diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2015-07-29 14:51:30 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-08-14 22:47:45 +0200 |
| commit | 52e3ee5c5ff2c5a4341041826a803ad42d2b2de7 (patch) | |
| tree | 643f0c422bf83050e3cff3131961c9569f4d19b0 /src/confdb | |
| parent | ef7de95fc4827a660254a942fa394f34ed9694a9 (diff) | |
| download | sssd-52e3ee5c5ff2c5a4341041826a803ad42d2b2de7.tar.gz sssd-52e3ee5c5ff2c5a4341041826a803ad42d2b2de7.tar.xz sssd-52e3ee5c5ff2c5a4341041826a803ad42d2b2de7.zip | |
sudo: use "higher value wins" when ordering rules
This commit changes the default ordering logic (lower value wins) to
a correct one that is used by native ldap support. It also adds a new
option sudo_inverse_order to switch to the original SSSD (incorrect)
behaviour if needed.
Resolves:
https://fedorahosted.org/sssd/ticket/2682
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/confdb')
| -rw-r--r-- | src/confdb/confdb.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index df454337a..9aa264899 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -124,6 +124,8 @@ #define CONFDB_DEFAULT_SUDO_CACHE_TIMEOUT 180 #define CONFDB_SUDO_TIMED "sudo_timed" #define CONFDB_DEFAULT_SUDO_TIMED false +#define CONFDB_SUDO_INVERSE_ORDER "sudo_inverse_order" +#define CONFDB_DEFAULT_SUDO_INVERSE_ORDER false /* autofs */ #define CONFDB_AUTOFS_CONF_ENTRY "config/autofs" |