diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2014-08-05 13:52:48 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-30 11:12:44 +0100 |
| commit | b8a3625690f39e22d8cd699598384bad472b6373 (patch) | |
| tree | 14d1bd44283ad781addd0b137f39cbd3598aa543 /src/config/etc | |
| parent | d140aa913a0aad28b151c79f4c6f7ff5d8fee6c9 (diff) | |
| download | sssd-b8a3625690f39e22d8cd699598384bad472b6373.tar.gz sssd-b8a3625690f39e22d8cd699598384bad472b6373.tar.xz sssd-b8a3625690f39e22d8cd699598384bad472b6373.zip | |
SSSD: Load a user to run a service as from configuration
Related:
https://fedorahosted.org/sssd/ticket/2370
Adds a option, user to run as, that is specified in the [sssd] section. When
this option is specified, SSSD will run as this user and his private
group. When these are not specified, SSSD will run as the configure-time
user and group (usually root).
Currently all services and providers are started as root. There is a
temporary svc_supported_as_nonroot() function that returns true for a
service if that service runs and was tested as nonroot and false
otherwise. Currently this function always returns false, but will be
amended in future patches.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(cherry picked from commit a10ac1d0a7210def232205a48c53a075930e82f6)
Diffstat (limited to 'src/config/etc')
| -rw-r--r-- | src/config/etc/sssd.api.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index a20f5aa44..c16769a39 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -23,6 +23,7 @@ sbus_timeout = int, None, false re_expression = str, None, false full_name_format = str, None, false krb5_rcache_dir = str, None, false +user = str, None, false default_domain_suffix = str, None, false [nss] |