SDAP: Lock out ssh keys when account naturally expires

Resolves: https://fedorahosted.org/sssd/ticket/2534 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Pavel Reichl <preichl@redhat.com> 2015-01-20 18:34:44 -0500
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-03-05 20:30:43 +0100
commit: 13ec767e6ca3e435e119f1f07bda10eb213383f6 (patch)
tree: faef47c375200d7a915e920ad63e6b223f572531 /src/providers/ldap/ldap_init.c
parent: 5a5c5cdeb92f4012fc75fd717bfea06598f68f12 (diff)
download: sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.gz
sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.xz
sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c
index 8d5619779..cebd548a4 100644
--- a/src/providers/ldap/ldap_init.c
+++ b/src/providers/ldap/ldap_init.c
@@ -432,6 +432,8 @@ int sssm_ldap_access_init(struct be_ctx *bectx,
         } else if (strcasecmp(order_list[c],
                               LDAP_ACCESS_EXPIRE_POLICY_RENEW_NAME) == 0) {
             access_ctx->access_rule[c] = LDAP_ACCESS_EXPIRE_POLICY_RENEW;
+        } else if (strcasecmp(order_list[c], LDAP_ACCESS_PPOLICY_NAME) == 0) {
+            access_ctx->access_rule[c] = LDAP_ACCESS_PPOLICY;
         } else {
             DEBUG(SSSDBG_CRIT_FAILURE,
                   "Unexpected access rule name [%s].\n", order_list[c]);
author	Pavel Reichl <preichl@redhat.com>	2015-01-20 18:34:44 -0500
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-03-05 20:30:43 +0100
commit	13ec767e6ca3e435e119f1f07bda10eb213383f6 (patch)
tree	faef47c375200d7a915e920ad63e6b223f572531 /src/providers/ldap/ldap_init.c
parent	5a5c5cdeb92f4012fc75fd717bfea06598f68f12 (diff)
download	sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.gz sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.tar.xz sssd-13ec767e6ca3e435e119f1f07bda10eb213383f6.zip