diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-11-06 14:12:11 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-06-03 13:31:25 +0200 |
commit | 2c3fa3a3264c957957db48c6c488049b6cf8b7a1 (patch) | |
tree | 5896b953c18d80bfce6657212400590829a818e3 /src/config | |
parent | f0875d13c3bd4766eea72b054365abfb9fd610a4 (diff) | |
download | sssd-2c3fa3a3264c957957db48c6c488049b6cf8b7a1.tar.gz sssd-2c3fa3a3264c957957db48c6c488049b6cf8b7a1.tar.xz sssd-2c3fa3a3264c957957db48c6c488049b6cf8b7a1.zip |
IFP: use a list of allowed_uids for authentication
Similar to the PAC responder, the InfoPipe uses a list of UIDs that are
allowed to communicate with the IFP responder.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Stef Walter <stefw@redhat.com>
(cherry picked from commit 3660f49f81e4db07be66fe0887af9d62065f1f2c)
Diffstat (limited to 'src/config')
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 3 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
-rw-r--r-- | src/config/etc/sssd.api.conf | 4 |
3 files changed, 11 insertions, 2 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index de0348b1d..7070b88a1 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -94,6 +94,9 @@ option_strings = { # [pac] 'allowed_uids': _('List of UIDs or user names allowed to access the PAC responder'), + # [ifp] + 'allowed_uids': _('List of UIDs or user names allowed to access the InfoPipe responder'), + # [provider] 'id_provider' : _('Identity provider'), 'auth_provider' : _('Authentication provider'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index a539b805f..6e8af1dab 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -1234,7 +1234,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'sudo', 'autofs', 'ssh', - 'pac'] + 'pac', + 'ifp'] for section in control_list: self.assertTrue(sssdconfig.has_section(section), "Section [%s] missing" % @@ -1327,7 +1328,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'sudo', 'autofs', 'ssh', - 'pac'] + 'pac', + 'ifp'] service_list = sssdconfig.list_services() for service in control_list: self.assertTrue(service in service_list, diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 9805dddfe..d6f2d6b45 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -72,6 +72,10 @@ ssh_known_hosts_timeout = int, None, false # PAC responder allowed_uids = str, None, false +[ifp] +# InfoPipe responder +allowed_uids = str, None, false + [provider] #Available provider types id_provider = str, None, true |