -sbusTimeout: 10 -servicePingTime: 10 - -dn: cn=pam,cn=services,cn=config -cn: pam -description: PAM Responder Configuration - -dn: cn=info,cn=services,cn=config -cn: info -description: InfoPipe Configuration - -dn: cn=domains,cn=config -cn: domains -description: Domains served by SSSD -domains: LOCAL, EXAMPLE.COM, TEST - -dn: cn=LOCAL,cn=domains,cn=config -cn: LOCAL -description: Reserved domain for local configurations -enumerate: 3 -minId: 500 -maxId: 999 -legacy: TRUE -libName: files -libPath: /lib64/libnss_files.so.2 -magicPrivateGroups: FALSE -provider: proxy -auth-module: proxy -pam-target: sssdproxylocal - -dn: cn=TEST,cn=domains,cn=config -cn: TEST -description: TEST Ldap domain -libName: ldap -libPath: /usr/lib64/libnss_ldap.so.2 -legacy: TRUE -enumerate: 3 -useFullyQualifiedNames: TRUE -minId: 1000 -provider: proxy -auth-module: proxy -pam-target: sssdproxytest - -dn: cn=LDAPTEST,cn=domains,cn=config -cn: LDAPTEST -basedn: cn=LDAPTEST,sn=sysdb -command: /usr/libexec/sssd/sssd_be --provider ldap --domain LDAPTEST -description: TEST PAM Ldap domain -provider: ldap -userSearchBase: ou=user,dc=my-domain,dc=com - -dn: cn=EXAMPLE.COM,cn=domains,cn=config -cn: EXAMPLE.COM -description: Example domain served by IPA -provider: ipa -server: ipaserver1.example.com -server: ipabackupserver.example.com -legacy: FALSE -enumerate: 0 diff --git a/server/examples/db.ldif b/server/examples/db.ldif deleted file mode 100644 index 9ded6c794..000000000 --- a/server/examples/db.ldif +++ /dev/null @@ -1,71 +0,0 @@ -dn: @ATTRIBUTES -userPrincipalName: CASE_INSENSITIVE -cn: CASE_INSENSITIVE -dc: CASE_INSENSITIVE -dn: CASE_INSENSITIVE -name: CASE_INSENSITIVE -objectclass: CASE_INSENSITIVE - -dn: @INDEXLIST -@IDXATTR: cn -@IDXATTR: objectclass -@IDXATTR: member -@IDXATTR: memberof -@IDXATTR: memberUid -@IDXATTR: uid -@IDXATTR: gid -@IDXATTR: uidNumber -@IDXATTR: gidNumber -@IDXATTR: lastUpdate - -dn: @MODULES -@LIST: asq,memberof - -dn: cn=sysdb -cn: sysdb -version: 0.1 -description: base object - -dn: cn=local,cn=sysdb -cn: local -description: Local system data - -dn: cn=groups,cn=local,cn=sysdb -cn: groups -description: Local POSIX groups - -dn: gid=foousers,cn=groups,cn=local,cn=sysdb -gid: foousers -description: Local user accounts -member: uid=foobar,cn=users,cn=local,cn=sysdb -objectclass: group -gidNumber: 10101 - -dn: cn=users,cn=local,cn=sysdb -cn: users -description: Local POSIX users - -dn: uid=foobar,cn=users,cn=local,cn=sysdb -uid: foobar -objectClass: user -description: User Foo Bar -uidNumber: 10101 -gidNumber: 10101 -legacy: false -primaryGroup: cn=foousers,cn=groups,cn=local,cn=sysdb -userPassword: !@#$%#@#@!FOOBAR -homeDirectory: /home/foobar -fullName: Foo Bar -loginShell: /bin/bash -accountExpires: 20500101000000Z -biometricSignature: <binary> -disabled: false -failedLoginAttempts: 0 -keyboardLayout: it_IT -lastPasswordChange: 20080912142034Z -passwordHint: Favorite pasta sauce -passwordHistory: foo,bar,baz -preferredLanguage: IT -preferredSession: GNOME -memberOf: cn=foousers,cn=groups,cn=local,cn=sysdb - diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf new file mode 100644 index 000000000..b15e92ff1 --- /dev/null +++ b/server/examples/sssd.conf @@ -0,0 +1,51 @@ +[services] +description = Local Service Configuration +activeServices = nss, dp, pam, info + +[services/nss] +description = NSS Responder Configuration +timeout = 10 +filterGroups = root, foo@TEST +filterUsers = root, bar@TEST + +[services/dp] +description = Data Provider Configuration +timeout = 10 + +[services/pam] +description = PAM Responder Configuration +timeout = 10 + +[services/info] +description = InfoPipe Configuration +timeout = 10 + +[services/monitor] +description = Service Monitor Configuration +sbusTimeout = 10 +servicePingTime = 10 + +[domains] +description = Domains served by SSSD +domains = LOCAL + +[domains/LOCAL] +description = Reserved domain for local configurations +enumerate = 3 +minId = 500 +maxId = 999 +legacy = TRUE +libName = files +libPath = /lib64/libnss_files.so.2 +magicPrivateGroups = FALSE +provider = proxy +auth-module = proxy +pam-target = sssdproxylocal + +[domains/EXAMPLE.COM] +description = Example LDAP domain +basedn = dc=example,dc=com +command = /usr/libexec/sssd/sssd_be --provider ldap --domain EXAMPLE.COM +provider = ldap +userSearchBase = ou=user,dc=example,dc=com + |