diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2013-11-06 14:12:11 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-05-13 21:46:57 +0200 |
| commit | 3660f49f81e4db07be66fe0887af9d62065f1f2c (patch) | |
| tree | c7f85d5103fd68d823136239f7cc006bb5ec07c2 /src/config | |
| parent | f92ace4a52602e8c38a34f2392bec3deeac2dddd (diff) | |
| download | sssd-3660f49f81e4db07be66fe0887af9d62065f1f2c.tar.gz sssd-3660f49f81e4db07be66fe0887af9d62065f1f2c.tar.xz sssd-3660f49f81e4db07be66fe0887af9d62065f1f2c.zip | |
IFP: use a list of allowed_uids for authentication
Similar to the PAC responder, the InfoPipe uses a list of UIDs that are
allowed to communicate with the IFP responder.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Stef Walter <stefw@redhat.com>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 3 | ||||
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.conf | 4 |
3 files changed, 11 insertions, 2 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index 64807d8d1..3f17a923b 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -95,6 +95,9 @@ option_strings = { # [pac] 'allowed_uids': _('List of UIDs or user names allowed to access the PAC responder'), + # [ifp] + 'allowed_uids': _('List of UIDs or user names allowed to access the InfoPipe responder'), + # [provider] 'id_provider' : _('Identity provider'), 'auth_provider' : _('Authentication provider'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index bfec8d058..a3c25540d 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -1234,7 +1234,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'sudo', 'autofs', 'ssh', - 'pac'] + 'pac', + 'ifp'] for section in control_list: self.assertTrue(sssdconfig.has_section(section), "Section [%s] missing" % @@ -1327,7 +1328,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'sudo', 'autofs', 'ssh', - 'pac'] + 'pac', + 'ifp'] service_list = sssdconfig.list_services() for service in control_list: self.assertTrue(service in service_list, diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 14e80639e..a5cb62f45 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -71,6 +71,10 @@ ssh_known_hosts_timeout = int, None, false # PAC responder allowed_uids = str, None, false +[ifp] +# InfoPipe responder +allowed_uids = str, None, false + [provider] #Available provider types id_provider = str, None, true |