summaryrefslogtreecommitdiffstats
path: root/server/examples
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-04-11 10:20:48 -0400
committerSimo Sorce <ssorce@redhat.com>2009-04-13 09:06:49 -0400
commit4626af1ad1141291f226382f3569e4dd0486cd08 (patch)
treef35309c400cd028482750e0469db218e6eb02d49 /server/examples
parentc1d6bffe9ba81c265042859dddf3b39be87c161b (diff)
downloadsssd-4626af1ad1141291f226382f3569e4dd0486cd08.tar.gz
sssd-4626af1ad1141291f226382f3569e4dd0486cd08.tar.xz
sssd-4626af1ad1141291f226382f3569e4dd0486cd08.zip
Allow configuration of the SSSD through /etc/sssd/sssd.conf
The SSSD now links with the ini_config and collection libraries in the common directory. The monitor will track changes to the /etc/sssd/sssd.conf file using inotify on platforms that support it, or polled every 5 seconds on platforms that do not. At startup or modification of the conf file, the monitor will purge the existing confdb and reread it completely from the conf file, to ensure that there are no lingering entries. It does this in a transaction, so there should be no race condition with the client services. A new option has been added to the startup options for the SSSD. It is now possible to specify an alternate config file with the -c <file> at the command line.
Diffstat (limited to 'server/examples')
-rw-r--r--server/examples/config.ldif88
-rw-r--r--server/examples/db.ldif71
-rw-r--r--server/examples/sssd.conf51
3 files changed, 51 insertions, 159 deletions
diff --git a/server/examples/config.ldif b/server/examples/config.ldif
deleted file mode 100644
index b9eb33407..000000000
--- a/server/examples/config.ldif
+++ /dev/null
@@ -1,88 +0,0 @@
-# editing 4 records
-# record 1
-dn: cn=config
-cn: config
-version: 0.1
-
-dn: cn=services,cn=config
-cn: services
-description: Local service configuration
-activeServices: nss
-activeServices: dp
-activeServices: pam
-activeServices: info
-
-dn: cn=nss,cn=services,cn=config
-cn: nss
-description: NSS Responder Configuration
-filterGroups: root
-filterGroups: foo@TEST
-filterUsers: root
-filterUsers: bar@TEST
-
-dn: cn=dp,cn=services,cn=config
-cn: dp
-description: Data Provider Configuration
-
-dn: cn=monitor,cn=services,cn=config
-cn: monitor
-description: Monitor Configuration
-sbusTimeout: 10
-servicePingTime: 10
-
-dn: cn=pam,cn=services,cn=config
-cn: pam
-description: PAM Responder Configuration
-
-dn: cn=info,cn=services,cn=config
-cn: info
-description: InfoPipe Configuration
-
-dn: cn=domains,cn=config
-cn: domains
-description: Domains served by SSSD
-domains: LOCAL, EXAMPLE.COM, TEST
-
-dn: cn=LOCAL,cn=domains,cn=config
-cn: LOCAL
-description: Reserved domain for local configurations
-enumerate: 3
-minId: 500
-maxId: 999
-legacy: TRUE
-libName: files
-libPath: /lib64/libnss_files.so.2
-magicPrivateGroups: FALSE
-provider: proxy
-auth-module: proxy
-pam-target: sssdproxylocal
-
-dn: cn=TEST,cn=domains,cn=config
-cn: TEST
-description: TEST Ldap domain
-libName: ldap
-libPath: /usr/lib64/libnss_ldap.so.2
-legacy: TRUE
-enumerate: 3
-useFullyQualifiedNames: TRUE
-minId: 1000
-provider: proxy
-auth-module: proxy
-pam-target: sssdproxytest
-
-dn: cn=LDAPTEST,cn=domains,cn=config
-cn: LDAPTEST
-basedn: cn=LDAPTEST,sn=sysdb
-command: /usr/libexec/sssd/sssd_be --provider ldap --domain LDAPTEST
-description: TEST PAM Ldap domain
-provider: ldap
-userSearchBase: ou=user,dc=my-domain,dc=com
-
-dn: cn=EXAMPLE.COM,cn=domains,cn=config
-cn: EXAMPLE.COM
-description: Example domain served by IPA
-provider: ipa
-server: ipaserver1.example.com
-server: ipabackupserver.example.com
-legacy: FALSE
-enumerate: 0
diff --git a/server/examples/db.ldif b/server/examples/db.ldif
deleted file mode 100644
index 9ded6c794..000000000
--- a/server/examples/db.ldif
+++ /dev/null
@@ -1,71 +0,0 @@
-dn: @ATTRIBUTES
-userPrincipalName: CASE_INSENSITIVE
-cn: CASE_INSENSITIVE
-dc: CASE_INSENSITIVE
-dn: CASE_INSENSITIVE
-name: CASE_INSENSITIVE
-objectclass: CASE_INSENSITIVE
-
-dn: @INDEXLIST
-@IDXATTR: cn
-@IDXATTR: objectclass
-@IDXATTR: member
-@IDXATTR: memberof
-@IDXATTR: memberUid
-@IDXATTR: uid
-@IDXATTR: gid
-@IDXATTR: uidNumber
-@IDXATTR: gidNumber
-@IDXATTR: lastUpdate
-
-dn: @MODULES
-@LIST: asq,memberof
-
-dn: cn=sysdb
-cn: sysdb
-version: 0.1
-description: base object
-
-dn: cn=local,cn=sysdb
-cn: local
-description: Local system data
-
-dn: cn=groups,cn=local,cn=sysdb
-cn: groups
-description: Local POSIX groups
-
-dn: gid=foousers,cn=groups,cn=local,cn=sysdb
-gid: foousers
-description: Local user accounts
-member: uid=foobar,cn=users,cn=local,cn=sysdb
-objectclass: group
-gidNumber: 10101
-
-dn: cn=users,cn=local,cn=sysdb
-cn: users
-description: Local POSIX users
-
-dn: uid=foobar,cn=users,cn=local,cn=sysdb
-uid: foobar
-objectClass: user
-description: User Foo Bar
-uidNumber: 10101
-gidNumber: 10101
-legacy: false
-primaryGroup: cn=foousers,cn=groups,cn=local,cn=sysdb
-userPassword: !@#$%#@#@!FOOBAR
-homeDirectory: /home/foobar
-fullName: Foo Bar
-loginShell: /bin/bash
-accountExpires: 20500101000000Z
-biometricSignature: <binary>
-disabled: false
-failedLoginAttempts: 0
-keyboardLayout: it_IT
-lastPasswordChange: 20080912142034Z
-passwordHint: Favorite pasta sauce
-passwordHistory: foo,bar,baz
-preferredLanguage: IT
-preferredSession: GNOME
-memberOf: cn=foousers,cn=groups,cn=local,cn=sysdb
-
diff --git a/server/examples/sssd.conf b/server/examples/sssd.conf
new file mode 100644
index 000000000..b15e92ff1
--- /dev/null
+++ b/server/examples/sssd.conf
@@ -0,0 +1,51 @@
+[services]
+description = Local Service Configuration
+activeServices = nss, dp, pam, info
+
+[services/nss]
+description = NSS Responder Configuration
+timeout = 10
+filterGroups = root, foo@TEST
+filterUsers = root, bar@TEST
+
+[services/dp]
+description = Data Provider Configuration
+timeout = 10
+
+[services/pam]
+description = PAM Responder Configuration
+timeout = 10
+
+[services/info]
+description = InfoPipe Configuration
+timeout = 10
+
+[services/monitor]
+description = Service Monitor Configuration
+sbusTimeout = 10
+servicePingTime = 10
+
+[domains]
+description = Domains served by SSSD
+domains = LOCAL
+
+[domains/LOCAL]
+description = Reserved domain for local configurations
+enumerate = 3
+minId = 500
+maxId = 999
+legacy = TRUE
+libName = files
+libPath = /lib64/libnss_files.so.2
+magicPrivateGroups = FALSE
+provider = proxy
+auth-module = proxy
+pam-target = sssdproxylocal
+
+[domains/EXAMPLE.COM]
+description = Example LDAP domain
+basedn = dc=example,dc=com
+command = /usr/libexec/sssd/sssd_be --provider ldap --domain EXAMPLE.COM
+provider = ldap
+userSearchBase = ou=user,dc=example,dc=com
+