diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-08-05 13:52:48 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:13 +0200 |
commit | a10ac1d0a7210def232205a48c53a075930e82f6 (patch) | |
tree | 4067620172ce1ff8a1849786a2ecac9d7fcf4a04 /src/man | |
parent | fa24dabfd480e1ce346009336c7979ab59520c44 (diff) | |
download | sssd-a10ac1d0a7210def232205a48c53a075930e82f6.tar.gz sssd-a10ac1d0a7210def232205a48c53a075930e82f6.tar.xz sssd-a10ac1d0a7210def232205a48c53a075930e82f6.zip |
SSSD: Load a user to run a service as from configuration
Related:
https://fedorahosted.org/sssd/ticket/2370
Adds a option, user to run as, that is specified in the [sssd] section. When
this option is specified, SSSD will run as this user and his private
group. When these are not specified, SSSD will run as the configure-time
user and group (usually root).
Currently all services and providers are started as root. There is a
temporary svc_supported_as_nonroot() function that returns true for a
service if that service runs and was tested as nonroot and false
otherwise. Currently this function always returns false, but will be
amended in future patches.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/sssd.conf.5.xml | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index d57341661..d6bc42ca0 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -297,6 +297,19 @@ </listitem> </varlistentry> <varlistentry> + <term>user (string)</term> + <listitem> + <para> + The user to drop the privileges to where + appropriate to avoid running as the + root user. + </para> + <para> + Default: not set, process will run as root + </para> + </listitem> + </varlistentry> + <varlistentry> <term>default_domain_suffix (string)</term> <listitem> <para> |