diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-07 11:28:35 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-10 21:03:01 +0200 |
| commit | 14452cd066b51e32ca0ebad6c45ae909a1debe57 (patch) | |
| tree | 5c89a40d71008b0b2853b831d937a995e4a424ef /src/config | |
| parent | 7b5e7e539ae9312ab55d75aa94feaad549b2a708 (diff) | |
| download | sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.gz sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.xz sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.zip | |
A new option krb5_use_kdcinfo
https://fedorahosted.org/sssd/ticket/1883
The patch introduces a new Kerberos provider option called
krb5_use_kdcinfo. The option is true by default in all providers. When
set to false, the SSSD will not create krb5 info files that the locator
plugin consumes and the user would have to set up the Kerberos options
manually in krb5.conf
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 9 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-krb5.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 |
6 files changed, 11 insertions, 3 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index b6e722fc2..4d7629e18 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -165,6 +165,7 @@ option_strings = { 'krb5_backup_server' : _('Kerberos backup server address'), 'krb5_realm' : _('Kerberos realm'), 'krb5_auth_timeout' : _('Authentication timeout'), + 'krb5_use_kdcinfo' : _('Whether to create kdcinfo files'), # [provider/krb5/auth] 'krb5_ccachedir' : _('Directory to store credential caches'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index f44fac727..ca344ad4d 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -614,7 +614,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal']) + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo']) options = domain.list_options() @@ -773,7 +774,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal'] + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo'] self.assertTrue(type(options) == dict, "Options should be a dictionary") @@ -967,7 +969,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal']) + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo']) options = domain.list_options() diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 3be25e8da..120c82752 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -29,6 +29,7 @@ krb5_backup_server = str, None, false krb5_realm = str, None, false krb5_auth_timeout = int, None, false krb5_canonicalize = bool, None, false +krb5_use_kdcinfo = bool, None, false ldap_krb5_keytab = str, None, false ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index e6f1bb0a8..8a7e75f2a 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -35,6 +35,7 @@ krb5_server = str, None, false krb5_backup_server = str, None, false krb5_realm = str, None, false krb5_auth_timeout = int, None, false +krb5_use_kdcinfo = bool, None, false krb5_kpasswd = str, None, false krb5_backup_kpasswd = str, None, false krb5_canonicalize = bool, None, false diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf index 89d16d779..e65ed01b6 100644 --- a/src/config/etc/sssd.api.d/sssd-krb5.conf +++ b/src/config/etc/sssd.api.d/sssd-krb5.conf @@ -4,6 +4,7 @@ krb5_server = str, None, false krb5_backup_server = str, None, false krb5_realm = str, None, true krb5_auth_timeout = int, None, false +krb5_use_kdcinfo = bool, None, false krb5_kpasswd = str, None, false krb5_backup_kpasswd = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 14e979da3..870cf20fc 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -21,6 +21,7 @@ krb5_kdcip = str, None, false krb5_server = str, None, false krb5_realm = str, None, false krb5_canonicalize = bool, None, false +krb5_use_kdcinfo = bool, None, false ldap_krb5_keytab = str, None, false ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false |