SUDO Integration - periodical update of rules in data provider

https://fedorahosted.org/sssd/ticket/1110

Adds new configuration options:
 - ldap_sudo_refresh_enabled - enable/disable periodical updates
 - ldap_sudo_refresh_timeout - rules timeout (refresh period)

2 files changed, 4 insertions, 0 deletions

diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index 0a73893bf..c5c73b14f 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -240,6 +240,8 @@ option_strings = {
 
     # [provider/ldap/sudo]
     'ldap_sudo_search_base' : _('Base DN for sudo rules lookups'),
+    'ldap_sudo_refresh_enabled' : _('Enable periodical update of all sudo rules'),
+    'ldap_sudo_refresh_timeout' : _('Length of time between rules updates'),
     'ldap_sudorule_object_class' : _('Object class for sudo rules'),
     'ldap_sudorule_name' : _('Sudo rule name'),
     'ldap_sudorule_command' : _('Sudo rule command attribute'),
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index b155c2bc8..fb48dcd39 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -109,6 +109,8 @@ ldap_chpass_dns_service_name = str, None, false
 
 [provider/ldap/sudo]
 ldap_sudo_search_base = str, None, false
+ldap_sudo_refresh_enabled = bool, None, false
+ldap_sudo_refresh_timeout = int, None, false
 ldap_sudorule_object_class = str, None, false
 ldap_sudorule_name = str, None, false
 ldap_sudorule_command = str, None, false